Navigate/Search

Archive for the 'blogging' Category

So, anyway…

Sunday, January 15th, 2012

I wrote something new. If anyone’s out there, I wouldn’t mind feedback.

New commenting system

Thursday, July 31st, 2008

At the prompting of Toast, I’m mucking about with a new, threaded commenting system: Intense Debate. Among other things, Intense Debate allows you to follow someone’s comments across all blogs that have this system installed.

All comments to date have been converted to this system. The most any of y’all should notice is that the comment user interface is slightly different; for instance, it supports Gravatars, something this blog’s theme didn’t do. So far, the only thing I’ve noticed that it adds a little lag time when the page loads.

Feel free to treat this post as a testbed for the new system. Or not, as the fancy strikes you.

[Update @ 31 Jul 2008 2143 PDT - officially, the following tags are supported in comments: <a>, <b>, <i>, <u>, <em>, <p>, <blockquote>, <br>, <strong>, <strike>, and <img>. Some appear to be supported better than others (I'm looking at you, <p>...).]

[Update @ 1 Aug 2008 2032 PDT - I was requiring 'first' comments to be approved; unfortunately, it seems that I.D. doesn't recognize previously approved comments. Sorry, y'all. I'm turning that feature off. The verdict so far? Meh. I don't know that threading and reputation are worth the somewhat lackluster feature set and the performance drag... I'll give this a little while longer, but I'm also going to take a look @ Disqus. I suspect I'll find similar issues there, whereupon I return to the standard, plain vanilla WP comments. It's an interesting idea, but the platforms aren't mature enough - at the very least, this one isn't mature enough - for my liking.]

Watch out for bestnewspolitics.com – only the ‘.com’ part is true

Wednesday, May 14th, 2008

Just a ‘heads up’ about a commenter named ‘Jamie Holts’ who has been leaving a lot of innocuous comments on political blogs over the last 24 hours – ‘Jamie’ is a spammer. His ‘blog’ is bestnewspolitics.com, which appears to consist solely of content stolen from ezinearticles.com; his ‘blogroll’ consists of links to bulk emailing software, keylogger software, splog generation software, gambling sites and get-rich-quick sites.

‘Jamie’ is building up his site’s Google juice by leaving innocuous, link-free comments that will easily get past most comment spam traps; if you use a spam-fighting service like Askimet and get a comment from someone linking back to bestnewspolitics.com, please flag the comment as spam before you delete it.

Jamie Holts is a spammer; bestnewspolitics.com is a splog. Pass it on… :-)

mathres.net: Curiously ineffective splog

Saturday, April 19th, 2008

mathres.net, also know as Math Resources, is a crappy little splog. You see, they scraped my content about The Boy’s math homework because, clearly, I’m providing some deep insight into math or homework or math homework. Isn’t it obvious that my account of eye-rolling is a highly-sought math resource? But wait! you say. What if they’re a (math) legitimate aggregator? You know, it’s (math) automated so maybe it’s (mathematics) overly inclusive?

Alas, this would be (math) wrong. See, they attributed my piece to ‘unknown’ – but the (math) spider/scraper/whatever-they’re-using stored my pseudonym to tack on to someone else’s stolen content.

So no, they just like to scrape the internet for keywords like math. Math. Math. Would I piss in their Google Juice by retyping keywords or phrases like math or mathematics or math test or math homework? Would I want them to steal this (math homework) content? I certainly (math) might.

As for the ‘curiously ineffective’ label? Their ad fraud has already been caught by Google. Pathetic little splog fraudsters… but I repeat myself.

Test, test…

Tuesday, April 8th, 2008

1, 2, 1, 2…

So I decided to take a break from fucking a football[*] converting databases and upgrade the blog to WordPress 2.5. If anyone notices that anything done broke, try to leave a comment or pop me an email at static at this domain.

Ah, the ironies abound…

Thursday, April 12th, 2007

Let’s see: we have a professional asshole, writing about those dirty bloggers, calling them assholes for being, well, assholes. He’s also pissed off because some of these assholes have the temerity to call themselves ‘journalists’. Oh yeah, and mostly he’s pissed off that they won’t use their real names while being assholes:

If you’re going to fire a rocket at someone in a blog post, or anywhere else, at least have the class to use your real name and stand behind your vitriol. Anything less makes you a coward and invalidates whatever bile you’ve spewed.

My name is on this, and I’m calling you gutless if you don’t sign yours. What are you going to do about it, blogger boy?

Why, I think you know exactly what I’m going to do about it: blog about it. And I’m going to call you an asshole.

Asshole.

So, to Tony Long, who feels that having his name on something makes it more important: Fuck you. First, there’s a difference between anonymous and pseudonymous – look it up, or ask your editor to explain it to you in very small words.

Oh, wait – you’re listed as ‘copy chief’, so that means you should already know the difference. Hmmm… What an interestingly deliberate misunderstanding.

Second, not all bloggers have pretensions of being journalists – very few, in fact. I certainly don’t pretend to be a journalist, I’m just some pseudonymous guy with a blog, and the bloggers who do aspire to taking more of a journalist-style role do, in fact, largely hold themselves to many of the same standards as dead tree journalists. Certainly the ones worth reading on a regular basis do. Not all of them use their real names, but so what? Dead tree columns are still written under pseudonyms, too.

What gets under your skin isn’t the fact that some bad (and slapdash) writers happen to hide behind the label of journalist and happen to use rude words; no, what you don’t like is that you no longer have a monopoly on, well, being an asshole. I mean, what else are we going to call a tech columnist who calls themselves “The Luddite”? Really, if that isn’t a textbook case of asshole, I don’t know what is. (It might even cross the line into pretentious asshole.)

See, Tony (and here’s your dirty little secret) – you aren’t a journalist either. You’re an opinion columnist. Oh, you want to be a journalist, but this gives it away: “The Luddite: Commentary by Tony Long.”

Commentary. Not reporting.

Commentary.

Contra your title, the blogosphere isn’t “Where a Tawdry Culture Goes To Die”. Rather, it’s where anyone who wants to take the time to do so can express an opinion, in whatever manner they choose. You’re just another voice, Tony. You’re a voice that has the luxury of being paid to exist. But you aren’t anything special. You’re one voice clamoring for attention among thousands – LOOK AT ME, LOOK AT ME, LOOK AT ME.

And that having to compete really frosts your ‘nads, doesn’t it? You aren’t special. You’re just another asshole with a computer, being an asshole. Just like me. An asshole with a computer, commenting on the things that catch my interest.

So there. I’ve looked at you, and, well, found you wanting. Welcome to the blogosphere, Tony.

Asshole.

blogspot.com splogspot.com

Tuesday, March 20th, 2007

Hey, Google? What are you doing about this?

Three out of every four unique Blogspot.com URLs that appeared in the top 50 results for commercial queries were spam, the study said. Blogspot is the hosting site for Google’s blogging service. Blogs created for marketing purposes are sometimes referred to as “splogs.”

Right now, hauntedvampire.com is being hammered by a comment spammer who is using nothing but blogspot.com URLs. Hundreds and hundreds of them, all unique, all following the same pattern (spamproduct-randomstring.blogspot.com), and the bots are all coming from a huge range of IP addresses, so I can’t efficiently ban access by IP blocks.

Oh, it’s all being caught by our spam trap, but still – it’s annoying as hell, and frustrating to see THE SAME HOST again and again and again. I expect to see spam on .info sites (And as an aside: can we just shitcan the entire .info top-level domain now? Please? Has anyone ever seen a valid .info site? The signal to noise ratio in this TLD is rapidly approaching zero.), and .edu domains frequently have ancient or understaffed subsystems just crying out to be exploited, but Google? Google’s got the cash and the brainpower to do this right, and well… they aren’t.

It’s almost impossible to reach Blogspot.com abuse, and it is impossible to report more than one splog at a time. Given that Blogger’s new AJAX facade has also made it a more attractive delivery platform for malware exploits, you’d think that Google would want to make it easier to contact abuse. But no – you have to search creatively to even find the link to their crappy ‘report abuse’ form. (Here’s a hint: you’ll have better luck using Google to perform a site-specific search on help.blogger.com instead of using the actual Blogger knowledge base.)

Now that’s customer service.

You’d also think that a company like Google would be able to discern the patterns in these splogs, and implement some proactive measures. Oh, wait! That’s right! They make money from this too, since they’re the ones selling the ad space in the first place.

Mind you, Google isn’t alone in this – AOL and Netscape’s free pages are probably equally polluted, and their abuse team is just as impossible to contact. (Surprisingly, Tripod and GeoCities are the most responsive, and easiest to contact.) But I guess I’ve come to expect a little more from Google…

Don’t be evil, right? Behold, the Invisible Hand: producing varying values of ‘evil’ since 9 March 1776.

[via /., of course...]

How many readers does your blog *really* have?

Thursday, March 8th, 2007

Over at The Mystery of the Haunted Vampire, we’ve seen a fairly large surge in comment spam attempts. In the past, I’ve tried to deal with this with a mix of plugins but the best one of these had the unfortunate side-effect of preventing the site owner (Carnacki) from accessing the blog (he’s got some funky configuration issue with his ISP, I think). We’ve been relying upon Askimet alone for a while now, and while it works really well, it’s kind of tedious having to review and delete comments. Askimet has trapped a handful of false postives, so I like to eyeball the output before deleting it. When it’s a dozen or so pieces of spam, that’s fine – but when it’s hundreds? Bleh.

Not wanting to futz around with plugins again, I opted for a blunt instrument approach: the .htaccess file. For those of you who don’t know, .htaccess is a file that you can use to control site access when you don’t have access to the root server configuration settings – which we don’t, since we don’t have a dedicated server. (Hell, we don’t even pay for a fixed IP address. MotHV is small enough that it isn’t worth the expense, particularly since the site doesn’t generate any revenue.)

Now, with .htaccess you can block individual IP addresses, but most comment spammers use a range of IP addresses. Looking at the worst offenders, I began blocking large swaths of the ‘net from accessing the site. Chinese ISPs? Gone. We’re an English-language blog, and we never get any interactive visitors from Chinese IP addresses, only bots. Hosting-only companies? Gone. Sure, some of their IP addresses may be allocated to ‘real’ domains, and some companies may be using those IP addresses as gateways, but in those cases, the IP address should resolve back to their domain name. If it’s just one IP address out of a pool of thousands? Nope. It’s a bot. You get the screamin’ 403 “Access denied” error.

I’ve used some discretion – we do get legitimate visitors from Japan, Korea, India, Thailand, & Malaysia, so I won’t take the totally drastic step that some people have of banning the entire range of APNIC IP addresses. That’s stupid. But individual ISPs in Asia that have never sent us a single legitimate visitor? Bzzt. Blocked. That one European host that is responsible for 50% of our comment spam? Every single netblock gets blocked. That US-based host responsible for another 20%? Same thing.

So the other night, I blocked a couple of dozen ranges of IP addresses, covering tens of thousands of IP addresses. Comment spam attempts are back down to a manageable amount (hundreds per day to dozens per day), though I know this will be temporary. And guess what else happened?

We lost almost 40% of our RSS subscribers.

Yup. 40%. At first I was a little surprised by the drop – but then I remembered my .htaccess changes, so I’ll say good-riddance to bad rubbish. It’ll be interesting to see how many site visitors we lose over the next few days, too – though we typically don’t count bots since we’re mostly using JavaScript-based counters to track visitors, and bots don’t run JavaScript.

So… How many of your subscribers are really just monitoring your site for activity?

[edited to add - do I lose any points for having two back-to-back posts with "*really*" in the title?]

*tap*tap*tap* Is this thing on? *screech*

Wednesday, January 3rd, 2007

Eh. (fidgets with mike stand) Sorry ’bout that. Better?

Yeah, it’s been a nice break – three weeks offline, plus another week or so to get back into the swing of things (and boy, it didn’t take long for things to start swinging back). But I think it’s time to get back onto the bloggy horse.

As I said, things are swinging: there’s weird stuff afoot at The Boy’s school (more about that anon), work’s fluctuating oddly (if seasonally appropriately), the house is in total disarray, and there’s a modicum of personal drama at work (which appears to be resolving nicely – the short version is: pregnant co-worker, scary test results, emergency C-section 2 months-ish early, mom & baby seem to be fine). Oh yeah, and I also found most of my notes from our trip, so I’m not exactly lacking for material…

So while I compose myself and my thoughts (such as they are), I’ll leave you with this taste of our trip: a two-story-tall Technicolor Monkey God!

Technicolor Hanuman
(click on image for full-size)

Fun with filters

Tuesday, September 19th, 2006

So, what with it being Talk Like a Pirate Day and all that, I decided that merely mentioning it in passing with a few desultory “Yearghs!” and “Me hearties!” over on Mystery of the Haunted Vampire (where we loves us some pirates, yes we do – I think it has something to do with the floggings, but maybe that’s just me…) wouldn’t be enough. No, I needed to upload a WordPress plugin that will dynamically piratize (piratify? piraticate?) a WordPress blog’s content, comments and all.

Argh! Shiver me timbers! Uh, and all that…

At any rate, the plugin comes with a template to write your own filters, which inspired a little bit of whimsy on my part: what “Talk Like a(n) [X] Day” do you think the world can’t live without?

Plone/Zope – spammer havens?

Saturday, August 19th, 2006

[update 22 Sept 2006 1155AM PDT - I've been remiss in noting that Plone has a new release out that fixes this problem and they have instructions on how to clean up the spammer-generated content. I do, however, think that the folks at Plone are being disengeous when they describe the scope of this vulnerability as being limited to high-visibility sites and when they downplay this as a security hole. Guys, if a spammer can upload arbitrary scripts to your site, that's a security hole.]

This is an open note to the folks on the Plone and Zope projects: I don’t know if this is an exploit you’re aware of, but there’s a script or tool loose in the wild that makes it extremely easy for spammers to generate fake user IDs and bogus content for your systems.

As my regular readers will know, I’m involved with The Mystery of the Haunted Vampire, a quirky horror-ish blog. Lately, I’ve been more of an admin than contributor – and a lot of that has been checking the comment and trackback spam caught by the Askimet WordPress plugin.

So far, we’ve had no false positives and only one or two false negatives, which is definitely a hit ratio I can live with. I click on the “Administer Askimet” tab, give the spam a quick once-over, and select “delete all”. Boom, done. Not that big a deal… But a couple of days ago, something caught my eye – a bit o’ trackback spam that linked to a .edu domain instead of the usual .ru, .nu, .pl, .biz or .info domain.

.edu?

So I checked it out using a text-only browser that sends a valid referrer-agent string (like IE or Mozilla) but displays the raw HTML and/or JavaScript behind a page. Turns out that the site is a homework/reading forum for a Comp Sci class, and the URL in the spam was a post to the forum that consisted solely of a JavaScript that immediately redirects you to a typical pill-spammer site (Gee, that’s where the .biz was hiding. Imagine that.). Figuring that a federally-funded institution didn’t want to be supporting illegal online pharmacies, I reported it to their helpdesk, and the sites were taken down in a day or two.

Well, yesterday we got another lovely chunk of pill-pushing spammy goodness – and almost every single link was to a .edu URL. We aren’t talking questionable schools, either – these were almost all subdomains on the sites of Ivy League, public Ivy, and Top 10 schools.

Real schools, all really well-known names, all harboring spammer redirects. Whoops.

When I went to look up the contacts for these sites, I noticed they were all running the exact same software: Plone and/or Zope. Plone & Zope are open-source content management systems (CMS isn’t my thing, but it looks like Zope is the foundation that Plone is built upon.) that provide an extensible, flexible framework for, well, community portals – very similar to the Comp Sci portal I initially saw. And every single site that spammer exploited was using pretty damn close to the exact same combination of tools.

So I guess you can also consider this an open note to all those academic and non-profit teams running open-source community portals like Plone: tighten up your security, and make sure you lock the damn site down if it isn’t live. One Ivy League school linked in that spam had thousands of spammer redirects on one of their sites – and it looked like the main site hadn’t been actively used in a couple of years. How’d you like to have Google results for pyramid schemes, skeezy refinance outfits, work at home ripoffs, illegal narcotics, and penis pills associated with your domain?

Yeah, I didn’t think so.

Petard. Own. Hoist.

Tuesday, July 18th, 2006

(Updated below)

Caught this tidbit from the WordPress news headlines – how to defeat sploggers, blackhat SEOs, and other kinds of content thieves by feeding them their own special RSS feed. If they’re going to use RSS to steal content, feed ‘em crap, like, oh, their own WHOIS data or George Carlin’s words you can’t say on television (or whatever).

Good stuff. The code in the article will only work with WordPress, but in theory the concept could be (easily?) extended to other platforms. Also, it won’t work if your feed is being picked up by a service like FeedBurner, so YMMV. Still, any little thing to put some sand in their lube, eh?

19 Jul 06 6:58A PDT Update: Jonathan Bailey, the author of the linked piece, stopped by last night and pointed out that there is code in the article that utilizes the .htaccess file, which would work regardless of your blogging/forum/image gallery/other content-related software. He also pointed out that none of these solutions will work on the free ‘turnkey’ sites such as WordPress.com, Blogspot.com, or any other fully-hosted services that keep the blogs inside pretty secure sandboxes.