I’m not sure why someone named “Nude jennajameson. com” would be sending me a message advertising (per the subject line) “Hot pictures of paris hilton nude.” Sounds like a conflict of…
I’m not sure why someone named “Nude jennajameson. com” would be sending me a message advertising (per the subject line) “Hot pictures of paris hilton nude.” Sounds like a conflict of interest to me.
Spammers must die. (I don’t wish anything particularly painful. But I’m insistent upon something thorough. And immediate.)…
Spammers must die.
(I don’t wish anything particularly painful. But I’m insistent upon something thorough. And immediate.)
Bizarro case from Connecticut. A substitute teacher, Julie Amero, has been convicted of four counts of “risking injury to a child” for a popup atttack on the classroom PC that…
Bizarro case from Connecticut. A substitute teacher, Julie Amero, has been convicted of four counts of “risking injury to a child” for a popup atttack on the classroom PC that had X-rated images streaming across the monitor. Despite plentiful evidence (some of it blocked on a technicality) that the machine was infected, that the district had minimal (and outdated) safeguards against such things, and the sub asked for help but got none, she’s potentially facing 40 years in prison.
Unbelievable. These two articles have all the gory, outrageous details.
Now, having said that (and trusting that there will be appeals of the conviction, regardless), and acknowledging that the school district (and its IT group) were incompetent and the prosecutor’s office vindictive and insane …
I just don’t completely buy Amero’s story.
None of this warrants a conviction. I don’t believe she acted in an improper fashion to have those popups start streaming across her system. But some of the excuses actually given strain my credulity, and probably didn’t help her credibility before the jury that convicted her.
And feeling ground down. Now that I’m on my own server (Brizi) … I’m still getting swacked with various spammy attacks. Bleah. None of the spam is getting through –…
And feeling ground down.
Now that I’m on my own server (Brizi) … I’m still getting swacked with various spammy attacks. Bleah. None of the spam is getting through — but it’s trashing the server performance.
Bleah.
So the next step is the upgrade to Movable Type 3.34 which (once my host implements FastCGI on the server) will detect FastCGI once properly configured and run much faster and
(so they say) reduce the impact of all those hits to the various comment/etc. modules.
That’s the theory, at least. Sounds like something entertaining to dabble with on a Friday afternoon …
Got an e-mail from the good people at Hosting Matters over the weekend that comment spam activities on my blog were causing some significant server hits, with suggestions on what…
Got an e-mail from the good people at Hosting Matters over the weekend that comment spam activities on my blog were causing some significant server hits, with suggestions on what to do about it.
I already run AutoBan, a fine MT plug-in that, as soon a someone files a comment identified as “junk” throws up a temporary IP blog for the page, preventing them from trying again (with trivial load on the servers in so doing, unlike most of the other anti-spam solutions). Granted, IP addresses can be spoofed, but it’s at least some help against some comment spammers.
There was also a suggestion to fix the way comments.cgi is invoked by TypeKey-enabled blogs (like this one). I’ve also now implemented that, which should help all-around.
So back in April 2005 I implemented TypeKey user authentication on my various Movable Type blogs here to help combat comment spam — folks (and bots) entering in comments…
So back in April 2005 I implemented TypeKey user authentication on my various Movable Type blogs here to help combat comment spam — folks (and bots) entering in comments with links to commercial web sites (usually unsavory ones touting games of chance and medications, not to mention pr0n). It’s actually been very successful — most comment spammers get blocked at the get-go, such that I’ve gotten only a literal half-dozen or so
comment spams in that year and a half.
Alas, TypeKey is occasionally cranky (slow, or even non–responsive, not to mention not happy in IE with cross-domain scripting), and some folks dislike having to register in that fashion. So back
in August I implemented it on all my MT blogs except this, my main one. TinyTuring is sort of a simplified CAPTCHA — at the bottom of the comment form is a little line that says something like “Zap comment spam by entering the first letter of this sentence,” prompting you to enter a “Z.” There are, of course, 25 other options. It’s easy, it’s simple to implement (assuming your templates
are in any sort of decent shape), and it’s even usable by the visually impaired. And it’s worked pretty solidly on my blogs and on BD’s.
I’ve finally gotten around to implementing it here on DDtB (since my templates are not in a decent shape). I still am still supporting TypeKey (and there are certain spam rating advantages to using it, not to mention convenience of single-sign-on), but regardless of whether you sign in to TypeKey, you will need to enter in that little TinyTuring letter at the bottom of the comment in order for it to get posted.
(There is still a glitch with the Preview screen for comments that isn’t allowing posts directly from there. That affects, I think, a small population here, but just FYI.)
I’ll be watching to see if comment spam starts back being a problem — 99.999% of spammers are bots, but someone can manually work around TinyTuring with no difficulty. If I end up having to do a lot of spam clean-up, I’ll be dropping TT again for TK. But let’s see if this makes life here a bit easier on all y’all.
Let me know.
The biggest problem spammers have had is that most spam looks like spam from the outside — awkward or improbable or silly subject lines most notably. Over the past few…
The biggest problem spammers have had is that most spam looks like spam from the outside — awkward or improbable or silly subject lines most notably.
Over the past few days, though, I’ve been getting headlines that look like they’re right off of a news site. One talked about “Dems 100 hours begins;” another, “Men lift car off woman, leave scene (Video).” Much more plausible-sounding, and thus much more likely to have folks open them up.
Caveat lector.
Happy New Year from Bankkruptcy-Divorce.com Sorry — I don’t care how good your services are — that just doesn’t sound like a “happy new year” combo to me. (intentionally…
Happy New Year from Bankkruptcy-Divorce.com
Sorry — I don’t care how good your services are — that just doesn’t sound like a “happy new year” combo to me.
(intentionally misspelling by me)
No, really. One may come up with legitimate, compelling reasons for particular instances where being less than honest, even being deceitful, is better, in at least the short run. But…
No, really. One may come up with legitimate, compelling reasons for particular instances where being less than honest, even being deceitful, is better, in at least the short run. But those are exceptions. The default should be honesty, and any variance from that should be examined, pondered, even agonized over.
So … some pro-feminist, anti-pr0n folks have come up with, to them, a clever way to subvert the pr0n culture, to wit, Google-bomb the Net so that folks searching for the currently infamous Brittany Spears pictures will instead find themselves redirected to feminist/anti-pr0n sites instead.
Now, on the one hand, this seems kind of clever. But it is, fundamentally, deception. It is dishonest. It is forcing people away from what they are looking for and tricking them into going some place they don’t want. It is de facto censorship by trickery.
It’s a bad idea, and a wrong one.
First off, it’s not likely to be effective. If commercial web filtering companies cannot keep people effectively from pr0n, it seems unlikely that a Google-bombing effort will do so.
Beyond that, what’s the point? It’s not going to change hearts and minds. “Wow, I wanted to see a racy picture, but instead, now that I’ve viewed the home page for the National Organization of Women, my mind and soul and philosophy have done a full 180 — I am so ashamed of what I was …” Indeed, it seems only likely to make new or more bitter enemies. “Damned femi-nazis trying to keep me from my nekkid pictures!”
And, finally, legitimating such a tactic for political purposes is a pretty dangerous thing. I mean, spam sites (and e-mail) have already caused problems with looking up legitimate subjects. Do we need to muddy the waters still more? Worse, it raises the ante for everyone else with an ideological axe to grind. A virulent racist? Why not Google-bomb the Net so that folks trying to go to Jewish heritage sites are sent off to the Klan’s web pages? Homophobes could certainly figure
out ways to route people away from gay rights sites to something less savory. Republicans could route folks from opponents’ sites to their own, and the Dems could do the same. Fundamentalist churches could redirect folks away from feminist pages and to their own.
The ends rarely justify the means, and in this case they certainly don’t. Regardless of how one feels — aesthetically or philosophically — about online nekkid pictures, “dirty tricks” doesn’t seem to be the right way to combat it, or any other “wrong thinking.”
(via Terry)
I didn’t open the message, but I appreciated the subject line: As the winter sun sinks over the Coulee Lakes, hundreds of Gray-crowned Rosy-Finches suddenly appear, an undulating cloud that…
I didn’t open the message, but I appreciated the subject line:
As the winter sun sinks over the Coulee Lakes, hundreds of Gray-crowned Rosy-Finches suddenly appear, an undulating cloud that swarms into the upper levels of the basalt cliffs.
That’s one long subject line. But purty.
Back in the office, and, yikes, boatloads of spam in the company inbox. Which is a bit unusual, as the corporate spam fighters are pretty diligent about fighting the stuff….
Back in the office, and, yikes, boatloads of spam in the company inbox. Which is a bit unusual, as the corporate spam fighters are pretty diligent about fighting the stuff.
Saw a few official inquiries floating around out in the ether, and found some interesting stats cited here about recent changes in spam e-mail, to wit, the black hat keep getting more and more devious at bypassing filters for the least cost.
Image-based spam has increased twelve-fold in the past year, and a higher percentage is making it past spam filters. According to research released by security gateway provider IronPort, images are varied each time a message is sent out. […] The difference may be a change in the border, or the variance of one pixel, but the change is enough to get past traditional content and signature-scanning filters. […] “Over the past year (June 2005 to June 2006), image-based spam increased from 1 percent to 12
percent of spam volume. Image-based spam accounts for over five billion messages per day. About 78 percent of this pervasive spam passes through first- and second-generation spam filters. Sprosts estimates about 30 percent of spam delivered to an individual’s inbox can be this type image-based messaging.
Plus the images are embedded in the messages, making it more likely they’ll be seen (since so many e-mail clients now automatically filter out linked graphics unless the user opts in).
Spammers are making more use of zombie machines, too, infected systems that let them send out spam without their own (blockable) fingerprints on them. Any individual machine or IP address is used only for a few hours at a time, again to prevent filters from reacting.
Also cycled through are the links to the spam customer’s site. We tend to think of domains as fairly permanent, but these are anything but.
A similar rotation takes place with the URLs used in spam. The average lifecycle of a domain used in a spam message was 48 hours in June of 2005. In that time the domain would be detected and added to blacklists. The average duration of a URL is now four hours or less. The quick changeover of Web addresses evades blacklists and also exploits domain registration. Domains are used and allowed to expire before registration is paid for. “In April there were over 35 million domains registered, 32 million of which
were never paid for and expired after five days,” said the report. The practice brings the cost of registering a domain to zero and removes any barriers associated with the cost of switching.
Again and again, it appears that the ease the Net provides in communicating — instant domain definition, easy multi-media e-mail, flexible IP addresses — are just what the spammers need to get through, too. And the only answers seem to be on putting the brakes on such tools, which has all sorts of other unpleasant side effects (i.e., reduced functionality for Thee and Me).
Bleah.
“Tex Dworkin.”…
“Tex Dworkin.”
Posted as a public service announcement … So I’ve been noticing more and more trackback spam with a random number and the words “Blog Verification.” It’s getting now so that…
Posted as a public service announcement …
So I’ve been noticing more and more trackback spam with a random number and the words “Blog Verification.” It’s getting now so that I’m getting them for pretty much every post I put up.
SpamLookup in MT catches them just fine, since the domain IP doesn’t match the ping IP. I was a scosh worried because the domain IP was showing up associated with a trackback CGI from my own site, but a Google search on this particular issue, plus looking at these guys, convinces me they’re spam.
Alas, the ping IP is either spoofed or being cycled through quickly, because there’s nothing consistent I can block. They also point to multiple major sources.
Annoying, but currently under control.
I’ve upgraded the TinyTuring plug-in for MT at my site so that, in addition to its usual function of controlling unregistered comments to prevent spam (the little “enter in a…
I’ve upgraded the TinyTuring plug-in for MT at my site so that, in addition to its usual function of controlling unregistered comments to prevent spam (the little “enter in a letter” bits at the bottom of Blog of Heroes and other fine blogs here), it won’t also automatically trash any incoming trackbacks. Which there are a few of here, mostly from me for
internal cross-references.
(Actually, this site has 600-odd trackbacks, all of them legit so far as I know. So there.)
TT’s been working well as an alternate comment registration/filter tool since I installed it in August, serving as a poor man’s CAPTCHA, and I’d like to roll it out to this main blog in the not-too-distant future (to get around some performance issues with TypeKey).
And why is his (her?) name in half the spam I get? Okay, maybe not half, but rarely a day goes by when I don’t see it showing up in…
And why is his (her?) name in half the spam I get? Okay, maybe not half, but rarely a day goes by when I don’t see it showing up in some spam subject line or another.
Hrm. Google’s little help — a fair number of people have lifted the “name” for their MySpace entries. Presumably it’s some sort of lorem ipsum in somebody’s spamming script/software, but it’s pretty strange that it keeps showing up so often …
Rrg. Some particularly nasty spam has come over the past several days that bypasses both SpamAssassin and Thunderbird’s built-in filter. Result of which is that it sits there in my…
Rrg. Some particularly nasty spam has come over the past several days that bypasses both SpamAssassin and Thunderbird’s built-in filter. Result of which is that it sits there in my various in-box filters, requiring manual deletion. Rrg.
Jerks.
Okay, here’s one that will make you sleep better at night: how Micro$oft is continuing its drive to be the only real resource for anti-virus, anti-spyware, anti-blackhat security. Many of…
Okay, here’s one that will make you sleep better at night: how Micro$oft is continuing its drive to be the only real resource for anti-virus, anti-spyware, anti-blackhat security.
Many of you will look at the events I’ve described and shrug them off — a notification oversight here, a bit of sloppy Web site updating there, with an unfortunate kernel conundrum thrown in for good measure. But I, for one, am getting more and more uneasy about Microsoft leveraging its monopoly in operating systems to unfairly compete with antivirus, antispyware, antiscum, and firewall manufacturers.
It currently appears as if the US Department of Justice is going to roll over and play dead. At least, if there are any rumblings at DOJ, I certainly haven’t heard them. Whether the EU will take it lying down remains to be seen. There’s more than a little irony in the thought that the European Union may represent Americans’ best hope for consumer protection.
This much I know for sure: If you’re paying Microsoft to protect your computer, you’re part of the problem, not part of the solution.
I’ve never had a real problem with a lot of what Windows has bundled into the OS/NOS, only when it’s bundled as something inextricable and unbypassable. But M$ has proven time and again that they simply cannot be trusted as the gatekeepers for computer security, not so much because they’re scum-suckers, but because (a) they’re incompetent at it, and (b) a robust, diverse “ecology” of security services is far better able to deal with the real competition, the black hats.
I don’t know as I’ve ever received spam from Portugal before, but I assume that’s what this odd e-mail I received touting a new “Sniffex” land mine detection device is….
I don’t know as I’ve ever received spam from Portugal before, but I assume that’s what this odd e-mail I received touting a new “Sniffex” land mine detection device is. “Detector of exposives, landmines, and more …” reads the subject line.
Strange.
With all the junk e-mail I get to “admin” and “webmaster” and “sales” and “owner” and “info” and so forth “@hill-kleerup.org,” it’s refreshing to see one that was sent to…
With all the junk e-mail I get to “admin” and “webmaster” and “sales” and “owner” and “info” and so forth “@hill-kleerup.org,” it’s refreshing to see one that was sent to “officialsoundingusername” instead. Almost amusing enough to make me want to open it up. Almost.
The Law of Unintended Consequences strikes again. I got an IM from Amanda, complaining she couldn’t post a comment to my post on Casino Royale. I tried as well, and…
The Law of Unintended Consequences strikes again.
I got an IM from Amanda, complaining she couldn’t post a comment to my post on Casino Royale. I tried as well, and got the following server-level message.
412 Precondition Failed
The precondition on the request for the URL /blog/mt/mt-comments.cgi evaluated to false.
Well, that’s odd.
But other posts were allowing comments just fine.
Hmmmm …
I hie myself off to Google to search on the error. I run across a few references, and it sounds like a mod_security error, keying off some Forbidden Spam-like Word.
Could it be …?
I try revising the title. No effect. Then I revise the underlying post file name (“”new_casino_royale_trailer.html”), which included the dreaded word … casino.
See, that word shows up in waaaaay too many spam messages. And doubtless there’s now some server-level anti-spam thang that block stuff that has that word in it (or has links to a file/site with that word in it, or something like that).
I redid the MT basename for that file (“new_cas_royale_trailer.html”) and, hey-presto, the post allows comments.
How many other weirdities do you think might occur out there in the coming months as more people comment on (or link to blog posts on) Casino Royale?
Yeesh.