There's a bunch of live chat customer support apps like Intercom, etc. that do not have end to end encryption between the customer and the support agent team.
I've researched this topic extensively and understand that there might be problems exchanging the keys between agent team and anonymous visitors on websites with live chat. But can't quite grasp the magnitude of the problem (I'm familiar on high level how this is done in iMessage by Apple).
Since this hasn't been done by any big provider yet, is there's any particular limitation that prevents this from working on this particular problem?
Is it possible (and how hard) to replicate what iMessage is doing in a domain with anonymous users and group chats (where multiple agent must be able to see messages from multiple anonymous users and other agents)
Related
I was unable to find a similar question posted in the past on this site. The website, OneShop, provides account automation as a paid service for users selling on the Poshmark platform (as well as other websites).
This includes listing, sharing listings, as well as other services. The number of actions against a user's account can be over 1,000 in a day. The service on the platform is not a web browser extension, so the actions are taking place directly on OneShop servers.
My questions on this topic are these, with consideration of Poshmark having no available APIs:
How is the user's account not flagged for unusual activity from an unrecognized IP address ?
How are the OneShop IP addresses, over time, not blacklisted through the course of providing service to 1,000's+ of accounts ?
What method of programming would someone use to circumvent the need of an API in this context? Spoofing IP addresses to make it appear the activity is coming from each account owner's IP address?
This is posed as multiple questions, but the core of this post is to understand how it is possible for OneShop to provide the service they offer successfully without leveraging any available API's with Poshmark.
I very much appreciate this community and frequently come here for support of all kinds in the space of programming.
I am running a business regarding selling/buying online things and I am mainly using Discord to contact my suppliers/clients. It grew quite tiresome to manually send private messages to each one of my suppliers, and to organize contacts with the current discord interface (outside of specific servers)
What I am interested in is: can I create a script that, when I run it, would send a private message to multiple people in my friends list (being given a list of discord names), WITHOUT using a discord server? The server/channel option is not viable for me, nor is using another app. I would start building that in any programming language, I am just interested if it's possible as I have found no information regarding it.
Unfortunately, Discord Accounts can only message other accounts that they're either in a server with or are friends with. Discord Bots can't add friends, and if they were in a server with all of your clients that would defeat the purpose. A hypothetical solution would be to invite all of them to a Discord Server with no text channels and then have the bot message them from there, which is 100% possible and would be really easy to do.
I've looked briefly through Spotify's API documentation to try and see what exactly can be done with the API. I'm trying to do some data analysis on Spotify data, specifically on user listens / user playlists. However, as far as I can tell, the only way to uncover that information is through OAuth, and each user whose play information I desire would need to explicitly grant permission to my app to use their information. Since I am not building a user-facing app and am interested in doing mass analysis on many users at once, I don't think this would work for my purposes.
My question - is there any way to return multiple users' listening habits through a script that pulls data from Spotify using its API? Or is that possible strictly by way of an application that one user at a time gives authentication to when they load an app that uses this API?
is there any way to return multiple users' listening habits through a script that pulls data from Spotify using its API?
Spotify doesn't expose users' listening habits unless they authorized the app requesting it (I think this is what you meant when you said "through OAuth"). There's pretty big privacy reasons for not exposing users' data to the world.
Imagine a situation where a large corporation wanting to give their users access to a website, without having to individually register each of their users with the target website.
EDIT: Registrations to the website are paid subscriptions, so normally users would pay and get their accounts activated via support line (or it happens automatically). Corporate would want to purchase a bulk subscription, and add/remove the users under that, subject to a maximum limit, so the individual users don't have to go through the hassle.
Users should still have their individual accounts with the website(instead of a single account used by all users) so that they can have their preferences saved, etc.
(Prefer a solution where most of the implementation happens in the website side)
Are there any accepted patterns, solutions for this kind of scenarios?
I thought of if we could use OAuth(Yes, I know it's authorization,
but may be we can use it as an authentication tool as well, right?),
or OpenID like protocol. But the corporation does not have such
mechanism exposed to the outside. Are there any "off the shelf" kind
of products which we could use to create a OAuth/OpenID
implementation against an existing user base, lets say
ActiveDirectory.
So I'm in the midst of creating a Facebook Connect enabled site. The site in question will leverage your social graph - as defined by your facebook account - to do social things (what is really not important here). Here's the big question I have:
Are people still rolling their own authentication heuristic when using something like Facebook Connect? That is, are newer (FBConnect) sites today providing only FBConnect as an authentication strategy, or are they pairing it with other auth strategies (such as Google Auth, Open ID, etc)? What do you think is the best way to go? With Facebook having over 300,000,000 users now, is having 1 authentication strategy (FBConnect) enough? Or is it proper netiquette to provide users other means?
Some of the references I have been looking at today:
http://www.kenburbary.com/2009/08/five-reasons-companies-should-be-integrating-social-media-with-facebook-connect/
Increased Registration - Data from Facebook states that sites that use Facebook Conect as an alternate to account registration have seen a 30-300% increase in registration on their sites.
• Citysearch.com – Daily site registrations have tripled in the 4 months since Facebook Connect testing began
• Huffingtonpost.com – Since integrating with Facebook Connect, more than 33% of their new commentor registrations come through Facebook
• Cbsinsider.com – Over 85% of all new user registrations are coming from Facebook Connect
http://www.simtechnologies.net/facebook-connect-integration.php
"according to the current statistics using facebook connect increases 30-40% user traffic as compared to non-facebook connect websites."
http://wiki.developers.facebook.com/index.php/Connect/Authentication_and_Authorization
Our research has shown that sites that implement Facebook Connect see user registration rates increase by 30 - 200%.
No Need to Create Separate Accounts
In general, it's not a good practice to force a new user to create a separate account when registering on your site with Facebook Connect. You'll have the user's Facebook account information, and can create a unique identifier on your system for that user.
Just make sure you understand what Facebook user data you can store, or simply cache for 24 hours. See Storable Information for details.
If the user ever deactivates his or her Facebook account, you have a chance to contact the user to request the user create a new account on your site. When a user deactivates his or her account, we ping your account reclamation URL to notify you of the deactivation. Then Facebook sends the user an email regarding the deactivation. If the user has connected accounts with any Facebook Connect sites, and if your site has specified an account reclamation URL, the email will contain a section with your application logo, name, and reclamation link, in addition to an explanation about the link's purpose. For more information, see Reclaiming Accounts.
http://www.chrisbrogan.com/how-facebook-connect-points-the-way-towards-velvet-rope-networks/
The Drawbacks
Though there are advantages to using Facebook Connect for integration, there are some drawbacks, mostly from the marketer’s point of view. If you build out a social network project using Facebook Connect, Facebook gets all the information and you get none. You don’t get a database of users. You don’t get a way to message people participating in your event, except for “in stream,” the way everyone else is using the app. You don’t have any sense of demographics, nor any control abilities to block trolls or other unwanted types.
Crystal Beasley "All of the FB Connect sites we have built so far have incorporated "standard" accounts as well, even with the added complexity of supporting dual login methods."
There are still people who use mySpace (myself not included), and I know a several people coming out of college that have completely deleted their FB accounts to get rid of information of them they don't want potential employers to find (I know, there are a lot easier ways of doing this). If there are people who for whatever reason do not want to have a FB account, at least give them the option of creating a private google account.
Using ONLY Facebook as the register/login-method seems pretty dangerous to me. If you had a regular user management system, with Facebook Connect to speed up the process from a user-perspective is a good idea.
The Problem is somewhere else
if you really want to leverage the social graph only facebook brings "pure" data
the graphs people build at e.g. myspace arent telling much about that person and its social env. - at google neither
if you are just heading for viral spreading prefer the plattforms that share the best (just facebook again)