Alter Ego Detector 1.7.8

[Gossamer]

PM sent!

 

[Xon]

Xon updated Alter Ego Detector with a new update entry:

Maintenance update

• Do not attempt to run alter-ego detection on a session which has been touched by login-as-a-user (two addons supported)
  • IP Checks will still generate false positives if you are using this functionality!
  • The 'Bypass Alter Ego Checking' permission can be used to prevent a user from being reported, and thus prevent some false positives.
• Fix installer for if the default created user has been deleted.
  • Explicit setup will be required, as the default user this addon would normally report as has been removed.
• Some minor code clean-up

Read the rest of this update entry...

 

[Moshe1010]

IP Checks will still generate false positives if you are using this functionality!

Correct me if I'm wrong, but if I setup IP checks for the past 48 hours, small chance it would give me false positives, isn't it? (Especially if I exclude Admins from being detected). Or you mean if I connect to multiple users, it will trigger it right away b/w them?

 

[Xon]

Correct me if I'm wrong, but if I setup IP checks for the past 48 hours, small chance it would give me false positives, isn't it? (Especially if I exclude Admins from being detected). Or you mean if I connect to multiple users, it will trigger it right away b/w them?

If you grant someone the 'Bypass Alter Ego Checking' they should never be reported as an alter-ego.

The issue is if you have users who have the login-as-user ability who post as another user, when none of them have the 'Bypass Alter Ego Checking' permission.

 

[Valhalla]

I have two individuals who share a computer; one is a moderator, and one is not. We had a case where they were reported as alter-egos.

Since we have confirmed this instance as genuine, if I grant the 'Bypass Alter Ego Checking' permission on the moderator user group, will this mean a report is not created?

Or perhaps I need to create a new user group and assign both users to it with the above permission having been granted?

Apologies if this has been covered already.

Thanks!

 

[Xon]

Under the default configuration, you can also just resolve the report and it will not be bumped again.

If you are using any other reporting method, or having reports posted as threads you will need to use the 'Bypass Alter Ego Checking' permission.

Since we have confirmed this instance as genuine, if I grant the 'Bypass Alter Ego Checking' permission on the moderator user group, will this mean a report is not created?

Correct.

Or perhaps I need to create a new user group and assign both users to it with the above permission having been granted?

You only need to grant one user the 'Bypass Alter Ego Checking' permission, but otherwise it is up to you for how you want to structure groups.

 

[Valhalla]

Thanks, Xon.

 

[Xon]

Xon updated Alter Ego Detector with a new update entry:

Maintenance update

• Do not double-escape usernames when creating the report/conversation/thread
  • ie; if a username is "A&B" this ensures it is not rendered as "A&B"
• Update Template modification used in reports for XF 1.5

Read the rest of this update entry...

 

[Gene Steinberg]

It appears to be working, but I am having a problem adding user names in the option to create a PM.

I can put in one, and it's OK.

When I put in two, on separate lines, it doesn't recognize the separation and flags an error when I try to save it (putting both names together).

 

[Xon]

When I put in two, on separate lines, it doesn't recognize the separation and flags an error when I try to save it (putting both names together).

This is actually a really old bug, I'm not sure how I missed it when I added the front-end validation. It does explain why the conversation reporting option didn't work so well.

 

[Xon]

Xon updated Alter Ego Detector with a new update entry:

Bugfix release

• The Conversation sending function was incorrectly splitting on /n rather than a newline, causing most attempts at sending to more than a single user at once to fail.
  • Usernames are now normalized when entering conversation recipients, this may because unexpected re-ordering of the recipients.

Thanks @Gene Steinberg for reporting this.

Read the rest of this update entry...

 

[Rob]

Does this flag duplicate users only at registration? I am aware one or two members have two accounts but these are not being flagged up to me - does it not check existing accounts?

 

[Xon]

Does this flag duplicate users only at registration? I am aware one or two members have two accounts but these are not being flagged up to me - does it not check existing accounts?

It only does the check at registration or on login.

It would be fairly straight forward ensure a user who is using 'remember me' functionality gets tagged as well.

 

[Rob]

Can you set a username cookie at each login? Have each login append username data to a username cookie array and use that to flag? Dupe accounts being flagged at registration is of course very useful, but whats more useful to me is to know which of the pre-existing 60K accounts are being used as duplicates - would love support for existing accounts

 

[Cyb3r]

Hey @Xon, I just enabled the ip detector last night and I got a lot of reports for ego's, is it really correct or there's maybe a false positive?

Also when I try to access some members it shows 404 member cannot be found.

 

[Xon]

@Cyb3r the IP detector is very likely not correct and will catch all sort of false positives. I don't particularly recommend it at all.

It is also rather unusual for a 404 to be shown, as they are just standard profile links.

 

[Cyb3r]

@Cyb3r the IP detector is very likely not correct and will catch all sort of false positives. I don't particularly recommend it at all.

It is also rather unusual for a 404 to be shown, as they are just standard profile links.

If you noticed the report has 2 same usernames, each one has a different id for some reason, thanks for the info I disabled the IP detector anyway.

 

[Cyb3r]

@Cyb3r the IP detector is very likely not correct and will catch all sort of false positives. I don't particularly recommend it at all.

It is also rather unusual for a 404 to be shown, as they are just standard profile links.

One more thing that might be useful, reports should be auto resolved or rejected based on the admin action from admin CP, I mean when we set it to moderate.

 

[kontrabass]

Quick suggestion: When an alter ego is detected on registration and it goes to the mod queue, it would save some time if the username of the alter ego were linked to the user (instead of having to copy/paste in a new admincp window to check out the account)

 

[Xon]

@kontrabass @Cyb3r

The integration with the admincp moderation queue is rather basic, and I do agree it needs improving.

I'm hoping to-do more feature development work on this add-on in November. This add-on will still receive bugfix/maintenance updates.