Category: Technology

Categories
Technology Weblogging

Listening to the customers

Recovered from the Wayback Machine.

Six Apart has released MT 2.66 specifically because of comment spam.

One change is throttle control, which means if you get hit from the same IP address with several comments in a row, MT will shut down the IP. This wouldn’t have helped with the recent comment blitz because that person used a proxy to vary the IP address with each comment. But it should help with the script kiddies.

The second change is one I, point blank, do not like. What happens is that a redirect is built into the management of comment author’s URL, so you get this silly little redirect page between clicking on the URL and getting to the URL. This supposedly is to stop the redirected URL from getting Google Buzz. However, people who have implemented this have said it doesn’t work. Not to mention that my good commenters no longer get Google goodness.

(And it does nothing about the spam comments that embed 100 different URLs into the comment body. )

I tried this at a site that’s upgraded – it busts the back button. There’s this ugly little redirect page. It’s awful.

Google is self-healing. Comment spam and Google is between the spammers and Google. I don’t care. I just don’t want to have to hand delete 500 comments, have to manually use SQL to do this, or use a blacklist that won’t scale.

I appreciate Six Apart trying, and I like the throttling, but all I want is good comment management. It’s not sexy tech, but it’s what we need. I’ll wait for 3.0 with the promised comment management. I also hope that we have the option to NOT use the redirect functionality. I don’t want to have to hack this out of the code.

Categories
Burningbird Technology Weblogging

MT Comment Help

Recovered from the Wayback Machine.

I’m not starting up Burningbird but a lot of good people were hit badly by a very sophisticated comment spam attack, including the Wayward webloggers who I’m responsible to.

The attackers this time only posted three comments to each post, each with different names, and different URLs. They either used spoofing or they’ve harnessed open computers to submit the comments – I think they’ve used traditional DDoS attacks this time, so be careful using IP banning, you could be banning innocent people.

Did mt-blacklist work? No. As I’ve said before, spammers have better habits then so-called legitimate developers, because they listen to their ‘customers’ and adapt accordingly.

In the meantime, clean up:

The only easy way to clean up is directly in MySQL. Even *mt-blacklist will require that you hunt down each individual URL and delete it – time consuming. If you don’t know how to access MySQL then ask for help in comments, send me an email, or ask help from your friends online.

In MySQL directly, or through PHPAdmin, to remove the comments, use the following:

delete from mt_comment where comment_created_on > ‘2004-01-12 15:40:08′;

Change the date to fit your needs, the format is yyyy-mm-dd hh:mm:ss. This will delete all comments after the timestamp. Be careful or you’ll lose comments you want to keep. In fact, always make a backup before you start global deletions. You can use mysqldump to back up your entire database at any time (check MySQL site for how to use mysqldump). Or you can use MT’s backup.

Once deleted, rebuild your site to clear the comments from your pages.

If you want, you can turn off comments on all entries older than 30 days using the following SQL:

update mt_entry set entry_allow_comments = 2 where
TO_DAYS(NOW()) – TO_DAYS(entry_created_on) >= 30;

This closes comments on all entries 30 days old or older. Most comment spams are on older content, which are also less likely to have legitimate comments so this isn’t a bad option. You can run this yourself manually every week or so, or you can add it as a cron job. If you’re unfamiliar with cron, holler.

The spammers have gotten smarter. Eventually if you restrict their access enough, you’ll shut down comments to everyone. The only true solution to this problem is better comment management in MT. However, if you feel as clever as the spammers, perhaps you need to attend a smart people conference, come up with nifty, neato, just gee wiz smart solutions (put into the public domain of course, with the cutest little cc brand.)

This is a short-term post, with comments allowed for now. However, with the keywords in the post, it’s now a target for comment spammers, so I’ll be closing comments in a couple of days, and then put the post into draft mode – the individual page will still exist, but it will disappear from comment posting as well as this front page.

Note that the more metablogging talk you do in your weblog, the more you use the words ‘comment’ and ’spam’ or ’spammer’, the more you make yourself a victim. That’s how they’re finding your posts. I imagine that they had a bit of a chuckle when they made this run.

*Update

For all the mt-blacklist users, if you’re using global lists and not checking that legitimate URLs have been inserted, then chances are you’re opening your system up for a poison pill attack – causing your system to filter common, legitimate URLs, and hence making the mt-blacklist less reliable. The technique is common in email spam, as outlined by Ken Coar. Something to think of next time you import several hundred entries, depending on technology when the spammers depend on their brains.

However, makes no nevermind to me what you do. I’m just passing through.

Second update

There is an MT plug-in that allows you to turn off comments on older postings. I haven’t tried it, but others have and it seems to be working. It’s at http://www.rayners.org/2003/12/27/closing_comments_on_old_entries.php.

Previous writings on comment spam:

You’ve been comment spammed, your life as you now know it is over

Making a Deliberate Choice

Comment Spam? Or DOS

Spammers : getting to know you

Passive Resistence

DDT for Comments

Using Google Against Us

Comment and Trackback spamming

Comment Spam QuickFix

Comment Spammers Redux

Variations on a Nasty Theme

Categories
RDF Technology Weblogging

RSS Stuff

Recovered from the Wayback Machine.

Time to take a break from photos and philosophy, and feed the machine.

I have a file that maintains a list of 404 accesses, and the URL where the missing resource access originated. The file most accessed is the old Alter Ego weblog’s rss.xml feed. Since I closed the weblog over a year ago, not quite sure where these requests are originating, so I re-created the file with one entry that reads:

Title: This Weblog is dead, dead, dead

Description: This weblog, Burningbird’s Alter Ego, has been dead for over a year. Why are you still accessing this feed? If you can’t even tell which weblogs are active or not from the feed, perhaps you’re subscribed to too many sources. Try reading a few from time to time.

The point I think is good – some people proudly point to the multi-thousand aggregatiojn subscription count they maintain and my only response to that is, please remove me from your list.

Another old syndication feed chestnut is making its rounds again recently. Seems Joi Ito is providing a CSS stylesheet with his RSS feed. Deja vu all over again. I agree with several others who have pinged Joi in that it makes little sense to supply a stylesheet with a syndication feed. Not only does this override a person’s aggregator settings, it also makes the feed processing more complicated. Plus, I don’t see the point. The purpose of syndication is to provide a recent list of updates, with enough information so that if a person is interested, they’ll click through and read the rest of the writing at your web site.

Sigh. Over and over and over again.

However, there was an interesting point made on this by Liz that made me want to comment, again, on this concept. She wrote:

My gut response to this is discomfort with the idea of trying to use CSS with syndicated content-that it seems somehow contrary to the entire idea of syndicating simple content. But I know from long experience not to trust that kind of initial negativity too much, since it’s often connected with changes that turn out to be quite positive.

Curious – I wonder if Liz also questions her initial positive reactions to new technology with the same hesitancy that she applies to negation reactions? If not, is this because negative or should I say, critical writing is somehow valued less than positive writing?

I know that Joi Ito maintains a very positive outlook when it comes to geekery and tech, but then as a tech VC he has to: people don’t invest based on pessimism, or even realism. (Not to say that Joi wouldn’t be positive anyway – I really do think he loves this stuff.)

My job the last few years before the Great Bust was as a consultant finding the problems with existing or proposed architectures and software designs and decisions before the company spent millions of dollars on, frankly, overoptimistic but doomed technical innovations. In some cases I would then work with the folks to architect new solutions (or in case of a couple of contracting companies, find new companies). It was a job I was very good at, and I know that I saved one past customer several million dollars, and also helped a couple of others create systems that were simpler and much easier to scale. Seems to me the ‘criticism’ in these cases is a positive thing.

(Betcha you didn’t know that, did you? Betcha you just thought I was a negative person, didntcha? Yah sure, back in the good old days I used to charge a buncha money to do what you all get for free.)

Anyway, though I may eventually get around to an Atom feed, when I have the spare cycles, and I have a hidden comments feed (which you can find if you’re determined), I’m not going to fool around with stylesheets for my feeds.

Besides, I like Bloglines. I like the way the system looks, and I like the clean, easy to read aggregated excerpts. But I always click through when my small, select group of subscribed feeds update.

(Except if you provide full content and don’t take comments and host on Blogspot, like Halley).

Categories
Technology

FileZilla Gotcha

Enough with the BS, let’s talk something useful.

I found this last week that Filezilla 2.2.1b (and earlier versions) will truncate files when uploading several directories at a time. I discovered this first when I found the Trackback.pm file was truncated. Then when I was trying to port the old entries into the Semantic Web for Poets, after a great deal of research and effort, I found that the several of the HTTP perl modules were also truncated.

Checking around at a couple of the other Wayward Webloggers I found some others, including some graphics that were truncated.

I was using the Windows version, on W2K, uploading to Red Hat Linux.

If you’re using Filezilla to upload a lot of directories and you’re using the Windows version, just be aware of this as a problem. Bugs have been filed on this at the Filezilla site.

Categories
Technology Weblogging

Visual hints and clues

Recovered from the Wayback Machine.

At Burningbird, I modified my Movable Type template to display a small graphic associated with the subject (category) of a posting next to its title. Those who are less interested in my technology writing can then skip postings with the associated binary graphic next to the title; those who are uninterested in politics, can avoid that graphic, and so on. (My friend Chris at Empty Bottle also uses graphics to designate categories. However, his graphics are a lot more sophisticated than mine.)

I thought about creating multiple weblogs and focusing each on a different topic within the framework of my writing as ‘Burningbird’, but I wouldn’t write more (or less) on any subject just because I split them out into different weblogs. All I would do is scatter my thoughts about like dried bits of corn on a dusty field, forcing my readers to take on the visage of Crow, pecking about hoping to find that edible kernel among the dirt.

Besides, my thoughts don’t split cleanly along subject and topic, neatly categorized into discrete buckets. I’m just as likely to throw new photographs or a bit of writing whimsey into an essay on RDF, or mix a little technology into an essay on the Environment. My weblog reflects my writing, which reflects my mind: muddied waters of blended interest.

First, I created all the graphics of a relatively uniform size. I made them slightly longer than the heading caption bar, as I wanted to drop just below it. I then saved the graphics in the PNG format, naming them the exact name of the category.

Next, to add the graphic, within the main index template, I found the entry section associated with the posting title, as marked with the use of the MT template tag <$MTEntryTitle$>. I then replaced that tag with the following, which not only displays the graphic, but also has a link to the category page for people who want to read more entries based on that category:

 

<a href=”MTBlogArchiveURL<$MTEntryCategory dirifty=”1″ $>/index.htm”><img src=”http://weblog.burningbird.net/mm/<$MTEntryCategory$>.png” alt=”<$MTEntryCategory$>” align=”left” hspace=”6″ border=”0″ /></a>
<div class=”titlebox”><span class=”title”><a style=”text-decoration: none” href=”<$MTEntryLink$>”><$MTEntryTitle$></a></span></div>

 

 

The exact same template code can be used with the title on each individual page, for the same effect.

Graphic/Topic:

– Adventure

– Connecting

– Culture

– Environment

– Life

– Metablogging

– Neighborhood

Photography

– Politics

– Sensory

– Technology

Writing

– Sensuous Technology

– Women’s Writing