thomfre
-
Posts
571 -
Joined
-
Last visited
Posts posted by thomfre
-
-
The Norwegian and Swedish reviewers have posted on their Facebook pages that they have been told to stop reviewing due to major technical issues which will take a few days to fix. Maybe these issues are related to that?
- 1
-
4 minutes ago, Frau Potter said:
...but sometimes making it appear as if the messages are coming from an active user. We do not believe they were actually sent by that user.
Are you saying that we can't trust the integrity of the message center? Can anyone send messages as other users?
-
10 minutes ago, DragonsWest said:
I found out about this this morning. The bottom line is "What is Groundspeak/Geocaching" doing about it?
It turns out that they are actually doing a lot.
I have just heard that some of the fake-loggers have received emails telling them to stop.
Thank you, Groundspeak!
- 1
-
7 minutes ago, HHL said:
It's not this tool that should be banned. It's the copying and sharing of code lists that should be banned asap.
Hans
Which is why I used the word "temporarily". That would solve the issue right here and now, and give Groundspeak time to figure out a real solution.
- 2
-
4 minutes ago, rufnredy said:
In light of recent TB issues, would it be possible add "Lock" to the actions that can be performed by the API??
this would allow the use of API calls to speed up the lock process.
Thanks for considering
Or even better, just temporarily block discovering via the API for all applications. That will probably stop all of the mass discovering right now, as people use tools like logthemall to submit the fake logs...
- 2
-
6 minutes ago, igator210 said:
There are reports of unactivated codes being activated to. Looks like someone is just using a random number generator to see if codes are valid.
So I have to make sure I activate all my unactivated trackables now?
-
2 minutes ago, ZackJones said:
Add me to the list of people getting a rash of discoveries over the weekend. Many have referred back to the Facebook page. I've reported it on Facebook but so far no one from Facebook has contacted me about it.
That won't happen. Most likely, Facebook will do nothing about this.
QuoteIs Groundspeak aware of this?
Yes
QuoteAre they taking any action?
By the looks of it, no.
-
4 minutes ago, HHL said:
The API partner Project-GC does own this FB page:
https://www.facebook.com/pg/GeocacheTBSpoiler/about/
They publish TB and coin codes that never meant being public (at least the TBs that are in my hands shouldn't be discovered in the internet)
I would like the HQ to ask its API partner stopping this inappropriate behaviour by removing that FB page.
Thanks for considering.
Hans
This is wrong.
Project-GC has nothing to do with that page, in fact, Project-GC just implemented changes to prevent people from being able to log those lists through Project-GC.
Edit: https://www.facebook.com/ProjectGC/posts/2854779711246266?comment_id=2855094981214739&reply_comment_id=2856020204455550- 1
- 1
-
The last one to log using the lists from Facebook is trying to disguise it, he's using a date from months ago and the text "Discovered at the Mega". At leas the others were honest enough to say that they were cheating
-
You are describing a different game, that already exists. If you want to play ****ee, you can play that
- 7
- 2
-
3 minutes ago, cerberus1 said:
Wow, kinda nonchalant response when there's hundreds of codes there...
There's a cacher here, owning hundreds of trackables. Are they supposed to "temp lock" and delete them all because there's a hacker with the codes ?
This is how HQ responds to everything now. They mostly use canned answers for all incoming email. I wrote a rather long email, and got the exact same response - word for word.Let's just hope they actually do something about it.
-
I think I figured out how someone did this. They probably first generated a list of all possible codes (not that many), and then just ran a script to check the URL https://www.geocaching.com/track/details.aspx?tracker=CODE. If the URL worked => valid code.
Might take a while to run, and that's probably why the codes have been shared in blocks on that page.
I really hope Groundspeak can block the people that do this.
-
4 minutes ago, 31BMSG said:
You do realize that this is the exact same link that I commented on? Where do GeocacheTBSpoiler get the codes from? Codes to trackables that has never been shared, or logged, before...
-
On 1/1/2020 at 7:42 AM, sealawyer98 said:
I had a coin that was never released or shown to anyone that was recently logged. I messaged the individuals who "discovered" the coin. I found out it was posted in a batch of numbers here: https://www.facebook.com/GeocacheTBSpoiler You might find your number has been compromised on this facebook page.
So where do they get the codes? Has there been a data breach on geocaching.com? Are they randomly guessing, and just hoping that they will hit? Or have someone figured out the algorithm that generates the codes?
-
17 hours ago, Keystone said:
Lawmakers believe otherwise. The ability to opt out of data selling/data sharing with third parties is a cornerstone of many privacy laws, current or proposed, including CCPA.
The ability to opt out of data selling is what CCPA is about. Most API partners I know about doesn't pay anything for the data. The law is meant to protect consumers from tracking and targeted ads, not from partner applications. So CCPA doesn't actually cover official partners (maybe it covers Project-GC, but not the rest).
GDPR allows sharing too, as long as proper written agreements are in place - and that is the case for official partners. So I'm starting to think this entire change is rushed, just to err on the safe side, instead of actually doing what the law require.
When it comes to tracking, cookies and selling data, that should have been handled a long time ago. GDPR has been in effect for a while now. I'm surprised that Groundspeak has been allowed to ignore this for so long without getting fined.- 3
-
4 minutes ago, on4bam said:
Wrong, the API can't delete data from my GSAK database which is on my HD.
I'm not wrong. The agreement has this as a requirement. Partners failing to follow the requirement does not affect me being right in this statement.
https://apidevelopers.geocaching.com/apiagreementQuote4.8 You must have all permissions required by applicable law to obtain or use any Personal Data. You agree to the terms of the Data Processing Addendum included at Exhibit E. At the direction of Geocaching HQ, You will remove or delete any Personal Data in an expedient manner
-
15 minutes ago, thebruce0 said:
But it doesn't affect HQ since they are not authorized and they can't really do anything to stop it. It would be interesting to see how far someone would take GDPR if they feel HQ should be legally required to actively prohibit unauthorized developers from taking such data. I can't say how it'd be possible apart from removing the website entirely since that's really the nature and function of the internet (which I think was why gdpr gained such notoriety when announced).
I disagree. Other companies have dealt with problems like these by sending cease and desist letters. As long as Groundspeak doesn't do anything, I see no reason why people can't hold them liable. But I am not a lawyer either. There are ways for Groundspeak to block c:geo (without blocking legitimate traffic), they would find a way around it probably, so it would be a game of cat and mouse. But I still believe they should do something.
13 minutes ago, Rock Chalk said:As interesting as some of this discussion is, much of it is unrelated to features in this release. General discussions about privacy issues should be directed to other appropriate threads or forums.
This release is related to CCPA, yes? One of the requirements are:
Quote(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
So in relation to this change, I am asking: are you prosecuting c:geo for infringing on the rights of your users? -
Just now, 2Abendsegler said:
This is not right.
At the time c:geo take the data, it was allowed by the user.
It is, as if I save the website locally on my website. If I do that, according to your definition, I would also violate privacy.Also wrong. C:geo takes logs from people that doesn't use c:geo. Not allowed by the user.
- 1
-
1 minute ago, on4bam said:
If I download your data with API partner software and you later ask HQ to delete your data it will disappear from the GS servers but remain in the API partner's database.
try again
Wrong. Partners are required to delete data when told to do so by Groundspeak.
- 1
-
5 minutes ago, uminski said:
Thanks Marty.
I did not read the small print until you featured it.
I will wait.
I was just trying to be a bit funny
If you use ad blocking, you can try to block cookiebot.com. That should make it work.
-
Just now, 2Abendsegler said:
Hm ... there is not really a big difference for me. GClh works like c:geo and operate like a browser. After receiving data, GClh build the data into the webpage.
So you are saying that you violate the ToU as well?
-
3 minutes ago, on4bam said:
Yup, exactly what can be seen on the website. Makes no difference.
If this is the case, why is some profiles blocked in the API? That data is also visible on the website. If Cachly is blocked from showing the data l, why is c:geo allowed to display it?
This is wrong. Time for c:geo to finally face it, and start behaving like the rest of the apps.
-
1 minute ago, 2Abendsegler said:
You don't have to be interested in the script or the scripts. It was just an example from my practice to explain you the situation.
And I had and have no intention of saying, that c:geo is not scraping data, in violation with the ToU. If you had read my articles carefully, you would not have missed that either.What I meant is that there's a difference. Gclh is not scraping the site like c:geo is.
-
Just now, on4bam said:
So...?
That's between GS and C:geo, nothing to do with us.
Of course it has to do with us. It's our data they scrape......
Geocaching.com not working properly
in Website
Posted
It’s not just you, it’s everyone