312 clicks

this was the most massive blogspam attack i ever experienced: within the last two days, this site was hit by 87 blogspam comments! which equals 87 * 3 + (87 \ 5) * 2 = 312 clicks just to get rid of them again through moveabletype’s admin interface[1]. sheesh.

for spammers, blogspamming is even easier than e-mail spamming as so far, none of the currently available blog apps offers a convincing way to deal with this problem (and it’s more effective too – people trust google’s page ranking more than a filthy e-mail spam message).

* ip based blocking doesn’t work as ips are spoofed anyway (yes, i verified it)
* content-based blocking only works in few cases – the comments i had two delete were full of intentional misspellings to circumvent any blacklist-based filtering approach.
* disabling direct links: might work in the longterm, but at the moment, spammers obviously don’t care (my site doesn’t allow direct links and yet it was spammed. they don’t even seem to have checked the site prior to spamming). reason: so far, too few blogs use such a feature – and those few don’t count when mass-hammering thousands (or millions) of blogs.
* renaming comment-scripts. this site is proof enough that this approach is not effective either.
* requiring posters to decipher distorted signs/numbers/words. might work but can be circumvented as machine character recognition improves. use questions/phrases instead? mostly annoying for real humans, not computers.
* disabling anonymous comments or requiring users to register at a central registry. might work as long as there aren’t any spammer scripts to create fake accounts prior to spamming. a matter of time only. and a blog is supposed to encourage a spontaneous public discussion, right? a classical trade-off between free access and control (analogous to e-mail spamming).
* moderate all posts or those with more than # links. doesn’t really fit the idea of a low-barrier communication media (i smell censorship). takes too much time in general and particularly for things like filtering spam you don’t want to spend much time for. basically just a human spam-filter, not a wise approach. prevents any spontaneous discussion.
* distributed (almost) real-time blacklisting based on comment fingerprints/hashes. one measure that might work (unless they use randomly generated characters). it’s what works best against e-mail spam (based on my experiences as a user of spamassassin). note the word “distributed”. distributed problems tend to require distributed solutions as else one usually runs into scalability troubles pretty soon.

nevertheless i’m optimistic that sooner or later {e-mail|blog}spamming will be a thing of the past. it’s on everybody’s radar now :>

eventually i should give mt 3.01d or 3.1 a try. or migrate to wordpress which doesn’t seem to be a high-profile target atm..

anyway.. happy “1st of august” (swiss national holiday ;)

[1] instead, using sql queries through phpmyadmin or the mysql console is suggested. not feasible for joe average bloggers however.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.