When this article showed up in my Thunderbird RSS reader I just had to follow though and read the whole article. The story is about an un-named blog link spammer and goes into why they do it, how they do it, and what stops them.

The interesting thing is that the biggest hurdles to blog spamming, are email response systems and captcha’s, like the one we just employed to stop the problem. Captcha’s are human intervention tools, they are hard or impossible to automate, because a program has a great deal of trouble reading the text on the images, and so can’t post to the blog. (A captcha is a piece of random generated text saved to an image and put into the comment form, a human has to type the text in the image into a provided text box in order to post a comment.)

Other things to note, is that he isn’t particularly concerned about the new link attribute added by the search engines, because there are millions of old abandoned blogs on the net that will not be updated. And that the link spammers use open proxy servers to post the comments, which is why blocking IP address’s is mostly a useless effort. (because they will be different each time.) If you have ever suffered from blog spamming, you should read this to get a feeling for the enemy. “He” actually blames the search engines for creating the opportunity to blog spam. I expect that some effort needs to be spent convincing ISP’s and users to shut down or update abandoned blogs, or the problem will never go away. Without old blogs to target, the problem would become a non issue in a matter of months. One thing is certain, if the problem is not stopped, we will end up with a separate blog search index to general Internet search, and that will hurt all manner of blogs and news sites based on blog software.

The FTC are slowly closing loopholes that were found in the recent Can-SPAM act that was designed to make the sending of SPAM illegal in the US. The act was widely criticized when it came out because it had many loopholes that allowed spammers off the hook, and also because it could potentially effect legitimate e-mail marketing.
Apparently SPAM has had a slight decline of late, but there is still a long way to go. Read more at InternetNews.

Sometime between 3AM and 12PM today, IE6 usage dropped below 50% for the first time ever (with Firefox at 34.1%). I was asleep at the time, so I have no better idea exactly when it happened. Still, it’s great news. It isn’t just htmlfixit that is showing huge Firefox usage, most tech related sites are getting similar results. From my experience, what the tech sites show now, the normal sites will show in roughly a year from now. So if your site is not W3C standards friendly, now is the time to fix it.

In what has to be the oddest arrest of the decade, a man decided to donate money to the tsunami relief effort, so he logged onto the net with his Sun Solaris machine, and fired up Lynx, (a text based browser that has been around for decades on Unix and Linux machines) headed over to the British Telecom (BT) donation site and made his contribution. Not long thereafter, police busted in on him during lunch and arrested him. The reason? well some schmuck at BT read the access log of the server and decided that browsing with Lynx was just odd enough to call it cracking and so raised the alarm. With knowledge like that, I would not be surprised to learn that the unknown tech who raised the alarm was an MCSE. 🙂 Guys, get a grip, there are dozens of web browsers out there, the world doesn’t come down to only IE, Mozilla and Opera, some of these alternative browsers have been around for much longer then IE. The only thing that could have made worse press for BT, would be if they had broken in the door and arrested a blind dude for using his screen reader. Read the full story at BoingBoing

InternetNews has this new story, detailing a new job listing Google have placed looking for (among other things) a project manager experienced in SourceForge (One of the biggest Open Source repositories on the net) as well as experience with Open Source licences and management tools. In the past week Google have employed two other OSS programmers, (both from the Firefox dev team). The new position will be answerable to Chris DiBona, who is known for this work on the SlashDot site. I wonder how long it will be till we find out what the purpose of all this will be. Is this another sign of a forthcoming Google browser (possibly based on Firefox)? Only time will tell.

A new Windows only worm has appeared, and this one uses weak installations of the MySQL database server on Windows running machines. The worm uses a list of 1000 passwords to try and get admin user in MySQL, and if it does, it uses a known exploit to install malicious code onto the server. The “owned” machine will then join an IRC server and await instructions. (apparently the current instructions are to look for other machines to infect, but that could change.) The name of the worm is Forbot, and you can read about it further here.

So folks, if you are silly enough to have a Windows server running MySQL, and that copy of MySQL is not locked down to disallow remote root access, and there is no decent password, (a good password is at least 8 characters, and a mix of letters, numbers and symbols), then now is a good time to scan your system for the exploit. There is no reason to allow remote root access over the net. In fact I go further then that and locked all our users down to all localhost or local network connections only. (We are running Linux servers, so this isn’t applicable anyway, but tight settings are a good basis for any server. ) It seems to me that the main issue that leads to such compromises is people not considering the security implications of a specific action. The best way to set up security, is to lock the machine up totally, so it cannot do anything, and then lower that step by step till you can achieve only exactly what you need.

While working on increasing the search engine findability of a site we worked on recently, I happened on to a new Beta over at Google that I had not seen before. It is not listed off of the front page at Google, nor is it listed on the Google Options page. It is Google Video and it searches the closed caption text from television shows and delivers that text along with a screenshot taken at approximately that time. Interesting little bit if you missed your show this week I guess. Now you can read it.

This is the latest addition to the google labs projects. Keep an eye on these folks, they do some pretty neat stuff.