As time goes by and Google indexes more and more of my content, I get more spam of every variety. I get spam emails, spam comments on the blog, and spam added to the wiki. Of the three, the email spam is the most common, but also the most easily dealt with. It has existed for so long that good systems exist for dealing with it: whether based on Bayesian reasoning or on group filtering processes. The former are largely centered around word usage. If an email contains the word ‘Viagra’ the chances of it being spam are high. If it includes the string of characters ‘V1agr4!!!’ it is virtually certain to be spam. The latter are based on user reporting. Most spam isn’t very original. As such, if GMail has 1000 people report that a particular message is spam, it can pretty reliably block it for everybody else.
I cannot get too far into how this blog’s anti-spam system works. This is because automated systems seem to have become capable of determining which system or combination of systems a site is using and then launching an appropriate attack. Suffice it to say that the blog uses a variant of both approaches above, plus one more special thing. Since the system was implemented, it has dealt with spam from 9188 different IP addresses. Security through obscurity may not be intelligent or rubust in many circumstances, but it works well enough when you are somewhat better defended than most sites, not of much value to attack, and surrounded by sites with much worse systems.
The wiki is the most vulnerable, precisely because the intended purposes of a wiki requires easy editing. Given that so few users contribute to mine, the best solution might be to lock it down so that only those with approved accounts can access it.
One possible lesson to be drawn from this is that technology eventually evolves the ability to deal with abuse. The older the system being attacked is, the more likely a sensible and effective set of countermeasures will be developed. Alternatively, it is possible that the more open approaches used by blogs and wikis are fundamentally more vulnerable to abuse.
Only time will tell.