Spam egg sausage and spam

2007-05-09

in Daily updates, Geek stuff, Internet matters

Radcliffe Infirmary

As time goes by and Google indexes more and more of my content, I get more spam of every variety. I get spam emails, spam comments on the blog, and spam added to the wiki. Of the three, the email spam is the most common, but also the most easily dealt with. It has existed for so long that good systems exist for dealing with it: whether based on Bayesian reasoning or on group filtering processes. The former are largely centered around word usage. If an email contains the word ‘Viagra’ the chances of it being spam are high. If it includes the string of characters ‘V1agr4!!!’ it is virtually certain to be spam. The latter are based on user reporting. Most spam isn’t very original. As such, if GMail has 1000 people report that a particular message is spam, it can pretty reliably block it for everybody else.

I cannot get too far into how this blog’s anti-spam system works. This is because automated systems seem to have become capable of determining which system or combination of systems a site is using and then launching an appropriate attack. Suffice it to say that the blog uses a variant of both approaches above, plus one more special thing. Since the system was implemented, it has dealt with spam from 9188 different IP addresses. Security through obscurity may not be intelligent or rubust in many circumstances, but it works well enough when you are somewhat better defended than most sites, not of much value to attack, and surrounded by sites with much worse systems.

The wiki is the most vulnerable, precisely because the intended purposes of a wiki requires easy editing. Given that so few users contribute to mine, the best solution might be to lock it down so that only those with approved accounts can access it.

One possible lesson to be drawn from this is that technology eventually evolves the ability to deal with abuse. The older the system being attacked is, the more likely a sensible and effective set of countermeasures will be developed. Alternatively, it is possible that the more open approaches used by blogs and wikis are fundamentally more vulnerable to abuse.

Only time will tell.

Report a typo or inaccuracy

{ 14 comments… read them below or add one }

Milan May 9, 2007 at 11:46 pm

Those curious about the title of this post should watch this Monty Python sketch.

Anonymous May 9, 2007 at 11:59 pm

On the secret blog system. I am betting:

Spam Karma 2
with the Akismet plugin
and htaccess defences

Not a bad combo, even if you tell everyone.

Milan May 10, 2007 at 12:07 am

Fine. I will come clean with the system. Every comment posted to the blog goes through the following:

1) A PHP script converts the text into a series of images based on American Sign Language

2) A chimpanzee at the controversial Oxford Animal Lab sees the images

3) The chimp presses a ‘Spam’ or ‘Not Spam’ button

4) Steps two and three are repeated 9,999 more times

5) Comments with 66% chimp approval are passed along

6) A basic dictionary of banned terms is checked against the comment

7) Those not excluded by step six are posted.

Anon May 10, 2007 at 1:00 am

“Spamtrap” is an interactive installation piece the prints, shreds and blacklists spam email. It interacts with spammers by monitoring several email addresses I have created specifically to lure in spam. I do not use these email addresses for any other communication. I post individual email addresses on websites and online bulletin boards that cause them to be harvested by spambots and then to start receiving spam.

Source

Milan May 10, 2007 at 3:38 pm

1933 Anti-Spam Doorbell

Here’s a great description of an anti-spam doorbell from 1933. A visitor had to deposit a dime into a slot to make the doorbell ring. If the homeowner appreciated the visit, he would return the dime. Otherwise, the dime became the cost of disturbing the homeowner.

This kind of system has been proposed for e-mail as well: the sender has to pay the receiver — or someone else in the system — a nominal amount for each e-mail sent. This money is returned if the e-mail is wanted, and forfeited if it is spam. The result would be to raise the cost of sending spam to the point where it is uneconomical.

Milan February 21, 2009 at 10:37 pm

The other day, I got a randomly generated spam comment that was actually rather poetic. Here is is with line breaks added and the URL removed:

She still loves me
preteen models non nude
on and determined that
i slipped out

the wife of times.

Tristan February 22, 2009 at 3:20 am

We can’t even eat spam.

Milan February 22, 2009 at 12:00 pm

Vegetarians?

It would be high on the list of ‘least desirable meats,’ for me at least.

The ones I miss are tuna sashimi, butter chicken curry, and Nick’s steaks.

Tristan February 22, 2009 at 5:02 pm

I’ve been reading about the Greek diet, and how meat was present but was not a staple. I recently read an article (I think I sent it to you via facebook), about whether or not so called “ethical meats” were confronting the real problem of meat consumption – that we cannot sustain diets where meat is a principal contributor to our caloric input. I disagreed with the article, however – because I think eating less meat which is better and better produced is, or at least can be, a movement in the direction of no longer using meat as a staple food.

However, since I also have reservations about systems, and taking food to be an energy supply held on reserve for future ordering, the mere fact that meat might be sustainable is not on its own enough.

Maybe the future could sustain a meat industry, 1/30th or so of its current size in pounds of product output, in which meat was not produced as an infinitely replaceable commodity, but as a thing – perhaps the embodiment of unalienated work.

On the question of whether the act of killing an animal is, on its own, taking everything else out of the picture, a wrong act – this seems to be very difficult to affirm. Perhaps the problem is the consideration of animals as property – but could we kill animals we don’t consider property? I quite like the first nations notion that the trees did not belong to them, and that therefore rites and rituals were required to repay the tree even for taking its bark to make woven baskets. In this case, the tree is not taken as a “resource” but more as a cohabitant in a world. Sometimes the trees are cut down, but it’s not as if it’s “ok” to cut down a tree because it is your property – what makes the cutting down of the tree appropriate has to do with replenishing the forest, and crucially with the importance of the role of the tree after it is cut down (either housing or a boat, most likely, or a totem).

This is an interesting alternative to our notion of ownership and obligation – non-neutrality with respect to ends might give a framework where we could understand the killing of an animal as justifiable, but not because the killing on its own is permissible or not permissible, but because the act is justified within a larger structure of from-which (i.e. the raising of the animal, the treatment of the animal) and towards-which (i.e. the preparation and cooking of the meats, the festivities, etc…).

Matt June 1, 2009 at 2:47 am

I have witnessed an explosion of gmail spam in the past few days. I was wondering if others have had the same thing happen to their gmail accounts?

Milan June 1, 2009 at 8:51 am

For me, GMail deals with spam so well that it is never a problem. Sometimes, I get spam in my inbox that the filters have missed, but the system seems to almost never catch legitimate emails as spam. Because of that, I tend to just ‘delete all’ without scanning through it.

WordPress spam is much more annoying. There are more false negatives, and many more false positives. As such, I always need to verify every spam comment condemnation manually.

Milan June 1, 2009 at 8:14 pm

For some reason, virtually all of the spam on my blog lately has been for pharmaceuticals.

Thanks to various protocols, few visitors ever see it.

Milan June 2, 2009 at 5:35 pm

Matt,

I am now getting the same ‘explosion’ – or at least a couple of spam items in my inbox every few hours, which is far more than normal for GMail, in my experience.

. June 13, 2009 at 1:43 pm

8 Cool htaccess tricks for self hosted wordpress blog

If you have a wordpress.com blog then you are already taken good care of and don’t have to worry about any of this however if you host your own blog then you have to seriously consider the .htaccess file. The .htaccess file can do great things from preventing spam to making your permalinks look pretty as well as protect you from hackers who try to do some damaging things like SQL injection. thus in order to deal with all these you have to maintain a good .htaccess file and here are some tips to help you to do so.

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

{ 2 trackbacks }

Previous post:

Next post: