TBH I'm feeling a little queasy about this too. I made the scripts out of sheer desperation to fight bots with (kind of) bots, but of course they could me abused. I don't think it's a "security problem" - just the usual dangers of having a community managing themselves.

As I said before, those scripts are not rocket science and anybody with a basic understanding of JavaScript/jQuery could come up with something like it (or even more "convenient").

I think the real solution would be to have real, paid people monitoring the forums, following spam "suggestions" by the users and acting accordingly.

Testing avatar again.
Quoting avatar test.

Still lots of problems, it seems.

also, not giving children with nothing better to do any bad ideas is always an option ;)
Seriously, Tom, these scripts have been a minor godsend, for those of us who are careful and reliable using them.

Gog should have a backup of the forums someplace, right? so if any brat did do that awful suggestion/ hinky paranoid thinking out loud thing, they could reset back, couldn't they?

I've just created a dummy test account to see if they've added captcha or anything, but no change that I can see.

Just noticed there's a HTTP / HTTPS conflict error for the avatar picture in the account though which might have something to do with the avatar issues.

I'm not blaming you, Tom, of course :D It's really very helpful script for this spam attack!

But it's also really not looking that difficult to program such one - I can't do it by myself, of course, but if even I can understand how it works, then it means potential hackers can do something similar very easily and abuse it...

Considering what happened when they restored the avatars, I admire your optimism ;-)

If that were the prize, I'd expect the site to work flawlessly.


If they meant to address the spam problem, it's clearly not working if the affected game fora are anything to go by.
And trying to fix? It feels more like they're trying to create additional problems. It'd appear that they just went back to an old data base,as people are getting old avatars, and all of them are inferior scaled down versions.


Yes, because assigning MS Metro style avatars to users that haven't chosen one for themselves is so bloody important.
I'm willing to bet that the new avatars - which btw are atrociously ugly - are introduced because of the Galaxy client, and them appearing on the forum is a side-effect, as in the forum gets them too because they're tied to our accounts. Things get screwed up on the forum? Who cares? It's not like it's drowning in spam for a full work-week now, let's just add another hiccup, the community is very tolerant, after all.

GOG leaves a lot to be desired both about the way they implement updates and the way they (don't) communicate changes.

What else is new?

Yeah, I didn't post anything before to avoid attracting unwanted atention, but the potential aplications of the script did come to mind as soon as I saw it posted.

I'm pretty sure I've seen Judas saying something like "Sorry, thread can't be restored" on one occasion, where a controversial thread was killed with spam reports (that happened at least once and was confirmed by GOG)... But I can't find that posting :/

LOL.

hmm. that would be really sad then.

*lol* Best part of this news: Explains the random numbers some users found attached to their names some months ago :P

No, the "best" part is this:

What will happen if I choose to opt out from the merging process?

Your account will be locked and you'll have to contact GOG.com to reenable it if you still want to participate in community discussions.

Yes, noticed it myself - Firefox reposts that images are not over a secure connection.

Way to go GOG! instead of enhancing security, you're doing whatever you can to break the little that exists.

I wonder whether the CDPR forum is ready for the Korean spammers.