Welcome to Omgili,
Omgili ( Oh My God I Love It ;) is a search engine for discussions. With Omgili you can find answers and solutions, debates, discussions, personal experiences, opinions and more... To learn more about Omgili click here.
This is a complete preview of the discussion as it was indexed by Omgili crawlers. Use this preview if the original discussion is unavailable.
Click here to view the original discussion.
 |
|
 |
|
Myspace new email system is going to be the Myspace SPAM Blunder of the Century
First of all, all these problems on myspace, are mainly due to javascript.
"Javascript" is the culprit that generates nearly 90% of of the flaws on the internet.
Javascript causes browser crashes, freezes, it's responsible for POPUP ADVERTS, it's the cause of huge numbers of security flaws.
Javascripts are what allow trojan horse and virus writers and malicious people to infect you.
Javascript is the root of huge reams of security flaws on the net.
Any time you see a bug report and it says "scripting flaw" or "scripting vulnerability" that scripting they are talking about is Javascript.
And guess what, myspace is using more of it.
Including in this new email system.
BAD MOVE.
Now don't get us wrong, we like myspace.
This is exactly why we are posting this, so that myspace can STOP using it and improve and get better, rather than becoming a disaster and ruining itself with reams of problems, glitches, buttons that don't work for people, messages you can't view, an email system based on javascript where people are reporting they can't even get into it, can't open their inbox, can't approve friend requests, etc.
All of this worked before, when it was based on HTML FORMS, not Javascript.
So, the action item for any and all of you here reading this (and chances are you're probably here because you either have a problem right now, or you know what we're talking about because you've been a victim of these glitches and non-functional buttons, and popup overlays, and things not working.
Btw that includes the "new" status & mood thing as well.
And the new comment box that you now have to WAIT for, because it's slower.
Rather than using HTML FORMS which works and follows the standard, some less-knowledgeable programmer head thought it would be a good idea to mimic facebook and start using these "litebox" javascript overlays all over the place that FAIL!
So what all of you need to do is to go to http://www.myspace.com/myspacehelp and file a site bug report on the glitch you are having, and then in there write "Myspace web team: STOP USING UNNECESSARY JAVASCRIPTS!"
Filing a report with myspace is the only way to subdue it, since if nobody does, they are just going to add more & more of this ridiculous "WEB 2.0" garbage out of Facebook-envy, and cause you more problems, glitches, etc.
Even if you get your current one fixed, it's going to come up again with something else.
So everyone needs to let them know, or javascript is going to grow like a foot-fungus all over the site and ruin it more.
OK, NOW WHAT ABOUT THE SPAM BLUNDER OF THE CENTURY?
On this new email system, you can pick your own whatever@myspace email address.
Ok.
Fine. But what myspace has done, is they've locked it to your myspace url.
In other words, the front half of your email address before the AT sign is forced to be identical to your myspace profile url.
WHY IS THAT BAD?
Look, if you think you get spam on myspace now, the flood gates are about to open like you've never seen before, due to what myspace did, locking that email address to your url.
Spammers out there in the world have things called "scrapers".
What they do, is they are an automated program that can read in a web page and snag email addresses off of it, or urls, or bits of text, anything really.
So a spammer can now come to the myspace site and have a feast.
Spammers now can simply scrape all of myspace for people's profile url, and you know what?
NOW THEY HAVE YOUR MYSPACE EMAIL ADDRESS, BECAUSE MYSPACE LOCKED IT THE SAME!
Now it's 1 thing to be able to send myspace messages back & forth.
You can block them, myspace can even block them, and it requires a myspace signup to be able to get on here and then attempt to send mass amounts of spam, which myspace can detect and shut down (sometimes erroneously too, as we are seeing, but that shows the controls and detectors are present.)
You know what myspace has virtually NO control over?
OUTSIDE EMAIL! And that's what they've just given you!
A whatever@myspace email that can be used to send you messages from outside myspace from any old email program, and now spammers will be able to literally fill your email box.
It's not happening so much right now, but you wait.
This is something that we are foretelling.
We are predicting the future here with our knowledge of the system and ability to spot potential vulnerabilities.
Someone at myspace just wasn't thinking.
This is going to be a problem.
Any spammer out there is going to be able to cull millions of urls off myspace profiles and then be able to automatically have your @myspace email address and start pouring spam into your accounts.
Once it dawns on them and they figure this out and start.
WHATS THE SOLUTION?
Myspace needs to allow the ability to have your myspace email address *DIFFERENT* than your profile url!
That will fix this.
Or at least minimize it.
Because a spammer cant be guaranteed that if he snags your url that it will be a valid email address.
Right now, the way myspace locked the 2 together they are virtually guaranteed a valid email address for anyone who has taken the steps to activate their myspace email account.
Bad news.
Now imagine all kinds of spam tying up the new email system, slowing you down, filling your inbox with spams.
Tens, hundreds, or thousands a day.
Now multiply that number by over 250 million users.
And since those spams are coming from OUTSIDE now, there's not a thing you as a user can do about it.
Marking it "spam" wont work.
It's not coming from a myspace profile, so myspace can't cancel or delete their page, the one sending doesnt even have one.
So people better get on the horn to myspace right now and tell them to unlock the url from the email address, so you can for example have:
URL: www.myspace.com/itsme
and then your email could be
EMAIL: itsstillmebutmyemailcanbedifferent@myspace.com
(or whatever)
But right now, since anyone, and that means anyone, can see your url, spammers are going to have a field day culling addresses off of here and then flooding thousands of spams from outside into your myspace email boxes.
It's going to slow the system down for everyone, and just be a mess.
Ok, well, call us Nostradamus, it's not happening yet, but we'll see.
If it starts happening, you'll know we were right.
You heard it here 1st.
But file a report with myspace and warn them of this, so that hopefully it doesn't have to happen.
And myspace can remain a nice site.
|
|
 |
|
 |
|
|
|
|
I don't think it's locked to you URL, I think you *can* pick what you want (subject to availability).
Trouble is, most people will just accept the first suggestion (the URL-related address) out of laziness, and then...
Yeah, Myspace have potentially a massive problem on their hands.
My advice is, people DON'T SET YOUR MYSPACE EMAIL, LEAVE WELL ALONE!
|
|
|
|
|
|
|
|
|
Peter:
I don't think it's locked to you URL, I think you *can* pick what you want (subject to availability).
You can pick something else, but then it WILL change your MySpace URL to match the e-mail address you choose.
They are indeed connected.
|
|
|
|
|
|
|
|
|
۞ Krista ۞:
Peter:
I don't think it's locked to you URL, I think you *can* pick what you want (subject to availability).
You can pick something else, but then it WILL change your MySpace URL to match the e-mail address you choose.
They are indeed connected.
Really?!
Oh boy... then yeah, this really will be the fuck up of the century.
Only thing is not to set an @myspace.com address at all, then.
But how many people will be aware of this, especially as, once you've set it, you can't go back?
|
|
|
|
|
|
|
|
|
When you Edit and adjust your myspace email address, a javascript automatically rewrites your URL to the exact same thing.
As in something like this:
Hey choose your new myspace email!
[ ]@myspace.com
URL: www.myspace.com/[ ]
Whatever you type in front of the @ sign, is mirrored in the URL field below it.
exactly.
And when we checked, that was not editable.
So as soon as you click the SUBMIT & are you sure buttons, it locks your email to the same text as your url.
|
|
|
|
|
|
|
|
|
IT GETS WORSE:
1 - USERS YOU BLOCKED CAN NOW GET AT YOU.
What this means, is, if there is some one pestering you, you will now no longer be able to block them.
All they have to do is go make some webmail hotmail thing.
And then pepper your account with whatever crap they were doing to you.
2 - GIRLS ARE NOW VULNERABLE TO ANY STALKERS AGAIN.
Especially bad for the ladies, it means stalkers and whatnot can still get at them.
Send them obscene or profane or whatever emails they are doing.
And no way to block it.
3 - THERE IS NO WAY TO BLOCK IT.
There are no self-set email spam filters on myspace!
There was only the captcha code (which now does NOT apply to external email senders!) and the spam button which is now of no use because the sender is not even on myspace, so they will never get blocked or suspended.
4 - MYSPACE IS NOW NO LONGER PROTECTING CHILDRENS PROFILES.
Any controls myspace had put in place to protect under age users is now gone.
It used to be before that myspace protected kids with profiles under some certain age or so from receiving msgs from profiles whose age was above something.
That's now no longer in effect!
Any outside person can now send whatever the hell they want into a profile of children.
Including whatver prn or pics or whatever makes it through myspace's own preset filters into their page's inbox.
|
|
|
|
|
|
|
|
|
Well let me address the spam issue by quoting an article.
Click Here.
There's also settings that you can change if you click the "Settings" link in the left navigation.
|
|
|
|
|
|
|
|
|
MySpace Forums Team:
Well let me address the spam issue by quoting an article.
Click Here.
There's also settings that you can change if you click the "Settings" link in the left navigation.
Well, the spam article is just a load of bull, if you ask me.
Call me cynical, but I know it won't work.
As for the settings, so, will all the communications settings work?
So if I set the 'messages' to require a Captcha, how exactly will it work when someone is trying to send me an email from an external email provider?
Maybe I'm just being thick here?
|
|
|
|
|
|
|
|
|
Peter:
MySpace Forums Team:
Well let me address the spam issue by quoting an article.
Click Here.
There's also settings that you can change if you click the "Settings" link in the left navigation.
Well, the spam article is just a load of bull, if you ask me.
Call me cynical, but I know it won't work.
As for the settings, so, will all the communications settings work?
So if I set the 'messages' to require a Captcha, how exactly will it work when someone is trying to send me an email from an external email provider?
Maybe I'm just being thick here?
Peter is correct.
Ok, do this.
Go to any profile.
Now you know their url because it's right there in your addressbar.
It used to be a friend ID.
Myspace changed it.
So now it gives away your url.
Ok, now you know the person's email (let's say they DID activate it, which is what myspace is pushing and advertising all over the place - "Get your own @myspace email address!!") Ok, now open your outlook, or any webmail like hotmail or gmail or whatever, and fire off an email to that user.
Where's the CAPTCHA?
Hmm? There is none.
Because it's being sent FROM Gmail!
Or outlook. or yahoo or whatever.
There is NO captcha code because it is Not being sent from myspace anymore.
And myspace has now relinquished all control over all incoming email.
(This wouldn't be too too bad, except for the fact that due to the fact that it's locked to your url, you're essentially REVEALING everyone's email address to anyone!
If at least it was the fact that you could have something different, then bad people would not instantly know it, it'd be the user's fault they gave it out or something, which is fair, essentially that would be just like myspace offering webmail, which is fine.
But the way whoever the mastermind was who set it up locked like that, has now exposed everyones email address.
Myspace one anyway.
Which feeds into your profile's email box.)
ANOTHER IMPLICATION:
Spammers will now be able to use this as a feeding frenzy for advertising.
And even peg it to demographics!
For example, utilizing myspace's search feature, a spammer could now even use myspace's own search function, search for let's say anyone between age 20 and 40, woman, in certain zip code, or something, or who put earns above whatever dollars, and then attempt to sell them shoes or something!
Whatever. This is like a myspace gift to spammers.
Complete with demographic capabilities to target you based on your age, sex, income, region, keywords you have on your page, etc.
And there's no CAPTCHA on their external email that they are going to use to send it to users.
That's only if it is coming from another myspace (owned) profile.
Which this new @myspace email completely circumvents.
Again, it wouldn't be so bad if myspace weren't locking it to your URL!
Thus Exposing it.
|
|
|
|
|
|
|
|
|
Wow they really thought this through, uh?
This is really dangerous.
How typical of myspace not to think of the consequences when they introduce new stuff!
thanks for the heads up velman and peter!
I certainly will not touch the email thingy until they fix it.
If they fix it, that is!
|
|
|
|
|
|
|
|
|
Thanks Velman for your insights this situation is beyond aggravating!
|
|
|
|
|
|
|
|
|
MySpace Forums Team:
Well let me address the spam issue by quoting an article.
Click Here.
There's also settings that you can change if you click the "Settings" link in the left navigation.
The article is a Press Release, a news story on MSN news site.
It's a plug for CLOUDMARK.
Which is a company that sells an email system with filtering, that myspace can brand with their own @myspace domain.
Ok, that's fine, but doesn't solve the problem.
Myspace DOES actually try!
Like we said, we LIKE myspace.
And want it to be a nice place.
And we think it's actually a lot better than script-ridden facebook and disgusting youtube and useless twitter.
So all of this is in the spirit of helping to stop turning myspace into a crappy javascript-ridden litebox overlay piece of junk like facebook, and...
To stop what could be an email, privacy, and security mess here on myspace before it gets started.
Ok, Providing CloudMark anti-spam filtering is not a bad thing, that's fine.
But that is something that ALL webmail or branded email hosts provide!
There's hundreds of these things.
3rd party companies that provide email filtering.
This stuff has been around forever, everything from bayesian filtering, to regexp rules, to keyword filtering, checking for currency symbols, to verifying senders via whitelists & blacklists, etc etc.
And you can see how well this has worked by checking the statistics on how much spam has been Reduced and Eradicated here in the 21st century...HINT: It hasnt.
Spam has actually increased!
But ok, better than having nothing.
Myspace does *try*.
Which is nice. But the problem is not that, it's the fact that the email system is infested with javascripts and the fact that by locking the email address to the user's URL you're exposing it.
Get rid of the Javascripts and use HTML FORMS, and unlock the email address from the url.
Also, the Cloudmark anti-spam add-on doesn't fix the security of privacy breach.
Consider the following scenario...
A girl on myspace is getting harassed.
By some ex-bf or who knows.
Pervert or something.
She blocks him from her myspace page.
So far so good. He doesn't have her personal email either.
Ok, so far so good.
He can't bother her.
Ok, now, myspace touts users to "Get your own @myspace email address!" so she does.
Now that guy can obtain her email address!
Just by looking at her URL!
It's exposed. And now he can go on his yahoo and start sending her crap.
And let's say he just sends her some junk like: "AHA!
I can see you! I'll get you!
Har har har!" or something like that.
There's NO spam words in there.
No viag...whatever junk, no currency signs, no words like buy this or that, he could even include some kind of rude pic.
CloudMark is NOT going to ban that.
What's it going to do, ban emails with "see you!" written in it?
Ban all incoming mail from yahoo?
You cant. Millions of people are on yahoo, so you cant ban it.
People write See you!
All the time to say goodbye.
You cant filter and ban that!
There's NO captcha keeping him from sending messages.
It's not coming from myspace so you cant report him to myspace.
You can't block him because there's no individual blocking rules that the girl herself can put on her own myspace mailbox, it's all filtered at the corporate level by cloudmark, you cant set your own.
So myspace just exposed the girl, essentially gave out the girl's email address (given that she does signup which myspace is suggesting and promoting that people DO) and she cant stop it.
Now he can harass her.
BEFORE, on the old system, email inside one's myspace profile had to come from another myspace profile and she could block it.
Done. That is Not the case anymore.
It's a free for all.
And once again, it wouldn't be so bad, if myspace didn't tie a persons email to their url!
That's what exposed her!
So now anyone can find out, and get messages into your mailbox.
And from what we see also, from the message box that you receive from myspace when you signup, once you signup it says its permanent, you cant undo it once you signup for it.
That could be changed too.
Now, about this article.
Peter is correct again.
The stuff written in that spam article is PR.
Here's an example:
FROM THE ARTICLE:
“MySpace has always taken an aggressive approach to privacy and we are committed to ensuring MySpace Mail has the same level of security for our users that we have employed throughout our site,” said Rajit Marwah, director of product management for MySpace Mail.
*COUGH*!
"aggressive approach to privacy"???
Ok, everyone has just seen how we've exposed that this is NOT anything of the sort.
You're exposing everyone's myspace profile email address!
That's far from "an aggressive approach to privacy".
LOL!
"MySpace Mail has the same level of security for our users that we have employed throughout our site"-NO IT DOESNOT!
I just explained how myspace mail absolutely does NOT have the same level of security as employed previously and throughout the site!
No captcha. Violates age restrictions.
No way to block. Exposes a person's email box to stalkers, perverts, spammers, hackers!
And oh my, if some people who like to use their own name as their email signup like that, not realizing that they've put their own name in there, it's now going to expose their name too!
And it will change their URL to it!
So that means that even a person who has made their whole page private will have their personal information exposed!
(Person signs up for the myspace email, puts their name like mary.smith@myspace.com because for email that's the kind of thing they prefer for an email, not "BlippoTheMagnificent!" or whatever, that they had in their url!
Now even that private profile will now expose their url, their email, and their real name!
Because even if a profile is private, it still shows your url in the addressbar!
Www.myspace.com/whatever.
And for people who DONT realize that myspace is changing their url to what they are typing in for their desired email address, they are going to inadvertantly give away their info!
So all of this stuff about how this email project team has combined with Cloudmark to provide some magnificent aggressive champion of a system with some great aggressive un-matched level of security, privacy, and whatnot, is simply PR FLUFF.
And look at this...
The article touting this unmatched level of security has revealed the guy's name at myspace responsible for this new myspace email system:
said Rajit Marwah, director of product management for MySpace Mail.
Thank you, Rajit Marwah, now we know who is responsible for the bad planning and security privacy breach, and we know the guy's name who implemented this new crappy "new" MYSPACE INBOX V3!
Rajit Marwah = Director of Product Mgmt for this new Myspace Mail
In that article, Mister Privacy just gave out his own info.
Brilliant.
Would you hire him to be in charge of your personal information?
Hmm.
How about if he gives away the email for the PR contact at myspace corporate too?
STRAIGHT FROM THE ARTICLE:
About MySpace...
MySpace
Amy Walgenbach, 415-293-9181
awalgenbach@myspace-inc.com
That's public.
Freely given out by myspace.
Gee Thanks! Surely many people who are having problems with the javascripts and the security issues with the new email system will be happy to know the name of the person at myspace who is responsible for this whole new email system, its privacy lapses, and are probably very interested in contacting him about it!
And even the name, email and phone number of the PR contact for the email.
Great stuff.
There you go.
HINT: Get rid of the javascript on myspace, dump the javascript-based email V3, dump the javascript comment submit boxes, javascript friend add crap, javascript status mood junk, delete all that litebox script library overlay garbage, get someone in charge who can implement the site Using standard HTML & FORMS, and un-lock the myspace email address from the url!
Pls don't turn mysapce into Facebook, that's why a lot of people are here in the first place, because they HATE that script-infested Facebook junk, and get some web programmers and project directors there who actually thought about the implications of locking the url to the name on this email system before rolling it out.
Keep myspace nice!
|
|
|
|
|
|
|
|
|
Velman,
You need to actually use the feature because your giving scenarios that are covered.
You say that we can't block all mail from Yahoo.
You're wrong, and if you looked at the settings you'd know this.
In the user's mail settings there's an area to "Decide who can email you", which says "Only People I know".
This settings preserves the MySpace environment you are already familiar with plus the addition of allowing only certain email addresses to contact you.
But perhaps you have one person in particular that's bothering you.
You also have the option to block that sender as well.
Feedback is great, but when it's wrong it's of no help.
|
|
|
|
|
|
|
|
|
I never have issues with spam and will not have any issue with it in the future.
If it's such a catastrophe, get off Myspace ;)
|
|
|
|
|
|
|
|