Iron Chariots spam

A while back I decided to upgrade the server software for the Iron Chariots wiki and install a bunch of add-ons, including one that allows me to force all new editors to write a short biography and wait for approval. It’s kind of a headache, but before doing this, we would get dozens of new users a day who would start filling up the wiki articles with advertisements for wristwatches and porn. Unfortunately, sometimes I can go for a couple of months without remembering to check the spam trap, and then people complain. But it beats the alternative.

Today I remembered that I haven’t approved users since April, so I cleared out a fairly manageable 17 requests. Nearly half of them were spammers who were stupid enough to put spam in their biography, so that was easy. I approved a bunch of requests… and then I saw this guy.

[Read more...]

Somewhat off-topic: Evolutionary arms race of spam

Just wanted to mention that we get a lot more attempted spam here at Freethought Blogs than I ever remember getting at the old blogspot address.  Luckily, the spam filters are pretty good and I usually don’t have to lift a finger to mess with it.  I do, however, see a few posts a week that slip through the cracks as “uncertain” and drop into the moderation bucket to be checked.

To give you an example of what spam looks like these days, here’s a post from last night by “Nicolette Snith”

Thanks for an unbelievable post, would see your personal others posts. thank you your thinking for this, I felt a trifle strike by this text. Thanks again! You commit a great aspect. Displays the beauty through great facts here. I believe that if a greater number considered it like that, they’d have a very better time frame get the grasp ofing the difficulty.

That’s a pretty common variety.  It’s lavishly complimentary, totally unspecific, and almost written in a reasonable style of  English.  It only looks weird if you take the time to actually read it carefully.

Obviously the goal of spam is to drive traffic to commercial sites, and this seems to be accomplished by adding a URL in the user identity, which you can click from the person’s post.  It used to be the case that most such URL’s were in the form of obviously suspicious locations, i.e., “http://hotgirls.ru” or something like that.  (I just made that up, but I checked and it’s a real site.  I do not take responsibility for you surfing there or wasting any money.)  These days, however, the address is more often in the form of an IP address (such as 123.123.1.2) which redirects you to a site that wants to sell you viagra or mortgages or whatever.

The behavior of spammers and spam filter writers very closely resembles the evolution of predators and prey in nature.  Each side has a survival motive to improve.  The spammers are obviously in it for the money.  Design the perfect spam filter, and you cut off their income.  In the worst case scenario, they might even have to give it up and find an alternate career that doesn’t require them to be goddamned parasites.

The anti-spammers are fighting for survival of their content.  I’ve seen quite a few abandoned blogs and forums become completely choked with spam, to the point where it’s impossible to engage in a meaningful conversation.

So each one evolves competitively, and both need to be automated to an extent.  The spammers are busy trying to post millions of junk messages to sites all over the world, while non-spammers are busy trying to clean up hundreds or thousands of messages without employing an army of human moderators to babysit their sites.

What’s interesting is that there does seem to be an upper limit on the effectiveness of spam filters.  If a human reader can’t tell them difference between spam and a legitimate post, how is a computer supposed to do it?  Even now, I have gotten to the point where I look at a brief, harmless compliment with deep suspicion.  If I see a new poster write “Well said” or something of the kind, I have to stare at the email address, the name, and any suspicious links for a non-trivial amount of time before I decide it’s safe to pass through.

Much as I hate this omnipresent intrusion into our lives in a digital age, I find it kind of fascinating to see how the race keeps shifting.