I would like to officially protest the expanded use of bots on the foldit IRC servers.
#Global has seen the recent return of gringer's dictionary bot, which gets abused frquently by kids who think it's fun to ask it to define any sort of random word or phrase, most of which have absolutely nothing to do with foldit.
Now there is a new 'urlbot' which purports to translate URLs typed into chat into shorter URLs, for some useless reason. This is a huge security risk - there is no way to determine where the shortened/obfuscated URL is pointing a user. It could be any malware site on the net. Those of us who have been around a while know not to click on those types of URLS, but there are plenty of younger users here that haven't realized what a big bad place the internet is.
I would like to suggest a "no bots" rule on the official foldit IRC site.
When these bots aren't officially from foldit they should be removed.
I thought the URL bot was implemented by the developers and it is quite helpfull in my opinion.
When a URL is put into global chat it is quite often not possible to read the full URL if you are accessing chat via the game as opposed to via an external IRC provider. Since it is also not possible "in game" to just click on the URL it can be difficult to access the references.
The urlbot was provided as a service just to automatically take URLs and convert them to a "tinyurl" which will fit in the chat box, so that all users could see what was being refered to.
If you test it you will find it does just that.
From the link it posts, it was done by one of the players.
The link it uses is not a dodgy one B2
And regarding the concern that the site being referred to might contain malware: the fact is that there's no way to avoid it unless the Foldit chat system scans the links in advance before allowing the comment. After all, in the event that the link is short enough even without the need of a tinyurl conversion, someone could still fall into the trap of an illegitimate link by manually typing the URL.
Most of you have missed the point.
There IS a way to prevent a malicious website URL from being distributed via an innocent looking tinyurl link. That way is to NOT USE hidden or obfuscated links. I believe the developers are opening up a huge security and liability issue by allowing these types of links to be promoted as if they are produced and supported by foldit.
Having been in computers since before the internet was born (or invented by Al Gore), there is NO WAY I would ever trust a tinyurl link. There is just NO WAY to determine where that link will take you.
It would be so very easy for someone to make a 'urlbot' that spits out links to any sort of evil web site every time someone posts a genuine link in a chat window. You can just not go on 'trust' these days, those that do are foolish.
If that is the problem that is trying to be solved here, then using 'tinyurl' links is NOT the way to solve it. Either the chat window needs to expandable, or make the original links clickable.
Putting a rogue urlbot online to post 'tinyurl' links is not to way to solve this issue.
Actually, you CAN enter the domain name as "http://preview.tinyurl.com/" to see what the tinyurl link goes to. But I do agree that there is a possible security issue here; even if the original link is clickable, there's no guarantee that any link is safe. Again, a better long-term solution would be pre-scanning the links… but since I'm not familiar with IRC, I don't know if that's possible.
In the other hand, if all posted links will be clickable….
One cannot guarantee that ANY link will not lead to a malevolent site, whether it's transcribed into a tinyurl.com URL or not. Most of us here are adults, and as such, assume full responsibility for whatever mischief we get into by promiscuously clicking random links. Any children playing here should be under the guidance of their parents, and shouldn't be going off on tangents without their parents' approval.
While I applaud the initial "concern" over this subject, it's really not truly necessary to do this if we realize and accept that players here aren't total morons. At least the ones that aren't playing under three or more different identities.
Dropping the priority of this request to a less hysterical level.
