Slashdot Mirror

When I saw this article, I opened it specifically to mention Bad Behavior.

http://www.bad-behavior.ioerror.us/documentation/how-it-works/

Instead, Bad Behavior pioneered an HTTP fingerprinting approach. Instead of looking at the spam, we look at the spammer. Bad Behavior analyzes the HTTP headers, IP address, and other metadata regarding the request to determine if it is spammy or malicious. This approach has proved, as one user said, "shockingly effective." After all, spammers write their bots on the cheap, and have little incentive to code very well. If they could code very well, they probably wouldnâ(TM)t be spammers.

For some numbers, Akismet has blocked 400 spams on my site. BB has blocked 197 attempts this week. I'm not sure how far back Akismet goes, but the point is that BB blocks the vast majority of spammers before they even post their message, then Akismet generally catches the rest.

I've been told that Bad Behavior is the shiznit. http://www.bad-behavior.ioerror.us/

found a howto for doing this on fedora.

http://linux.ioerror.us/2006/09/encrypting-your-swap-partition-on-fedora-core/

I came across this but haven't tried it yet: http://www.bad-behavior.ioerror.us/ and of course, there are other interesting ways to prevent submissions: http://recaptcha.net/learnmore.html

Linux offers a few encrypted file systems - Here's one - that can include the swap file/partition.

If you're using a swap file instead of a swap partition, it's even easier to use - just put the swap file on an encrypted filesystem & it will autmatically be encrypted right along with the other data.

As a side note - standard username/password encryption is pointless for this anyway - unless you plan on typing in a 1024 bit password anyway. You would need a key on a USB stick that they would just confiscate anyway. Biometrics are iffy - Jello has an 80% success rate at getting past fingerprint recognition.

Alternately you can go with those spiffy cards that provide a 4 - 8 digit number based on the time, but again they would confiscate the card.

Encrypting your whole disk on Linux is somewhere between a minor pain and a complete nightmare. Support for it doesn't even exist on certain high-profile commercial distros (Red Hat) which you would THINK would have had it long ago because it's something their customers would want.

I had to put together my own unofficial packages to get an encrypted root filesystem on Fedora Core 5. (And then it broke on FC6, so no upgrading yet...) In theory, the support will officially be in Fedora Core 7, but there's still a bunch of code to be written between now and then.

The article linked to goes right to his Homeland Stupidity site. This guy sits at home and lives off his Adsense revenue and /. just gave him a ton of hits. Unfortunately to help mask this, his previous blog http://ioerror.us/ now forwards to Homeland stupidity and any projects previously on ioerror.us are now hosted at homeland stupidity. Either way, IO ERROR is Michael Hampton.

There are a few slip-ups that still tie him together.. on the contact page... is skype name is ioerror_us and on the policies page, the email to contact him is error at ioerror dot us

Nothing to see here... move along.

Wordpress is an excellent open source blogging tool. Couple that with Bad behavior and Spam Karma 2 and you've got yourself a near impenetrable blog to spam in your comments. The new version of Wordpress has tools to migrate from some popular blogging systems, so.. go check it out.

Bad Behavior ( http://ioerror.us/software/bad-behavior ) is my choice for I think pretty much everything for a few reasons:

1) While it's not made for forum spam, it can still work with it. It comes with drop in files for a ton of CMS, Blogging, and many other web scripts.

2) If there's no file for your software, Podz comment ( http://www.ioerror.us/software/bad-behavior/#comme nt-1053 ) (the first actual comment, past all the trackbacks/pingbacks, USE THE LINK I JUST PASTED) details how you can use a .htaccess file (assuming you're in an apache environment where php is compiled as an apache module NOT AS A CGI BINARY!!! (----- IMPORTANT!!!!)) to protect your entire domain.
Seeing as the site is susceptible to go down, I suppose I'll post the comment/instructions here:
===========
On my domain I currently have about 6 WP installs, and bbpress.
Bad-behaviour is installed into my main blog plugins directory and I have this line in my .htaccess

php_value auto_prepend_file /-full path-/T2/wp-content/plugins/bad-behavior/bad-behav ior-generic.php

I'll get no error logs maybe, but I do get site-wide protection.
If you activate the plugin as well as doing this, you WILL get errors. So don't :)
Comment by Podz -- April 25, 2005 @ 12:44 pm
===========

Note: Full path = file file system path to wherever you have the bad-behavior-generic.php file.
It can be rewritten as: /path/to/bad-behavior/bad-behavior-generic.php

3) Bad Behavior 2 is going to rock, as it'll fit with the natural progression of web scripts. More modular and flexible for integration into nearly any piece of software for the web.

4) Captcha's (attempt) to prevent automated registration/form submission. However, bots can still roam your site and leech your bandwidth. Bad Behavior is configured so that bots recieve a simple error page. sub-1K vs. 10K or even more per page? (including even more for inline images or flash animations and such). You be the judge.

5) It is well maintained, well supported (all by only one person!) and io_error does in fact work with the community, especially when it comes to new bots or false positives.

Check it out, wontcha?

Bad Behavior ( http://ioerror.us/software/bad-behavior ) is my choice for I think pretty much everything for a few reasons:

1) While it's not made for forum spam, it can still work with it. It comes with drop in files for a ton of CMS, Blogging, and many other web scripts.

2) If there's no file for your software, Podz comment ( http://www.ioerror.us/software/bad-behavior/#comme nt-1053 ) (the first actual comment, past all the trackbacks/pingbacks, USE THE LINK I JUST PASTED) details how you can use a .htaccess file (assuming you're in an apache environment where php is compiled as an apache module NOT AS A CGI BINARY!!! (----- IMPORTANT!!!!)) to protect your entire domain.
Seeing as the site is susceptible to go down, I suppose I'll post the comment/instructions here:
===========
On my domain I currently have about 6 WP installs, and bbpress.
Bad-behaviour is installed into my main blog plugins directory and I have this line in my .htaccess

php_value auto_prepend_file /-full path-/T2/wp-content/plugins/bad-behavior/bad-behav ior-generic.php

I'll get no error logs maybe, but I do get site-wide protection.
If you activate the plugin as well as doing this, you WILL get errors. So don't :)
Comment by Podz -- April 25, 2005 @ 12:44 pm
===========

Note: Full path = file file system path to wherever you have the bad-behavior-generic.php file.
It can be rewritten as: /path/to/bad-behavior/bad-behavior-generic.php

3) Bad Behavior 2 is going to rock, as it'll fit with the natural progression of web scripts. More modular and flexible for integration into nearly any piece of software for the web.

4) Captcha's (attempt) to prevent automated registration/form submission. However, bots can still roam your site and leech your bandwidth. Bad Behavior is configured so that bots recieve a simple error page. sub-1K vs. 10K or even more per page? (including even more for inline images or flash animations and such). You be the judge.

5) It is well maintained, well supported (all by only one person!) and io_error does in fact work with the community, especially when it comes to new bots or false positives.

Check it out, wontcha?

• Referer Karma uses the Referer: header to find spammers
• Bad Behavior checks for specific spambot-like behavior
• WordPress HashCash calculates the answer to a hard problem to "pay" for posting

IP addresses: The big boys use open proxies all over the world. You'll often get spam which is clearly from the same source but comes from IP addresses all over the place.

User agent strings: Again, the big boys use proper user agents so that they look like regular browsers.

Referrers: Those are unreliable even with human visitors, as proxies (as e.g. used by companies) often filter those out. By relying on referrers you'll block a good portion of your regular visitors.

Having said that, there are tools like Bad Behavior which take a closer look at the HTTP requests, checking for non-conforming HTTP requests and typical indications of spam bots that do work quite well most of the time.

...over-eager government wiping its feet on the flag and blowing its nose in the Constitution.

Good ol' "W" himself has some thoughts on this.

Ahh, yes. The old "I read it on the internet, so it must be true!" Are you so sure it's legit?

I will tell you that 5 seconds of searching gives you little information, besides a bunch of articles referencing the one you linked. Many of them, such as http://www.ioerror.us/2005/12/09/bush-constitution -just-a-goddamned-piece-of-paper/ rightfully expresses the need for some verification, rather than just a single person's dramatizing article. My short searching was unable to find any verification.

Wishing something was true doesn't make it so.

People on both sides need to cut this sort of thing out. They need to cool off and be reasonable with each other again. Both Democrats and Republicans are guilty of open hostility and attacks.

Wordpress 2.0, Spam Karma, Bad Behavior, PhpBB all completely rock.

Excuse me?

http://phone.ioerror.us/2005/09/verizon-wireless-g ets-injunction-to-stop-data-thieves
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT= 104&STORY=/www/story/12-09-2004/0002592069&EDATE=

If you want to pick on someone, pick on someone other than Verizon Wireless... they're trying to protect you.

Here is the story I saw. http://phone.ioerror.us/2005/10/sprint-nextel-sell s-iden-network-to-us-military How true it is I have no idea.

That AP article is full of errors, some of which I commented on yesterday. For instance, it happened twice this month. And those 30-year cookies are still around until you go and remove them...

Colorado: http://www.ioerror.us/2005/11/22/denver-bus-riders -forced-to-show-id-or-risk-arrest-and-prosecution/
Florida: http://www.breitbart.com/news/2005/11/28/D8E5RPBO5 .html
Nevada: http://www.wired.com/news/privacy/0,1848,62438,00. html

Welcome to the United Soviet States of America. Right have you!

Kind of like how our border patrol uses uniforms made in Mexicos?

Oh yes they will track individuals with this technology. You heard it here first.

It starts with the first time some police officer gets the bright idea in his head, and from there it never ends.

In short, it's:

• Based on Firefox.
• A blogging and social networking tool.
• Not going to steal your personal data.

Read the review for more.

Yeah. And you frequently wind up having to scan five or six times before it works. Oh, and I had this story hours ago. :) Hand geometry scanners are a frigging nightmare.

They can't even keep their own web site running!

If your site uses PHP, you may be able to adapt Bad Behavior. The script was originally developed for WordPress and has already been ported to MediaWiki and Geeklog. It identifies known "bad" robots and robots that imitate real browsers based on the HTTP headers, then sends an access denied response.

The image graphs can be found here [noreply.org].
--
Latest: Can you believe the media? [ioerror.us]

Normal web browsing is fine, albeit quite a bit slower than you're used to. Then again, that's the price of anonymity, I suppose.

As far as contributing, if I had the bandwidth to spare, I'd set up a Tor server and contribute. I do have Tor linked from my web site, though, for what that's worth.

Indeed. I do screenshots in PNG format, and the 640x480 black-and-white shots come out between 4-8K. And all the shots look better, since it's lossless. The thumbnails look a lot better, too, since I used mogrify to create them. There's just no excuse for using BMP (or JPEG, for that matter).

<IfModule mod_rewrite.c>
RewriteEngine On
# Many robots do not handle SGML or HTML correctly. These rules catch them and
# punish them:
RewriteRule &amp; - [NC,F,L]
# Active exploits out in the wild
RewriteCond %{HTTP_USER_AGENT} ^(LWP) [NC,OR]
# Comment spammer software
RewriteCond %{HTTP_USER_AGENT} ^(.*MSIE.*Win.9x.4.90|8484.Boston.Project|grub.cra wler|Indy.Library|Java.1|MSIE.*Windows.XP) [NC,OR]
# Miscellaneous suspicious software
RewriteCond %{HTTP_USER_AGENT} ^(.*DTS.Agent|libwww-perl|POE-Component-Client|WIS Ebot|.*WISEnutbot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(Mozilla...0)$ [NC,OR]
RewriteRule .* - [F,L]

# Blank user agents, not a trackback
# Needed because WP before 1.5-beta doesn't include a user-agent
RewriteCond %{HTTP_USER_AGENT} ^(-?)$
RewriteCond %{REQUEST_URI} !^(.*trackback) [OR]
RewriteCond %{REQUEST_METHOD} !^{POST}
RewriteRule .* - [F,L]
</IfModule>

The best one I've seen renders a series of characters graphically (a la TicketBastard) which the user (a human, of course) has to type into a text field on the comment form before their comment is accepted.

Sure, that's great for humans using a graphical browser, with images turned on, and 20/20 vision. But that doesn't cover all internet users. What about text browsers? What about screen readers?

This is the age of internet accessibility folks, and it's exactly why I refuse to use Captcha tests on my own blog - instead, I currently filter all comments and trackbacks through wp-spamassassin. Haven't had a single problem yet, although it's early days.

The rel="nofollow" trick sounds promising for killing off the PageRank cheats, but it won't stop humans clicking the links...

Try the WordPress SpamAssassin plugin, which has also been ported to Movable Type, to kill all that comment spam.

You can take a look at my blog to get some idea of what is available, but be aware that I run nightly builds (don't try this at home, kids!) so a few things you see might not be available. And the Google search box at my site definitely is not part of WordPress, and might never be; I developed that bit myself. I can't imagine anything you can do with MT that you can't with WP.

You can take a look at my blog to get some idea of what is available, but be aware that I run nightly builds (don't try this at home, kids!) so a few things you see might not be available. And the Google search box at my site definitely is not part of WordPress, and might never be; I developed that bit myself. I can't imagine anything you can do with MT that you can't with WP.

So, personally, I was thinking more of using this when I'm visiting family and friends.

When I'm out and about, my laptop's Linux install speaks for itself. I've converted more people to Linux by sitting them down in front of it for ten minutes than by all evangelizing.

This definitely was not front-page material. In the Science section, maybe. After all I did learn how to make friends with penguins, and that's an important life skill!

I may regret this later, but...
Argo Robotic Instrument Network Now Covers Most of the Globe (2.6MB, QuickTime) (my mirror)