Taken one at a time:
We did not invade North Korea. North Korea invaded South Korea in 1950, and the UN security council voted to repel this attack. The United States did not fight alone, but was part of a UN-based armed force to repel this invasion.
JFK did not start the Vietnamese conflict in 1962. The French tried to maintain control of Indochina following World War II, including Vietnam, but ended up having their butts kicked and having to cede North Vietnam as a separate, communist country in the 1950's. We had already started sending support at that time -- to the French, to help them in their fight. Those imperialist dogs (up freedom fries).
(Sorry, couldn't resist. I like the French.)
Our actions in Vietnam were by invitation, based on a mutual pact of support signed between us and the South Vietnamese government, and ostensibly to defend the South Vietnamese government, but it wasn't much to write home about. In reality, the world was pretty damn scared of communism at that time (after Stalin, the world has reason to fear communism).
We entered Bosnia as part of NATO, blessed by the UN.
As for liberating two countries? Both Iraq and Afghanistan face civil war if we pull out. In Iraq, women, who once enjoyed a great deal of freedom, now huddle in their homes in terror.
Al-Queda sits and plays info games with us, sitting back laughing every time we go on orange alert, or turn back a jet.
Acts of terrorism are on the increase in Iraq.
Iraq is less secure now than it was a year ago.
We in the US are less free than we were a year ago.
Better? I can't explain how anyone can possibly think any of this is 'better'.
Worst president in history? I didn't think anyone could be Grant as worst president. No longer. I'm still waiting for one person to come up with one thing that Bush has done right. Even his so-called defense of this country has come with high costs to our freedoms, and the creation of an agency that scares the heck out of me.
Oh, I guess he didn't choke on the pretzel. His wife probably thought that was good. And he served as a turkey for the troops last Thanksgiving.
Ooops. Typo there. I meant he served 'a' turkey for the troops.
PS Steve, nothing secret about the approach of timed access -- they posted a request for the post entry page, and then used a timing function to post the comment posting within 1 to 3 minutes after the initial page request.
First, hidden form field, been there, done that. Spammer started scraping html page, grabbing field, and then used it in posts. Time to break through idea? One day.
As for 'forced preview', there is no code involved. How to implement? Well, look below this comment form. See the POST button? Remove it. Then what happens is that the comment must go to preview, and from preview to post. That's what Sam Ruby is doing.
Sam is also looking at other conditions (see http://www.intertwingly.net/blog/1681.html) but even something as simple as removing the POST button disrupts the simple posting of a form -- it forces a response/challenge (post form, to preview, then to post).
As for MT 2.66, the IP throttling change they made would not have stopped the recent comment blast based on IP address, but would stop the script kiddies so it's a start. Won't keep the smart ones out but will at least keep out the annoying dumb ones.
And I will not support the redirect functionality they've included, and I sure as heck hope they give us an ability to turn this on or off. And a perfect demonstration, to me, of the difference between the spammers use of social software techniques, and the 'legitimate' developers use of clever technology.
I didn't see this elsewhere in all the fooflah, but I guess LiveJournal has a challenge image (type what's in the image -- CAPTCHA) that also has an audio component for audio only browsers used by the visually impaired. Now that is supremely cool -- right up there with Sam's forced preview (which still appeals for the 'cool down' aspect if no other tech reason). These two combined could almost be the perfect comment spam killer. I won't say is the perfect comment spam killer -- but close.
I was hesitant about coming back into the comments and responding to the original 'tone' thing associated with my post, but I did want to agree with you, Teresa, that Yule is a very good friend. More than that, a brave woman who has seen me get kicked around a bit by the tech community, and hasn't like it much. (Well, neither have I to be honest.) A good person.
But I think that the original topic of this post and all of our interests should return to center front and tone and lack or abundance thereof slide back into the obscure corner from which it belongs.
Graydon, my favorite comment spammer, whose signature I tend to recognize now, actually worked around the block of delayed time between accessing the page and posting the comment. And with the recent spam attack, the spammer spoofed different IP addresses between posts to a comment thread, which overrode this hand coded block.
As for caching an IP address with an email, that didn't sound right. Not everyone has a broadband always on connection with the same IP address. In fact, IP addressing schemes are pretty dead as a solution at this time, too easy to manipulate.
And David, yes we've talked about graphic challenge systems, as novalis also discusses. Unfortunately, these are not workable for the visually impaired.
Another thing to keep in mind is maintaining a sense of perspective about all of this, something I think novalis is hinting at. I think.
Shedding light on the _recent_ comment situation. Hmm. Perhaps the following might also do some of this:
You've been comment spammed, your life as you now know it is over
Making a Deliberate Choice
Comment Spam? Or DOS
Spammers : getting to know you
Passive Resistence
DDT for Comments
Using Google Against Us
Comment and Trackback spamming
Comment Spam QuickFix
Comment Spammers Redux
Variations on a Nasty Theme
You all have to remember something here -- for most of the comment spammers, they would rather not to be noticed so they would prefer to write comments on older threads. Why? Because googlebot finds them regardless of the age of the posting, and if the comment is on an older thread, the weblogger may not be as inclined to delete it. So older posts are preferable, not newer ones.
However, last nights spam commenter has all the markings of an old friend we've tangled with before, who got really pissed at the actions of some webloggers who got fairly aggressive in pushing back at him. This recent episode was more in the line of thumbing his nose at us, saying "You can't stop me no matter what you do". Ouch. But we knew this was coming.
Adam, it would be great if Google did use meta tags so that we could mark up links this way, but as far as I know, I don't know if Google is considering this. This does put a burden on a very lightweight bot to get more sophisticated in its processing, which tends to defeat bot technology.
Plus, I like my good commenters to get the link buzz. I hate to have to turn off for all just to get the few spammers that hit (and they are few, but annoying).
Personally I like Sam Ruby's new approach -- all comments have to go to preview first, and the person has to then accept the preview and move on. This not only eliminates comment spam, but acts as a tiny cool down period for people writing nasty, nasty things. Really elegant solution.
( http://www.intertwingly.net/blog/1682.html )
If MT 3.0 comes out, soon, with really good comment management as well as decent comment throttling (protection against script kiddies) (and I'd like to vote on including a button to pus that forces comments to go to preview mode if we wish) I think that's our solution. We can then drop the blacklists and the tweaky stuff and get back to writing. But we really are at this point dependent on that new release. Anything else is a stop gap.
Bryan, closing down comments on old posts will help, at least until MT 3.0 is released. The comment spammers aren't hitting the same post with a 100 comments -- they're hitting individual posts with three each, lower than a lot of thresholds. Closing down older ones for now will throttle back the problem -- most of this last batch of comments was on comments over 10 days old.
How they're finding posts is using Google to query on weblog entries based on the fact that comment forms have the same labels, i.e. URL, Name, and so on, in addition to the word 'blog' somewhere. Easy.
There's another comment spammer or spammers at work using recent updates in weblogs.com, but this person is putting comment spam in manually, changing what they write to fit your topic. At least they're not overloading the system.
Cross comment posting, dangers thereof. Thanks Patrick, and yes, lets move on to helpful stuff.
Tools to do this, I betcha there is. I'm so used to working directly in MySQL. And I found some things:
http://www.rayners.org/2003/12/27/closing_comments_on_old_entries.php
There's others if you use the following Google search "mt comments shutting down older
.
Uhm, Patrick, Yule, let's leave this be, shall we? Yule, you're an angel and I appreciate so much what you did, but if folks don't read me they won't be aware of the past writing I've done, and the flack I've received because I've been critical of MT's comment system and using blacklisting technology because of the dangers of banning legitimate people.
Patrick, perhaps you might have tried making an assumption that there was a reason for whatever tone you disliked in the posting and focused instead on the fact that I was trying to help people out of a situation.
P.S. To the gentleman who thought this might be a crapflooders attack, not it wasn't. This attack was much more sophisticated than the rather primitive script kiddies one shown in Slashdot. The mt-blacklist code should stop this one, though it may not be able to throttle the requests fast enough to not impact on the CPU, temporarily.
Last night's attack was quite ingenious for its work around of mt-blacklists capabilities, and wasn't meant to necessarily take down a machine, though enough MT users on a machine, all of whom have comments emailed, would have been enough (hence this does make this into a DDoS attack). No, this was spammers trying for enough of a hit to get scrapped by google bot before the cleanup was finished.
I'm sorry that Yule and you all got into a comment quarrel here over the tone of my posting. I've written about a dozen notes on this problem, and yes, I guess I am getting tired of repeating myself and getting ignored.
Blacklisting is dangerous and won't solve the problem, as the script kiddies are showing with the new crapflooders, just recently pointed out. I'm sorry for the folks not using MySQL with MT, but if you are using MySQL, I really do suggest you consider shutting down comments on older posts. Might help a little, but a rewrite of the MT comment system is desperately needed now.
| Year | Number of comments posted |
|---|---|
| 2004 | 14 |
Total: 14 comments. View all these comments on a single page.
The most recent 20 comments posted to Making Light by Shelley:
Show all comments by Shelley.