Akismet, the anti-spam WordPress plugin, has been around since November 2005. In that time, the software has dealt with 2 billion spam messages. What’s really alarming is the shape of the curve. To be fair, some of the curve is the result of more and more people using WordPress, and more of those people getting Akismet, but still.
Such a mammoth waste of everyone’s time and energy for just a tiny bit of money for a miniscule number of people.
The spam solution I’m using is still going strong. It’s been 2 weeks since the last time I saw a spam. It’s been over a month since one slipped by that I had to delete manually. Given the sheer volume of spam I was getting five months ago, and given the fact that this site is several times larger now, I’m very grateful for how well the CAPTCHA is working.
If you look at the problem from the POV of the spam programmer, there are many ways to make his job harder and more annoying. You can’t make it impossible, of course, but the appeal of spam has always been the fact that it is “free” for the spammer. Making it less free might go a long way to making less of it. Given the normal level of lazyness and stupidity of the average spammer, I think that even CAPTCHA are probably overkill.
Most spam scripts go right for the wordpress comment-posting script. Just having this script to have a configuarable name would probably be just as effective as the CAPTCHA solution I’m using now.
Another technique would be to simply insist that comment POSTS are the result of an honest-to-goodness page load. Embed a secret number (which changes automatically) into the form as a hidden field, and make sure incoming form submissions contain the number. The advantage of this would be that it would be seamless and transparent to normal users – they wouldn’t even need to enter a CAPTCHA. The only downside would be if a user loaded the page, and then did something else for a couple of hours, and then came back and left a comment on the open page without reloading it first, then their number would have expired and the system would eat their comment. The disadvantage for the spammer is that they will have to parse all that HTML on the page if they want their comment to get through.
What is Vulkan?
There's a new graphics API in town. What does that mean, and why do we need it?
What did web browsers look like 20 years ago, and what kind of crazy features did they have?
The Game That Ruined Me
Be careful what you learn with your muscle-memory, because it will be very hard to un-learn it.
Artless in Alderaan
People were so worried about the boring gameplay of The Old Republic they overlooked just how boring and amateur the art is.
Lost Laughs in Leisure Suit Larry
Why was this classic adventure game so funny in the 80's, and why did it stop being funny?