Skip to main content

Preventing Google Calendar spam, and intricacy of requirements analysis

In Google Calendar's (current) default configuration there's an opening for unlimited spamming, with an opportunity for dangerous phishing links. There's a Google Calendar setting that closes that opening, but in a way that also closes some information flow in legitimate collaboration with known colleagues. The details are a good example of the intricacy and difficulty in adequate requirements analysis.

The problem is in what happens when someone creates a calendar event that include you as a guest.

  • The person including you can elect to send out notifications to the event guests via email.
  • Your calendar has a setting which regulates when a calendar entry is automatically created for events of which you are a guest: "Automatically add invitations" (in General > Event settings)
    • Here are the options:
      1. Yes <- default="" li="" the="">
      2. Yes, but don't send event notifications unless I have responded "Yes" or "Maybe"
      3. No, only show invitations to which I have responded
    • You need to select 3 if you want to avoid automatically having spammer's events that include you as guest from showing on your calendar. (If you select 1 or 2 you can mark events that show on your calendar unwanted as spam, but then you have to intervene, and spam numbers could become unmanageable.)
For those of you who are reading just for the solution, that's it. It has a drawback, and a way that Google Calendar could rectify that drawback, tough such a solution is not yet available.

For those interested in how that solution could be better, and the intricacy of requirements assessment: the problem is that selecting 3 means that the system no longer does anything to automatically alert you about events that legitimately include you, but for which the colleague does not elect to issue an emailed notification. (This can easily happen in the context of work or other team endeavors.)

There's a solution for an analogous situation: to have an option to include events depending on whether the event creator is in your address book. This is similar to Gmail's Vacation responder configuration option, "Only send a response to people in my Contacts".

There might be some people in your contacts who overuse the privilege, but at least you have social recourse to let them know, which doesn't work with spammers. Further refinement of the configuration options, so you could identify a contacts group to exclude from the privilege, would provide a mechanical means for customizing to deal with this situation, as well.

Though this configuration issue is a fairly small detail, it illustrates the discretion necessary to enable people to manage communications which are accessible by the whole wide world. There's enormous potential inherent in that, and part of that potential is potential for abuse, which needs to be intricately tamed.


Popular posts from this blog

Blogger silently drops comments submitted by Safari in embedded-comments mode

We've noticed that comments submitted from Apple Safari (Mac or iPhone) are dropped without any notification if the blog is set with Comment location = Embedded. Having set it to Pop up (I think), it worked. We're going to try some more tests. That's what this post is for! From the comments testing we discovered some useful things: Using Comment location = embedded: Is necessary to enable replying to specific comments. Comments posted from Safari (laptop or iOS) are silently dropped. It looks to the person posting the comment that it went through, but the blog moderator sees no sign of it at all. Using Comment location = Pop up or Full page: Inhibits option to reply to other comments – no comment threads Enables comments from Safari The trade-off is clear. Losing comments from people who think they submitted them successfully is not acceptable. Particularly from a prominent browser (currently estimated to be a bit less than 4% of users). I just hate to lose comment threadin

A Contemplative Movement Online Score

Barbara Dilley developed a shared dance/meditation practice called Contemplative Dance Practice – CDP, a "dancer's meditation hall". I've been exploring adaptation of this score for online sharing. The aim is to share meditation and movement across the gap of social distancing. (See below the score description for online meeting logistics and further info about the practices.) (The framing of this score is a work in progress, continuing to change. Revision information is at the bottom.) Score Description The score is divided into sections. At the beginning of each timed section the facilitator says which section it is and arranges for a bell to sound at the beginning and the end of that section. Opening Circle : Time for brief introductions / check-ins and to review the outline of the score (essentially, the bold headers below). Meditation: 15 minutes for stillness . In the original score the participants share sitting meditation. We invite whatever meditat

Finding inspiration in solo movement in small changes

Contact Improvisation offers extraordinary opportunities to explore movement cooperation with others and with oneself. I've been curious a question about how to find in solo moving the kind of inspiration that can come from dancing with others. I had been exploring a practice for a long time before the COVID pandemic. Having to concentrate on solo moving during the pandemic has given me the opportunity to resolve some questions about how to describe the practice and its purpose, enough so that I feel ready to describe it. One of the things I love about doing Contact Improv is a sense of attunement that happens, with others and myself, through just mutually following the points of contact. For many years I've been curious about what helps to cultivate this, and have experimented with ways to do so in solo moving – in my warmups and general solo dancing. During the COVID-19 quarantine I have had more opportunity and heightened focus on this exploration of solo movement (in-person