Thursday, 25 May 2006
It’s famous last words, but the problem is currently under control – one spam comment in the last few days, which is two orders of magnitude less than before. The spammers are using spambots to exploit a weakness in the blogging software for which I don’t think there’s any sure cure given the way it’s currently written. My fixes currently depend on some weaknesses in the spambots, but a smart spammer would be able to circumvent them with some thought.
If you get a “possible spam detected” message when you try to post a comment, please email me and let me know (lawfont at gmail dot com.
One useful tidbit: the spammers have cottoned on to an open redirect script on adobe.com that doesn’t properly check destination (naughty!). This would be an excellent vector for a phishing attack, as the URL would display in an email client as resolving to adobe.com. (example: http://store.adobe.com/cgi-bin/redirect/?http://lawfont.com/) If you get a link to adobe in an email, don’t click it.
Bookmark or share this story:
Del.icio.us | 
Digg | 
Reddit | 
ma.gnolia.com | 
Newsvine | 
furl |
Technorati | 
IceRocket | 
PubSub | 
Google | 
Yahoo
Leave a Reply
Do not post material that is defamatory or obscene, that infringes any third party's copyrights, trademarks or other proprietary rights, or that violates any other right of any other person.
We reserve the right to remove or edit any comment for any reason.
Note: Posting more than two links in a comment may cause it not to appear because it will be submitted for moderation. Also, links in comments will not be counted by Google, so spamming is pointless.
Posts
Comments
Posts