July 2nd, 2001


(no subject)

I'm thinking of writing an LJ-user-coincidence-finder (as in, "you and your friends consist of 95% of the users sharing the interest 'rarely added interest'") - one of the other things it would do is reproduce the webdot map that's now vanished. Client-side app. The only problem I've had is that the LJ protocol modelist doesn't include anything I can use to get *other* people's friends, interests, AIM number, etc - basically I want everything in non-full profile, minus the bio :) I suppose I could just snag the profile page and parse from there, but it seems wasteful of CPU power and bandwidth on both our ends, especially if the user has an enormous bio, plus it would be irksome when the format changes. Anybody know how easy it would be to add a getprofileinfo mode to the LJ protocol?

Need a fix for posting to communities...

Hi. Recently on the community http://www.livejournal.com/~carlos_seramos/ , we had an incident where several different user accounts intentionally and repeatedly posted to the community in an attempt to basically drive all the users of that community nuts, getting them to remove the community from their friends list. This is not acceptable.

We need some sort of cap to the # of posts that anyone can make in a community over a set time period, I think. Alternately, it would be nice if we can prevent duplicate posts or replies to a community during x amount of time.

Anyone with any thoughts on this, or who wants to place this on their agenda and follow up on it so that it gets taken care of?

email address harvesting and LJ

Recently, we had our first known case of someone harvesting email addresses from LiveJournal and spamming the users. It appears to have gotten a fairly large distribution, too. A copy of this spam is at the bottom of this post.

I guess my question would be... are we sure that there is no easy method that we aren't protecting against that allowed this spammer to harvest so many email addresses so easily? Is there some kind of system-generated list of email addresses that they might have found, or did they actually run some kind of script searching through userinfo pages to get such a large distribution?

Also, what actions, if any, can we take against the people who did this, so as to discourage others who would try the same thing? Personally, I think the best way to deal with people like this is to find out their personal information and to start making them the victims for a change...


----Original Message Follows----
From: dxx@livejournal.com
Reply-To: amanda@kti.co.kr
To: judso@kti.co.kr
Subject: hi
Date: Sat, 30 Jun 01 14:36:51 EST

Drive a brand new car and go on a exotic
vacation. Thousands of people are making
HUGE monthly residual incomes, using our
proprietary online system and the power
of the INTERNET. Well show you how to make
a fortune right from the comfort of your home
in the next 72 hours.

For free information!!!!!!!!!!!

Click Here=> http://1075262055/members/h07j