| Pages in topic: < [1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24] > | Illegal use of data from ProZ.com profile Thread poster: RoxanaTrad (X)
|
|---|
| Henry's answers | Aug 7, 2009 |
ViktoriaG wrote:
Why is this so hard for you, Henry? What is keeping you from addressing the most important and most urgent of all issues? No matter how secure you make your servers, my data is still going to be out there, thanks to your inaction. And why is it that you have ignored my question six times already?
I am really losing patience now.
Hi Viktoria,
Henry did in fact reply:
Under that link, you can find the following:
Could you be more specific? What attempts have been made to get the information removed from the Internet?
ProZ.com staff members consider it the responsibility of the site to do everything within reason to have the private content that was improperly accessed removed from the web. To this end, as a first step a request for removal was sent to those operating outsourcingroom.com. There was no response and attempts to establish contact were not successful. A "cease and desist" letter and DMCA filings were then prepared. Legal options have been investigated but no action has yet been initiated. A report has been given to appropriate law enforcement bodies, ISPs hosting the site have been notified, and other steps have been taken. Unfortunately, there is no guarantee that any of these efforts will be successful in the near term, if at all. However, the process will be pursued to the extent possible.
HTH,
Andrea
| | | | | Quote from the information page - for Viktoria | Aug 7, 2009 |
Viktoria,
Here is a paragraph from the security info page:
http://www.proz.com/about/security
Could you be more specific? What attempts have been made to get the information removed from the Internet?
ProZ.com staff members consider it the responsibility of the site to do everything within reason to have the private content that was improperly accessed removed from the web. To this end, as a first step a request for removal was sent to those operating outsourcingroom.com. There was no response and attempts to establish contact were not successful. A "cease and desist" letter and DMCA filings were then prepared. Legal options have been investigated but no action has yet been initiated. A report has been given to appropriate law enforcement bodies, ISPs hosting the site have been notified, and other steps have been taken. Unfortunately, there is no guarantee that any of these efforts will be successful in the near term, if at all. However, the process will be pursued to the extent possible.
This may be a recent addition to the text, I am not sure.
But it is there now.
I am not trying to defend Henry or anybody, I am just saying that the info about what they have done and are doing is out there.
If you want to take yourself steps, your only option seems to be to use the Contact link on THAT site, and request the removal of your data.
If I were you, I would include my user name, the old email that they probably have on file (so they cannot say they couldn't identify you), a link to "your" profile page, and tell them the old email is not accessible anymore, Give them another email where they can contact you. Now, for this latter one, I would just create a temporary email somewhere, not use any real email addresses of mine. I am not suggesting using a fake email address, because then you won't have any way of knowing if they actually did what you asked them, only by checking their site.
I know this is extra effort, but some people said at the beginning of the thread that they were successful with their request sent directly to the site. Not everybody, though...
Katalin
| | | | | Thank you, Andrea and Katalin | Aug 7, 2009 |
Thanks for quoting that.
Viktoria, your posting violates our rule concerning mutual respect: http://www.proz.com/siterules/general/2#2 Note that just as moderators and site staff members are expected to follow the rules, the rules are there to protect moderators and site staff members just as they protect others.
In other words, let's keep it civil please.
| | | | | Roxana, your data was taken from Elance, wasn't it? | Aug 7, 2009 |
RoxanaTrad wrote:
Regarding the security link, Henry, I must disagree with you on something: you said this affected profiles older than 3 years. Well, since I started this whole thing and obviously it happened to me too I must inform you that I have only been using it for a few months.
But Roxana, your data was on Elance, right? They probably got your data from there, and not from ProZ, right?
By the way, did anyone ever say a BIG THANK YOU to Roxana, for alerting us to this in the first place?
I would definitely like to take the opportunity now:
THANK YOU!
Katalin
| | |
|
|
|
| Outsourcing.com blocking attempts to login? | Aug 7, 2009 |
Hello, thank you to Katalin for sharing her method with us. However, I got just as far as changing and confirming my new password, but the moment I try to login I enter my usernae and password, and click "sign in", it doesn't take me anywhere. It just stays in the login page, as if I did not click the "sign in" button.
Anyone knows how to overcome this?
Oh, yes. And thanks so much to ROXANNA.
[Editado a las 2009-08-07 17:14 GMT]
ETA: Nevermind, I cou... See more Hello, thank you to Katalin for sharing her method with us. However, I got just as far as changing and confirming my new password, but the moment I try to login I enter my usernae and password, and click "sign in", it doesn't take me anywhere. It just stays in the login page, as if I did not click the "sign in" button.
Anyone knows how to overcome this?
Oh, yes. And thanks so much to ROXANNA.
[Editado a las 2009-08-07 17:14 GMT]
ETA: Nevermind, I could change my info now.
[Editado a las 2009-08-07 18:02 GMT] ▲ Collapse
| | | | AWa (X)
Local time: 02:31
English to German
+ ...
| Getting your profile removed | Aug 7, 2009 |
Immediately after finding my data on that obnoxious site I sent an e-mail and a bug report requesting them to delete/remove my profile once a day for three days. No reaction whatsoever.
On the fourth day I took a hint from somebody in this thread:
I wrote another e-mail, in which I set a deadline by which my profile was to be removed, if not I'd take legal action.
My profile was gone a few hours after I had sent that mail. I used the same mail-address I stated i... See more Immediately after finding my data on that obnoxious site I sent an e-mail and a bug report requesting them to delete/remove my profile once a day for three days. No reaction whatsoever.
On the fourth day I took a hint from somebody in this thread:
I wrote another e-mail, in which I set a deadline by which my profile was to be removed, if not I'd take legal action.
My profile was gone a few hours after I had sent that mail. I used the same mail-address I stated in my proz profile figuring they had already taken it from there and I was not supplying them with new information. ▲ Collapse
| | | | RoxanaTrad (X)
Romania
Local time: 03:31
English to Romanian
+ ...
TOPIC STARTER
Katalin Horvath McClure wrote:
RoxanaTrad wrote:
Regarding the security link, Henry, I must disagree with you on something: you said this affected profiles older than 3 years. Well, since I started this whole thing and obviously it happened to me too I must inform you that I have only been using it for a few months.
But Roxana, your data was on Elance, right? They probably got your data from there, and not from ProZ, right?
By the way, did anyone ever say a BIG THANK YOU to Roxana, for alerting us to this in the first place?
I would definitely like to take the opportunity now:
THANK YOU!
Katalin
You are right Katalin, it was Elance that sent me a note warning me of possible stolen profiles and instructing me further. I don't actually know for sure where it happened.
And, YES Katalin, many people thanked me along this thread, others held me responsable for choosing to own such a profile that is public by its nature. My shock however was when the outsourcer sent me a copy of the so-called CV she received and it was MINE. As in my writting, formatting, layout, everything. They hadn't even changed one space. The only thing missing were my contact details where, instead, was written in red bold letters: confidential. AND THAT IS SPOOKY, NOT THE EMPTY PROFILES.
Besides, I am not the only one to be thanked for; if people hadn't taken a firm stand on this issue nothing would have happened, it would have died out. Therefore, if anything did change it is because we backed each other up demanding an explanation AND a solution. As for what concerns me, I still have a profile there I can't delete. And, again, my Proz.com CV is visible on Google, even though I chose to make it visible to logged-in users only. WHY IS THAT???
Good luck to everyone and I now honestly believe a crowd is better than one.
| | | | Ines Burrell 
United Kingdom
Local time: 01:31
Member (2004)
English to Latvian
+ ...
| I cannot remove my profile | Aug 7, 2009 |
The outsourcing thingy is not letting me sign in. I got the link to change the password however it just gets stuck there asking me to enter my new password and to confirm it and once I have done it I have to do it again and again. This is just totally annoying. So far all I have managed to do it to confirm my email address with them and I do not like it one bit.
Ines
| | |
|
|
|
Uldis Liepkalns
Latvia
Local time: 03:31
Member (2003)
English to Latvian
+ ...
| Re: 5 minutes | Aug 7, 2009 |
And now please multiply these 5 minutes with about 150 000 stolen profiles and you'll get the idea how much human time will be spent to remove them manually by us ourselves (provided you succeed, I do not and I read here many others do not too).
Uldis
Ligia Dias Costa wrote:
Removed my profile in five minutes, thanks to Katalin's instructions!
Ligia Dias Costa
[Edited at 2009-08-07 16:14 GMT]
| | | | | Thank you Katalin | Aug 7, 2009 |
Indeed, it took 3 minutes and 28 seconds but it works and that's what counts!
Thank you for your clear instructions.
Best regards,
Sherefedin
| | | | | Possible solution for Roxana | Aug 7, 2009 |
RoxanaTrad wrote:
As for what concerns me, I still have a profile there I can't delete. And, again, my Proz.com CV is visible on Google, even though I chose to make it visible to logged-in users only. WHY IS THAT???
Good luck to everyone and I now honestly believe a crowd is better than one.
Roxana, please forgive me if you already thought of this, but: do you log off from ProZ before you try Googling your name? I never log off ProZ, so if I Googled you, I would be able to see anything that's available to logged-on visitors, even if I did not have a ProZ window open.
I want to add my thanks to you and to all who have posted on this thread. To the ProZ staff, my sincere sympathy--you've had a singularly unpleasant couple of weeks, haven't you?
FWIW, I had a similar experience (much smaller in scope) on another website, and I think what Henry said above is valid: You don't want to make public announcements that you've been hacked until you are prepared to face the new attack(s) that the announcement will inevitably inspire.
| | | | Jaroslaw Michalak
Poland
Local time: 02:31
Member (2004)
English to Polish
SITE LOCALIZER | Not really... | Aug 7, 2009 |
JaneTranslates wrote:
Roxana, please forgive me if you already thought of this, but: do you log off from ProZ before you try Googling your name? I never log off ProZ, so if I Googled you, I would be able to see anything that's available to logged-on visitors, even if I did not have a ProZ window open.
That is plainly incorrect... What you see on Google pages is the data that have been gathered by Google robots crawling the websites and saving information found there. In fact, Google servers keep the information long after it has been removed from the original sites.
In other words, if it is visible to Google, it is visible to anyone who would like to make use of it, for whatever purposes.
By the way, I have sent a support tickets (twice) concerning the fact that CVs are available to search robots. I was told that it is for the better as it improves my search visibility, but I am not that convinced. For one, it makes me remove from my CV data which I would like to present to outsourcers (such as my e-mail address in open text), but I would not divulge to search robots.
| | |
|
|
|
| Thank you Katalin! | Aug 7, 2009 |
Having received no response to my email (I used outsourcingroom's web form to send a "remove this stolen information now or I will be taking legal action" notice last night), I tried Katalin's instructions to get into "my" account and delete it. There's actually a "Remove Account" button. Let's hope it works...
Thanks very much for posting them!
| | | | RoxanaTrad (X)
Romania
Local time: 03:31
English to Romanian
+ ...
TOPIC STARTER
JaneTranslates wrote:
RoxanaTrad wrote:
As for what concerns me, I still have a profile there I can't delete. And, again, my Proz.com CV is visible on Google, even though I chose to make it visible to logged-in users only. WHY IS THAT???
Good luck to everyone and I now honestly believe a crowd is better than one.
Roxana, please forgive me if you already thought of this, but: do you log off from ProZ before you try Googling your name? I never log off ProZ, so if I Googled you, I would be able to see anything that's available to logged-on visitors, even if I did not have a ProZ window open.
Thank you Jane, I see what you mean, I thought about that too. I never log out of proz or e-mail from my computer. Still, I repeated the search using a different PC, wired to a different internet provider, without previously accessing any of my regular URLs. It comes out at page 3 or 4 of search result (using both full name and user name).
More, in my profile, at visitors, I found to have been googled for username by not logged in visitors (twice today) who viewed my CV. Jabberwock is right. What should I do? Remove my CV? Although I do have regular outsourcers and direct clients I wouldn't mind new ones (and I think we all agree here), still, I would like to be able to control whom to allow access to personal info and who not to.
It is a question of professionalism, I mean, this is not facebook, we are not here to "stay in touch"; we are here to provide or buy professional services and while we are paying for membership we should at least be entitled to a decent, safe, working environment. Or not???
| | | | Textklick
Local time: 01:31
German to English
+ ...
In memoriam | Proactive approach a good sign | Aug 7, 2009 |
Jabberwock wrote:
By the way, I have sent a support tickets (twice) concerning the fact that CVs are available to search robots. I was told that it is for the better as it improves my search visibility, but I am not that convinced. For one, it makes me remove from my CV data which I would like to present to outsourcers (such as my e-mail address in open text), but I would not divulge to search robots.
I agree. I never had my E-mail/address listed. I used to have my C.V. listed, but I have changed it to "Available on request".
However, I was pleased receive a mail from Jason today that read as follows:"You are receiving this message because you appear to have entered custom javascript code in the "about me" or "custom tab" areas of your ProZ.com profile. For reasons of security, the use of such javascript in ProZ.com profiles has now been restricted.
While there are many legitimate reasons to include custom javascript in a profile page, allowing this javascript also creates a security risk.
An attempt has been made to minimize the disruption that disallowing this custom javascript could cause to your business. As a ProZ.com member, your profile can still be viewed with the custom javascript enabled, but the viewer will be given the choice
of whether to allow the javascript to run.
For more information, please see these FAQs: http://www.proz.com/faq/10126#10126
Note that if you used custom javascript in order to add a hit counter or instant messenger to your profile, you may be able to get a similar result with more secure tools provided by ProZ.com. See the FAQs above for details.
I'm sorry for the inconvenience this will cause to some users. This measure is being taken as a security precaution. It brings ProZ.com's policy on dynamic content in profiles in line with much of the rest of the Internet.
I appreciate this proactive approach. A sign that the whole issue is being thought through and not being taken lightly or ignored, as some have suggested.
Cheers
Chris
| | | | | Pages in topic: < [1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Illegal use of data from ProZ.com profile | Trados Business Manager Lite | Create customer quotes and invoices from within Trados Studio
Trados Business Manager Lite helps to simplify and speed up some of the daily tasks, such as invoicing and reporting, associated with running your freelance translation business.
More info » |
| | Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
