Spam and CAPTCHA

So after leaving this place for a month (probably more), I log in to find that there are over 6300 comments pending.  I have WordPress set up to automatically queue comments there that contain more than three hyperlinks, which tends to be a hallmark of spam.  Of course, there are the more discrete spam bots, which just leave some BS comment and have the Website field point to discount V1agara or whatever else.  Those are usually picked out by Akismet, which actually does a pretty good job.  Unknown to me, however, was the fact that I had forgotten to re-enable Akismet after I upgraded.  So it caught neither the trickier comments nor the 6300 blatant ones, which would otherwise have ended up in the Spam pile.  And to boot, Akismet needs updating anyway.

Well, I decided to try a different solution, so the other day I installed the reCaptcha plugin.  This service, which not only keeps your site from being inadvertently associated with male-enhancement drugs, also helps Google to digitize books, with words OCR programs tend to have problems with.  (Think bad scans.)  Check out their site for more information, it’s a neat concept.

I’ve only had it up for a day, so I’m not entirely sure it’s working, but I don’t see why it wouldn’t be.  I tried using tesseract on one of the images, and here’s what I got.  First, the image:

Random reCAPTCHA image
And here’s what it gave me back:


Now, when I cropped out ‘of’ and tried that separately, it got it – that’s how it works (check the link above), it gives you a known one and an unknown one; I guess you could fool it if you got the one correct.  It does check the other word with other sites, though.  (As a side note, I did put in the text given above along with ‘of’, and I was actually able to fool it.  My guess though is that if you did this from the same IP a bunch of times it would catch on.)

So I’ll see how this turns out, hopefully it’s not too annoying.

Distributed Social Networking

I remember when FaceBook was new.  A lot of people I know rushed to grab an account, and soon just about everyone I could think of had their page.  It was nice, I kept up with a ton of people from high school as I went through college.  It was awesome for sharing pictures, promoting a cause, whatever.

It still is, but now it has become clear that the site has basically turned into a big content sponge.  All that information, and the statistics that come from it are worth tons to FaceBook and their advertisers.  And of course, people willingly give it all to them.  Well, it appears there is an alternative (found on Slashdot today).  Diaspora* aims to be a distributed social networking medium, where you get control of the information you put up.  They hope to get it released at the end of the summer.

Of course, they’re not the first to come up with a decentralized, linked means of sharing information, but maybe this will be be attractive to the average person.  You still have to be careful, of course, as obviously people will still be able to read what you make available.  But the idea of a decentralized social networking medium is appealing.  I will be checking it out, and I encourage everyone else who uses social networking to as well.

An Open Letter to Tor Users

The idea behind the Tor project is a good one.  There are a lot of people around the world who have only filtered Internet access, and this project allows them to do things like read Wikipedia and other informational sites, whether or not their government wants them too.  It also provides a means of engaging in illegal acts while reducing your chances of getting caught.

And then again, you could be running an exit node, as I was.  Well, inadvertantly.  Apparently the version of Tor I put on my workstation was acting as one by default.  I don’t mind being a middleman node (where you just pass traffic to other Tor nodes), but running an exit node is a bit risky, especially at an educational institution.  I found this out the hard way, after the school forwarded me a DMCA infringement notice.  Now, if you look on the Tor site, they actually have a template for this, which is in fact a somewhat common occurance (at least enough such that they have a form letter made up).  However, due to the rules in place where I’m at I think this is on my record now.

I don’t care; I’m not a heavy torrent user at all, and have never gotten such a notice in the past.  However this is annoying, in that it means that somewhere on the Tor network someone was proxying their Bittorrent traffic.  Now, as I said it seemed that the default exit policy was to make my machine a full-fledged exit node, not blocking anything (unless I missed something).  Normally blocking torrents is a good policy, along with spam.  I would say I would probabably have been fine with the exit node if I’d have done this.  But it so happens I didn’t.  It would however be very nice if Tor wasn’t abused, though, as it really can be helpful.  So, think about that if you ever become a Tor user yourself (whether you run just a client, or also have your machine be a relay).

And to the people with the balls and bandwidth to run an exit, I salute you.


Gotta love spam.  I get a tone of it, through both Email and this blog, but mostly through Email.  My main mail server is down, so my mail gets sent to my Gmail account, which thankfully is good at filtering the spam.  But it still amazes me how much I get as I go through my junk folder.

And don’t even get me started about the blog spam…  I’m going to have to look into a CAPTCHA plugin to try to fight off the scripts, or at least the ones that don’t know how to read (sadly, some of them do).  It’s such an intrusion, but hey I guess that’s just what’s out there.

What puzzles me is how anyone thinks spam is actually an effective marketing tool.  I mean, don’t we already have things like TV infomercials for selling male enhancement pills?  Wouldn’t they stand a better chance than spam?  And, I would think that most people by now see spam as a nuisance, and just delete it.  And surely no one in their right mind would trust a company that sends out horribly formatted Emails in bulk, right?

Well I guess enough people must bite.  It’s sad, but the spam keeps flowing.  Oh well, I still let a smile be my umbrella as I appreciate the two or three legitmate mailing lists I’m on.  Someday, the dam will breach, and we will be rid of the problem of spam.  Hopefully society will still exist by that point.


Well, just thought I’d do a little rant.  Gotta love election year, plenty of things to argue about, especially online.

Basically, I’ve come to the conclusion that politicians exists to give people something to bitch about.  I see it all the time, on Slashdot, Fark, whereever.  People argue about someting, and then they pick a side, they join a horde for some particular candidate or philosophy.  Then something comes along, like the thing with Obama voting for the FISA bill, and all of a sudden you have people changing their loyalties and arguing endlessly again.  Maybe you get someone talking aobut how our rights are being eroded and that no candidate is protecting them or, my favorite, how maybe we should overthrow the federal government.

The funny thing is, there are valid issues in there.  For me, the FISA thing is troubling, and I am concerned about my rights as an American citizen.  However, it just seems like there’s so much crap that goes back and fourth between the two extreme sides of each issue.

We have to worry, we have to be conscious of who we put in office and what he or she is going to do.  We have to be worried about how it will affect us, the economy, the environment, health, etc.  But I think people have the tendency to take all the pent up rage from their everyday lives and concentrate it into a good-old political quibble online (or in real life).  I know I have.  Okay, to be fare maybe the term “rage” is a littel too extreme, but you get the idea.

We deal with a lot of shit with politics.  It comes from all over the political spectrum, all over the country.  I personally believe that things tend to work themselves out.  While some things may get bad, the people aren’t stupid enough to let it get too far.  Yes, this is optimistic, and I don’t mean to sound apathetic.  But quite simply, I don’t think we’ll be needing to call everyone to arms for a while.

Port 25

Well, it happens to be another weeknight and again I find myself writing about my DIY Web/Email hosting saga.  Well, the latest development is specific to my mail server, which I run at my home off of a Verizon FiOS connection.  Well, used to.  You see, it’s down.

The server had an issue, and I’m in the process of setting up another one at home (a machine I had doing something else; it will be a temporary server until the other one is up again).  However, I ran into a snag.  You see, Verizon never blocked port 25 inbound in the past. But now they do.  They just started to.

It kind of makes sense.  I mean, there are so many zomby PCs out there, with virus acting as mail servers (and thus listening on port 25 for spam to forward) that blocking the SMTP port is a good way for ISPs to be responsible and limit spam.  Not to mention that an intentional but poorly configured mail server could also relay spam (mine didn’t).  So I guess it’s a good thing then.

But it still aggravates me.  I mean, we pay for a certain amount of bandwidth on that connection.  Why shouldn’t we be able to do what we want with that bandwidth, within the confines of the law and general decency?  Yeah, they oversell.  But guarantee that that mail server hardly used any bandwidth compared to my family’s normal Internet habits (which is mostly just surfing the Web).

The other thing that sucks is simply the fact that we’ve had to resort to this, what with viruses and such.  I suppose it was bound to happen, but it’s still sad that we have limited connections due in part to general Internet crap.

But you know what?  Verizon offers a business package for more money that has no ports blocked.  And you get a static IP.  And presumably, that IP is not blacklisted as being a source of spam (something I ran into a lot).  Even if they didn’t need to block ports to limit spam and the spread of viruses, I could see them doing it anyway to justify charging more for the next size up.  Truthfully, it’s not even that much of a problem.  I have plans to host my Email on a different box in a datacenter in Rochester, and until then, there’s this.  And hey, I guess there’s no reason to fuss about it too much, as most people only care about being able to surf the Web.