Wednesday’s usual Nan O’ War episode will appear later this week. I was going to post about the latest talk from John Carmack, but I feel like that kind of post needs to simmer for a few days. So rather than leave this spot blank, I thought we might look at the work of a new spammer to the site.
All of the messages in this post arrived from the same IP address, and all of them within a few minutes of each other. All of them bypassed the various spam filters and appeared on the site where the public could see them. (I manually took them down once I spotted them, obviously.) They managed to properly handle the “Check here if you’re not a spammer” checkbox. They managed to spoof Akismet, which is my main software-based defense against spam. They also successfully got by the common stuff like keyword filters. One or two of them almost got past the ultimate filter, which is my human brain. That’s a pretty good night’s work for a spam bot. (Or perhaps a shameful night’s work for my spam filters.)
Let’s meet our first contestant…
Very funny. Keep up the good work!
So how did this bot manage to post a coherent comment in the proper context? They cheated and copied off of someone else’s work. That same comment had already appeared on the post.
The ending of Mass Effect 3 is where the problems culminated, not where they began
The bot tried again just three minutes later. Again, they managed to post a coherent thought. The mistake here was that they quoted the post and not another commenter. Even that might have slipped by if I was being inattentive, but then they used a gibberish name that drew attention to itself. 192.168 is the first part of the default IP of a home router, and it’s just screaming out “someone has configured their spambot incorrectly”.
spanish to english
Very funny indeed
Two minutes later. That pattern here is pretty obvious by this point. Again, this comment is simply quoting someone else. It would have skated right through, except “spanish to english” makes no sense as a username and it matches their URL. If they were named “The Translator” – and if it didn’t come in this rapid-fire bundle of spam – I wouldn’t have given it a second look. “Oh. This guy translates stuff for a living. Good for him.”
Can't wait for the next entry!
Same mistakes. The name is odd enough to grab my attention, where I notice that it matches the URLDon’t bother looking it up. It’s a garbage multiplayer shooter for mobiles.. Also, the ripped-off comment doesn’t make sense this time. “I can’t wait for the next entry” made sense four months ago, but that is no longer a plausible response to that post because the next entry has already been posted. 17 of them, in fact.
It was ridiculous. Even without being able to read the code on the slides, you could tell the steps varied widely in operation count, were often split up and in different order, and just looked different.
Same thing again: Nonsense name that matches the URL posted too soon after other messages with the same M.O. Also, this one repeated the mistake of quoting the post rather than a comment. That’s actually a spam bot quoting me quoting John Carmack.
I’ve never seen a spambot behave quite like this one before. If I look in my spam filter nearly everything falls into one of these categories:
- Word salad gibberish.
- Giant walls of meandering text unrelated to my site or the spammer’s URL.
- Just a big list of URLs.
So this one was kind of refreshing. Hopefully Askismet catches up soon so I don’t have to sort through too many of these by hand.
 Don’t bother looking it up. It’s a garbage multiplayer shooter for mobiles.
Spec Ops: The Line
A videogame that judges its audience, criticizes its genre, and hates its premise. How did this thing get made?
Why Google sucks, and what made me switch to crowdfunding for this site.
What is Vulkan?
There's a new graphics API in town. What does that mean, and why do we need it?
Game at the Bottom
Why spend millions on visuals that are just a distraction from the REAL game of hotbar-watching?
Was it a Hack?
A big chunk of the internet went down in October of 2016. What happened? Was it a hack?