Parasite spam on p2pnet
2pnet.net News:- By way of an update on the comment spam situation, hopefully, you’ve noticed a marked diminution in the number of scummy junk posts such as this, url=http://h1.ripway.com/zhenqoo/1.htm, or this [url=http://fada18.greatestjournal.com], or this [url=http://site.voila.fr/seelou/3546.htm]Å®ÐÔÊÖÒùͼƬ[/url].
That’s because a m8 over in the UK has been working on the problem from the server end, up to and including adding and tweaking the verification system, Scott at Ripside Interactive, host to some of the worst crap, has been doing what he could to eliminate it, and I’ve been spending half-an-hour and more first thing every morning killing off the ‘new’ parasite spam comments which accumulated overnight, also pecking away at the literally thousands of ‘old’ posts which linger on.
Does spam really work? Do people really fall for the kind of dross it typically advertises? They must do, otherwise it wouldn’t be the multi-billion-dollar industry that it is.
For the first time in history ….
Advertising is part of the world in which we live. ‘Things’ are purpose-designed to fail about 10 minutes after you bought them. So clearly, manufacturers need a way to make us consumers consume. We have to somehow be enveigled into buying all the new stuff to replace all the old stuff we bought yesterday and which today became obsolete.
Yes, the Net is helping to deal with that because for the first time in history, people can blog; they can communicate instantly and directly, sharing with other people, completely by-passing the mainstream print and electronic media who, until this digital 21st century, have been the principal sources of information.
The entertainment cartels in particular don’t like this radical switch in emphasis. They want the status quo to stay the way it is. Consumers are fine. They consume. But customers? Not so fine. They’re people who can, and do, exercise free choice, raising the dread spectre of C-C-C-Competition?
Oh! the Horror!
But with the digital 21st century came spam which, until then, was merely a word forged from ’spiced’ and ‘ham’ to become Hormel Food’s SPAM, “pink, chopped ham and pork rammed into square tins,” as the UK’s The Guardian once described it.
Monty Python Vikings picked it up and lampooned it and it ultimately became a Broadway show called Spamalot.
Like just about every other site at the time – blogs hadn’t become the power they are today – we used various pix of spam cans as illustrations – until we heard from Hormel Food’s lawyers. They wanted us to cease and desist from using them to illustrate spam posts. We said we would if they’d sent us a golden Spamalot can, which they did. And keeping our part of the bargain, until now, we’ve haven’t used a SPAM can in a spam story and hopefully, this time around it’s cool.
Parasite spam
Spam is a food product you either love or hate, but the electronic version is, without exception, thoroughly repellent.
Spam filters are now essential and although we’re extremely careful, we know we occasionally bin legitimate emails along with the trash. And we know people we’ve emailed have inadvertently done the same.
Comment spam is different, but just as invidious. Really, it’s a kind of parasite that leeches onto a host which wouldn’t knowingly touch it with a barge pole. And it’s hard to get rid of, especially on a site such as p2pnet where freedom of expression and freedom to say what you think anonymously or otherwise are essential features.
It sucks up server space on the host site, and broadband capacity in general terms. But far worse, it’s also a really nasty form of indirect censorship because it stops people from freely sending and receiving emails.
p2pnet doesn’t demand that readers to register to be able to post comments. We neither see posts before they go up, nor monitor them, meaning we often don’t see them at all and although it’s embarrassing to admit, we didn’t really appreciate the full extent of the parasite spam problem until relatively recently.
But hopefully, we’re getting a handle on it, even if for the time being it does call for quite a bit of manual deletion.
“Wow, that’s some spamvertising there,” remarked Scott when we sent him some of the junk we’d been receiving and which his company, Ripside Interactive, had inadvertently been hosting. He went on:
We run a free/paid hosting service, including anything from free file hosting to paid professional Linux hosting for corporate websites and email. We handle around a half million users, so in reality the percentage of abusive accounts is very small, but it only takes a handful of them to really cause problems for content-driven sites like yours.
We have created our own anti-spam scanners that look for these kinds of accounts and terminated them automatically, which usually redirects to another website like a search engine or adult site.
The redirection code, usually Javascript, is typically hidden behind at least one layer of base64 or similar encryption, which then another Javascript function decodes, assembles, and executes. That makes a simple scans of the text useless, therefore we have to look for various techniques used to decode the strings, but these guys are constantly updating these methods to avoid detection.
It’s an on-going battle, but we’re doing the best we can.
Why do the spammers bother?
A parasite spam url in a p2pnet comment post leading, say, to a Chinese sex site, will be picked up by various search engines with obvious results. Spammers also hope to get readers to visit sites they wouldn’t otherwise go anywhere near.
For the first time in many moons, this morning, there were no riptide comment spams.
But there were still plenty from accounts on France’s voila.fr. We’ve sent them emails but have yet to receive a reply and meanwhile, voila.fr parasite spam keeps showing up on p2pnet comment posts.
Meanwhile, we have a list of the principal spammers and we’re working on a plan to make life difficult – very difficult – for them.
So stay tuned.
Cheers!
Jon
p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile – http://p2pnet.net/index-wml.php
September 27th, 2006 at 5:30 pm
just curious but what makes you think this is automated spam?
it is completely plausible that the issue is some moron sitting there just manually adding comments with spam.
ultimately i think you are going to have to find a trusted person to manually remove the spam OR set some kind of flagging system where users can mark some items as spam and have you look into them.
just thought i’d give you my 2 cents on it
September 27th, 2006 at 5:53 pm
The sheer quantity makes me think it’s automated.
“it is completely plausible that the issue is some moron sitting there just manually adding comments with spam.”
You’re correct if you can find someone dumb enough to pump in scores of spams every day. heh.
Cheers!
September 27th, 2006 at 6:05 pm
how much would u seel the spam can for?
September 27th, 2006 at 7:00 pm
Sell a jenyooine Monty Python Spamalot Spam Can? Have you taken leave of your senses?
heh
(Thinks – wonder how much I’d get on eBay)
Cheers!
September 27th, 2006 at 7:22 pm
Since you had mentioned that the validation string is being worked on, I thought I would try another post. Mostly I’ve stopped posting because at some point, the strings seem to gang up on me with multiples of hard to distinguish characters and it becomes a guessing game. At the point that it was taking 7 or more guesses at the string it became frustrating to attempt to get past the validation guardian to put the post up. Since that time, I’ve just read the articles and made no comment whatever knowing that if I did the frustration levels would rise with the constant inability to tell what character was what.
As to the spam and it’s presence on the site, there have been several times that I put my thoughts below them. Why would anyone, certainly those of us who have had their posting life made harder, encourage these idiots by going to any of the links posted? If anything I was coming behind them posting a reply with the topic warning others not to even bother with the click since there was no way to edit out nor any sort of mods on hand to take care of the deletion of those annoying posts.
It is nice to hear that at some point I may be able to return to posting again. I’m not going to do without Firefox and will give up posting here before I will give up the browser. I want nothing to do with IE other than associating it with the uninstall. It’s my computer and I can and will chose what browser I wish to use and it doesn’t include the security glitch called IE.
I will look forward to the day that we hear the spammer has been busted by the legal authorities. Any other sort of news like the last one where their net access to servers has been limited is also good news.
September 28th, 2006 at 2:39 pm
perhaps adding a “report this response as spam” button would make your job easier? i’m sure a lot of us that read the site would be more than happy to do our part to point out spam comments.
September 28th, 2006 at 3:12 pm
People in developing countries would be paid to enter spam on sites and would cost as much as developing an automated spambot.
September 28th, 2006 at 3:23 pm
Very unlikely it is automatic. There are other sites without CAPTCHA’s to post the spam on – it is not worth the effort to customise it for this site if no other site runs it. However, if your CAPTCHA system is not custom, the spammers may already have developed a CAPTCHA solver.
From my experience, providing a form field with a question “What is the name of RIAA president” or “what colour is an orange” stops automated spam because it is custom enough (not seen on any other site).
You can also post linear equations for people to solve. ax + b = c. Type x into the form
lim (1+1/x)
x -> inf
lim (ln (x))
x -> e^2
lim (ln (x)) + sqrt(4)
x -> e^2
lim (ln (x)) + sqrt(4) + sin (2*pi)
x -> e^2
lim (ln (x)) + sqrt(4) + sin (2*pi)
x -> e^2
September 30th, 2006 at 9:18 am
That is useful, but what if someone doesn’t really know how to compute those values by hand? And what is lim anyways? And sin(2*pi) is going to give you a different answer depending on how far you take pi out.
October 5th, 2006 at 1:45 am
http://en.wikipedia.org/wiki/Pi
October 5th, 2006 at 1:48 am
> what if someone doesn’t really know how to compute those values by hand?
This is why I am not suggesting it as an anti-spam tool.
I hope that an average person knows the first name of George Bush or Bill Gates. Those questions can be asked in a CAPTCHA.
> sin(2*pi) is going to give you a different answer depending on how far you take pi out.
sin(2*pi) is zero (argument is in radians)