How do I view the forum as guest?

bottletop

bottletop

Active Member
There seems to be a change to the forum in that I can no longer view the forum contents unless I log in. Fair enough if this is done to reduce spam and keep the forum secure. But why do I have to log in, yet the stats show the are multiple robots and guests accessing the forum and threads?
Can I view forum contents as guest?
 
I just checked – it seems not. I presume this is a recent anti-bot measure, but it is rather draconian and turns us into a closed shop. Other forums of my acquaintance use Cloudflare.
 
I spotted the same problem.

What is the passkey button for? I've seen the same on the O2 app - which no longer lets me login (and it goes to a webpage to do it). It just sends me round and round in a loop.
Pressing "Passkey" on this site claims it can't find a valid key. How do I set one up, should I want to (particularly on a smartphone)? Or should I just ignore it?
 
EEPhil said:
Pressing "Passkey" on this site claims it can't find a valid key. How do I set one up, should I want to (particularly on a smartphone)?
Click to expand...
Passkeys are set to replace username-password logins as a cryptographically secure option, with the disadvantage that logging in becomes dependent on having access to the device with the passkey. The idea is that a crypto exchange takes place rather than there being a passwords file somewhere which can be obtained and then cracked by brute force.

You need a passkey app on your phone to intercept the transaction, and you will authorise the login by biometrics or a key code. The key code never gets sent anywhere so it is secure.
 
bottletop said:
There seems to be a change to the forum in that I can no longer view the forum contents unless I log in. Fair enough if this is done to reduce spam and keep the forum secure. But why do I have to log in, yet the stats show the are multiple robots and guests accessing the forum and threads?
Click to expand...
It has been like that since 21st January 2026. It appears due to badly configured AI crawlers. When I looked around the web there was no shortage of other sites that were also having varying degrees of the same problem, with a significant number being due to the crawler downloading everything instead of just pages that had changes. One site was having more difficulty with one particular AI crawler, which was also slowing down the other crawlers. They contacted the owner of the crawler and got a correction made to the crawlers configuration, and also some compensation for the extra cost that they entailed trying to increase the capacity of their site

In January there was a limit made to the number of multiple robots and guests accessing the forum and threads, that could be active at the same time on hummy.tv.
See thread
Brian

Post in thread 'DDoS?'

I have made a few more adjustments, and now Banned Members, and Unregistered/Unconfirmed visitors should not be able to view the forum.
This includes Guests, and Robots, and therefore this may have a negative impact on search engine indexing.

We will have to see how this goes for a day or two.
 and the posts near that one (#48) for this forum's discussion at the time.

What would be nice if on the warning on this site was updated to have a short reason why a login is now needed for this site, instead of just "You must be logged-in to do that.".
1780145006298.png

bottletop said:
Can I view forum contents as guest?
Click to expand...
Yes, but you'll be competition with all the other robots and guests for a slot when one becomes available.
 
Last edited:
Black Hole said:
Passkeys are set to replace username-password logins as a cryptographically secure option, with the disadvantage that logging in becomes dependent on having access to the device with the passkey. The idea is that a crypto exchange takes place rather than there being a passwords file somewhere which can be obtained and then cracked by brute force.

You need a passkey app on your phone to intercept the transaction, and you will authorise the login by biometrics or a key code. The key code never gets sent anywhere so it is secure.
Click to expand...
I hate passkeys. How do I login from work using my work PC for example? I can understand it for bank accounts and other places with real money involved. But passkeys to login to places like hummy.tv feels like total overkill to me, username and password and maybe a 2FA text message is sufficient.
 
EEPhil said:
Judging by those in the app store this method looks less secure. Who are the people making the app? Never heard of most of them.
Think I'll stick to username/password.
Click to expand...
I share this concern. Bruce Schneier said you need to write your own so you know what it does. Yeah great Bruce, that's really scalable to the general population.
 
I've just logged in. The stats show 4 members, 392 guests and roughly 85 robots online.
I just want to view the forum as a guest.
 
Owen Smith said:
I hate passkeys. How do I login from work using my work PC for example?
Click to expand...
Isn't that the problem? People have got too used to convenience at the expense of security.

In this day and age, the old-fashioned "let's have a system file storing everyone's username–hashed.password pairs" is clearly no longer sufficient, with the never ending battle against hackers finding back doors to stealing the passwords file (now with AI help) and the computing power available to compile dictionaries of reverse hashes.

Even very minor websites/forums, unrelated to anything financial, could be a target – impersonation leads to opportunities for exploitation.

2FA is all very well, until you have your phone stolen (snatched out of your hand while you are using it, so it is unlocked), or get targetted by the mob taking over your phone number*. Even locked phones show message contents on lock screens by default, so that 2FA code sent by SMS will pop up and the criminals have got into your bank account (it may be less convenient to have to unlock your phone to read a quick message, but turn that off!).

2FA apps are better, working similar to passkey and requiring biometric/passcode entry to complete a cryptographic exchange, if the website in question has that option. This solves the "login from work" thing, but I'm not sure logging in from work ought to be encouraged.

* If ever your mobile phone seems to lose service, be very worried and act immediately. The mobile phone networks are a weak link. If the mob have enough of your personal details to convince a phone company employee (or AI agent) they are you (and it didn't used to take much, but has probably tightened up by now), they can get a "replacement" SIM sent out for your mobile number, and your own SIM will thereby get deactivated. They are then you to all intents and purposes, for any service you have linked to that mobile number. EG your bank account.

You don't have a mobile number linked to your bank account? That's not secure either. If the criminals manage to register their own mobile number to your bank account, job done.

All of this is caused by convenience. The convenience of joe public getting used to conducting business on-line instead of in person, and thereby giving institutions an excuse to reduce their workforce. Yes, OK, there were still cons and exploits, but they had to be done face-to-face and could not use a scatter-gun approach.
 
Can't remember whether I changed the setting on my phone, but mine only tells me there's a new message not the content when locked.
 
EEPhil said:
Can't remember whether I changed the setting on my phone, but mine only tells me there's a new message not the content when locked.
Click to expand...
I cannot get my iPhone to do that, but it is exactly the option I want. I can either read the message when locked, or I see nothing at all.
 
Black Hole said:
Isn't that the problem? People have got too used to convenience at the expense of security.

In this day and age, the old-fashioned "let's have a system file storing everyone's username–hashed.password pairs" is clearly no longer sufficient, with the never ending battle against hackers finding back doors to stealing the passwords file (now with AI help) and the computing power available to compile dictionaries of reverse hashes.

Even very minor websites/forums, unrelated to anything financial, could be a target – impersonation leads to opportunities for exploitation.

2FA is all very well, until you have your phone stolen (snatched out of your hand while you are using it, so it is unlocked), or get targetted by the mob taking over your phone number*. Even locked phones show message contents on lock screens by default, so that 2FA code sent by SMS will pop up and the criminals have got into your bank account (it may be less convenient to have to unlock your phone to read a quick message, but turn that off!).

2FA apps are better, working similar to passkey and requiring biometric/passcode entry to complete a cryptographic exchange, if the website in question has that option. This solves the "login from work" thing, but I'm not sure logging in from work ought to be encouraged.

* If ever your mobile phone seems to lose service, be very worried and act immediately. The mobile phone networks are a weak link. If the mob have enough of your personal details to convince a phone company employee (or AI agent) they are you (and it didn't used to take much, but has probably tightened up by now), they can get a "replacement" SIM sent out for your mobile number, and your own SIM will thereby get deactivated. They are then you to all intents and purposes, for any service you have linked to that mobile number. EG your bank account.

You don't have a mobile number linked to your bank account? That's not secure either. If the criminals manage to register their own mobile number to your bank account, job done.

All of this is caused by convenience. The convenience of joe public getting used to conducting business on-line instead of in person, and thereby giving institutions an excuse to reduce their workforce. Yes, OK, there were still cons and exploits, but they had to be done face-to-face and could not use a scatter-gun approach.
Click to expand...
I take a more luddite approach to my online safety. I refuse any attempts to make me use online banking and use telephone banking using my recognised phone number and code for passwords also refusing to use my voice as a password and only using my home phone. I do not use my mobile phone for anything financial including in store payments. Any internet payments are done via my spare old laptop which is only now used only for those payments having been stripped of everything else cleaned thoroughly and never even now used for surfing the net. I then use my home phone number for 2FA. Being retired means it causes no difficulty and it gives me peace of mind.
 
Last edited:
Owen Smith said:
I cannot get my iPhone to do that, but it is exactly the option I want. I can either read the message when locked, or I see nothing at all.
Click to expand...
I got mine to do it (sort of). It shows the "From" but not the actual message. I just wish it would show me if/when that there's an actual message and NOTHING else... but Apple don't get it.
I think it was Settings, Apps, Messages, Notification and then Lock Screen Appearance set to "When Unlocked" on the "Show Previews" item. But it was a whole load of futzing around in the UI nightmare that is iOS that I now can't be sure.
 
You must log in or register to reply here.
Back
Top