No Mercy To Sploggers

By Larry Seltzer  |  Posted 2005-10-24 Print this article Print

Opinion: If blogging life is going to be inconvenient, we may as well take the time to fight back.

"Splogging" hit the front pages recently due to a complete breakdown in control at Googles BlogSpot service. Always looking for a new way to offend people, spammers have discovered blogs, but it goes back further than the BlogSpot abuse, and the future isnt pretty. The issue with BlogSpot was that their process for setting up a free blog was easy and probably scriptable. As a result you end up with clowns like this (I hope that link is down by the time you read this; its a bunch of gambling spam blogs).

Why would someone create such a blog? Because by being aggressive with keywords you can trick indexing services like Technorati and Pubsub into linking to them. Great! Now your meta blog reports are as worthless as your Hotmail account.

Most blogging services put some sort of humanity test in the way of those who would automate the creation of blogs, and it definitely helps. The people complaining about Googles technical naivete in this regard are right that Google needs to do better.

But Google isnt alone in needing to get smarter about this. The cats out of the bag, and blogs are going to have to deal with this trash from now on, so everyone needs to do better. Lets hope they do better than ISPs have done with spammers.

Chris Pirillo, the complainer linked to above, is wrong when he says that his inbox full of splog links from PubSub isnt PubSubs fault. Maybe today it isnt their fault, but tomorrow it will be. PubSub needs to consider the reputation of the services it indexes, just as mail services are finally getting the point that they need to track the reputations of mail servers from whom they accept mail.

Even when they have the information to do so, ISPs have a lousy reputation for tracking spammers down and shutting down the ones on their own networks. Blogging services need to find spammers like the one I linked to and take them down. The Turing tests on other services wont stop them completely. It may take a bit of time for a human to set up a blog on another service, but its not really hard or time-consuming.

Patch deployment problems haunt Microsoft again. Click here to read more. I know this from personal experience. I run a bunch of blogs for various purposes, personal and professional, and have been plagued by comment spam for a while. Yes, spammers have long been attacking the comment threads attached to blog entries and, as a result, bloggers have been forced to use Turing tests for those as well. But even after we added them to my blog I still get comment spam now and then, and it can only be from humans doing it manually, especially since they only come in low volume. I get e-mail notification of all comments and delete them quickly.

Surely theyll go to as much trouble to create a blog that will live much longer. Once Google removes all the low-hanging fruit by blocking scripted blog creation, spammers will go this route. (Incidentally, I also still get a ton of Trackback spam on that site, even though we dont do anything with trackbacks.)

If services dont clean up their acts, a reputation system will have to develop just as they are developing for e-mail. Yes, there will be a lot of collateral damage—I have a BlogSpot blog myself—but if BlogSpot continues as splog-infested as it appears to be now, indexers need to blacklist it. That will get Googles attention, especially when their actually paying customers start screaming. In fact, one service, IceRocket, has already stopped indexing BlogSpot (warning: bad language from jerk basketball team owner).

And if it doesnt get their attention, those customers should go elsewhere. Its a lot easier for a blogger to do than an e-mail user.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel