Year: 2003

Categories
Weblogging

You’ve been comment spammed. Life as you know it, is over.

Recovered from the Wayback Machine.

There’s nothing that will bring me off my bed faster than the word, “blacklisted”. That and getting 22 trackback pings in the last week having to do with my old comment spam quick fix. I guess the spammers have paid a visit and you’re all mad as hell and aren’t going to take it anymore.

Except for this weekend when I turned all comments off, I haven’t used any comment spam protection, including my own suggestion that was so heavily pinged. Reason? I was curious about Mr. or Ms. Comment Spammer and wanted to see how they operated.

There’s at least two different types of spammers operating: the smart spammers and the hit nor missers.

The recent Lolita blitz is a hit nor miss spammer that just sends posts to deduced web entry posts based on known weblogs using Movable Type, and the fact that Movable Type uses sequential numbering for weblog posts. My simple solution of a hidden form field could have blocked this spammer; I wish I had it in place when I had to delete 57 comment spams from the little buggers, as soon as I turned comments back on.

The other type of spammer is smarter, more devious, and a lot more interesting. This one tests our parameters and also changes code to fit our discussions and modifications. They listen to us. They are out there.

I mention a hidden form field used to protect against ad-hoc spammers, and then I’m hit with spam posts that pull the form data and use it with the comment post. Someone else mentions about putting timers between when the page is accessed and the comment is posted and the code soon reflects this. This spammer sometimes re-directs to a porn site, but most often leaves just a calling card — a domain that doesn’t exist.

I have really enjoyed watching the smart spammer operate, but now the ante was upped when the primitive hacker hits a comment post 57 times in a row; I had to discontinue my little experiment and implement whatever anti-comment solutions I could find, primarily because there is no way in Movable Type to deal with this type of comment.

When you receive a comment spam, you have to delete the comment directly using SQL, or manually by deleting each in turn from within Movable Type. Then you have to regenerate all the pages to get them to disappear. Multiply that by 57? Ugh.

Hark, though, a knight in shining armor, Jay Allen, gives up all sleep for it sounds like a week to hack through a comment de-spammer that uses sophisticated regular expression processing to block known keywords and relative URLs when a comment is posted. It also blocks duplicate comments. Best of all, it gives you a little link in the email you get with your email notification that lets you delete the comment and rebuild the page in one fell swoop.

This is cool stuff, and Jay deserves a big damn gummy bear to munch in appreciation. However, it wasn’t this that brought me out of my sickbed, with holes in my gut and feeling achy, to comment. It was this casual chit chat about blacklisting. Oh, you know I don’t like that word. It’s a Bad Word.

It never fails to amaze me that webloggers will cry foul at the slightest hint of impartiality or censorship in mainstream publications, but willingly, happily, blindly adopt any and all thought of blacklisting without a backwards thought. It seems with Jay’s tool that you can not only list keywords and URLs you want to block comments for — you can export your list and others can import your items. Wow, web of trust.

Lesse now. Well, Dave Winer has said some pretty nasty things to me in the past so I think I’ll add ‘harvard’ to the list to block Dave. And you know, Mark Pilgrim has been on my back for six months now, so I think diveintomark goes. Wait a sec — I’ll just put ‘mark’ on the list.

Anyone want to use my list now? What’s the matter? Don’t you trust me?

The thing is that Dave Winer, for all of his willingness to explain our faults in infinite detail, is a real person posting as himself and I opened the comments to him to talk. There’s been a couple of times when I’ve been mad enough to block him, but I can’t believe in ‘free speech’ if I block people from speaking freely with me, and he’s been unblocked and free to comment for months now.

As for Mark, these ‘A Year Ago’ posts I’ve been running at Burningbird have shown comment after comment from Mark when we did get along, or at least were neutral, and I miss those times. However, I’ve crossed Mark’s line and am therefore told to Dive out of Mark, and I’m not necessarily fond of some of his newer comments. Still, I can’t bitch about Mark’s inflexibility as regards differences of opinion if I block him from making comments, can I?

So I guess I’ll remove these two items — harvard and mark. Now, do you want my list? Trust me. I wouldn’t lead you wrong. Besides, I know you all know how to use regular expressions to check to make sure I haven’t snuck a block in against a friend of yours among the foes. I wouldn’t do that. No siree. I’s good, I is.

But speaking of ‘good’ and opposite thereof, does anyone want to have the blacklist.txt file from Little Green Footballs? Would you trust it? How about other more extreme folks who have shown themselves less than amenable to disagreement?

Of course, you don’t have to know that you’re getting Little Green Football’s items. You could get someone else’s 3560 entries, and LGF’s items could be a part of this. That’s the problem with non-signed and non-identified entries in a mega-list of blacklisted items — you lose some good with the bad.

No biggie. Right?

You all know Allan Moult and Jonathon Delacour. I’ve known both of them through weblogging for going on two years now. From time to time, I send both an email to say hi, let them know the minute and uninteresting details of my life, or maybe send a link to an interesting article. At least, I used to send them emails before a week ago. I can’t send either of them an email now, because the IP address for my SMTP server is part of an entire block of IP addressed that have been blacklisted by SPEWS. And when I went to SPEWS and said that I can’t be held responsible for my ISP renting out IP addresses to spammers, I’m not a spammer, the response was basically, “Tough. Change ISPs” Sure, as if I have an extra few bucks to forgo what I’ve paid for and moved just because SPEWs decided to punish my ISP using me as the weapon.

(My ISP’s response? “Tell your friends not to use SPEWS for filtering.” Pot, meet kettle. Kettle, meet Pot.)

Blacklisting is never going to be an effective, long-term solution for any, and I mean any, internet-based problem. Period.

I had an email conversation about comment spam earlier today with Dorothea on this issue. In addition to the Bad Word, my conversation with D also sparked glimmers of weblogging interest deep within this tired old body.

Dorothea mentioned about SPEWS being different from the comment spammer thing because it’s centralized. My response was:

 

Actually, the problem with SPEWS is that it’s not centralized — there are no people you can contact directly to say, you’re hurting me by your blanket IP block blacklisting. There are no faces taking responsibility. There is no accountability, no compassion, no individuality. It is group behavior at its worst.

 

Group behavior at its worst. Hmmm. Sometimes when things like this comment spammer hit, you can feel the world tilt by the movement of webloggers in one direction. See what you did? You all made me fall over.

I trust in the individual, which means each person should consciously decide on what is, or is not, acceptable, when it comes to the flow of information to them or from them. Filters are non-discriminating in their ruthless discrimination. Communication, and the so-called freedom of speech we rant about, is based on work and deliberate determination — not quick fix global blacklisting.

Still, my concerns about blacklisting are just so much paranoia — nothing like this could ever happen in weblogging. Could it? Nah, not a chance. About as silly as comment spamming.

My preferred solution for comment spam? Close the barn door. Comments were added into Movable Type with a lot of openings and it’s time to provide better functionality for managing them — not comment spam, comments.

Ben and Mena Trott of Movable Type ask, what can we do? Well for starters:

 

Give me the ability to list all comments by a specific IP, URL, email, or name.

Give me the ability to mark all or part of them, using bulk update techniques, for deletion.

Give me the ability to then rebuild just those pages where the comments were deleted.

Give me the ability to turn off new comments temporarily for those days when I may not be around to deal with the baddies, and to provide information to people automatically about why they can’t post comments momentarily.

Finally, give me the ability to add Jay’s functionality, and others, to not let in the possibility of spam comments if I want to add this additional functionality in. Of course, we have this now — but it doesn’t take the place of the other items on this list.

 

I want all of this — greedy bugger that I am — and following through on Jay’s excellent ideas, give me the ability to do so with one push of the button. Don’t give me new functionality such as user registration and fancy uses of RegEx processing. Give me the ability to manage the data I already have. Give me better comment management.

If I had this with the 57 items for Lolita, I could have selected all the comments based on the one IP or URL, marked them for deletion, and rebuilt the pages that contained them in one click of a button. End of problem, minor irritation.

Now what happens is that I have to add Jay’s perl-based Regex handling into my system for all comments that come in (yes, take a serious pause with this), slowing what is an already very slow process at times. I have to punish the many for actions of the few, rather than being provided a way to clean up after the few so that the many can happily chat away. And then I have to make sure my regular expressions don’t accidentally filter a friend. Or foe. Accidentally. Of course.

Tech solutions to social software problems. I mentioned in the email earlier to Dorothea that most of these automated approaches aren’t social in nature, and therefore not compatible with social software. How come, then, I was asked, that my approach is better? I responded with:

 

Because they force the individual to take responsibility for the material that is deleted or not from their weblogs.

 

I wrote you and you didn’t respond.

I didn’t get it. Must have been blocked by email spam filter.

I commented on your weblog but it didn’t show.

I didn’t get it. Must have been blocked by the comment spam filter.

I had something important to say, but you didn’t hear it.

IT MUST NOT HAVE PASSED THE FRIGGEN’ FILTER!

“Oh say can you see,
by the dawn’s early light…

Only if you speak just right!

 

As for the Google thing or Technorati or Blogdex, or most recently commented lists — sure the URL might get pushed up momentarily. But it’s just as likely to fall off when all of the links disappear. These are dynamic entities, and thus, are self-repairing. So they’re on top for a minute. Who cares?

If we’re that concerned a solution would be in the most recently commented list, just point to the entry with the most recent comments rather than list the individual’s URL, like I do now. As for Google and the comments, create a second individual page template that doesn’t have comments and have it built when the other new page is built. Allow Google access to this page, but not the one with comments.

(Send email if you want instructions — maybe I’ll be able to reply if you’re not in Australia, and I’m not blocked.)

Ben and Mena say, “We don’t know what to do”, and we should be saying back, “Well, for starters, you can do this and this and this.” And no the solutions aren’t using clever coding techniques, as much as I admire them (and Jay’s one smart puppy); but they are using good, common programming sense and practices, which state that a better use of time is to close the friggen door rather than figure out fancy new knots to catch the horses that escape. I respect what Ben and Mena have accomplished with Movable Type to this point, but if they give me comment management, I’ll send them chocolates for Christmas.

Most of all, though, we should push back any time someone even remotely mentions ‘blacklist’ and ‘weblog’, or ‘blacklist’ and ‘internet’ in one breath. Always. These words, they don’t go together.

They never will.

I like wKen’s approach to the whole problem. He loves the comment spammers — gives him an ability to slide on posting, figures he could just let the spammers do it for him. Now that’s a social software solution.

And instead of hating the spammers, maybe we should learn from them, as I wrote Dorothea:

 

I admire this spammer enormously and have had a wonderful time tracking him/her the last month or so. It’s fascinating to watch someone with this person’s adept understanding of the social aspect of ‘social’ software, as they counter and move around obstacles we clever techs put in their way. Personally, I think Tim O’Reilly should have him or her as a featured speaker at the Emerging Tech conference.

update Winds of Change has had to disable mt-blacklist because the processing is too extreme for the site — Winds of Change is a pretty popular place.

We talked about this issue before, the last time comment spamming was a hot topic — anything clever enough to catch most comment spammers, will be too complex for regular use.

Now, if we had good comment management in MT….

Categories
Connecting Weblogging

A year ago today

I’m off on new adventures, pursuing new dreams for a time; ones that aren’t found in front of a computer, so I’m putting this weblog on hiatus for the nonce.

I am going to miss all of you, more than you’ll know. Thank you for making my life richer. I hope when I restart this weblog, I can return the favor.

You’re all the very best. And while I’m gone…

The following is interpretive art based on new social patterns mixed in with contemporary communications and a dash of textual expressionism forming a piece I call “Ghost in the Weblog”.

–~~@–~~@–~~@–
A Year Ago Today, October 12, 2003, We Met. We talked. We expanded. And then the Net closed in. We reduced. We compacted. The energy was too much, the space too tiny, and we burst forth with wit, despair, beauty and brilliance, laughter, anger, tears, and, ultimately, cat. We never forget cat. Cat is our anchor when our heads float too high, and we begin to think we’re Gods on a Wire, like pigs on a stick.

A year ago today we talked about…

Categories
Just Shelley

Crescent Move

Recovered from the Wayback Machine.

AKMA’s a host at one of the BloggerCon dinners, which means that he leads a table of people in a discussion on a subject that I guess he sets. It sounds a bizarre custom and confining, but if I were going to BloggerCon, I’d sign up to have dinner with AKMA. Even if Mexican food isn’t necessarily on my agenda at the moment.

The discussion about BloggerCon and Weblogs and Politics and Weblogs and Journalism is becoming equivalent to fingernails on chalkboard for me lately, though I like many of the players involved. It seems the more we seek to justify weblogging, the less fresh and exciting it becomes.

But I have to be brutally self-honest: perhaps the real reason for my irritation with all this fooflah lately is that I need another hiatus from weblogging. A long one this time, not my usual one or two weeks.

When JonathonAllan, and Chris returned from their long breaks, all three seemed to return with renewed interest and enthusiasm in their writing, though I see in them, now, a stronger balance between their weblogs and their offline lives. Healthy. I think the days when weblogging was synonymous with daily quick postings is over. Weblogging is just is…whatever it needs to be for the person. And sometimes, not weblogging is what a person needs.

I talked with the doctor today and got the good news/not so bad news story. The good news is the cyst on my lung discovered last week was not cancerous – it’s a benign growth, a result of a malformation that occured when my lungs were developing before my birth. I gather that we humans are full of little imperfections – like bubbles in old glass, adding a unique characteristic to what is otherwise, plain old dull glass.

I’m glad to get this news, it was a bit of a worry. Makes you think, you know?

However, they also found stones in my gall bladder, and this combined with some symptoms I’ve had over time means that I will be having my gall bladder removed*, probably in the next few weeks. This makes as good a reason to take a break as anything, though having one’s gall bladder removed is no big thing.

I’ve been trying to get caught up on promised stories and essays before I break, but the rest will have to wait for when I get back.

*update Gall bladder removed at my young age. I guess I need to take some of my down time and get my butt in better shape, hadn’t I?

swampything2.jpg

Categories
Political

Pushing buttons and pulling out

Originally I wasn’t going to give the name of the person I would vote for in the Democratic Primary. To be honest, I didn’t care that much as long as they were a candidate that could beat Bush. Still, with Clark entering the race I decided that I do have strong opinions about who I want to be the Democratic candidate…and Clark isn’t it. I’m putting my support behind Howard Dean.

Why Dean? Why not Clark? For starters, I’ve read Clark’s previously written essays and articles and I’ve formed the picture of a man who is extremely intelligent, savvy, and a brilliant strategist. However, I’ve also seen the picture of a man who is arrogant and indifferent to the concerns of this country but just itching to go in and solve the crises abroad. His economic plan is vague and caters to the noisy Democratic party members because it seems like the thing to do, and that’s not necessarily a good thing. His protests against Bush’s handling of Iraq seems contrary to previously written viewpoints, and leaves one confused about where he really stands in regards to the so-called ‘War on Terror’. Most importantly, what this country does not need right now, is another man in office who believes he’s right no matter what. Give me a president who’s willing to admit a mistake if it will help find a solution. We don’t need no more ego in the White House.

I still have some concerns about Howard Dean, foremost among them is his inability to handle criticism well. Every time his buttons get pushed by the other candidates during a debate, he comes off as “Did not! Did not!” What he needs to do is spin the negative attacks into positive statements.

Dean is for rolling back all the tax cuts, including those for the middle income families. This isn’t a negative; this is a man acknowledging that our country is in serious financial trouble, and that the few hundred dollars the middle class will get in their refunds won’t matter a bit to the economy – but added up could make a major dent in that atrocious deficit.

Dean made a statement years ago that Medicare is badly administered. Well, this is true – it is badly administered. It needs to be overhauled, as there is too many abuses of the system and not enough people getting the treatment they need. And who else is better able to deal with the growing health crises in this country than a man who is a physician, and who has seen the problems with the system up front, close, and personal?

However, I’ve noticed that Dean is getting better about using humor in his campaign. I liked the following quote in Boston.com, regarding the Balanced Budget Amendment:

Acknowledging his have-it-both-ways approach with a smile, Dean said: “So you can put me down as waffling on the balanced budget amendment.

“I’m already down as waffling on that one. I’ve waffled before. I’ll waffle again,” he joked.

I lived in Vermont while Dean was governor there. Vermont is the most individualistic, stubborn state in the union. It’s one of the few states that is just as likely to vote an independent into office as a Democrat or Republican. Vermonters are a people who make do with little, take care of their own, and have little use for Big Government; a state full of what could be seen as Libertarians, but they think Libertarians are full of shit for the most part. I loved Vermont for its independence, but I also disliked it for being one of the most unfriendly states I’ve ever lived in. All in all – not an easy state of which to be governor.

What Dean brings from his tenure in Vermont is a no nonsense approach to government, and a frugal attitude about spending. That’s going to help. What he also brings is a strong bias against American Corporations and their public image of rah rah Americanism – including an absolutely unbelievable red, white, and blue cereal – while behind closed doors and in the murkiness of Republican tolerance, they ship jobs to sweatshops in other countries. Dean is not a man who is going to be blackmailed by these same Corporations threatening that they’ll move their operations overseas if the government doesn’t take care of them – because he knows they’ll do it anyway.

The biggest challenge to Dean is reflected in this quote from a Democrat, covered in this the Washington Post article:

“I think Clark can win,” Taylor said. “I don’t think Dean can win. I think Dean’s going to be pegged as too liberal. He doesn’t have the kind of military background and some of the strength that Clark seems to have.”

A poll in CNN today shows that Bush would still win over any of the Democratic candidates. In spite of the worst deficit in history, an appalling and unworkable economic plan, the worst job losses since the depression, damaging the foundations of freedom on which this country is based, and pulling us into a unilateral invasion of Iraq – he would still win over Dean, Clark, Kerry, and all the other candidates.

Fear. This is all because of fear. We are slowly killing this country from within if we don’t get over our fear. Because of it, we allowed our President and his paranoid cabinet to invade Iraq without UN support, and look at the results. Please don’t quote me polls about how the Baghdad residents are so happy we’ve come in, and how things are really so much more positive over in that country. All I see in Iraq is the potential for failure, regardless of the sudden surge of those waving flags of joy joy news. (“No, it’s really great in Iraq. No problems. Everyone’s happy. Only a few trouble spots. No seriously. It’s all the media’s fault.”)

There’s another reason why I like Dean, and it’s that he knows we can’t just pull out of Iraq, though I know this is going to be horribly unpopular with the liberals. There was a demonstration yesterday throughout the world – US get out of Iraq now. Now, exactly what do you all think will happen if we were to suddenly pull out? Aside from bloody civil war, possible invasion from Turkey in the North and Iran from the East, and eventually the formation of another religously oppressive country?

Sorry, but my sympathies are with the women in Iraq. I think about them being forced back into their head gear, and no longer being able to hold the same jobs as men, or get the same education, or able to even walk the streets without being accompanied by male members of their family. What the hell do you think will happen to these women if we ‘just pull out now”?

Do we need to be reminded of Amina Lawa about now?

I did not want us to enter Iraq. I wrote a long time ago and more than once that if we were going to invade Iraq to ‘help the people’, then we couldn’t keep bringing up terrorism and WMD. The two types of war are different. I also wrote that if we were going to end oppression then we, as a world, need to commit to this across all countries. Even my own. But the act’s been done. We’re there. We can’t just pull out.

I think I’m just as tired of the liberal element in this country as I am the conservative one. So much bombast and rhetoric and banner waving and mouthed words about ‘freedom’, but how does the song go? “Freedom’s just another word for nothing left to lose.”

Yeah, tell that to Lawa.

I read over at Norm Jenson’s (make sure to read the comments) about a weblogger whose brother reacted to a neighbor’s display of American and Christian flags by printing out an article and banner about religous freedom and attached them to the neighor’s door. The weblogger was aghast when they came home and found the whole family out putting little flags all over the yard. “This man needs psychiatric help”, the weblogger cries out.

Who exactly needs help? The person who plastered red, white, and blue all over his yard? Or the person who couldn’t stand seeing someone else not share their own appalled sense of what’s happening, to the point of going on to the neighbor’s property and posting material on their door?

I wouldn’t agree with that neighbor, but if I believe in freedom, I have to support his flying American and Christian flags and wrapping yellow ribbons about his property, or everything we say about freedom is a joke, and a mockery.

If I were to stand in front of both houses and be asked who I’d want as neighbor, I think I’d take the folks in Iraq.

I believe in ‘freedom’, too, but I also believe in taking responsibility for our mistakes, and we made a big ass one in Iraq. We are there, a fact I bitterly regret but at least accept as fact. We can’t just pull out because it’s expedient, or costs too much, or is costing American soldier’s lives. But we need to get help from the world, from the UN, from the Iraqi people, and their neighbors and if we have to ask for it hat in hand, then let’s ask – not let the Toy Airman in the White House pugnaciously tell the world, “We don’t need your stinking help.”

Dean. This was about Dean, wasn’t it? And that’s why I support Dean – seems to me he put both his toys and his ego away years ago. I have a feeling he won’t be hesitant to tell the world, “We screwed up. Can you help us?”

PS As for Dean’s use of the Internet and weblogging – the day I vote for a President just because he’s a ‘blogger’, is the day I check myself into the nearest home for the mentally incompetent.

Categories
Burningbird

These shoes are walking

I completed another item from my overdue To Do list, Walking in Simon’s Shoes, this one in the Practical RDF weblog. If I keep this up, I’ll be caught up on promised items by week end and will have nothing left to write.

If you read today’s earlier essay, The Ten Basic Commands of Unix, note that I made some edits for readability earlier this afternoon. I think it’s a bit crisper now, though I may tweak it a bit tomorrow.

(Now, what did I just write about tweaking?)

Today, I also played around with the Genuine Fractal Photoshop plug-in and I’m quite impressed from the examples I’ve printed out. Quite. I’ve received a suggestion of another plug-in that’s said to be as good but is quite a bit cheaper than Genuine, though it doesn’t have a demo copy and I’m holding on downloading it for a bit. When I do, I’ll post a review of both.

Thanks to the two friends for the suggestions of the plug-ins. Both are steely eyed missile men.

You might have noticed different behavior in the coded portions of the weblogs recently. I’ve changed the code for my comments/trackback list to only list trackbacks and comments on items published in the last 30 days. I’m doing this as a way of cutting back the spam items that appear in the list, most of which tend to appear on older items. This cuts out a few viable entries, but I still receive these in email, and they still appear on the posted item. This approach has kept the recent list, well, more recent. It’s also eliminated most of the spam and the hit and run google hits from the list, leaving me to delete the items at a leisurely pace at a later time. It’s not a perfect solution, but at least it’s something.

I’ve also added code to reflect the date and time when a weblog was updated, with the most recently updated weblogs at the top of the Burningbird Network list. This, I hope, let’s people know that I’m writing elsewhere when I’m quiet here. I’ll still probably write a hint here, too.

That’s enough for the night. Tomorrow, more items from the Overdue To Do list.