Category Archives: spamming

Yet Another Reason To Avoid Blogger

We all know that Blogger is the root of all blogging evil. It’s been well documented in the past that Blogger has been hacked and malicious scripts, viruses and malware installed on users’ blogs.

BBC News is reporting today that Alex Eckelberry from Sunbelt Software noticed booby-trapped links on 27 August.

From the report:

Now many hundreds of blogs on the site have been updated with a short entry containing the link.

Mr Eckelberry said it was not yet clear how the links were posted to blogs. The bogus entries could have exploited a Blogger feature that lets users e-mail entries to their journal.

You would have thought that after the first three widely publicised takedowns that Google (who own Blogger) would have tightened security on the application. Apparently not.

Among the other recipients of spam e-mails generated by the virus are users’ mail2blogger accounts, which allow them to update their blogs via e-mail,” said the spokesperson.

The email addresses on mail2blogger accounts are stored in Blogger so that the system can associate the account with the email address. A simple (relatively of course) or an insider would be able to get said email addresses and pass/sell to the “gang”. This would mean two things:

1, The “gang” would be able to post the malicious scripts to blogs via cloaked email.
2. The “gang” would be able to email the script to the owner of the email address infecting their computer and causing it to pass on the script in the usual virus like manner.

I don’t know about others but I try my hardest to avoid blogs hosted by or running Blogger type software. Yes, I may be missing out on decent content but I just really can’t stand the interface, the spam advertising, the porn and the black templates of death.

My suggestions:

1. Avoid any blogs on blogger.
2. If you want to blog, use a decent service. Yes, it’s very restricted but so far there have been no reports of hacking into the system.
3. Get a Mac.

Block Firefox? What the F—?

They say that extremists are everywhere. Go watch the news and you’ll see what I mean. Most of us are able to say, thank god that’s not me. I’ve even heard some say “It’s ok, it won’t affect me, it’s in a different country!”. While I’m not sure I subscribe to that way of thinking (dumbass!), here’s something that does affect me. And you if you’re using Firefox.

Some websites (mainly phishing or spamming sites I suspect) are blocking any user with Firefox. Why Firefox Is Blocked details the reasoning as this:

The Mozilla Foundation and its Commercial arm, the Mozilla Corporation, has allowed and endorsed Ad Block Plus, a plug-in that blocks advertisement on web sites and also prevents site owners from blocking people using it. Software that blocks all advertisement is an infringement of the rights of web site owners and developers. Numerous web sites exist in order to provide quality content in exchange for displaying ads. Accessing the content while blocking the ads, therefore would be no less than stealing. Millions of hard working people are being robbed of their time and effort by this type of software. Many site owners therefore install scripts that prevent people using ad blocking software from accessing their site. That is their right as the site owner to insist that the use of their resources accompanies the presence of the ads.

This is the second biggest pile of utter shit (after the story of the people that block Internet Explorer) that I have read.

Numerous web sites exist in order to provide quality content in exchange for displaying ads. Accessing the content while blocking the ads, therefore would be no less than stealing.

Stealing? Stealing what? The definition of stealing (from Wikipedia):

In the criminal law, theft (also known as stealing) is the illegal taking of another person’s property without that person’s freely-given consent.

So, if I choose to block adverts using AdBlock Plus (link to the Firefox Plugin!) I can’t be stealing. How can I be stealing if I can’t take something I can’t get because it’s blocked?

Millions of hard working people are being robbed of their time and effort by this type of software.

And millions more hate the spamming bastards that rip off copyrighted content from legitimate sources and wrap them in advertising, Google Adsense, flashing banner ads and indecent pictures of women, supposedly from “your area” offering themselves for possibly illegal activities. And what about the right of the viewer to see what they want on a website and not the other dross???

Netscape users can simply set their browser to IE mode to continue to enjoy the site that sent you here. FireFox users can use Internet Explorer, Opera or Netscape (in IE mode) to access it. FireFox users also have the option of using the IE Tab plug-in which uses the IE rendering engine to display pages, but also disables the Ad Block Plus plug-in.

So, you’re actually suggesting to the masses that people use an insecure browser while at these advert riddled script kiddie sites? Oh, hang on a mo, those sites get blocked too.

On the same page there was a link to Popular Technology dot net which said

Adblock effectively robs these free sites of their revenue. If Internet Explorer came with a feature such as Adblock, you would effectively wipe out thousands of websites, maybe more. These are the same free sites users of Adblock frequently visit. The irony is how this is self-defeating.

Adblock effectively robs these free sites of their revenue. WTF? FREE sites? Dependent on the definition, free could mean two things:

1. Offering content for free.
2. Stealing content, putting up at a free host (blogger for example) and then putting advertising in to make money from something they don’t pay a penny for.

This is getting right up my nose. I’m off to download AdBlock Plus. If I find a site that blocks me because I am using it then, whatever. It probably wasn’t worth visiting anyway!

Thanks

Beat The Spammin’ Bastards Into The Ground!

Are you a spammer? Yes? I’ve got a wish for you. I wish someone would create a virus or similar that I could send to your server and nuke it permanently.

Are you a comment spammer? Yes? Read above!

Yep, I, like many many other people hate the comment spammers. I love anti spam applications. Akismet is one of the best. It’s not perfect, but it’s damned good. So far it has blocked over 15,00 spam comments on this blog and 47,000 (!!) on my self-hosted blog. I have Spam Karma 2 helping out Akismet on the main blog too.

Reading the guest bloggers on Lorelle On WordPress (a great read!), John Pozadzides shares most of my feelings about the spammers. On his blog he has introduced a Terms Of Use which he says is working well for him. He asks why we don’t all have them. John, that’s mainly because I don’t get the readership that you do and don’t have a huge comment spam problem. If I did then I would certainly contemplate employing one.

As a postscript to his post he says

(PS - have you installed a HoneyPot yet? Well, what are you waiting for?)

I didn’t know what a “Honey Pot” was, so went and looked. Very simply put, it’s a wider audience intended version of Akismet:

Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.

To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. We handle the rest — automatically distributing addresses and receiving the mail they generate. As a result, we anticipate installing Project Honey Pot should not increase the traffic or load to your website.

We collate, process, and share the data generated by your site with you. We also work with law enforcement authorities to track down and prosecute spammers. Harvesting email addresses from websites is illegal under several anti-spam laws, and the data resulting from Project Honey Pot is critical for finding those breaking the law.

Anything I can do to help out killing off spam I will most certainly do. Thankfully, in the site that John linked to was a link to a WordPress Plugin called httpbl. this does the job of Honey Pot without having to work it outside WordPress. This means it’s the usual upload and activate routine. Nice and simple, a five minute job.

If you’re self hosted then go get the plugin, install it and join the war against spammers!