# Cannot view profiles....



## jaycee (21 Nov 2008)

Hello!

I'm new to the board, and am having difficulties viewing member profiles.  I recieve the following error whenever I try to click on a member name: 

Many apologies, but you can't view just any profile





Is there a problem with the site, or is it because I'm new and have to pass some sort of probationary period?

Thanks for your help.


----------



## Bruce Monkhouse (21 Nov 2008)

Mike had to tighten up security a bit because of internet spammers harvesting profiles to spam.
I think he is working on a time/post ratio thing to compensate.
Bruce


----------



## jaycee (21 Nov 2008)

Bruce Monkhouse said:
			
		

> Mike had to tighten up security a bit because of internet spammers harvesting profiles to spam.
> I think he is working on a time/post ratio thing to compensate.
> Bruce



Ahhh gotta love spammers :/
So does this loosely translate into I have to make so many posts to be considered a non-bot?  Or is it just a temporary glitch while admin is working on security?


----------



## Mike Bobbitt (21 Nov 2008)

Bruce is right... he and the other Staff caught some accounts registering and then going right to peoples profiles... presumably to try to gather contact info.* He and the others always catch and ban these guys fast, but sometimes they come on during a slow time and are able to view a few profiles before we show them the door.

So, I changed the rules, and new members cannot view the profiles of others until they hit 25 posts. I'm open to feedback on how mich of a pain this creates for folks... maybe it's taking things too far but I wanted to err on the side of caution.

Comments (as always) are welcome.


Cheers
Mike

* This is a good reason to have your e-mail address hidden from public view.


----------



## elliot (21 Nov 2008)

Mike Bobbitt said:
			
		

> Bruce is right... he and the other Staff caught some accounts registering and then going right to peoples profiles... presumably to try to gather contact info.* He and the others always catch and ban these guys fast, but sometimes they come on during a slow time and are able to view a few profiles before we show them the door.
> 
> So, I changed the rules, and new members cannot view the profiles of others until they hit 25 posts. I'm open to feedback on how mich of a pain this creates for folks... maybe it's taking things too far but I wanted to err on the side of caution.
> 
> ...



That is understandable and reasonable.
3 posts down and 22 to go!

Thanks for the quick replies
*cheers*


----------



## dustinm (21 Nov 2008)

Ah. I wondered why this was. I used to remember being able to view profiles but when I came back recently I was unable to. Thanks for the heads-up.


----------



## Snafu-Bar (21 Nov 2008)

I'm not sure how easy this would be to put in place, but hows this for an option?

Perhaps upon someone "requsting" to see someones profile it sends the person a PM alerting them someone is requesting to see their profile and then allow the user to either allow/deny the request?


 Cheers.


----------



## Mike Baker (21 Nov 2008)

This is actually a great security thing to do Mike. Thanks for helping us all out here! And again, thanks for all the work you do for Army.ca. Who knows what I would be doing now...


Beaver


----------



## socialhandgrenade (21 Nov 2008)

How about instead of 25 posts you go by how long they have been members .I don't post allot .But i read allot here and i want to make sure that the info i receive is at least backed up by some knowledge of what that poster might have for experience.If I'm right out of it just let me know.

SH


----------



## the 48th regulator (21 Nov 2008)

socialhandgrenade said:
			
		

> How about instead of 25 posts you go by how long they have been members .I don't post allot .But i read allot here and i want to make sure that the info i receive is at least backed up by some knowledge of what that poster might have for experience.If I'm right out of it just let me know.
> 
> SH



Very good quesion.

Think of if this way.

When in a group of people, pick any group, do you always stay silent?

Get in there and be a part of the fun!

dileas

tess


----------



## Mike Bobbitt (22 Nov 2008)

A time-based solution isn't a bad idea... but the post-based solution was very quick and easy to implement. There's no mechanism for limiting profiles based on time unfortunately.


----------



## George Wallace (22 Nov 2008)

I might also point out that some of these SPAMMERS register and don't go into action immediately, but wait for a period of time after registering, so as to "remain under the radar" for a "grace period" before they go to work.  

As for all the questions about how to PM someone, and they can't do so because they can't see a profile; don't forget that there is a PM button under a person's name.


----------



## MB25 (22 Nov 2008)

I find myself in the same position as socialhandgrenade.  I have benefited from the wealth of information that army.ca provides for a long time without posting more than once or twice.  It is not that I have no questions or concerns, but rather (as you mods all too well know) just about any question I can think of has been answered 100 times before.  I try to only open my mouth when I have something constructive to contribute.


----------



## LuvsMud (22 Nov 2008)

Aha! That explains why I can no longer view profiles... Oh wait this is my 25th post. We're good to go. ;D


----------



## kratz (22 Nov 2008)

There is a time online mechanisim with the Mil points. 

Would it be possible for those who do read more than posting the 25 posts, be able to view profiles after earning a certain number of Mil points? Let's say a medimum number  300 Mil Points or 25 posts.


----------



## Marshall (22 Nov 2008)

Keep the post or milpoint method.. A time method can take a bit longer depending on how much people lurk. 

25 posts does not take that long.. A spammer could set up some kind of refresh-bot to boost their duration to however many hours. Unless you can detect such a thing?


----------



## Mike Bobbitt (22 Nov 2008)

The Staff would reliably detect that better than any software would.

Anything is possible here... using time, MilPoints, posts or some combo. However only posts are built in to the software, anything else would require a custom development effort.


----------



## jp86 (22 Nov 2008)

I understand the need to protect people from spam, so I'm not really worried about this.  But I have seen some people take flak for not filling out their profiles ("Why don't you tell us a bit about yourself so we can see if you're in your lane"), and I hope people will be a little more forgiving in this regard as long as profile-viewing is disabled.


----------



## Mike Bobbitt (22 Nov 2008)

Actually, this enhances the privacy of your profile, knocking down one of the roadblocks to completing it a bit more. I'd say this should encourage people to add a bit more info about themselves, knowing it's much less likely to see a wide distribution.


----------



## George Wallace (22 Nov 2008)

jp86 said:
			
		

> I understand the need to protect people from spam, so I'm not really worried about this.  But I have seen some people take flak for not filling out their profiles ("Why don't you tell us a bit about yourself so we can see if you're in your lane"), and I hope people will be a little more forgiving in this regard as long as profile-viewing is disabled.



Actually, when you look at it, those who usually ask someone to fill out their profile have many more than 25 posts under their belts, and are quite regular participants in discussions.  They have established their credibility, and often wonder as to that of a newbie.  As they can still see the profiles, I am sure the above mentioned "habits" will not change.


----------



## TN2IC (22 Nov 2008)

The Beaver said:
			
		

> Who knows what I would be doing now...


Going outside and stealing some more toilet paper.


----------



## Mike Baker (22 Nov 2008)

Mr Plow said:
			
		

> Going outside and stealing some more toilet paper.


Oh dear god not this again! ;D


Beaver


----------



## armchair_throwaway (22 Nov 2008)

I thought I was the only one having this problem because I didn't see any thread on the issue a few days ago.

I have been on this forum more than half a year and still only have 22 posts (3 more to go!). I know how to use the search function, and I hate to contribute on a topic when I don't have the experience to back it up.

I understand the policy. It's not too much of a hassle right now, though sometimes I want to check some of the members' past posts to see their opinions on certain subjects and am unable to do so.


----------



## TN2IC (22 Nov 2008)

The Beaver said:
			
		

> Oh dear god not this again! ;D
> 
> 
> Beaver



Here comes the pain train baby... choo choo..  ;D


----------



## Mike Baker (22 Nov 2008)

Mr Plow said:
			
		

> Here comes the pain train baby... choo choo..  ;D


Hey! Theirs no more trains here in NL! 

I'm goin' downtown, you'll never get me there! ;D 


Beav


----------



## TN2IC (22 Nov 2008)

The Beaver said:
			
		

> I'm goin' downtown, you'll never get me there! ;D
> 
> 
> Beav



You go there to get your toilet paper these days? Wow.. must of upgraded. Good on ya.  ;D


----------



## Mike Baker (22 Nov 2008)

Mr Plow said:
			
		

> You go there to get your toilet paper these days? Wow.. must of upgraded. Good on ya.  ;D


I should soon be getting my TP in St. Jean.


----------



## TN2IC (22 Nov 2008)

The Beaver said:
			
		

> I should soon be getting my TP in St. Jean.



Ah.. Government issue TP.. Best bet to save up your allowance and buy your own. Trust me.. your rear with be thankful.


----------



## Nfld Sapper (22 Nov 2008)

Mr Plow said:
			
		

> Ah.. Government issue TP.. Best bet to save up your allowance and buy your own. Trust me.. your rear with be thankful.



Ah yes the one step above using the whole tree.


----------



## TN2IC (22 Nov 2008)

NFLD Sapper said:
			
		

> Ah yes the one step above using the whole tree.



You have to in order keep er clean..  :-X

Don't tell Green Peace


----------



## Blackadder1916 (22 Nov 2008)

Mike Bobbitt said:
			
		

> A time-based solution isn't a bad idea... but the post-based solution was very quick and easy to implement. There's no mechanism for limiting profiles based on time unfortunately.



Perhaps the solution could be reached by approaching from another direction.  Would it be possible/easier to make the check mark in the box for "Hide email address from public?" the default setting?  Adding a short note warning of the security implication for those allowing public view of their email address may be appropriate.  I have no idea how often pers use email originating from this site rather than PM to contact other members (you may be able to access such stats), so cannot comment on the necessity/desirability of being able to see other members' email addresses.


----------



## leroi (22 Nov 2008)

lucia_engel said:
			
		

> I thought I was the only one having this problem because I didn't see any thread on the issue a few days ago.
> 
> I have been on this forum more than half a year and still only have 22 posts (3 more to go!). I know how to use the search function, and I hate to contribute on a topic when I don't have the experience to back it up. I understand the policy. It's not too much of a hassle right now, though sometimes I want to check some of the members' past posts to see their opinions on certain subjects and am unable to do so.



Congratulations on having just been sworn in; I enjoyed reading your blog; it shouldn't take you very long to get to the 25-post-milestone--judging by the quality of your writing.

I highlighted your words above to commend you for your wisdom. When I first came here, I posted a few comments (sweeping generalizations) which, in retrospect, I realize I did not  have the military experience to make. (BTW I'm a civvy). For what it's worth, I think it's better to focus on quality posts as opposed to quantity--my 2 cents.

Anyway, good luck ... only three more posts to go ...


----------



## George Wallace (22 Nov 2008)

Blackadder1916 said:
			
		

> Perhaps the solution could be reached by approaching from another direction.  Would it be possible/easier to make the check mark in the box for "Hide email address from public?" the default setting?



I guess you didn't grasp the idea behind this.  If someone can view your profile and gather information, they can PM you whether your email address is visible or not.


----------



## Mike Bobbitt (22 Nov 2008)

Actually you don't need to view someone's profile to PM them.


----------



## George Wallace (22 Nov 2008)

Mike Bobbitt said:
			
		

> Actually you don't need to view someone's profile to PM them.



That's been mentioned, Mike.

What he was getting on about, was simply making the person's email address in the Profile be defaulted to "Not visible".  I was saying that the rest of the profile is still visible, and the ability to PM was still there, allowing a SPAM Artist to gather information and spam people.


----------



## Mike Bobbitt (22 Nov 2008)

Ah, gotcha. The good news about that is we have some mechanisms (such as flood control) to prevent someone from sending a lot of PMs in a short period.


----------



## Blackadder1916 (23 Nov 2008)

George Wallace said:
			
		

> I guess you didn't grasp the idea behind this.  If someone can view your profile and gather information, they can PM you whether your email address is visible or not.



I thought I had grasped the idea behind it very well,  especially since the good Mr. Bobbitt had stressed in his previous post . . .


			
				Mike Bobbitt said:
			
		

> . . .
> Cheers
> Mike
> 
> ** This is a good reason to have your e-mail address hidden from public view*.



Though there may be other contact information that could be harvested from a member's proifile only the email address would (if visible) be found on all profiles.  I don't know if there have been any widespread (or narrow focused) attempts to spam members with PMs but the other thread that I recalled reading about spamming dealt with members' email addresses having been harvested from here.  And as has already been said, you can PM any other member without going to his profile, but such a spammer would be readily identified and quickly banned.


----------



## -rb (23 Nov 2008)

Mike, 
Assuming the main issue is from automated spam bots harvesting the profile info, why not incorporate an image verification text field on a buffer page? Not a perfect fix as bots with OCR may still be able to bypass but the profie should be a little more secure.

ie. something similar to this... http://recaptcha.net/

cheers.


----------



## cardinal (23 Nov 2008)

Mike Bobbitt said:
			
		

> Anything is possible here... using time, MilPoints, posts or some combo. However only posts are built in to the software, anything else would require a custom development effort.



Could you at least extend the privilege to subscribers? Surely those of us who pay should not have arbitrary restrictions on our use of the site.

cardinal


----------



## Mike Bobbitt (23 Nov 2008)

yukon said:
			
		

> Mike,
> Assuming the main issue is from automated spam bots harvesting the profile info, why not incorporate an image verification text field on a buffer page? Not a perfect fix as bots with OCR may still be able to bypass but the profie should be a little more secure.
> 
> ie. something similar to this... http://recaptcha.net/
> ...



Already in place, and has been for a while.  They still seem to bypass it, likely by having a human sitting there manually registering accounts in some cases.



			
				cardinal said:
			
		

> Could you at least extend the privilege to subscribers? Surely those of us who pay should not have arbitrary restrictions on our use of the site.
> 
> cardinal



Good idea, and (I believe) now implemented.


----------



## mp_ada (23 Nov 2008)

leroi said:
			
		

> For what it's worth, I think it's better to focus on quality posts as opposed to quantity--my 2 cents.



I also think that it's silly to have to get to 25 posts to be able to see profiles. (Don't get me wrong, I can also see the security concerns also)  My main reason for beginning to lurk on this site is that I have been trying to narrow down some trade choices, and have found this site invaluable in being able to find relevant professionals that can answer my questions.  I liked being able to see what trade or rank somebody was in order to maybe PM them and ask a specific question.  I know I can post a thread and wait for responses, but I have yielded better results doing it this way.  Obviously I have been patient and waited to actually have something to say, rather than go on a posting rampage just to be able to see profiles.  Maybe I'll get to 25 posts.....  someday....


----------



## Nfld Sapper (23 Nov 2008)

To PM you don't need to view the persons profile, in their post under their username there should be an icon that looks like this 
	

	
	
		
		

		
			





 click that and you can send them a PM.


----------



## mp_ada (23 Nov 2008)

NFLD Sapper said:
			
		

> To PM you don't need to view the persons profile, in their post under their username there should be an icon that looks like this
> 
> 
> 
> ...



I didn't mean that I couldn't PM people.  What I meant was that how do I know from my username, for example, that I am this rank and this trade.  That's where viewing the profiles comes in handy, so you know WHO to PM to answer your question.


----------



## cardinal (23 Nov 2008)

Mike Bobbitt said:
			
		

> Good idea, and (I believe) now implemented.



Yes, it works ... thanks! ... much appreciated.

cardinal


----------



## dangerboy (23 Nov 2008)

ada said:
			
		

> I also think that it's silly to have to get to 25 posts to be able to see profiles. (Don't get me wrong, I can also see the security concerns also)  My main reason for beginning to lurk on this site is that I have been trying to narrow down some trade choices, and have found this site invaluable in being able to find relevant professionals that can answer my questions.  I liked being able to see what trade or rank somebody was in order to maybe PM them and ask a specific question.  I know I can post a thread and wait for responses, but I have yielded better results doing it this way.  Obviously I have been patient and waited to actually have something to say, rather than go on a posting rampage just to be able to see profiles.  Maybe I'll get to 25 posts.....  someday....


 Or you become a subscriber, Mike made it so that everyone that subscribes can view peoples profile no mater how many posts you have.  That way you can continue to just read and only post when you want to.


----------



## aesop081 (23 Nov 2008)

ada said:
			
		

> I also think that it's silly to have to get to 25 posts to be able to see profiles. (Don't get me wrong, I can also see the security concerns also)



If you understand the security concerns, how can you think it is "silly" ?


----------



## mp_ada (23 Nov 2008)

CDN Aviator said:
			
		

> If you understand the security concerns, how can you think it is "silly" ?



Because I've seen people post comments just to post comments, with no substance behind them whatsoever.  If security is such a major concern then I would suggest just not putting anything that is of restricted nature in a profile?  Doesn't that seem to work?  But hey, I'm not a staff member on this site, and I am entitled to an opinion.....  isn't that right?


----------



## aesop081 (23 Nov 2008)

ada said:
			
		

> If security is such a major concern then I would suggest just not putting anything that is of restricted nature in a profile?



The problem was automated bots gathering email adresses for the purpose of spam. A bot wont post 25 times, hence why that was the solution put in effect. Is it realy that difficult to grasp ?


----------



## Mike Bobbitt (24 Nov 2008)

For the record, that's not a great way to get to 25. I understand both sides of the issue... there is a security/privacy issue, which we have addressed in an admittedly heavy-handed fashion. I'm looking for input on how we cen best strike a balance here.

I realize that the inconvenience doesn't affect me - I have more than 25 posts - which is part of the reason I'm intreested in an open discussion. The other part is that this is of course _your information_ to protect at a level you deem appropriate. I simply want to make our users aware of the threat and possible controls in place.


----------



## KingKikapu (24 Nov 2008)

I think the implementation is perfect.  New members from now on will never know what they missed.  This is only a transitionary inconvenience.  The only touchy thing will be letting new members know when they can view profiles.  My suggestion is an automated email at post 25 that lets them know they now have the ability to check profiles.  That way you don't tip your hand as easily to spammer scum.


----------



## armchair_throwaway (24 Nov 2008)

Oh wow, I was just about to suggest changing the error message to something more specific like "You can view profiles after 25 posts." while looking up the original error and realized I can now view profiles (at post count 23).


----------



## Mike Bobbitt (24 Nov 2008)

Thanks... I think I had a setting incorrect there, but believe I have fixed it now.


----------



## Mirta (27 Nov 2008)

25 posts... I figured it was something like that, thanks for confirming. I do understand the reasons too.

I'm also a mostly-lurker who reads all the time but doesn't post too often. Still have a long way to go to 25, but I'll maybe get there in another year or so.


----------



## Bruce Monkhouse (27 Nov 2008)

Mirta said:
			
		

> 25 posts... I figured it was something like that, thanks for confirming. I do understand the reasons too.
> 
> I'm also a mostly-lurker who reads all the time but doesn't post too often. Still have a long way to go to 25, but I'll maybe get there in another year or so.



..or subscribe now. [shameless plug notwithstanding]


----------



## Pelorus (28 Nov 2008)

If the problem is with spam bots collecting contact information (most importantly email addresses), perhaps simply hiding the relevant sections of the profile would be another way to tackle this problem?  Hide everything in the list starting from ICQ - Language until after a certain post count has been reached, but still allow new posters to view the section that describes a member's rank, trade, etc.?  Just an idea.


----------



## Mike Bobbitt (28 Nov 2008)

It's a good idea... just one that would take some time and effort on my part.  I'd have to re-write small parts of the forum software to honour your post count and dynamically show or hide portions of your profile... certainly not impossible but a bit time consuming and unfortunately time seems to be at a premium these days!


----------



## Michael OLeary (28 Nov 2008)

Let's keep in mind that this site is not exactly constructed to generate large sums of money.  Mike B. does not run it as a full-time programmer, he does so as a hobby on top of a real job, a real family and other real life commitments.  In some cases, the forum approach is the best compromise of the forum software (which is third-party), Mike's valuable time to tweak it where he can, and the overall site management processes.

Some things just have to be accepted as they are because it's not worth the effort to make every suggested change.


----------



## Nfld Sapper (28 Nov 2008)

And with that Mr. O'Leary..... time for the shameless plug.......

Why not pony up and get a membership to the site to help out?

How to subscribe


----------



## George Wallace (28 Nov 2008)

So?  If we delete someone's Posting a new Topic or question, because they want to build up their Post Count and not read topics already started; do they get penalized more than just building up a Negative MilPoints Count?     >


----------



## Kebel (10 Dec 2008)

Would it be possible to allow me to see profile? I'm in here to read a lot as I can't post much yet since i'm in the process of application for the forces and I can't answer any of the questions ppl are asking on the board. I've been reading for 14 hours according the forum.


----------



## Mike Baker (10 Dec 2008)

If they bent the rule for one person, then they'd have to do it for everyone else who wanted it done.


----------



## Nfld Sapper (10 Dec 2008)

This is ARMY.CA. We don't *bend the rules* here!


----------



## Kebel (10 Dec 2008)

Alright, rules are rules.


I just don't get why you guys need 25 posts to know whether it's a bot/spammer or not.

I thought it was better to ask like i did rather than posting crap just to boost the post count.. I bet i was wrong.


----------



## Nfld Sapper (10 Dec 2008)

You can always appeal to the all powerful Mike Bobbit but I think he won't change the rules just for that.


----------



## Kebel (10 Dec 2008)

Well, thx guys for the answers i'll do like everyone else and try to post here and there to reach 25. It's not very a big issue.


----------



## Nfld Sapper (10 Dec 2008)

No problem.


----------



## Binder (11 Dec 2008)

Mike Bobbitt said:
			
		

> * This is a good reason to have your e-mail address hidden from public view.



Hi. I am new here too, and I have checked off the little box requesting my email be hidden.  It didn't work for me.  I can still see the option for members here to email me.  I'm not sure why.

I have another question - how can I delete my profile if I wanted to?  When I go to the manage my profile tab, the option to delete does not exist.  Is this because I am considered just a 'guest'?


----------



## Nfld Sapper (11 Dec 2008)

Binder said:
			
		

> Hi. I am new here too, and I have checked off the little box requesting my email be hidden.  It didn't work for me.  I can still see the option for members here to email me.  I'm not sure why.
> 
> I have another question - how can I delete my profile if I wanted to?  When I go to the manage my profile tab, the option to delete does not exist.  Is this because I am considered just a 'guest'?



You can always see your own email addy others viewing your profile will not. And no there is no way to delete your profile.

EDITED TO ADD 

Just checked your profile and:



> Summary
> Name:  Binder
> Email:  hidden


----------



## Binder (11 Dec 2008)

oh, thank you.


----------



## Nfld Sapper (11 Dec 2008)

No problem


----------



## George Wallace (11 Dec 2008)

*LOCKED !*

This topic has been LOCKED, because it is obvious some haven't bothered to read the whole topic.

Please go to page one of this topic and begin there.  Your questions will be answered.


----------

