Questions
Published Tue, Oct 30 2007 9:13 AM
Technorati Tags: Annoyances
How long does fioricet show up in blood work? Has anyone had a baby while taking hydrocodone? Does oxycontin show up in a drug test?
Can you overdose a dog with valium? Will tramadol hcl test positive in drug testing? What is the street value of oxycodone? What is valium used for? What does valium look like?
When was xanax created? How long does 1mg of xanax stay in your system? How long does hydrocodone stay in your system? How long is percocet in your system?
AKismet's been busy this morning. Those are just a few of the questions posed by spammers in several hundred trackback pings to my site this morning.
Somehow I think there's a heavy load on their servers. AKismet has missed quite a few spam pings at NW Bloggers today. I've deleted half a dozen or more, including some that actually look like legitimate trackbacks, until you actually follow their link. Then the spammers try to install malware on your machine by exploiting browser holes (which I've patched).
I haven't had that problem here today, although every now and then some junk does get past the spam filters. I think that part of the difference may be in how I handle things when AKismet errors out. If any failure of any kind in the AKismet handler on my site occurs, I hold the trackback ping for later perusal.
Every piece of SPAM, every AKismet failure, and every legitimate ping ends up coming through my e-mail. That's a huge volume of mail on a daily and sometimes hourly basis. Why bother?
Well, sometimes things just don't work out the way you want them to. This morning, I had several hundred messages in my inbox from my spam filtering process, and not a single "regular" trackback message among the lot. The volume was lighter than usual but there were some unusual messages there.
Every trackback that's been posted on my site this morning showed up in the spam filter's "exception" mail. The exception messages was that the server had returned an invalid reply. Even most of the exception mail was spam, but there were eight legitimate trackbacks in there.
That's why I bother.
I've set up the mail from my spam filter so that I only have to read a tiny bit of each message. If it's spam, I can usually tell by the user agent string. If that doesn't work, I can look for keywords. I read my mail with the mouse hovering over the delete button, and I delete thousands of notices of spam daily.
The false positives and the exceptions take a little more time. Even there I can resurrect a trackback with a single button click, as long as I'm logged into my site. The code to resurrect a valid trackback or comment on my site runs it through AKismet again to report it as "ham". This works to improve AKismet's ability to differentiate between spam and legitimate traffic.
It also tells me that AKismet may be working smoothly again.
Still, look at those questions posed by the spammers. What do you think they imply?
I filtered out all of the pornography sites and the ads for viagra, cialis and levitra that passed through my spam filter on their way to the bit bucket. Probably about half of the spam this morning was for that sort of stuff. The other half was for prescription pain killers, anti-depressants, prescription weight loss pills and valium.
Later today, I'm sure that I'll be tossing notices of gibberish (literal gibberish, not just figurative gibberish) into the circular file along with car insurance advertising and ads for car dealerships.
I'm beginning to believe that there are three or four main classes of spammers out there. There are the ones trying to sell people prescription medications without a prescription, hoping to pull in drug abusers and addicts for a quick, illegal buck. There are the pornographers hoping to pull in unsuspecting idiots that think with their genitals so that they can get them hooked on perversion and eventually pull them into their pay sites (just like with drugs, the first one's free). There are people running semi-legitimate businesses that simply don't have a clue about ethical advertising techniques. And there are malicious hackers.
The first two, the drug peddlers and the pornographers are bothersome enough. It's a shame that our culture has sunk so low that we even have to deal with their garbage on a daily basis. People wouldn't be worried about how long a drug is detectable in your system if they didn't know that there was a consequence for having it show up.
But obviously, if you know how long it's detectable you can plan ahead for your drug tests (yep, I recognize that one it's a drug). I wonder how many businesses that proudly display the signs and placards declaring themselves to be "drug free" are really composed of employees that simply found ways to cheat the tests.
And let's not even get into the sordid details of the pornography that is thrown at us everywhere. It's not just on the Internet, sit-coms on network television border on the pornographic. Walk down the streets of major cities long enough, and you'll be walking over the leaflets distributed by the porn mongers. In Las Vegas, you're lucky if you can go a hundred yards on the strip without treading upon it.
Modern music teaches young girls how to dress like whores (well, the music videos do). Youth culture expects slutty behavior from girls and thuggish, rude and abusive behavior from boys. It's become the norm in our society for just about everyone to engage in casual sex with strangers. No commitments, just mutual orgasms without consequence. Why our 42nd president even made it clear... it's not sex unless it's genitalia to genitalia. Boys get out the cigars there's a legitimate use for tobacco again!
The first three classes of spammers (drug peddlers, smut mongers, and spamming businessmen) I listed all have one thing in common. They're all looking for free advertising. They want as many eyes seeing their ads as they can get and they want them at the lowest possible rate — free.
They're bandwidth thieves. They're an annoyance. And I'm thankful that spam filters work as well as they do. I'm also thankful that so few of them are actually creative enough to worm their way past the filters.
The fourth class of spammer is the one I'd truly like to do something about. These are the hackers. These are the truly evil people that probe at the fringes of the API's that we uses as bloggers. They try to analyze and probe the comment forms on our blogs. They try to compromise our sites so that they can turn them into their own distribution agents.
They provide spammers with bot nets to spew their perversion and their "free advertisements" at us. They try to automate the process of adding comments to blogs where trackbacks aren't available so that they can feed the bot nets with compromised targets. After all, if you can post hundreds of comments using automation you don't need to hire someone in a modern day Internet sweat shop to post them one at a time.
Worst of all, they try to compromise our systems. Some of them will try to add extra garbage to the querystring parameters that identify posts in the hope that they can exploit a buffer over-run or underrun and gain access to the site. If they're not looking for those vulnerabilities they try SQL injection attacks because most blogging platforms use either SQL Server or MySQL to store content. If that works, they can gain access to the database itself.
They try dictionary attacks on login forms. Eventually they may manage to compromise a site owner's account, and then they have free reign to modify the page templates and inject their own tools and widgets onto pages, or even worse, steal the site from its owner and use it for their own nefarious purposes.
I've seen evidence of these attacks on a daily basis on my site. Last week, someone actually managed to hack into my site and modified my main page template. They did a poor job of modification and the site began spewing errors.
I caught them early enough that I was able to undo what they had done and changed my passwords and some other site settings but it was a wake up call.
It was also a crime. But, as we all know that won't stop the spammers and the hackers. They're ALL thieves. They should be treated as thieves.
If we can catch them.
Trackback URI for this post: http://perrinelson.com/track.aspx?postid=1046
Permalink URI for this post: http://perrinelson.com/2007/10/30/1046.aspx
Subscribe to this entry's
comment feed. (Atom)
Comments to this entry are closed.