Please bring back the Java versions of the Samsung RTL

I just checked the flip out and the fold and others were available for over a minute. But yeah they get gobbled up fast and there are a lot of devices so something is amiss.

Ron

@r.liechty_SDP

So what’s going to come up next? What is going to be done to deal with this issue?

they will require two factor authentication to sign into the RTL. I don’t know how long it will take to enable it.

Ron

@r.liechty_SDP
Alright, glad to realize something is underway and I hope it’ll help. I dunno how things work over there, but what about CAPTCHAs for each device reservation? CAPTCHAs are by far the most efficient bot-blocking mechanism being extensively used.

What about disabling YouTube? :worried: :worried: :worried: It worked so well with the UK device farm, why isn’t it being used here with the USA device farm? You said an engineer was to come and get it done this week, things didn’t go as planned?

My hopes are high for the TFA you guys are coming up with, but I still feel like it’s going to be bypassed. Like the bot manager will just need to login once, and the bot takes over and reserves as many devices as possible, all automatically (given he has logged in already). This won’t work if he is presented with CAPTCHAs or any Challenge to solve for every reservation.

@r.liechty_SDP

What about disabling YouTube? :worried: :worried: :worried: It worked so well with the UK device farm, why isn’t it being used here with the USA device farm? You said an engineer was to come and get it done this week, things didn’t go as planned?

I think the reason why such an attack was not possible with the Java version of the RTL was how a little bit complex it was. Building a bot that would download a jnlp file, run it, test connectivity and then execute commands, for jnlp files that were AL DIFFERENT for every session, is seemingly impossible. Now everything happens in the browser, and the attacker needs to log in just once and then wreak havoc (using the bot) until he maybe runs out of credits or just decides to stop

If a challenge isn’t presented for every session or device reservation, my fear is that this two factor authentication won’t be a solution. Can you please share this with the engineers in charge of the RTL? please. Any thoughts on this, I really want to get what you think about this

I’ll send them another nag today.

The reason it jumped was the number of new sign ups from a south east Asia email site in July

YouTube is supposed to be disabled from the US site and it may be but the bots wouldn’t know that would they.

The reason they did away with the Java version was Gamers were using it to create game players. This is supposed to be more secure.

Ron
Samsung Developer Relations

@r.liechty_SDP
I might get a little bit personal, but I think I need have to. We are an indie gamedev company, and after discovering the RTL, we came up with a game debugging and app testing “side hustle”, which tremendously scaled up our gamedev studio. Unfortunately, since this bot-incident began, things have gone really downhill, we have lost a lot, like a real lot, it really is frustrating. Our livelihood is at stake, like literally it is. Please, please and please again, you are our last hope. Support tickets didn’t do a thing, they never helped but give repetitive and automated responses, with you we really had high hopes. Please, help us, we really count on you

Actually it isn’t. I’ve been pleading, several times, for you to begin with that. In a single day, all the bots left the UK server after YouTube got disabled. I’ve used a free device on the USA server, and YouTube is still accessible, very accessible. The devices came up today, a few moments ago actually, and as I write, I noticed them being slowly eaten up by the bots, one after the other, they get reserved for two hours. Please disable YouTube, is it really hard for it to be done? Does disabling YouTube for the sake of legitimate users of the Samsung RTL violate any of Samsung’s policies? It really is begining to be frustrating :worried: :worried: :worried: I thought we’d solve this as fast as was with the UK farm.

@r.liechty_SDP Please do this, not neccessarily as a Samsung employee, but as a good person trying to help a set of young people behind a growing startup trying to survive and stand out. Your help really will be appreciated.

Update: The devices came up, and at the time of this update, ALL of them got reserved again, we used a few, and again, YouTube was accessible :worried: :worried: :worried:

IMPORTANT Update2: I think I see what’s going on. YouTube is actually blocked on certain devices, devices connected to a certain WiFi network(s). Devices connected to WiFi networks with SSIDs starting with “gatelabrtl…” (gatelabrtl2 for example) have access to YouTube blocked. Unfortunately, it looks like these WiFi networks have blocked more than just YouTube. In the games we tested, it felt like the device was offline. The game was totally unable to access our online APIs. Please, I appreciate blocking YouTube, but don’t ruin the legitimate user’s experience. The WiFi network “GATE01”, and “GATE09” to which most devices are connected to, have absolutely no internet access. There is also “GATE99”, almost ALL devices are prevented from connecting to it. Whenever I tried manually connecting to them, I always get “Couldn’t get IP address”. The USA farm seems to be getting back on foot, more devices seem to be available, but as I just pointed out, they are currently really useless for any test that requires internet access, unfortunately.

Summary:

  • The “gatelabrtl…” wifi networks seem to solve the bot problems, but they have blocked more than just YouTube, our apps and games can’t communicate with online servers.
  • Most devices are connected to a “GATE…” wifi network, and ALL of them have absolutely no internet access.
  • We suggest the gatelabrtl wifi network be used, but please grant access to all services except those used by the bots (YouTube), that’s what worked with the UK farm.

I was following this thread because I use the RTL to test apps on Fold devices before I release them. And it’s a concern that bots were taking over the devices.

But I did wonder why you needed so many devices for testing! And now it’s clear…

The RTL is for developers to test their apps NOT for groups to run side hustles for commerical ($) profit.

You want to get rid of Youtube bots so you can take all the devices for your side hustle!!!

Samsung now knows who you are and will hopefully take steps to stop you from tying up all the devices that WE need for actual developer testing. You need to set up your own device farm for your commericially focused testing. Feel free to tell me if I’m off base here.

@carlsonkenson
Apparently the Device Farm uses a WiFi network that they don’t control and it is taking time to resolve this in the US.

@Redacted
Nothing that carlsonkenson is doing violates any policies. There are credits required to use the RTL, the bots are from over 10,000 new users all from the same trash mail domain to get past that.

Ron
Samsung Developer Relations

@r.liechty_SDP
Thank you so much for your intervention, I am hoping the issue gets resolved quickly. I’ll keep being patient and hope for the complete elimination of the bots, and restoration of the WiFi networks’ initial behaviour.

Hello @r.liechty_SDP

I’m here to express my immense and really immeasurable gratitude for the help you provided in resolving this “bot case”. I don’t think words can suffice how grateful I am. Devices are finally fully available, and you even resolved the WiFi issue in record time, now we can use the internet service without any issues. Support tickets are extremely useless when compared to your efficiency, thank you for everything.

Just one remark though, the Galaxy Z Flip 3, Galaxy Z Fold3 and Galaxy Z Fold 4 are unavailable. Trying to reserve them returns a popup with the text “All Ongoing tests have ended” instead of the popup with the device ready to use. Also, so many device models are unavailable (S22, S22 Ultra, Galaxy S10…). There usually are about 19 different device models for the USA, right now, as I write, there are only 3 working models available :confused:

@r.liechty_SDP Your unmatched help is once more implored, please do something about this. Immense thank you once again, thanks for everything.

Kind regards

@r.liechty_SDP @r.liechty_SDP

This (attached screenshot) happened few minutes after I wrote the reply preceding this one. Are you aware of this?

Just hoping its some internal work going on on the USA farm, really praying its not them bots again. Are you aware of this

I’m on light duty this week but when I checked the RTL Not all but many of the mobiles were available with multiple devices.

Ron
Samsung Developer Relations

Yeah, you are right, looks like it was just some maintenance or something, we got to use the devices available, but unfortunately, the internet problem has resurfaced. The WiFi network that seemed to work “gatelabrtl5” has been taken down, it is no longer available. The devices are now connected to other WiFi networks, all of which block access to literally everything we are trying to test. Can something please be done about this? Thanks

I can ask.

Ron
Samsung Developer Relations

That’ll be very much appreciated, your feedback is awaited.

@r.liechty_SDP

Also, the USA Fold Devices are still not kaccessible. They return a “All ongoing tests have ended” popup window

@r.liechty_SDP
Another important remark. I don’t know exactly what’s going on, but I am sure the USA farm is still being abused. We witnessed 10 devices disappear in exactly one second (Galaxy S21 Ultra), all at once. And if you’ve noticed, unlike other device farms, there never is a time when the USA farm has all models having at least one device available - there is always at least 2 blurred out models (meaning all devices have been reserved) and for those with models available, at least 50% of the total have been reserved. And this is without us reserving even a single device.

Today (29/09/2022)We used a Galaxy Note 10, and checked the Google Chrome History, and realized that someone watched a video, having a Thai title (South East Asia, remember?). Coupled to how devices are weirdly reserved on the USA device farm, I can only say the “bot guy” has been weakened, but he is still hovering around. Add this to the internet issue I mentioned in my previous reply, and you realize we still, unfortunately, can’t claim to being able to use the USA device farm like we used to do about 7 months ago, things aren’t back to normal.

In the attached screenshot, you can see the S21 Ultra, which has a total of 17 models, having 1 just available (we witnessed ten get gobbled up at once), The Z Flip 3 has 8 models, but th edevices never show up ("All ongoing tests have ended) and as you can see, all other devices have just about 1 or 2 models available. Please do something, the USA farm is not really back to normal.

a few minutes later

We are counting on your precious help, once again. Looking forward to hearing your thoughts on this.
King regards

@r.liechty_SDP @r.liechty_SDP

Please just take a look at these screenshots, to understand better what we found. The person behind the abusing of the USA farm is still using these devices

The image below is the very first thing we saw upon reserving the device…the browser’s history, and there you have it, a video with what seems to be a Thai title.

And here is the browser’s history, literally only YouTube videos

And this below is the state of the USA Farm as I write

It only keeps getting worse

Hi,

Regarding the gatelabrtl5 network, This is mostly a temporary issue they are updating the rules and filters on all the routers. I suspect this is also the reason for other things you are seeing.

We are running analytics on the site and if we see one domain that is abnormally using the service we can dig into it.

Hopefully things are running as they should if not today next week.

Ron
Samsung Developer Relations