HomeBlogsjh's blog

Spammers are Bypassing the Turing Test with Copy&Paste Comments from Social Bookmarking Sites

Thu, 2008-06-19 06:48 — jh
spam zombie
Spaaaaaam

Usually spam comments are easy to detect. It's either some canned text (which is used everywhere) or a pile of quickly assembled semi-nonsense sentences generated by a little script (or even a cheap chat AI). That stuff is very easy to identify since it's either blatantly obvious, pure garbage, or completely off-topic.

Just a few minutes ago something different slipped through the recently installed filter. At first glance it looked pretty innocent:

copied comment
Stealthy spam (in light not-published-yet-pink)

But wait a minute... didn't I read that elsewhere before? Indeed I did:

real comment
The original comment

So, the spammer grabbed that comment, used it as content, recycled the nick from the original author, and used that nick as link text for some URL which leads to some dodgy site. The spam originated from a Chinese IP (59.172.79.200) which wasn't really much of a surprise.

This is somewhat similar to the CAPTCHA bypass where they let real humans solve CAPTCHAs from other sites by pretending it's their own one, which is allegedly used to protect some filthy stuff.

Exploiting comments from social bookmarking sites this way is very troublesome indeed. A Bayesian spam filter for example won't be of any help, because they are 100% legit comments from real humans.

If this becomes a popular method, the effects will be pretty devastating.

Comments

Thu, 2008-06-19 17:13 — Anonymous

Well...

I guess now spam filters will just have to look at the links inside the emails rather than analyzing all the text...

and next when spammers start obfuscating links we'll go to Bayesian analysis of text that look like links...

and next when spammers...

As long as there is a market of desperate men willing to take their offers, they won't go down easy and things like this will keep on coming. And spam filters will continue because as long as spam comes, there's a market for that. Capitalism and ingenuity go hand in hand.

--Kia Kroas

Thu, 2008-06-19 20:21 — Anonymous

Excellent!

Excellent! Everyone can stop trying to write String concatenation tutorials, because you're never going to top this one.

daniel

Sorry I couldn't help myself. :p

Sun, 2008-06-22 19:47 — Anonymous

.

lol

Sat, 2008-06-28 22:00 — Anonymous

spam is so *****

**** spam... another good reason to bring down capitalism in all its gory glory!

Sun, 2008-06-29 05:03 — jh

Capitalism isn't the issue here

There are two contributing factors:
1. They benefit from spam.
2. They get away with it.

E.g. email spam only exists because there are a few retards who actually buy something in response. Buying something in response to unsolicited email should be considered a crime (along the lines of supporting terrorism).

Ref spam, comment spam, etc is somewhat different. Unfortunately it's also harder to fix than email. Email spam could be reduced to almost nothing with public key encryption, no IPs, and all keys need to be stored over at a specific location at the domain the mail came from. Really simple stuff, isn't it? But ref spam and the like needs smarter search engines.

Point 2 is pretty puzzling. Why is it even possible to sell stuff anonymously? Isn't that illegal pretty much everywhere?

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options