spam map descriptions about mapknitter HOT 26 CLOSED

Any attention is good attention, amirite?

On Tue, Jul 1, 2014 at 7:54 PM, mathew lippincott [email protected]
wrote:

[image: screen shot 2014-07-01 at 4 49 48 pm]
https://cloud.githubusercontent.com/assets/1203280/3450383/7f936bac-017a-11e4-9784-36956bb2e4f3.png

Not map related comments, such as:
comment6, premature ejaculation gp, kaysnd, premature ejaculation ginseng,
%]]], cheap viagra next day delivery, 0826, premature ejaculation hypnosis
download, gznkyj, cheap viagra new zealand, zuflij, cheap viagra online
usa, 6620, premature ejaculation prevention tips, 14979, premature
ejaculation percentage, 8-]], premature ejaculation homeopathy treatment,
48420, premature ejaculation patient co uk, iicye, premature ejaculation
information, ezvp, cheap viagra levitra cialis, lqhqt, premature
ejaculation in teenagers, 36541, cheap viagra melbourne, 8-P, premature
ejaculation medicine in india, jclu, cheap natural viagra, zel, premature
ejaculation in men over 50, 516381, premature ejaculation lloyds pharmacy,
%[[[,

—
Reply to this email directly or view it on GitHub
#9.

from mapknitter.

clickable link: http://mapknitter.org/map/view/lr-colorado-september-2013

from mapknitter.

Spam comments are affecting community reception of this platform. They are not socially acceptable and a real turn off to getting new people interested in mapknitter. How can we fix this?

from mapknitter.

These aren't comments but map descriptions. We have to check if login is
required to change a maps description. This relates to @shaief's request
that anonymous users be allowed to continue using the site.

We could disallow anonymous editing of map descriptions except on initial
map creation.
On Jul 29, 2014 9:39 AM, "Liz Barry" [email protected] wrote:

Spam comments are affecting community reception of this platform. They are
not socially acceptable and a real turn off to getting new people
interested in mapknitter. How can we fix this?

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

Does mapknitter not have the same spam fighting techniques as publiclab.org?
A good start would be to ensure mapknitter, and all of our services, have
similar spam protection techniques.

I believe they all use publiclab.org to sign in, so there is at least one
spam-prevention technique in place during signup. Is there a process to
cleanup via moderators and spam buttons and ban buttons? If a user account
is banned on publiclab.org, does that cause repercussions on mapknitter.org?

On Tue, Jul 29, 2014 at 6:33 AM, Liz Barry [email protected] wrote:

Spam comments are affecting community reception of this platform. They are
not socially acceptable and a real turn off to getting new people
interested in mapknitter. How can we fix this?

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

Several of my maps have spam links instead of a description. Does that mean that the description I wrote is lost?

from mapknitter.

Cfastie: yes.

Bryan: users can do a number of things on mapknitter without logging in at
all, which is currently intentional and related to Shai's request. I agree
that requiring PL login would resolve the spam issues.
On Jul 29, 2014 10:53 AM, "Fastie" [email protected] wrote:

Several of my maps have spam links instead of a description. Does that
mean that the description I wrote is lost?

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

@jywarren is there at least some kind of captcha or human verification for anonymous users to prevent bots from mass wiping the site?

from mapknitter.

Yes a recaptcha but they've become less effective since we implemented it.
I think we could lock editing descriptions to map owners only, where maps
do have owners. Some do not.

We should double check that unowned maps require a captcha to edit the
description...
On Jul 29, 2014 12:55 PM, "Bryan Bonvallet" [email protected]
wrote:

@jywarren https://github.com/jywarren is there at least some kind of
captcha or human verification for anonymous users to prevent bots from mass
wiping the site?

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

there's always going to be an issue where actual humans are defacing the pages. so long as you allow anonymous edits, there's nothing stopping them.

Only suggestion I can make at this point is some way to revert edits to reverse the damage.

from mapknitter.

So, a spammer just overwrote not only Beryl's detailed description but also my lat/lng coordinates in our staten island map so that it loads in the wrong hemisphere and i feel this is totally unacceptable:

This map (http://mapknitter.org/map/view/2014-06-27-nyc-statenisland-northshore) is being painstakingly created by an EJ group, to date 6 people have had four meetings, roughly 20 hours gathering and entering data--and this is still an active project. I am already underway to fix these errors, but we all need this platform to be able to support community data collection and presentation.

from mapknitter.

It looks like version control was done by hand in plots2.

Rails has a versioning gem that should take all the work out of managing version control and reversion for any particular model or model field.
https://github.com/airblade/paper_trail

We should add this functionality to any place which can get overwritten. Not sure who gets access to revert to an older version. Default assumption would be the map's owner, but maybe we could open it to anyone who has signed in properly.

from mapknitter.

as a side issue, why would any other user EVER be able to overwrite the map
owner's lat/lng? or description?

@lizbarry http://twitter.com/lizbarry

On Tue, Aug 26, 2014 at 12:02 PM, Bryan Bonvallet [email protected]
wrote:

It looks like revisioning was done by hand in PublicLab.

Rails has a versioning gem that should take all the work out of managing
version control and reversion for any particular model.
https://github.com/airblade/paper_trail

We should add this functionality to any place which can get overwritten.
Not sure who gets access to revert to an older version. Default assumption
would be the map's owner, but maybe we could open it to anyone who has
signed in properly.

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

Twelve of the 18 maps in my dashboard have spam instead of my description. Many of my maps are now located in the Amazon Basin.

from mapknitter.

Just saying:
Please check the POST request handler for these comments. Check if the
authentication and the authorization of the request is being taken care of
i.e., are you checking if the commenting user is the owner of the map (or
some other condition, as per the application logic).

Thanks
Sreyanth

On Tue, Aug 26, 2014 at 10:53 PM, Fastie [email protected] wrote:

Twelve of the 18 maps in my dashboard have spam instead of my description.
Many of my maps are now located in the Amazon Basin.

—
Reply to this email directly or view it on GitHub
#9 (comment).

Sreyantha Chary M

Member, Genesys *
*Member, Equipoise - The Economics Club of IIMA
Core Team Member, Forum for Industry Interaction

_PGP 2014-16 | *_Indian Institute of Management Ahmedabad | *Gujarat,
India 380015
Computer Engineering | National Institute of Technology Karnataka,
Surathkal | India 575025

from mapknitter.

@Sreyanth , @jywarren commented earlier that important users were advocating for anonymous write capability. Unauthenticated users are authorized to write comments and perform edits. It is unfortunately by design. We need one or two more features in place to allow anonymous edits but prevent permanent data loss. You can think of it like Wikipedia in that way.

Wikipedia solved the problem by storing all changes over time. Some users may revert to previous versions of a page when bad things happen. We should be able to do the same thing.

from mapknitter.

Yes, I know you folks are frustrated, but I'm not who you have to convince
-- I recommend you raise it on the organizers list and discuss with those
who've made such a strong case for anonymous use, to figure out a way to
address this. I don't think they're on this thread -- Shai, for one.

Also, once there's some consensus about what to do about it (bryan's
suggestion of version history sounds great) if you feel we need to devote
some staff time to address this, Liz, we should talk about it on staff call.

On Tue, Aug 26, 2014 at 1:39 PM, Bryan Bonvallet [email protected]
wrote:

@Sreyanth https://github.com/Sreyanth , @jywarren
https://github.com/jywarren commented earlier that important users were
advocating for anonymous write capability. Unknown users are authorized to
make comments and perform edits. It is unfortunately by design. We need one
or two more features in place to allow anonymous edits but prevent
permanent data loss. You can think of it like Wikipedia in that way.

Wikipedia solved the problem by storing all changes over time. Some users
may revert to previous changes when bad things happen.

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.

Hey sorry for joining only now.
I'm trying to find a way to balance between anonymous and registered only editing. I guess that at least one way to solve it is to forbid registered maps to be edited anonymously. This way anonymous edit of maps is possible. I think that this is what @jywarren wrote above. I think that this will be a good balance.

from mapknitter.

Current proposal for an initial fix: Disallow anonymous or non-logged-in edits of description and location for maps which were created by a non-anonymous/logged-in user.

from mapknitter.

closing; this seems to have worked and haven't seen complaints since

from mapknitter.

Bringing this issue back up because in December 2015 Hagit pointed out to me that all her pre-2014 Jerusalem maps have vandalized descriptions, as do many of the Gowanus maps.

If it is currently the case that we have "Disallowed anonymous or non-logged-in edits of description and location for maps which were created by a non-anonymous/logged-in user" working on mapknitter, can we look forward and think about how to allow owners to lock their maps so that no one other than them can edit the location and description?

from mapknitter.

how to allow owners to lock their maps so that no one other than them can edit the location and description

This is automatically the case. After the changes made as of Dec 23 2014, any map that has an owner cannot have its description or location edited by non-owner.

Can you link to the maps you're referring to? Are the maps owned, or anonymous? If anonymous, would you like to request we (as admins) make the maps owned, and by whom?

from mapknitter.

Here's an example of a map i (or someone in GLAM) made but apparently specified as "anonymous" that has been vandalized: https://mapknitter.org/maps/2012-12-25-gowanus-canal-hurricane-sandy-survey

I guess i should go through Gowanus maps and claim any that are anonymous and request them to be transferred to me or another mapknitter steward account?

from mapknitter.

Yes, as any anonymous map has no owner, so we cannot lock them. Thanks!

from mapknitter.

I believe that these are my maps:
https://mapknitter.org/maps/union-square
https://mapknitter.org/maps/2011-08-06-brooklyn-newtowncreek
https://mapknitter.org/maps/2011-7-31-brooklyn-gowanus-ir
https://mapknitter.org/maps/2011-11-19-brooklyn-gowanus
https://mapknitter.org/maps/test-20120928-washpark
https://mapknitter.org/maps/2012-09-28-nyc-washsquarepark-parsons
https://mapknitter.org/maps/2012-08-21-nyc-bronx-soundviewoysterreef-orrp
https://mapknitter.org/maps/2012-12-20-gowanus-canal-post-sandy-sewage
https://mapknitter.org/maps/2012-10-20-gowanus-gcc-treegiveaway

These belong to Jen Hudon:
https://mapknitter.org/maps/jennifer-hudon
https://mapknitter.org/maps/unionsquarejenn
https://mapknitter.org/maps/jennunionsquare

Most if not all of the remaining Union Square maps that are on the first page of results when you click the regional link to maps in the New York/New Jersey region that have people's names in the titles were either made by my students or by folks who attended the workshop i held in Union Square. These have spam in the descriptions but i don't see how we can get in touch with folks to claim them all. Any ideas?

from mapknitter.

Yes, you can look up their emails by username on PublicLab.org, no?

Or, its possible that admins can edit these fields, and since they are not
anonymous maps, they won't be vandalized again (I.e. the vandalizing
predates the fix). Can you try?

Or are you not an admin in Mapknitter and we should make you one?
On Jan 4, 2016 4:14 PM, "Liz Barry" [email protected] wrote:

I believe that these are my maps:
https://mapknitter.org/maps/union-square
https://mapknitter.org/maps/2011-08-06-brooklyn-newtowncreek
https://mapknitter.org/maps/2011-7-31-brooklyn-gowanus-ir
https://mapknitter.org/maps/2011-11-19-brooklyn-gowanus
https://mapknitter.org/maps/test-20120928-washpark
https://mapknitter.org/maps/2012-09-28-nyc-washsquarepark-parsons
https://mapknitter.org/maps/2012-08-21-nyc-bronx-soundviewoysterreef-orrp
https://mapknitter.org/maps/2012-12-20-gowanus-canal-post-sandy-sewage
https://mapknitter.org/maps/2012-10-20-gowanus-gcc-treegiveaway

These belong to Jen Hudon:
https://mapknitter.org/maps/jennifer-hudon
https://mapknitter.org/maps/unionsquarejenn
https://mapknitter.org/maps/jennunionsquare

Most if not all of the remaining Union Square maps that are on the first
page of results when you click the regional link to maps in the New
York/New Jersey region that have people's names in the titles were either
made by my students or by folks who attended the workshop i held in Union
Square. These have spam in the descriptions but i don't see how we can get
in touch with folks to claim them all. Any ideas?

—
Reply to this email directly or view it on GitHub
#9 (comment).

from mapknitter.