AI Zone Admin Forum Add your forum

NEWS: Chatbots.org survey on 3000 US and UK consumers shows it is time for chatbot integration in customer service!read more..

UUID and Other Extraneous Nonsense.
 
 

One of my bots recently had the following short conversation.

Human: My name is Queenie1 Resident.
Bot: You have a nice name Queenie1. What’s on your mind?

Human: My UUID is dd625ced-681c-4074-8c1a-9e664cc04d87
Bot: lol… People always say that, but I don’t always believe it.

Human: oops sorry i have just seen now your im
Bot: Oh. There’s no need to apologize. You’re not the only one.

 
I don’t have a clue what it means, but I believe there’s at least, an indication that my bot is being contacted, or employed, in a way unlike the one I intended.

With five Pandorabots running, I get to read a lot of chatlogs giving the impression that something is going on beyond my control.  People mention they’re accessing the bot from a cell phone, from within a game of some kind, or from a variety of other sources.  The conversations sometimes reveal that my bot is in a chatroom of some sort as the visitor responds to others in the room, and employs commands that are of no use to my bots.

I can appreciate the desire to expand and to make Pandorabots available to social networking sites.  But, my bots won’t perform in a phone app, or an irc channel the way it does on the HTML pages I’ve created for them.  My bots show pictures, play music, and do different things that would be lost on an audience contacting them in ways other than the one they’re designed for.

I’d also prefer having the ability to “opt out” of having my creative property surreptitiously incorporated for other purposes, and by other means, without my permission.  I’d like to know that my work was protected, and not easily captured in mass by scavengers.

 

 
  [ # 1 ]

In an effort to help prevent situations like this, I have two suggestions; one for Pandorabots for now, and one for you (conditionally, depending on the outcome of the first suggestion) for later:

1.) For Pandorabots (now) - Consider adding some sort of means to optionally limit access to the chatbots you host to the media/methods that botmasters set up for said chatbots, even if it’s only available to paying customers (after all, developing such means will involve a significant investment in the form of man {woman?}-hours).

2.) For you (later) - If the above suggestion is not/cannot be, taken, consider possible alternative hosting solutions that do/will offer such options. I know that right now, such hosting solutions don’t exactly exist, but perhaps in the near/intermediate future??? wink

 

 
  [ # 2 ]

Dave,
Maybe you could do something like this. You can restrict access by IP on Pandorabots correct? So could you restrict access to the Pandorabots server to as single IP which is the address of a server that you can script on. Set up a page on that server that uses some methodology (client side or server side) to restrict access by USER-AGENT and other methods, make that page your public page and redirect users from that page to the Pandorabots server. Of course a dedicated “pain in the a**” could still spoof the IP but it would weed out a plethora of script kiddies.


Vince

“Jeffe, do you know what a plethora is?”

 

 
  [ # 3 ]

Vince, was that directed at me, or Thunder Walk (who is also Dave, but we don’t talk about that very much - And Thunder, before you get upset about my mentioning it, that cat was let out of the bag ages ago. wink )?

On the off chance you’re asking me, here’s my take:

No, you can’t directly restrict access on Pandorabots at all. At least, not that I’m aware of. PB (because I’m too lazy to type out “Pandorabots” all the time) has an XML-RPC interface/API that allows devices of practically any type to chat with (as far as I know) any of their hosted chatbots (either paid or “free”), as long as the remote client knows the chatbot’s unique id. Sure, you can create some custom HTML/JavaScript in the web interface that can restrict access by user agent, IP address, or any number of other criteria, but if someone connects to the PB server through the XML-RPC interface/API, that completely circumvents the HTML page, and thus, whatever “protections” might be implemented therein.

 

 
  [ # 4 ]

@Dave - Nothing you say ever upsets me.

I don’t believe you can block an IP at Pandorabots, I’ve been requesting to have that ability for years.

In talks I’ve had with Pandorabots, without going into detail, I know they’ve been working on an idea whereby they’d give botmasters a code they could distribute to whoever they wanted to have it, others would be restricted.  One drawback is that I’d have to create a new bot and migrate my update files.

But, I don’t want to change the bot address, and I don’t want to restrict all traffic, giving the new botid to just a few friends and relatives.  I promote my bots extensively—that would mean going back to every place my bot is promoted and changing the link.  And, once I submit the new location to promotion sites, how difficult would it be to obtain it?

I’d just like to be able to block access to certain people, or chat sites, the same way I can block spam in my email, or ip addresses the way I can at two ProBoards forums I maintain.

 

 
  [ # 5 ]

I have suggested in the past that pandorabots make the xml-rpc interface an opt-in flag on the account, with the default to off.

Some of this should be directed @ Pandorbots Staff.

 

 
  [ # 6 ]

Judging from your other thread, it appears that they start the conversation with “MY UUID IS ....”. You could try modifying your blocking to block anyone who says this sequence of words.

 

 
  [ # 7 ]

Thanks guys.

I exchange ideas with Pandorabots on a regular basis, and since this forum is moderated by them, I assume they’re reading it.

I’ve taken measures to block the terms used in this conversation… that’s one down and how many to go?

I’ve done the same with the lines that begin with “flag:gb,” as in:
Human: ( (flag:gb) GETTING TO DOIDIM ).

I’m finding it difficult to block the ones that begin with a time signature as in:
Human: [17:14:33] Egor: Loch\r\n\r\n

Pandorabots doesn’t recognize brackets or braces, and there’s no end to user names. 

Does Loch\r\n\r\n look familiar to anyone?  I haven’t visited irc for a long time, but it seems like a chatroom command, or perhaps something from a game..

 

 
  login or register to react