Could be one of the sibling encodings, like base85 or uuencoded, perhaps? From afar they could look sufficiently similar to base64 that OP got them mixed up?
I got tagged by accident like this once, and it took me ages to figure out why I was getting emailed about an obscure issue on something I'd never heard of. I think the UX for both parties could be improved quite a bit.
I have my HN username at gmail, and the novelty... wears off. So many recipts, confirmations, random bccs... Where it gets really ugly is gmail's (incredibly dumb, imo) feature where dots don't matter. I've had mulitple people get quite insistent that they own the email tyler.e <at> gmail, which of course routes to...
Yep, I have an incredibly common firstname@gmail.com email address and I get hundreds of emails daily with random bills, reservations, bank statements and so on.
I registered this username at one of the early big name webmail services. Not unimaginably rare, sure, but neither is it jsmith or the like.
You’d be shocked how many different people have signed up for stuff with that email address that I’ve had for like 20 years (and only ever log into so I can check on the mayhem). I’ve had bank notices, home sale records, 2 people creating Facebook accounts, and plenty of other stuff.
If my name were as common as yours, I think I’d be ready to choke someone.
I ended up browsing someone else's "Cloud NAS" once. I had to resist very hard not adding a watermark to all his photos saying "stop registering with my email!!!".
I have my first name . last name @ gmail and it’s definitely a reminder of how big the world is. I had previously thought my name was fairly unique. I don’t engage anymore unless it’s a small business trying to get paid.
My girlfriend has a rather uncommon name, but her FirstNameMiddleName@gmail.com gets emails meant for someone else rather frequently. Sometimes it’s even official PII or PHI. She’s tried to let people know but they’re surprisingly sometimes not all that receptive? So I think she ignores it now.
I have a similar issue with my Gmail -- my policy is to try to rectify the issue the first couple times it happens, but then just let it happen. The dull ones I filter away from my inbox, but not the most interesting ones. Some of my favorites:
- Every year the same family in Houston includes me in their email thread about who is bringing what to Thanksgiving dinner.
- I am on the mailing list for a Masonic lodge somewhere in England.
- I get receipts when some guy in Australia orders a pizza from Dominos. I also get McDonalds coupons that I think are meant for the same guy.
- I have at various times been sent the meeting minutes from an AA group in Pennsylvania (I am more persistent with trying to get off this list than the others, given the sensitive nature of it).
- I get the newsletter for 4H a group in Sacramento.
Thanks for starting this thread. I have my first initial and last name for Gmail and it's nice to know I'm not the only one getting all kinds of mail for other people with similar names!
That's funny. Sometimes people experiencing a bug @ me because I've recently contributed to the repository. I just reply "LGTM Approved" and then they get mad. I'm like, I don't care what you check into this project. It's not mine!
عينول is a valid name, which can be poorly transliterated to Ai'null
Explaining the joke: The first letter is ain, written as a3 or 'a in some places. Pronounce a' with a soft stop. Because of this, legal names here sometimes include an apostrophe. Normally it's spelled 'Ainul, but one can misspell it.
I used to have an email similar to ps@qs.com, and would get a fair amount of email suggesting people would use that as their made up email. In a similar vein I’d like to apologise to knobs@bobs.com for the amount of captive portal spam you receive on my behalf
There are some more three-character user names if you count dashes and digits, which are also allowed in GitHub usernames. Although I think the first one has to be a letter of the alphabet.
I joined two years after they started which is earlier than I realised. And apparently we're both relatively early adopters given that there's supposedly >100,000,000 users now.
I have a two-letter github username and I wasn't even an early adopter. I only bothered creating an account when it was clear that Github was more than a fad and a few of the projects I contributed to moved there. I tried just my initials and it worked.
Having a two-letter username is less exciting than simply a common word or name, though. Once in a while I get mentioned by accident in issues, or added to some organization. Twice I have had someone beg me to give it to them under the rationalization that it was "really cool" and I wasn't really "doing anything" with it...
EDIT: I just looked up my ID and apparently none of the first half-million people to sign up for a github account tried to brute-force the small-username space.
EDIT2: There are a few single-letter usernames with IDs in the millions, so I wonder if those are somehow "kept in reserve" by github admins and given out to friends or what's the story there.
Makes me think: Interesting spam vector: create a PR advertising whatever and then @ a bunch of people you scraped.
Also interesting attack vector: get a easily mistaken @ name and then see what you become reviewer on. Add malicious code to that PR and merge.
Edit: also what is stupid is at work when setting up your organisation security access you can add anyone globally in the combo search. No org-only filter is even available!
And of course most people use weird handles for their work or personal githubs. So using their UI you need to be an excellent human string comparator or make sure you copy and paste each persons handle which you meed to figure out for each person.
Attack 3: create a bunch of accounts with a similar name to people who work at target company and hope you get added to an org’s repo by mistake.
I don’t know who should be embarrassed here. That org for having 400K members or Github for apparently having no limits on how many emails can be sent out with a simple `@`.
In any case an honorable mention goes to the useless “lock this now” pile-on comments.
We had a bug recently where one of our internal bots didn't correctly parse usernames with hyphens in them, so instead of tagging @tom-jones, it would tag @tom
Talking about failing to parse names, I remember a co-worker once was working on a form and had added a special character validation field to the name field. The only problem was that it blocked apostrophes, and he was Irish so his form wouldn't actually accept his own name.
I used to work at Realm (the mobile database company). In order to keep an eye on what was going on, there was a Slack integration that reposted any mention of @realm on Twitter.
One morning, we woke up to a #twitter channel full of very nearly porn. Young men, scantily dressed, flexing their abs and flashing smiles at the camera.
Turns out someone added a bot on Twitter that would repost things from Instagram to Twitter, except that Instagram allows dots in usernames and Twitter didn’t. I think the IG account was @realm.of.beauty, which was promptly understood by Twitter as @realm.
We had something similar. Public board that went by an acronym that was also used in gay paddling fetish.
You’d be scrolling through hashtags/mentions of us and occasionally be greeted by some young actor being coquettishly tapped on the bare bum with a cricket bat or something.
I'm also @cmg on Twitter, which used to get plenty of Instagram mentions of this type, as well as people thinking I'm CheckMate Gaming, Canadian Media Guild, Cocaine Muzik Group, Chipotle Mexican Grill and all sorts of wild stuff.
I have @CommonFirstNameCommonLastName on Twitter, and I occasionally get mentioned or DMed by people thinking of an entirely different person. It’s not often enough to be too annoying, though.
I get that at work. looking at my name, you would not think it common, but where I live, not only is it common, there are many of us with the same name at my employer.
I once changed my mobile phone number so the last 8 digits were 69696969. I thought this was hilarious. Then I found out that people have randomly scrawled that number on every toilet cubicle "For a good time call XYZ69696969" and I would get calls all the way through the night, every night.
Assuming that Jenny was 21 when the song was written, (since there is a chance the number was written on a bar's bathroom wall) she would be at least 62 years old now.
Statistically, there's at least a 1 in 4 chance that Jenny is dead now, and there is no chance that she didn't change her number after receiving 800 million horny crank calls.
It was about 5 years ago when I realized that 8675309 is hitting all of the numbers on the keypad diagonally in stripes from the upper left to the lower right, skipping 1 for some reason.
On the one hand I'm enjoying wondering what the song would be paced like if instead of touch tone speed each number was separated by how long it would take to return to 0.
I own a few 867-5309 numbers for different areas. I have them do nothing these days but for a while I let them hit a pbx and we’d get up to 2500 calls a day on each line. Lots of drunk dudes trying to call Jenny.
If I was less scrupulous, I can think of a few ways to easily monetize that. The first and simplest is to have a toll line that charges on call and have a recording on the 867-5309 numbers that refers them to call it.
Whether you go the sultry "really meet Jenny" angle or just try to find something that piques the interest of the average drunk male that would call, just to see what they're being referred to, you'd probably get enough takers to turn a tidy profit regardless of how crappy the ultimate toll line was. I doubt it takes all that much to convince callers that are already drunk and trying to do something they think is mildly funny already.
I once did this by accident when fueling up my car; it just so happened that the gas station's rewards program was linked with the Safeway rewards program, and I happened to be filling up my tank just as the 867-5309 account for my area code hit some critical threshold. Hey presto, 20% off (or something like that; it was a long time ago).
There's a prank call podcast called The Snow Plow Show, and the guy set up a bot at a phone number that will automatically reply to callers with voice clips from a lady who yelled at him in a prank call one time. So fans of the show will put the number on windshields or craigslist ads so people will call the number and get yelled at, and the calls are all recorded so he can listen back to them later and pull out the better ones.
I think you should utilize a similar technology for your phone numbers.
Hahaha! Never thought I'd see BeverlyBot and Sorry I Dinged Your Car mentioned on HN.
Been listening to RBCP (The guy who does Snow Plow Show and Phone Losers of America) for a long time now. Great to throw on in the background for some laughs at the end of the day while reading.
Steve Wozniak had 888-8888 for a while. Which is a très cool number to have, but he was getting hundreds of calls with nothing but random sounds in the background. Eventually he figured out that babies were pushing the buttons on their parent's phones, and all-eights were apparently easy for them to press.
There's a vaguely similar situation on Youtube live chat if your display name is 2 chars, anyone mentioning those 2 chars gets highlighted in red. Can make the chat unreadable.
Lol, we also end up tagging Mr Bean (https://github.com/bean) occasionally when discussing Spring @Bean annotations on a pull request, and forgetting to backtick it.
I accidentally pasted a backtrace into a github issue outside of a code block. It was a deep stack, with each line prefixed by "#0" "#1", "#2", etc. GitHub decided to turn these into links to the corresponding numbered issues, for every issue, (including back-reference notifications in each of those issues) and there didn't seem to be any way to undo that action.
For QEMU's gitlab issue tracker we deliberately started our issue numbering from a higher number (I think 100 or thereabouts) to avoid that. (We ran into it very early on during the migration from launchpad so it wasn't a big deal to re-number the two or three issues that had already been created with low numbers.)
In many email systems there is an undo send feature. Outside of those closed contexts where yanking a message out of the recipient’s inbox is possible, it is generally implemented by waiting a few seconds between when the UI says the message has been sent and when the message is actually sent. During that interval, an undo send option is offered which simply cancels the upcoming send action.
Yes, and those recall messages only exist in the closed systems where such retraction is possible, or in the open systems which send those messages that are more designed for the closed systems.
The implementation I described with a slightly delayed send doesn’t use those recall messages, since the email being sent doesn’t actually get sent until after the delay. I believe this is how Gmail’s version of the feature works, for example.
A bigger problem I've had with issue references is in commits. A repo we used as template was using "Fixes #123" in commits messages, to close tickets filled against that template repo. The problem is that when the updated template was merged in the downstream repo, it would close issues in each of them too...
Github has some very dangerous features when it comes to tagging and mentions. For example, when you add someone to an organisation, it autocompletes the username. We had someone with a fairly common name and accidentally added someone else to the org with a close but not identical name. Fortunately they didn't accept the invitation before we removed them again and added the correct person.
I had that happen to me before. I accepted the invitation, looked at their stuff, and then submitted an issue/PR to remove myself. They panicked, I laughed a bit.
Yep, I got added to someones internal company trello board oncr. I commented a few times asking to be removed, and when it didn't happen, I started adding suggestions to their product designs. I got removed fairly quickly.
Right? This bugs me like hell. They make you jump through all kinds of hoops to attestate your source code and use layers upon layers of encryption, but make it the simplest thing to grant someone completely unrelated write access to all of your company’s code. Like what??
you need one of those new fancy GitHub EMU enterprises instead of a normal one. it is driven solely by an identity provider like Okta or AzureAD.
no one outside of your identity provider will ever know about you. your users have a read-only view of the greater github.com, but whatever access you give them within your enterprise.
it's impossible to make anything public in a GitHub EMU enterprise, and your users won't even be able to star repos outside of the enterprise, because that would reveal your presence.
if you can live without any public access to your stuff at all, have a look. you can convert your old enterprise org(s) to a Teams subscription and continue to publish open stuff there, but you'll need personal accounts there, like always.
260 comments
[ 3.1 ms ] story [ 256 ms ] threadThe number of people who just didn't understand the implications of not using their own email for banks, etc is too many.
The fault is partially on the banks too IMO. Why don't they verify the emails first before sending sensitive information.
Send a fucking confirmation email to set up a financial account, Jesus. There should really be a law.
You’d be shocked how many different people have signed up for stuff with that email address that I’ve had for like 20 years (and only ever log into so I can check on the mayhem). I’ve had bank notices, home sale records, 2 people creating Facebook accounts, and plenty of other stuff.
If my name were as common as yours, I think I’d be ready to choke someone.
The amount of mistaken emails I get is absurd.
- Every year the same family in Houston includes me in their email thread about who is bringing what to Thanksgiving dinner.
- I am on the mailing list for a Masonic lodge somewhere in England.
- I get receipts when some guy in Australia orders a pizza from Dominos. I also get McDonalds coupons that I think are meant for the same guy.
- I have at various times been sent the meeting minutes from an AA group in Pennsylvania (I am more persistent with trying to get off this list than the others, given the sensitive nature of it).
- I get the newsletter for 4H a group in Sacramento.
That is, calling yourself a too short or generic name might have been a brag 20 years ago, but now it's just an annoyance
llOlllO_lllOlOl_llOllOOl_llOllOO
relevant XKCD
Other relevant XKCD
Explaining the joke: The first letter is ain, written as a3 or 'a in some places. Pronounce a' with a soft stop. Because of this, legal names here sometimes include an apostrophe. Normally it's spelled 'Ainul, but one can misspell it.
As in, pointer...
https://www.wired.com/story/null-license-plate-landed-one-ha...
https://github.com/minimaxir/big-list-of-naughty-strings
Isn't this the most popular email address?
I'm sure someone wanted to know that.
Edit: aha! The link forwards to https://avatars.githubusercontent.com/u/23570?v=4
EDIT: Wait, how? His ID is 500k or so. Hmm.
I joined two years after they started which is earlier than I realised. And apparently we're both relatively early adopters given that there's supposedly >100,000,000 users now.
They created their account at "2008-09-07T22:46:14Z"
Having a two-letter username is less exciting than simply a common word or name, though. Once in a while I get mentioned by accident in issues, or added to some organization. Twice I have had someone beg me to give it to them under the rationalization that it was "really cool" and I wasn't really "doing anything" with it...
EDIT: I just looked up my ID and apparently none of the first half-million people to sign up for a github account tried to brute-force the small-username space.
EDIT2: There are a few single-letter usernames with IDs in the millions, so I wonder if those are somehow "kept in reserve" by github admins and given out to friends or what's the story there.
Also interesting attack vector: get a easily mistaken @ name and then see what you become reviewer on. Add malicious code to that PR and merge.
Edit: also what is stupid is at work when setting up your organisation security access you can add anyone globally in the combo search. No org-only filter is even available!
And of course most people use weird handles for their work or personal githubs. So using their UI you need to be an excellent human string comparator or make sure you copy and paste each persons handle which you meed to figure out for each person.
Attack 3: create a bunch of accounts with a similar name to people who work at target company and hope you get added to an org’s repo by mistake.
GitHub user sends notification to 400k users [2022]
https://news.ycombinator.com/item?id=31627061
Totally shite PR.
"Fixes" things with even more typos.
Bumps it all asking to "approve and merge asap"! Lmao!
In any case an honorable mention goes to the useless “lock this now” pile-on comments.
Sorry everyone randomly pinged by our bot.
He’s not the Tom Jones who lives next door
He’s not the king of bedside manor
He hardly even lives there anymore.
https://github.com/shouldbee/reserved-usernames
One morning, we woke up to a #twitter channel full of very nearly porn. Young men, scantily dressed, flexing their abs and flashing smiles at the camera.
Turns out someone added a bot on Twitter that would repost things from Instagram to Twitter, except that Instagram allows dots in usernames and Twitter didn’t. I think the IG account was @realm.of.beauty, which was promptly understood by Twitter as @realm.
You’d be scrolling through hashtags/mentions of us and occasionally be greeted by some young actor being coquettishly tapped on the bare bum with a cricket bat or something.
That's a kind of public board too...
Assuming that Jenny was 21 when the song was written, (since there is a chance the number was written on a bar's bathroom wall) she would be at least 62 years old now.
Statistically, there's at least a 1 in 4 chance that Jenny is dead now, and there is no chance that she didn't change her number after receiving 800 million horny crank calls.
Probably so he could rhyme 'mine' with 'nine'
8 dit-dit-dit-dit-dit-dit-dit-dit 6 dit-dit-dit-dit-dit-dit 7 dit-dit-dit-dit-dit....
ON the other hand, touch tones were invented in the 60's, so it's possible that they had access to the tech to touch dial at that time.
Whether you go the sultry "really meet Jenny" angle or just try to find something that piques the interest of the average drunk male that would call, just to see what they're being referred to, you'd probably get enough takers to turn a tidy profit regardless of how crappy the ultimate toll line was. I doubt it takes all that much to convince callers that are already drunk and trying to do something they think is mildly funny already.
I think you should utilize a similar technology for your phone numbers.
Been listening to RBCP (The guy who does Snow Plow Show and Phone Losers of America) for a long time now. Great to throw on in the background for some laughs at the end of the day while reading.
https://www.wired.com/1998/09/woz/
Well thank God there isn't a button to undo sent mails.
The implementation I described with a slightly delayed send doesn’t use those recall messages, since the email being sent doesn’t actually get sent until after the delay. I believe this is how Gmail’s version of the feature works, for example.
no one outside of your identity provider will ever know about you. your users have a read-only view of the greater github.com, but whatever access you give them within your enterprise.
it's impossible to make anything public in a GitHub EMU enterprise, and your users won't even be able to star repos outside of the enterprise, because that would reveal your presence.
if you can live without any public access to your stuff at all, have a look. you can convert your old enterprise org(s) to a Teams subscription and continue to publish open stuff there, but you'll need personal accounts there, like always.