Category: Tech

Posted on
by

Two items of interest today: First, the Web Standards Project has announced the completion of the Acid3 Test. Like Acid2, it’s specifically designed to test features that are in the specs, but that have incomplete, buggy, or nonexistant support in current web browsers. Acid2 focused primarily on CSS, and Acid3 focuses more on scripting.

Also, Microsoft has come to their senses and announced that IE8, when encountering a web page that says it was developed for standards, will actually treat it that way instead of treating it as a page that was designed for IE7. This is a much saner approach to the version targeting scheme, which as previously announced would have (depending on developer response) either frozen IE in place or forced us to go through the same process all over again next time.

Posted on
by

Today’s Astronomy Picture of the Day features a view of Mauna Kea’s shadow on the sky, just at the tail end of last week’s lunar eclipse:

Mauna Kea Shadow from APOD (photo by Alex Mukensnable)

I couldn’t help but be reminded of our visit to the summit in April 2005, just at sunset, when I took this similar (but decidedly less cool) photo:

Atmospheric Optics explains why most mountains’ shadows look triangular when viewed from their summits.

Posted on
by

With bloggers squashing obviously-spammy links* as fast as they can, comment spammers have evolved. (I think they’ve reached the level of slime mold now, rather than amoebas.) They’re trying to make their sites look like blogs. And I’m seeing two main techniques, one involving Trackbacks/Pingbacks, the other involving manual person-at-a-keyboard commenting.

Misusing Pingbacks and Trackbacks

Pingbacks and Trackbacks are two ways for one site to notify another that it’s linked to it, and provide an excerpt of the context. Essentially, they’re automated comments. You read a post on some other site, you write your own response, linking to the original post, and your blog software submits the equivalent of “Hi, I read your post, and it got me thinking. I ended up writing my own post over here…”

Where spam is concerned, the main difference is that with Trackbacks, the submitting site provides an exceprt, but with Pingbacks, all it submits is the URL. The receiving blog then retrieves the page and scans it for the link, building an excerpt from the context. The upshot of this is that Pingbacks automatically verify that yes, the site really did link to you, which meant that a lot of early comment spam was submitted using Trackbacks.

The obvious response to that was to set up spam protection to verify links on incoming Trackbacks. And the obvious response by the spammers was to put up real links, at least long enough to let the victims verify them.

So now, a lot of trackback/pingback spam seems to come from sites running actual blogging software, but not really posting any content. Just “So-and so wrote an interesting post today” over and over, hundreds of times a day. Half the time they don’t bother to match the name to the actual link. This is the kind of spam that prompted my recent re-evaluation of spam plugins on this site.

Sneaky Intermediary

Then there was the sneaky post I got on Thursday. It was a sort-of half-on-topic comment on a post about movies, and the author’s URL pointed to what appeared to be a blog about movies. OK, fair enough, but I was still a bit suspicious since it didn’t look like they’d actually read my post.

I skimmed the site looking for things like cobbled-together sentences, and an idea of how long it had been around. Then there was a random post about guitars, in a different writing style. I figured, okay, maybe they’re doing one of those paid-post things.

Then I moved the mouse cursor over one of the links.

It quickly became clear that every single outgoing link on the front page was pointing to ultimate – free – downloads – dot – com, whether it was a movie title, or an actor, or a song title.

At this point I’m not sure whether the site in question is simply an elaborately designed intermediary created to “launder” the links to spam sites, or whether it’s a legit blog that’s been hijacked by someone replacing their links. I looked around at some of the older posts and I do see links to Amazon and a couple of other sites.

*This is also why I’ve stopped using the Alternative Browser Alliance as my URL when commenting on browser-related blogs. Even though I’m making an on-topic comment, I don’t want people to take a look at the link, say, “Hey, this isn’t a person, this is some weird campaign thing!” and delete the comment…and worse, get a rep as a comment spammer. So these days I just link everything here.

Posted on
by

After nearly 4 years of faithful service, our G4 PowerBook has crashed. This machine has been rock-solid through 2 OS upgrades, a RAM upgrade, and a battery recall. On Sunday, the hard disk finally gave out.

We only lost a few recent files. I had a chance to grab them on Saturday, but unfortunately I misread the signs and thought it was a software problem. Hey, you install a bunch of stuff including a system update, and the machine freezes, you figure it’s a software problem. Until it happens again, and this time it won’t come back up. 😡

After doing all the diagnostics & resets I could possibly come up with, I set up an appointment at the local Apple Store’s “Genius Bar” during my lunch break today. They confirmed it was the drive, and since it’s long out of warranty, they pointed me to a local repair shop. (They were willing to do the job, but can only order parts directly from Apple, so it would’ve been insanely expensive just for the drive.)

Fortunately, as far as laptop hardware failures go, a hardware drive is relatively easy to fix. If the case were simpler, I’d be willing to do it myself, but as the Apple tech joked, “It takes 36 screws just to get the case open.” At least, I think he was joking.

So instead of having to replace the entire computer, or send it in and wait several weeks, we’re looking at ~$200 and 3–5 days. And while I was at it, I sprang for double the capacity.

I can live with that.

Update: It turned out to be the RAM upgrade, not the disk, which makes it considerably simpler to resolve. Finally got it back the following Monday.

Posted on
by

There’s something delicious about irony in spam. Yesterday, the spamtraps netted an advance fee fraud scam message that started out like this:

Let me be honest with you. This information is just for you alone [emphasis added]. I would suggest that you try to fix it instead of making any trouble with it as my job might be put on the line here.

Your name has been on an awaiting list of payment roaster submitted by the Nigerian Government For your lottery/inheritance reasons of no banking particulars on which transfer should be made to until two days ago when the paying Bank personnel brought in another payment roaster for the replacement of the former that had your name on it.

The funny part? (Well, aside from the “payment roaster.”) There were about 300 recipients in the To: line.

Gee, I don’t think all 300 people have the same account info…

Most spam doesn’t run into this problem, since it’s generated by special programs that don’t even bother filling in complete headers. But from what I understand, a lot of 419 scams are still sent by people sitting in internet cafes, copying and pasting bits from templates. So it’s easy to imagine someone pasting their list into the wrong field. Kind of like the classic “Reply All” fiascos.

Posted on
by

With the recent rash of Trackback spam, I finally bit the bullet and am now experimenting with Akismet in addition to Spam Karma. I’m not sure how well they work together, or, at this point, which plugin processes the comment first. Update: I’m trying Akismet on its own for now. Or, more precisely, Akismet as the sole second line of defense. Bad Behavior is still holding the front line.

Update (Feb 14): I’m now back to using Spam Karma 2, but with a plugin that uses Akismet as one of the score components. This seems to be working well, as SK is able to block the ridiculous stuff (100 porn links in one comment, etc.), and Akismet is able to catch the trackback spam that’s been passing SK2 by temporarily including an inbound link.

The big problem I had with Akismet was that aside from the age of the target post, the blocked comments weren’t sorted or filtered in the admin interface. I was having to look through ~30 comments a day for false positives. Spam Karma will show only the borderline comments by default, and uses a table structure that makes it easier to skim.

This way, though, I get the proverbial best of both worlds.

Posted on
by

Okay, I really have been out of it the last few days. I hadn’t heard that Microsoft was planning a hostile takeover of Yahoo!.

I have to agree with this Google blog post: this would be bad. Yahoo! seems to “get it” (where “it” is an open Internet) much better than Microsoft does.

Actually, it reminds me a little of Disney vs. Pixar in the past decade. Pixar, in adddition to mastering computer animation, had a great sense of story—something which Disney lost track of in the mid-1990s. They saw Pixar’s movies doing better than their own, and while they were still getting a cut, they didn’t understand why they did better. They thought it was the 3D animation, when really, it was the fact that they were churning out forgettable animated films like that cattle movie whose name escapes me, while Pixar was doing Finding Nemo and The Incredibles.

Actually, the only way I can see a Microsoft takeover of Yahoo! being good for anyone but Microsoft would be if it went down like the Disney-Pixar merger, and the Yahoo! people ended up in charge of web services. Not that I expect it to be likely, and even if they were, I’m sure the higher-ups would cripple them. I get the impression that sort of thing is going on with the IE team as it is.

»All pages site-wide with this tag