Johnnie Manzari: July 2005 Archives

« June 2005 | Main | August 2005 »

July 17, 2005 Angelina Jolie Nude

Angelina Jolie Comment and Trackback spam on my website has increased over the last couple months and is driving me crazy. Everything from promises of nude celebrity photographs to poker to subjects that are not family oriented were being advertised on my site. The time came to do something about it. Here is my long, strange trip down the road of preventing spam:

Renaming MT-Comments.cgi

I started where everyone starts. Renaming MT-comments.cgi so that machines searching the web for that file have a harder time finding it. I hit a bug and reverted back. Spammers 1, Johnnie 0.

MT-Blacklist

Most people using Movable Type install MT-Blacklist, which blocks the IP addresses associated with spammers. I installed MT-Blacklist 2.0 but it was incompatible with Berkeley DB, my database. An older version (1.6.5) is compatible with Berkeley DB but not with Movable Type 3.1.x. Sigh. Spammers 2, Johnnie 0.

MT-DisguiseTrackbackURL

My next step was to install MT-DisguiseTrackbackURL. This takes the Trackback URL and uses JavaScript to render it on the page. This way a spambot will need to run JavaScript in order to learn about the URL. This isn't a very robust way to protect the Trackback URL, but it was easy to install, and I needed a quick victory. Spammers 2, Johnnie 1.

MT-Scode

Next I tried to installed Mt-Scode. This allows you to put a graphic with numbers and letters next to your comment submission form, and require people to write the value they see in an edit box. This keeps the spambots from being able to leave a comment. Unfortunately this required a graphics library called GD. I downloaded GD, but to install it I needed a C complier like GCC or CC, which I couldn't find when I SSH-ed to my account. Not looking good... Spammers 3, Johnnie 1.

MT-Bayesian

Then I decided to install MT-Bayesian. This uses a training algorithm to learn about the properties of spam and then hide those comments from showing up. The original MT-Bayesian is incompatible with Movable Type 3.1.x but I found an updated one. Unfortunately it was extremely processor intensive (read: painfully slow). It also did not rebuild templates in an intelligent way, requiring me to rebuild all individual posts even if the change was only to one. Training was taking a really long time, and due to some bug the comments were still showing up. I thought it was hopeless at this point: Spammers 4, Johnnie 1.

Asking a Question

Then I read about a simple idea: just ask a question and have the person enter the result in the form. You'll notice the question I ask in the comments area. This makes it harder for a spambot to leave comments.

The code for this was really simple. I added the input field to my Individual Entry templates with the name/id of X, and added this snipet of code to MT-Comments.cgi, right under the line that says 'use strict;':

use CGI qw(:standard);

my $data = param('X');
die unless (($data eq 'the-answer') || ($data eq 'The-answer'));

Spammers 4, Johnnie 2.

Movable Type 3.2

Movable Type 3.2 is currently in Beta, but it looks like it has MT-Bayesian type functionality built in. Hopefully the combination of the work I've done so far and Movable Type 3.2 will help me even the score.

Posted by johnnie at 11:55 PM | Comments (19)

July 11, 2005 Asking the Right Questions

John Maeda: "What is Design?"
Paul Rand: "Design is the method of putting form and content together. Design, just as art, has multiple definitions, there is no single definition. Design can be art. Design can be aesthetics. Design is so simple, that's why it is so complicated."

This excerpt is taken from a conversation between John Maeda and Paul Rand. I reflected back on this conversation after I had a discussion about design with Paul Rademacher.

Part of the process of working with form and content involves asking questions. I would prefer to work with people who ask the right questions and offer no answers, rather than those with many answers to the wrong questions.

In the field on interface design there are a number of easy answers that are best pushed aside in order to make room for better questions. What if a Windows application had no application menu? No Save command. What if it had no modal dialog boxes? What if it had no context menus? Asking the questions frames the problems to be solved in new ways. What begins as questions focused on limitations can become an opportunity for thinking more broadly about the problem.

What if you could only use gestures? Would your design become a morass of obfuscation?

Posted by johnnie at 01:47 AM | Comments (0)