Late last April I read an article on Cnet about “Google’s pointers on countering web spam” and I felt there were some issues that were correct and some that were… off. I mean I’m down with Matt Cutts and how he’s like a rockstar nowadays but I feel that all this “the Google way is the best way” is to much fanboyism. I mean, that’s how Google got big, by questioning stuff and doing one better.

So, on to the article, the first part was about spammers. Matt Cutts said: “Spammers are human. You have the power to raise their blood pressure. Make them spend more time and effort…If spammer gets frustrated, he’s more likely to look for someone easier.”. And he’s almost right, I mean, hackers are people too and if you piss them off… no, wait, you don’t want to piss hackers off. I mean, a decent enough hacker will be able to break anything if motivated enough, and in a way, it’s like burglars do: if you have a shiny metal door with “burglarproof” written on it, it’s a downright invitation, whereas if you keep cool, you’ll get some spam, but nothing big. It depends on whether you want to annoy the little guys or attract the attention of the big guys. Think this through before you complicate things.

“Use captcha systems to make sure real people, not bots, are commenting on your site. He uses a simple math puzzle–what’s 2 + 2?–but he also likes KittenAuth, which makes people identify kitten photos.”

This is perhaps one of the things that annoys me most about the internet: captchas. Small, awkward texts, illegible to machines (i doubt anyone actually uses machines to read captchas) and pretty much illegible to people. They’re annoying and the really are pointless. They put captchas once on stumbleupon, I almost stopped submitting stuff, that’s how much they annoyed me. As for their reputation of being unbreakable… Slim chance. There was an actual case where a porn site asked people to enter captchas to view some pics and the robot could thus bypass any captcha out there. So captchas are very easily breakable. Not to speak of math captchas (i think i can rustle up a script to detect the + sign or the key words and then do the math), or that kittenauth, which although fun (and highly unaesthetical) can be broken with a script that matches the photos to google searches. All in all captchas are nothing more than an imperfect way to stop spambots. A much better way would be to actually challenge people in something fun, like a flash game or puzzle. Or heck, just trust people and moderate yourself later, you need people to join and comment. And akismet and bad behaviour do a neat job of keeping spam comments out… Why complicate things?

“Reconfigure software settings after you’ve installed it. A little modification of various settings will throw bots off the scent. “If you can off the beaten path, away from default software installations, you’ll save yourself a ton of grief,” he said.”

This is a blur of advice but what this means is the simple stuff, like changing the default username for wordpress (admin) to some strange intergalactic hail, like @>FE{@342dasA. Guess that, spammer. Also, some changes as to permitted post behaviours give you a buffer against spam. That means make all commenters need to be trusted (have at least one approved comment) and you’ll escape a lot of spam…

“Employ systems that rank people by trust and reputation. For example, eBay shows how long a person has been a member and how satisfied others are with transactions with that person.”

This is a way of tracking how much a person has contributed and thus how likely he is of compromising your blog. For example, someone who comments a lot is less likely to spam and lose his status than someone who’s new. Reward people for being there. Wordpress usually does this via number of comments, but feel free to expand on that.

“Don’t be afraid of legitimate purveyors of search-engine optimization services. “SEO is not spam. Google does not hate SEO,” Cutts said. “There are plenty of white-hat SEO (companies) who can help you out.”

I’m not really sure what this has to do with spam, but it seems in some places people view SEO as a bad thing, like they’re cheating Google, which is really not true. I know hackers who do white-hat SEO (the good kind) because they feel spamming and all that should not be used.

Anyway, enjoy this lightweight article, I found it refreshing.

Don’t forget to subscribe to the feed or who knows what you’ll miss out on. You can also subscribe by email.