Page: 1
New is slow, but it has been happening, while all this time I have been busy. So I think it's time for a catch-up post!
i'm Initiative concerns:
mess.be have discovered Microsoft have raised $1.5 million on the i'm Initiative campaign since its launch sixteen months ago. However, in ads on just one new campaign, the Talkathon Microsoft have spent $5 million! One could argue Microsoft aren't really raising money for charity, but are attempting to portray themselves in a favourable light to users, which in my book is a big no no.
TinyURL blocked:
The 3rd party company in charge of stopping viruses spreading though Messenger have come under fire again, when they blocked TinyURL links within messages. The system has been controversial since it blocked websites containing .info domains, or entire websites such as YouTube and eBuddy. The system is also ineffective as there are workarounds virus creators can implement and the poor coding means it slows down Messenger. This is probably not the last we will hear of the crazy blocking system either.
MessengerDiscovery Live update:
Version 1.5 brings webcam recordings, encrypted messages, pinable contacts and skinable alerts. Download the update from the official website. As always MessengerDiscovery is feature rich, containing many new and wonderful ideas. It is just a shame they are coded sloppy and this update continues that trend.
MSN Messenger UK stats: - Source
So there we are, a nice little wrap up of the news over the past week or so, but don't worry there is still more to come, some of which is more interesting than this dribble. But being honest, with no development updates, news has been and will remain slow until when Windows Live Messenger 9 is near ready.
i'm Initiative concerns:
mess.be have discovered Microsoft have raised $1.5 million on the i'm Initiative campaign since its launch sixteen months ago. However, in ads on just one new campaign, the Talkathon Microsoft have spent $5 million! One could argue Microsoft aren't really raising money for charity, but are attempting to portray themselves in a favourable light to users, which in my book is a big no no.
TinyURL blocked:
The 3rd party company in charge of stopping viruses spreading though Messenger have come under fire again, when they blocked TinyURL links within messages. The system has been controversial since it blocked websites containing .info domains, or entire websites such as YouTube and eBuddy. The system is also ineffective as there are workarounds virus creators can implement and the poor coding means it slows down Messenger. This is probably not the last we will hear of the crazy blocking system either.
MessengerDiscovery Live update:
Version 1.5 brings webcam recordings, encrypted messages, pinable contacts and skinable alerts. Download the update from the official website. As always MessengerDiscovery is feature rich, containing many new and wonderful ideas. It is just a shame they are coded sloppy and this update continues that trend.
MSN Messenger UK stats: - Source
MSN Messenger has topped a group of 10 websites and applications which account for 30 per cent of the UK internet use.
Web users spend 2.6billion minutes a month on MSN, almost eight per cent of the UK's total of 33billion minutes.
EBay, Facebook, Google and iTunes are among the other "500 club" - sites who see users log at least 500million minutes online.
So there we are, a nice little wrap up of the news over the past week or so, but don't worry there is still more to come, some of which is more interesting than this dribble. But being honest, with no development updates, news has been and will remain slow until when Windows Live Messenger 9 is near ready.
Microsoft: don't blame us for YouTube block on Messenger
on Mon 12 May 2008 (16:05 GMT) (3077 views)
on Mon 12 May 2008 (16:05 GMT) (3077 views)
Although it doesn't always seem like it, the Windows Live Messenger team like to take care of their customers. Getting someone in at the weekend to remove a stupid message block and now explaining what went wrong.
Dharmesh Mehta, a lead on the Windows Live Messenger product management team who's emerging as something of a regular poster at MessengerSays (the official Windows Live Messenger team blog), has given an apology and some details of why YouTube was blocked for several hours last weekend.
As always, we're open to feedback on how to make Messenger an even greater service. And again, our apologies to the users that were impacted by this.
The main things that worry me about what is said here are:
- one, how much of our messages are this third party seeing - there are severe privacy issues surrounding this, do the company only get sent URLs that appear in messages or all of our messages? how much control does Microsoft have over this? and why if "manually checking the URL" happens did someone still think to block YouTube.com?;
- and two, why does it take an uproar like this to get a website "unblocked" - while other legitimate websites are still blocked.
Post at "Inside Windows Live Messenger" blog (aka MessengerSays)
Send the Messenger team feedback
Dharmesh Mehta, a lead on the Windows Live Messenger product management team who's emerging as something of a regular poster at MessengerSays (the official Windows Live Messenger team blog), has given an apology and some details of why YouTube was blocked for several hours last weekend.
As some of you noticed, we had a problem from Friday night to Saturday morning where our Messenger service was incorrectly blocking some legitimate IP addresses. We sincerely apologize for any difficulties this caused our users. And we want to thank those of you that reported this problem to us so that we could quickly fix it. Because of your help, the incorrect block was only in place for a few hours.
As you can imagine, we are very serious about our efforts to block virus, malware and other harmful URLs from being passed on to our users. And we're continually working to improve this process so that we can keep our users safe without having a negative impact on your Messenger service.
There have been some pretty outlandish speculations on what happened so I'd like to give you some facts about our process for trying to block unsafe URLs and about what happened Friday night:
- There are a number of factors that can be used to determine whether a URL is potentially harmful: number of times a URL is sent, the frequency of the URL being sent, the number of accounts the URL is sent from, manually checking the URL, comparing with other "block lists", etc.
- When a URL is deemed harmful, a block can be instated for a specific URL (i.e. www.domain.com/page) or an entire domain (i.e. *.domain.com)
- This entire process for Messenger is managed by a 3rd party that is a Microsoft partner
- On Friday, Microsoft did not request to block any of the URLs that were accidentally blocked
The blocks were made by our partner as a result of their process to block harmful URLs - We are still investigating the specific reason our partner made these incorrect blocks and we will work with them to improve their process for detecting harmful URLs while not blocking safe ones
As always, we're open to feedback on how to make Messenger an even greater service. And again, our apologies to the users that were impacted by this.
The main things that worry me about what is said here are:
- one, how much of our messages are this third party seeing - there are severe privacy issues surrounding this, do the company only get sent URLs that appear in messages or all of our messages? how much control does Microsoft have over this? and why if "manually checking the URL" happens did someone still think to block YouTube.com?;
- and two, why does it take an uproar like this to get a website "unblocked" - while other legitimate websites are still blocked.
Post at "Inside Windows Live Messenger" blog (aka MessengerSays) Send the Messenger team feedbackThe nail in the coffin: Messenger blocks links to YouTube
on Sat 10 May 2008 (12:58 GMT) (3881 views)
on Sat 10 May 2008 (12:58 GMT) (3881 views)
Censoring messages is nothing new for Windows Live Messenger. It was introduced as a security measure and blocked websites leading to various viruses that were spreading across the network. This was of course a good idea, in the years that notorious viruses plagued users these measures were necessary and the system appeared to have worked.
However, implemention of the system was criticized as it slowed down conversations due to its sloppy programming. Using phrases like '.pif' would end group conservations, paving the way for hijacking multi-conservations your friends were trying to have.
However it was when Microsoft blocked all .info domains being sent over the network that the system came under heavy scrutiny. Then the andyman discovered the list of blocked strings and websites within Messenger, including services that were found clean and virus free. In recent weeks links were blocked to the hit web messenger eBuddy.
Now Fanatic Live have discovered links to YouTube have now been blocked. The reason? We're not sure, but the website has nothing to do with viruses or any other security issues.
With all the talk of net neutrality and criticisms over countries blocking access to the website this is going to portray Microsoft in a bad light. Moreover as YouTube is owned by Google one could question weather Microsoft is trying to create direct competition with their new video service Soapbox. Microsoft have just received a $1.4bn fine for their anti-competitive behavior.
The worrying thing, however, is that this is probably not the end ...
However, implemention of the system was criticized as it slowed down conversations due to its sloppy programming. Using phrases like '.pif' would end group conservations, paving the way for hijacking multi-conservations your friends were trying to have.
However it was when Microsoft blocked all .info domains being sent over the network that the system came under heavy scrutiny. Then the andyman discovered the list of blocked strings and websites within Messenger, including services that were found clean and virus free. In recent weeks links were blocked to the hit web messenger eBuddy.
Now Fanatic Live have discovered links to YouTube have now been blocked. The reason? We're not sure, but the website has nothing to do with viruses or any other security issues.
With all the talk of net neutrality and criticisms over countries blocking access to the website this is going to portray Microsoft in a bad light. Moreover as YouTube is owned by Google one could question weather Microsoft is trying to create direct competition with their new video service Soapbox. Microsoft have just received a $1.4bn fine for their anti-competitive behavior.
The worrying thing, however, is that this is probably not the end ...
Microsoft have been known for blocking links stupidly in the past. But I think this one takes the bullet ... you can now longer receive links to to the hit web messenger eBuddy within Messenger! mess.be had this to say on the issue:
Microsoft have made a mistake from blocking things from day one, it is an inefficient system that was poorly coded and even made Messenger slower. Blocking one of the most successful services to take advantage of their product was an error of judgement and like I said last week Microsoft don't seem to be pleasing those who work closely with their products.
Source: mess.be
A considerable number of people may have, for whatever reason, reported the popular web-based IM client through the Report abuse option that's sitting in every "Help" menu since version 8.1. But I'm not even seeing those hardly annoying, automated "I'm using eBuddy.com!" messages anymore.
Or perhaps Microsoft just accidentally blocked the site of a competitor... again. But while last week's mistake was corrected in less than a day, the ban on eBuddy.com has first been noticed by Messer Bram already last Wednesday.
Either way, it's probably yet another example of a safe URL being blocked as part of Messenger's inefficient worms and SPIM filter. Both parties were contacted and I'm awaiting their reaction.
Microsoft have made a mistake from blocking things from day one, it is an inefficient system that was poorly coded and even made Messenger slower. Blocking one of the most successful services to take advantage of their product was an error of judgement and like I said last week Microsoft don't seem to be pleasing those who work closely with their products.
Source: mess.beAfter the recent news that Microsoft is now censoring users of its instant messaging software from receiving messages containing .info, as well as things like .pif which they were already blocking, I decided to do some research to find out what else they think could pose a security risk to you and your computer and censor.
The list of blocked strings is stored on the Messenger servers so that it can be quickly downloaded to instantly update your Messenger with any new entries without you having to download a whole new version. After playing around a bit with the Messenger protocol (aka MSNP) I managed to retrieve the list from the servers.
Unless there was a problem downloading the list, which there didn't appear to, the Messenger team have started removing the end of lots of strings - presumably to try and stop even more bad site links getting sent. For example .p used to be .pif and .s used to be .scr and on several other strings .ph used to be .php, .e used to be .exe and .c used to be .com.
Because the list currently contains 124 entries I've made an image containing them all. This also means that you cannot easily copy the text to try and visit any of the URLs in the list which would potentially end in your computer being infected with some kind of virus, adware, spyware or worm, or expose you to phishing scams.
View the image of the list of censored strings
If you want to find out more about how these entries are used or why the .* in some strings actually slows your computer down then there is a discussion expanding upon these ideas started by TheBlasphemer, the creator of StuffPlug, over at the StuffPlug forums.
The list of blocked strings is stored on the Messenger servers so that it can be quickly downloaded to instantly update your Messenger with any new entries without you having to download a whole new version. After playing around a bit with the Messenger protocol (aka MSNP) I managed to retrieve the list from the servers.
Unless there was a problem downloading the list, which there didn't appear to, the Messenger team have started removing the end of lots of strings - presumably to try and stop even more bad site links getting sent. For example .p used to be .pif and .s used to be .scr and on several other strings .ph used to be .php, .e used to be .exe and .c used to be .com.
Because the list currently contains 124 entries I've made an image containing them all. This also means that you cannot easily copy the text to try and visit any of the URLs in the list which would potentially end in your computer being infected with some kind of virus, adware, spyware or worm, or expose you to phishing scams.
View the image of the list of censored strings If you want to find out more about how these entries are used or why the .* in some strings actually slows your computer down then there is a discussion expanding upon these ideas started by TheBlasphemer, the creator of StuffPlug, over at the StuffPlug forums.Messenger team block all .info domains being sent over Messenger
on Tue 31 Jul 2007 (14:59 GMT) (5212 views)
on Tue 31 Jul 2007 (14:59 GMT) (5212 views)
The Messenger team have gone crazy with security now. They have entered a huge paranoid state which requires sloppy programming to prevent viruses spreading across the Messenger network. They have blocked all URLs containing the popular .info domain.
This is their response to the vast amount of viruses spreading using URLs containing '.info'. However, instead of blocking domains by a case by case basis, Microsoft has blocked millions of useful webpages by suggesting that all .info domains are dangerous! This is a typical example of sloppy, rushed programming.
I find this surprising after an article got some attention about Microsoft already censoring messages containing .pif, download.php or staff.php, but this is really pushing it. I wonder whose decision it was to block all .info domains being sent over Messenger?
This paranoid attitude to scanning messages on both the client and server side is also causing Messenger to act slow and even freeze up! There must be some real poor programmers developing Messenger and I have no idea why Microsoft has done nothing about this.
Source: mess.be
This is their response to the vast amount of viruses spreading using URLs containing '.info'. However, instead of blocking domains by a case by case basis, Microsoft has blocked millions of useful webpages by suggesting that all .info domains are dangerous! This is a typical example of sloppy, rushed programming.
I find this surprising after an article got some attention about Microsoft already censoring messages containing .pif, download.php or staff.php, but this is really pushing it. I wonder whose decision it was to block all .info domains being sent over Messenger?
This paranoid attitude to scanning messages on both the client and server side is also causing Messenger to act slow and even freeze up! There must be some real poor programmers developing Messenger and I have no idea why Microsoft has done nothing about this.
Source: mess.beMSN and Windows Live Messenger block any urls containing '.scr', probably to stop a common virus spreading along the servers. This method has probably helped many, however the censoring of messages is seen as bad.
Why? Well because the feature is no way coded correctly. Basically the security feature does what it says on the tin, blocks urls containing .scr, and nothing else. Your contact will not receive your message, and you will not be alerted that your message has been blocked. Something which can be confusing and frustrating.
This is just one example, many other things are blocked within your messages. Good luck sending a message with staff.php, and I'll think twice before typing .pif into a conversation. Typing .pif is really annoying, I just wish Messenger would block the extension in a file transfer, but it's useless blocking sending 'pif' in a message. I know it is to stop urls with .pif in them, but urls can be masked, or redirect to a virus. This security feature is just an annoyance.
Typing .pif into multiple conversations was just ridiculous. It used to kick everyone out, it would totally end the conversation, and some prankster would do it just to annoy people. A fix is now just kicking you out, which is not a fix, just a temporary solution which needs to be tackled.
If any Windows Live Messenger developer reads this, next time a message is blocked for security reasons, make sure the user knows, and why. It will stop a lot of confusion, and may stop you getting your company into trouble. Many people have moaned in blogs about how Messenger blocks out certain words and extensions, and the majority are not for good reasons. Think more user-friendly, it is something very important nowadays.
Why? Well because the feature is no way coded correctly. Basically the security feature does what it says on the tin, blocks urls containing .scr, and nothing else. Your contact will not receive your message, and you will not be alerted that your message has been blocked. Something which can be confusing and frustrating.
This is just one example, many other things are blocked within your messages. Good luck sending a message with staff.php, and I'll think twice before typing .pif into a conversation. Typing .pif is really annoying, I just wish Messenger would block the extension in a file transfer, but it's useless blocking sending 'pif' in a message. I know it is to stop urls with .pif in them, but urls can be masked, or redirect to a virus. This security feature is just an annoyance.
Typing .pif into multiple conversations was just ridiculous. It used to kick everyone out, it would totally end the conversation, and some prankster would do it just to annoy people. A fix is now just kicking you out, which is not a fix, just a temporary solution which needs to be tackled.
If any Windows Live Messenger developer reads this, next time a message is blocked for security reasons, make sure the user knows, and why. It will stop a lot of confusion, and may stop you getting your company into trouble. Many people have moaned in blogs about how Messenger blocks out certain words and extensions, and the majority are not for good reasons. Think more user-friendly, it is something very important nowadays.
MSN have received a slap on the wrist today and a load of bad publicity as apparently they have been 'censoring' certain messages from being sent to your contacts. Wait, it is not what it seems, just some bad media attention exaggerating again, which has been made it out like a scandal has been revealed.
We already knew for over a year now about messages containing the .pif extension in them were blocked out for security reasons, but nevertheless Microsoft have been criticized for the move.
Other phases to prevent viruses have been blocked out like download.php and staff.php. We already reported this ages ago so it is no scandal what so ever, the move was totally justified in my view. Yet companies like AOL are loving the moment, claiming that they never have and never will censor messages, making them sound better, which is a poor way for a company to operate.
If you hear any more news on this subject, it is media hype. The change was for the better and the terminology they use in their posts makes it sound really bad. As I said earlier companies like AOL show how the instant messaging world is a rocky competing place. This could effect the integration between Yahoo! and Microsoft as they have to compete to be the best.
Source: ComputerActive
We already knew for over a year now about messages containing the .pif extension in them were blocked out for security reasons, but nevertheless Microsoft have been criticized for the move.
Other phases to prevent viruses have been blocked out like download.php and staff.php. We already reported this ages ago so it is no scandal what so ever, the move was totally justified in my view. Yet companies like AOL are loving the moment, claiming that they never have and never will censor messages, making them sound better, which is a poor way for a company to operate.
If you hear any more news on this subject, it is media hype. The change was for the better and the terminology they use in their posts makes it sound really bad. As I said earlier companies like AOL show how the instant messaging world is a rocky competing place. This could effect the integration between Yahoo! and Microsoft as they have to compete to be the best.
Source: ComputerActivePage: 1
Messenger Stuff