Slashdot Mirror

← Back to Stories (view on slashdot.org)

Splogs Clog Blog Services

Posted by Hemos on from the like-LDLs dept.

SuperWebTech writes "A new generation of spam has emerged lately in the form of automatically-created spam blogs, or "splogs." One wily programmer manipulated Blogger's API to create a "spamalanche" of thousands of blogs whose sole purpose was to increase their real sites' pagerank. This clogged search engine results while filling RSS feed services with useless listings. Though Google, Blogger's owner, is doing its best to fix the problem, in the meantime several services have stopped listing any site they host. So far nobody has found a solution."

21 of 241 comments (clear)

  1. Username trend? by sethadam1 · · Score: 4, Interesting

    Anyone else notice that every username in the video is [letters]-[numbers].blogspot.com.

    Maybe start by disabling new blogs.
    Flag all usernames that meet that basic regex criteria.
    Hand filter that bunch.
    Add the same captcha you have on your comment system to the posting system.
    Re-enable registration.

    Seems kind of elementary, doesn't it? Why not try it?

  2. Managed RSS feeds are more interesting by tcopeland · · Score: 2, Interesting

    i.e., Artima's Ruby Buzz and Java Buzz, Planet PostgreSQL and so forth.

    Of course, those become less valuable when folks add RSS feeds that aren't specific to the topic, so that Java posts show up in the Ruby feeds and all that. That can be tricky too, though; does this post go under Jabber or PostgreSQL? Dunno.

    --
    The Army reading list
  3. Capcha? by wren337 · · Score: 2, Interesting

    Isn't this the kind of automation prevention problem that capchas can solve reasonably well? Put image-text verificaiton on each step of creating or appending to a blog. If nothing else it will slow them down. Am I missing something?

    1. Re:Capcha? by LiquidCoooled · · Score: 2, Interesting

      No way would I like that.
      Not one little bit.

      Consider the following very general situation:
      Spammer uses home ISP connection with connection time allocated dynamic IP.
      Spammer sends out thousands until blocked.
      Spammer reconnects and gets a new IP whilst the original one is reusable by someone else.
      You or I then connect and unfortunately get the old IP and cant access the service any more.

      BTW, Its already in practice here on slashdot.
      Post too many fucked up comments and your IP banned from posting.

      --
      liqbase :: faster than paper
  4. Charitable donation by Honkytonkwomen · · Score: 5, Interesting

    Simple: Just require a small donation to charity (through Paypal?) before they can create a blog. A dollar or two shouldn't matter to anyone who's putting up a real blog, but will deter sploggers.

  5. Couple of solutions? by keraneuology · · Score: 4, Interesting
    How about a spider-readable timestamp for blogs? If 5,000 new blogs pop up within 12 hours of each other linking to the same web page it is an obvious red flag.

    On top of this, once again the hosting services need to be held responsible: if a site is hosting an obviously spamvertised site then give them 24 hours to remove the site or be blocked from future indexing activities - and have current rankings deleted.

    --
    If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
  6. IP address/domain-name checking? by jkauzlar · · Score: 3, Interesting

    They could always randomly generate text from dictionaries to beat the word verification. But no 'splogger' is going to buy up thousands of IPs or domain names for their clever little scam. Figure in the IP or domain name to the pagerank. Maybe if most of the links are from the same IP then take a percentage off its score? This percentage co-efficient could even be derived from the textual context of the links.. if the context is the same (like the scores of mirrored Wikipedia articles, to name one example), then lower the co-efficient.

  7. a new low-point, but who cares? by Ahaldra · · Score: 2, Interesting
    Automatic creation of blogger accounts. Now that's even one step more than the already rediculus blog and ping automator from the guy believed to be the one spamming boingboing's comment form.
    I seriously wonder if the DMCA's or other *AA laws couldn't be used to subpoena the ISP of these guys to get their real addresses. For some reason I doubt they are that many people in the spam and "search engine optimization" business.

    --
    Code is Speech. No to Censorship.
  8. Re:Word verification? by Bogtha · · Score: 5, Interesting

    Wouldn't a simple word verification requirement when creating a blog cure this?

    Yes and no. CAPTCHAs solve the problem for things like Slashdot, where you just have to worry about trolls with too much time on their hands. But when it comes to spam, there's a value to beating them, so what some enterprising spammers do is set up porn sites that tell people "enter the word you see here and get free porn!". Lots of horny geeks do the spammers' work for them. The difference between the two scenarios is that the spammers are willing to pay minute amounts to beat the CAPTCHAs, but the trolls aren't.

    --
    Bogtha Bogtha Bogtha
  9. Re:Well let's get old fashioned by aussie_a · · Score: 4, Interesting

    P.S. stop relying on google so much, PageRank is obviously flawed if it can be so easily manipulated by spamtards.

    Do you have any alternate search engines (preferably with examples to prove that they're actually better) to use instead of google? I've tested out all the big names, and the results I get are almost always near-identical, with the small differences in the results returned not being that important.

    It is extremely frustrating when Google returns nothing useful, but I've yet to find a search engine that works better. Google's level of results seems to be the best anyone can achieve at the moment (and it's not really google that's setting the level of excellence).

  10. I wondered when this would happen by museumpeace · · Score: 3, Interesting

    I have only used the e-mail posting interface to my blogger blogs a few times. If you like simplicity, the blogger online editor is quick-and-dirty posting for free. But the potential for abuse when you combine the easy-setup for gaining an account and the email method for posting is obvious.

    its kind of ironic that google, which has had fewer [not "no", just fewer] security gaffs than Microsoft is, in a sense, suffering security embarrassment for a rather similar reason to the origins of Microsofts security mis-steps: trying to appeal to users by providing very streamlined and simple user interfaces to functions that require privelege [account creation, publication] on most systems [think unix or Apache]...yes the additional "hassles" of authenticating and establishing the remote request is from a human and not a bot are an impediment to users. But catering to utter lazy dummies is a worse hassle as ought to be clear to everyone by now. Funny this is now news. If you went to blogger 6 months ago and sellected a random blog and then just surfed randomly by hitting "NextBlog" button, you would have seen dozens of sights that were just huge steaming piles of links for such vital topics as online shoe purchases ...abject link-stuffing pollution for google's own search engine and festering on google's own blogging service...seemed pretty dumb to me. BTW give google credit for putting a captcha feature on post commenting because comment spam used to be just as easy to blast into blogger posts as splogging.

    --
    SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
  11. Re:PageRank's fatal assumption by reed · · Score: 2, Interesting

    A similar approach would be to use web-based aggregators or large trackers and factor the number of feed subscribers into a blog's PageRank. Nobody is going to subscribe to a spam-blog, and also, lots of people subscribe to blog feeds but don't neccesarily link to the blog from another web page.

  12. Re:PageRank's fatal assumption by Richard+W.M.+Jones · · Score: 4, Interesting
    Google wrote a paper about TrustRank which is designed to evaluate the trustworthiness of a page, independent of number of links.

    (Disclosure: I work in "white hat" SEO, where we try to actually make sites more friendly, fast and useful for end users; this black hat SEO stuff doesn't do us any favours at all, so I'm keen to see these spammers wiped out by any means).

    Rich.

    --
    libguestfs - tools for accessing and modifying virtual machine disk images
  13. Re:Advertising: Out of control by Hosiah · · Score: 2, Interesting
    Heeeeyack! It's a CAPITALIST society! The only way you keep one going is to keep people buying more and more stuff!

    Who among us could not grok the same frustration? Funny anecdote: My kid went on a school field trip which included a stop at McDonald's. She returned with her happy-meal toy: a tiny little stuffed puppy-doll with a hu-u-ge tag sewn to it, just screaming with advertising and copyright information. The tag was about three times as big as the dog. I sent her for the scissors and snipped the tag off (in blatant disregard for the fine print saying I was committing a crime). Then the light bulb went off, and I asked her for all the *rest* of her stuffed animals. We had great fun performing tag-ectomies, as I explained to her that we had bought and paid for everything in the house, so it was ours to do with as we pleased, including stripping the commercial propaganda out of it. I think dolls are more fun to play with when they're allowed to just be dolls. She agreed. I'm just doing my best to raise a lawless little punk, here! (:

    It's stuff like that that frustration with corporate capitalism can drive you to.

  14. Re:Word verification is obsolete by Anonymous Coward · · Score: 1, Interesting

    Instead of just typing in the word, users should have to solve a modest algebra problem. That way you eliminate both spambots and users who probably don't deserve a forum anyway.

  15. Re:Advertising: Out of control by WolfZombie · · Score: 2, Interesting

    Well, advertising wouldn't be spiralling out of control quite as much if every single person wasn't trying to make a million dollars by age 25. What ever happened to working for what you earn, and then enjoying those earnings. I know at least the US is on a fast track to having a lot of unhappy people with way too much money that isn't worth anything.

    Maybe I'll just go live under a rock... as long as I can get wireless high speed internet ;)

    --
    Cheesy Movie Night
  16. Reverse-weight the spamvertised sites' Page Rank by habig · · Score: 2, Interesting

    None of this would happen if there was no money driving the attacks. How to make it not financially worthwhile to pay people to spam for you should be the question.

    People in this thread have mentioned a number of things which would make such spam more technically difficult to pull off, none of which would be foolproof.

    However, some combination of these techniques could be used by the search engine (handy, that Google the Blogspot-owner-victim is also the search engine being manipulated) to simply flag spammy links internally. And then use them as negative modifiers in its pagerank algorithm. So, questionable attempts to google bomb your site makes it drop off the face of google. Silently.

    Sure, this could be abused to try and stifle competitor's pageranking. But that's a second order effect, within the realm of possibility to manually correct, as a whitelist of commercial targets bad guys have tried to frame has got to be more easy to maintain than a blacklist of fly-by-night spam sellers.

  17. Re:Well let's get old fashioned by lamz · · Score: 2, Interesting

    Here's my solution. Charge $1 to open a new blog account. It's still basically free for anyone who wants an account, but prohibitively expensive for spammers who want thousands of accounts.

    --

    Mike van Lammeren
    It will challenge your head, your brain, and your mind.

  18. Re:They even quote you sometimes by wastedbrains · · Score: 2, Interesting

    Actually yeah i have run a blog for a long time about energy drinks... I found that spam bloggers trying to make money off energy drink ads and or promote links to their own energy drink have crawled my whole blog and copied nearly all of its contents and made massive splogs that either run google ads or have links all over the place to some energy drink. It is crap and there is no way to contact them to say they are stealing my content... The worst part is that it is working, so many of these fake competition blogs have popped up that i get about half the traffic that i did 6 months ago, because people are ending up at fake copies of my own damn blog with crappy ads all over the place or just spam links to ever dang thing imaginable. to see the original site: http://www.bandddesigns.com/energy and the fake posts that all just have links to my reviews, comments on my site about the drinks and then ads, and spam links... http://www.energy-drink-and-food.info/vamp-energy- drink.html Every drink page does this and some have copy and paste of my text.

    --
    Dan Mayer: my blog, essays, art, etc
  19. Use Invites by barik · · Score: 2, Interesting

    I think the idea of using 'g-mail' style invites might be a good idea here. Legitimate users won't want to risk getting their accounts disabled, so they will be more careful about who they invite. And unscrupulous users can easily be founded and eliminated at the root by assuming that they and all children of the user are invalid. It doesn't work well for small sites, but for high-visiblity sites like Blogger, it could be very effective.

    --
    Titus Barik
  20. Re:Well let's get old fashioned by jcr · · Score: 2, Interesting

    Through what medium? Credit cards?

    Credit card, PayPal, mail in a check, whatever you like. You could even make it refundable after six months or a year.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."