Bitsum is back

Started by Jeremy Collake, July 23, 2014, 05:48:31 PM

Previous topic - Next topic

Jeremy Collake

I have finally left another company now that SM14 is out the door. Thank God!

I conceived and developed lots of innovative new features for them, exposed them in an easy to use SDK, and even developed my own UI, called 'LiveBoost Lite'. My UI is *not* the one published in SM14. The LiveBoost UI present in SM14 is a web page masquerading as an app (don't ask, I didn't develop it).

I will update everyone on my future plans soon. Suffice to say, I'm back baby, I'm back .. and with more experience than ever before. Things are about to start *happening*.
Software Engineer. Bitsum LLC.

BenYeeHua

Welcome back, and lucky while I am playing for banning the Google mail dots bypass, I found your email is having the dots too.
So I just changed it to at least 3 dot to ban/block it, and also only disallow to post and register, not login. ;D

Anyways, look like when you are back, the little Silverlight got update too, it is a bit sad to see Silverlight get nearly abandoned by MS... :)
http://support.microsoft.com/kb/2977218

edkiefer

good to see ya back .

BenYeeHua , I removed the last silverlight plugin as its not worth it ,unless you come across sites that use it.
very few do it seems .
Bitsum QA Engineer

BenYeeHua


Jeremy Collake

SilverLight is used by Amazon Video, though it falls-back to Flash if it isn't present. And Flash has some advantages. It's not surprising to me to see Silverlight canned. There are a gazillion examples of abandoned corporate projects. It seems the larger a software company gets, the more difficulty it has operating. I have a theory that this may be because they start to treat their programmers like blue collar workers, and try to dictate direction from the top's crystal ball, rather than listen to the market and the developers 'in the trenches'.

I'm excited about amping up dev work at Bitsum again. A lot is coming.

I still have contacts with another company. I don't want to get into the details of what went down, but you can optionally read some GlassDoor reviews to see what has happened (this review posted Jul 23, a few days ago, after I resigned):
http://www.glassdoor.com/Reviews/Employee-Review-another company-technologies-LLC-RVW4633791.htm
Software Engineer. Bitsum LLC.

edkiefer

That is to bad for the workers and even company as a whole .

I never kept up with there work ,apps .
Bitsum QA Engineer

Jeremy Collake

Yes, it is a shame. I did what I could for them, but in the end couldn't overcome the management issues mentioned by others. I saw the worst of corporate America.. good people and talent squandered by pretenders/bullshitters entrenched in upper management (mainly one guy, the person in charge of engineering at another company, who I reported to). I did develop cool software and features for them though... if they ever fully leverage them. I am hopeful that my resignation will be the last in a long line, and will finally cause change.
Software Engineer. Bitsum LLC.

edkiefer

yup, many I am sure are forced to stay for paycheck .
Bitsum QA Engineer

BenYeeHua

QuoteSilverLight is used by Amazon Video, though it falls-back to Flash if it isn't present. And Flash has some advantages. It's not surprising to me to see Silverlight canned. There are a gazillion examples of abandoned corporate projects. It seems the larger a software company gets, the more difficulty it has operating. I have a theory that this may be because they start to treat their programmers like blue collar workers, and try to dictate direction from the top's crystal ball, rather than listen to the market and the developers 'in the trenches'.

I'm excited about amping up dev work at Bitsum again. A lot is coming.
Hmm...
Even HTML5 is getting better, but it lack of stability like Flash, and Flash will crash while browsing normally too.(not for me, but there are many people still talking about crashing)
As many user still found their browser having many issues with Hardware acceleration, and still disable it while causing low performance for HTML5, I guess Flash will still there for a long time.

And yup, Flash Player also can use Flash itself to transfer the video via their own custom P2P protocol to save bandwidth for their video server, and most of them just having HTML5 for their rarely Mobile user, so that is also hard to see them go away.
----
A lot...
Talking about a lot, we got a lot of Spammer too.

Maybe you wanna use/enable captcha for register?
reCAPTCHA should be a good choose at here, it based on the cookies(like how many times this cookies user has been success on answering correct on reCAPTCHA)to decide how hard the captcha should be, and Google also testing it via bot, to see how easy the captcha will be crack by the bot too.
http://googleonlinesecurity.blogspot.com/2014/04/street-view-and-recaptcha-technology.html

It look like the dev of the reCAPTCHA mod for SMF also maintaining the code for a long time too
http://www.simplemachines.org/community/index.php?topic=213535.0
http://custom.simplemachines.org/mods/index.php?mod=1044
----
And yup, the dev also saying some other mod that helps fighting the spam too, as just like Google said, reCAPTCHA has been cracked too, but I don't think many bot will having the function to fight it, except it is coming from server bot, which is easy to ban.

And the Mod that asking random question is not a bad choose, but it should be depend on how many question it has not been answer by human, and recorded into bot. ::)

http://custom.simplemachines.org/mods/index.php?mod=1516
http://custom.simplemachines.org/mods/index.php?mod=2155
----
Based on the guide, we got some other mod to fight with spam too.
http://custom.simplemachines.org/mods/index.php?mod=2502
http://www.simplemachines.org/community/index.php?topic=452752.0

But I am not sure did worth for using mod or not, as it may adding complex, lower performance, and maintain cost to the system too.
And also the version/code of SMF might break it too.

If I am right, so far we got 10-20 spammer per day, 20-40% of them are Server bot, and it is very easy for just banning the hostname.
For normal user, we got 1 normal user each 1-3 days... :P

But I guess it will become better, after Bitsum being active again. :D

Jeremy Collake

Yes, I may re-enable CAPTCHA again... it would probably do a lot to save us (you!) manual labor in killing these spammers. I will evaluate the options and start taking some action with regards to that...

I'm executing a new game plan that I hope people will be enthused about. You'll see substantial re-invigoration of the business in coming weeks. I have an entirely new perspective and capabilities. I'm going to continue staying focused on this new work instead of get too mired down in the Lasso support and such (which one could easily get lost in for years on end).
Software Engineer. Bitsum LLC.

Jeremy Collake

I re-enabled human check questions. We'll see how they do.
Software Engineer. Bitsum LLC.

BenYeeHua

Yup, will see about it, so far we got only some registered server bot that login only.
As I just ban register and post, not login, so they can still login and trying to post+change their information with link. ;)

And we got another normal user as well. :)
----
And ya, did the bot register via HTTP or HTTPS?
It will be interesting to see can we just by forcing HTTPS for register, and block some of them. ;D

BenYeeHua

I am not sure how many bot has been block by the human check question, but I found many of them are server bot.
I will try banning whatever dedicated server that hosting the bot(or get hack and installed the bot), excluding the IP range that used for VPN server.
---
And ya, what it/the IP address will looking like, when they connect via IPv6?

Jeremy Collake

Yea, I think they are pretty good at getting past most CAPTCHA systems. Maybe they have sweat shops of actual humans, who knows...

I dunno what an IPv6 address will look like in SMF, if it's even supported, to be honest.

The web server *does* expose itself via IPv6. You can force such by visiting http://ipv6.bitsum.com . I guess to visit the Forum with IPv6 you would need to disable your IPv4 stack, *if* you have full IPv6 connectivity.
Software Engineer. Bitsum LLC.

BenYeeHua

Quote from: support on July 31, 2014, 01:26:14 PM
Yea, I think they are pretty good at getting past most CAPTCHA systems. Maybe they have sweat shops of actual humans, who knows...
Yup, as Google can also create a bot to pass the CAPTCHA systems, it should be not a issues for passing the systems, by using a stronge server CPU.
It is just a matter of time/money/power/knowledge to creating the bot for them, and also for me to create a ban list for the server ip too. ;D

QuoteI dunno what an IPv6 address will look like in SMF, if it's even supported, to be honest.

The web server *does* expose itself via IPv6. You can force such by visiting http://ipv6.bitsum.com . I guess to visit the Forum with IPv6 you would need to disable your IPv4 stack, *if* you have full IPv6 connectivity.
I just check awhile, it is empty in SMF, you can see it by sort=ip. ;)
https://bitsum.com/forum/index.php?action=admin;area=viewmembers;sort=ip

And here is the bug for IPv6, look like they will only support it on SMF 2.1.
http://dev.simplemachines.org/mantis/view.php?id=4593

And I tested http://ipv6.bitsum.com, it don't works for the Home page, but it works for Forum, you may want to take a look on it. :)

Jeremy Collake

The ipv6.bitsum.com address doesn't work on the main site because of redirects. For someone who *only* had IPv6 available, it should work. Otherwise, it will fall-back to IPv4 due to the redirect to bitsum.com, since it supports both IPv4 and IPv6.

Doesn't surprise me that SMF doesn't properly support IPv6 yet. Very little software does. It's a pain for them to hack in. It's scary to think of all the firewalls and IP rules that have improper IPv6 support.

Probably we will have to keep manually battling spammers. I don't think anyone has ever solved this problem. The spammers will find a way :)
Software Engineer. Bitsum LLC.

BenYeeHua

QuoteThe ipv6.bitsum.com address doesn't work on the main site because of redirects. For someone who *only* had IPv6 available, it should work. Otherwise, it will fall-back to IPv4 due to the redirect to bitsum.com, since it supports both IPv4 and IPv6.
I got the IPv6, but the ISP keep tweaking the IPv6 settings, so if I enable that, it will just kick me offline, including IPv4.
So by now, I am using the 6to4 as a fall back if there are IPv6 website only, of cause if the website is using HTTPS. :)

QuoteDoesn't surprise me that SMF doesn't properly support IPv6 yet. Very little software does. It's a pain for them to hack in. It's scary to think of all the firewalls and IP rules that have improper IPv6 support.
Yup, and it got a mod to support IPv6, it may be just for enable some functions to support?
http://custom.simplemachines.org/mods/index.php?mod=3051

QuoteProbably we will have to keep manually battling spammers. I don't think anyone has ever solved this problem. The spammers will find a way :)
Except the spammer is using some zombies to do that, then we can keep blocking the servers/host IP. ;)
http://en.wikipedia.org/wiki/Zombie_computer