Author Archive
We’ve all grown to be familiar with (yet greatly resent) the litte “type the letters in this box” features when commenting on blogs. They’re called Captchas and they’re designed to be sort of a Turing Test; something that humans can easily do but computers can’t.
Their real goal is to cut down on automated programs called Spambots that post links to porn, pill, and poker sites. We’ve even seen articles about spammers fighting back. Some have even created free porn sites where you get porn as long as you solve a captcha between each image. You’ve gotta give them credit.
The latest wordpress plugin isn’t an image of blurred letters though, it’s a math problem. Matt Cutts recently upgraded his blog, and it now asks me to “Please add 8 and 2” before I can leave my comment.
While it’s a better approach than the image.. (they are pretty hard to read), it’s even more flawed. A simple Google Search will show that there’s already a few other sites using this plugin. To write a spambot to take advantage of it woud be trivial:
- Search Google, extract urls
- Foreach URL, visit page and fill out form with spam
- Parse for a regular expression like Please X Y and Z
- do the math, fill out the form next to it, submit your spam.
For proof of concept, I’d write such a script, however it would be against my ethics. It would only take me 10 minutes though, honestly.
The captcha / addition is a flawed method of thinking. The goal of a spam bot isn’t to spam one website, if I only wanted to spam Matt, I’d do it by hand. The spammer’s goal is to spam as many websites as possible as quickly as possible, so any universal attempt to stop it will easily be cracked.
Instead of doing what everybody else does (captcha, math problems, kitten auth, etc) it’s far more beneficial to do what Jeremy Zawodney does. Jeremy has all of his commenters type “Jeremy” in a box before continuing. It’s real easy to code a bot to do it, but since it’ll only work on one site there’s no point. If somebody does keep spamming him repeatedly, Jeremy just bans the IP by hand.
I say let’s abandon the captcha idea in favor of making the commentor type something site related into the box. That’s how this site is going to work when I’m finished re-coding it.
There’s 2 approaches to security. One involves throwing up big walls and armed guards, etc (the captcha). The other involves simply not making yourself a viable target in the first place.
September 7th, 2006
Dear Scott Adams,
You sir, are an insensitive asshole. No, seriously. Not only that, you’re a coward as far as the blogging community goes. Ask anybody, you never pull a post after it creates controversy. It’s just not what bloggers do.
Now, on to your comments:
Readers of the Dilbert Blog know that I believe death is not a laughing matter, unless the guy who gets killed is in the process of bothering dangerous animals
No, still not funny. I don’t care who dies, a corporate exec, convicted murderer, or actor I never watched; death isn’t funny. You may have not liked his work, but the guy died doing what he loved in the name of conservation and education. It’s not funny, show some respect for the dead. I’m not even a fan of Steve Iriwn, but I was a fan of Scott Adams.
along the same lines, please have a look at your website. You’re a fucking sydicated cartoonist… do you really need the extra $3.00 CPM that your stupid popup ad provides? I stopped going to dilbert.com years ago because of that.. now I just guess the URL of each day’s comic, and snag your bandwith onto my personal homepage. Seriously, popups are a bad idea.
While you’re at it.. Dilbert is a work related cartoon.. so why do I constantly see girls in bikinis and sex related ads on the site?
As cartoonists go, you’re the blink182, greenday, or whoever else can be labeled as a sellout.
I just wanted to let you know…is $3.00 per 1000 impressions worth pissing off all of your visitors? It’s not to me.
Here’s some more work related cartoons that actually understand that…
User Friendly
BugBash
September 6th, 2006
I just got back from vacation to find the terrible news that Steve Iwrin (the crocodile hunter) has passed away. While the cynical side of me wants to say it was bound to happen eventually, it’s always sad to see a real talent pass.
Let’s face it, there wouldn’t have been an animal planet television network if it wasn’t for Steve. He turned millions of people on to once boring nature shows, and for that he’ll never be forgotten. It’s not what you take, it’s what you leave behind you when you go…. Steve left an interest and desire for knowledge in the hearts millions of viewers.
On a lighter side, (or scarier side depending how you look at it) President Bush recently issued the following statement: “My message to the world is this: Just treat us as we treat you…”
George, in case you haven’t realized, this is a bad idea. America’s general attitute toward the world is “we don’t care about you, agree with us or we’ll make your life a living hell.” Your “eye for an eye” idea is a good one, but not if you’ve made it your life’s mission to go around poking people in the eye.
I just picked up a CD of The Himalayans and it’s pretty damn awesome. It’s the band that Adam Duritz was in prior to Counting Crows, and the original authors of “round here”. If you like that type of music, please pick up their CD.
Also, Roger Clyne and the Peacemakers are coming to the Magic Bag in November. If you wanna go, let me know. Tickets are $12. (they’re the band formerly known as the refreshments (everybody knows the world is full of stupid people…) and also did the King of the Hill theme song). ok, that’s enough for now. Happy Labor Day, and RIP Steve.
September 4th, 2006
yet another entry from the people who don’t quite get it file. It seems that Cox Communications has started deleting outbound emails that appear to be spam, and not notifying the sender.
This is bad news for all Cox subscribers. With today’s over agressive spam filters it’s very easy to have legit email marked as spam, and if the user never knows there’s nothing they can do about it.
Now, I’ve always said that email should never be used for anything crucial but we all know it still happens. Besides, are spammers really using Cox to send out emails? It seems you’d have their real contact information and once reported they could take real legal action. Whatever network engineer dreamed up this change, it doesn’t seem to do any real good for Cox. I just don’t understand it.
Of course not wanting to be outdone by their competition, Comcast has not only blocked all incoming email from namezero, but they also blocked all mail from The Well, one of the net’s oldest ISPs.
When will internet providers learn that it’s not up to them what email to whitelist/blacklist, it’s up to the actual person who recieves the email. Let me decide and you’ll win my business in a heartbeat.
August 31st, 2006
I realized for being a software engineer that I haven’t written much about programming or coding or anything else. I work mostly with PHP and MySQL, but as some of our applications are getting mad traffic now, I’ve been doing every little thing possible to optimize them.
Here’s a few code optimization tips (mostly PHP) that may not seem obvious to everyone:
- $i++ vs ++$i Remeber back in college? There was always some sort of ++i / i++ trick question on exams right? So what’s the main difference? Most of you have been hard coded to use $i++ everytime, however that’s not always the best idea. The post increment (i++) actualy creates a temporary variable in memory to retain the value of i before incrementing. The pre increment (++i) doesn’t do that. It simply increments i. If you want to use the incremented version of i inside your loop only, then you might as well use the pre; it’ll save you a bit of memory.
- using sizeof() or .size() or whatever. How many times have you done this?
for(i=0; i < sizeof(array); i++) {
While this is technically correct, it isn’t the best solution when the cardinality of array is large. Coding it this way will actually re-calculate the size of the array every time the loop runs; and the functional overhead can get expensive. If possible, you should calculate the size once then compare against that.
- Speaking of functional overhead…Don’t use functions where built in operators will do. For example, this code:
if (strlen($foo) < 5) {
can be done without all the overhead by using some of php's natural operations like this:
if(!isset($foo[4])) {
The difference here is that isset() is built in to the language (it works like + or -) whereas strlen isn't. (it works like a function you define)
Anyway.. that's enough for now. I'm taking a vacation this weekend.. but when I get back, I'll post some other cool things you might not have known.
August 31st, 2006
I was reading on Phillip Lenssen’s site about how it’s now a crime to use META tags to deceive a child into viewing a hurtful webpage. I posted my comments there, but I wanted to re-iterate here as well.
Who defines what’s harmful? a site saying there’s no santa when viewed by an 8 year old? A site talking about evolution to somebody from Kansas? An abortion site to a christian? The skeptics annotated bible having bible in it’s meta tags?
I can see the intent here is to shield children from porn sites that put “britney spears” in the meta tags… but like typical govt this is just flawed. That stuff is about 5 years too old. It doesn’t work. This is not an area the Govt needs to get involved in. If you don’t want your kids to see something harmful online, that’s your job as a parent; not uncle sam’s.
This law will serve no purpose other than an excuse to shut down more porn sites, and a pathetic attempt to appear to be protecting the children this ballot season.
The only real internet law we need will ban the internet from any children under 16 without parent supervision, and ban making laws about the internet from any politicians over 40.
What we really need to do as parents (ok not we, I don’t have kids) is take a more active role in our children’s lives so they don’t turn out like this kid. (He IS German… Phillip is that you as a young boy?)
August 30th, 2006
Wow.. it only took 15 minutes afer re-enabling the comments to get the first spam comments; 3 of them actually. It’s funny because the spam bot actually used UBB code to make it’s links.
I’m going to say this right now to all you spammers: All Links on dotCULT recieve rel=nofollow attributes. There.. now that I got that out of the way…
Let’s talk about etiquette, and not the which fork goes where crap either. One of the most annoying things you can do is call somebody you haven’t called in months and ask “Hey, is SomeRandomName there with you? Can I talk to him?”. It’s even worse when you do email somebody who don’t regualarly talk to and ask them for somebody else’s email address.
For the record, it’s always been my personal policy never to give out somebody else’s email address or phone number without their consent. You’d be suprised how often I’m actually asked to do this. My feelings are that if they wanted you to have it, they’d give it to you. It’s not my decision to make. If you want though, I’ll gladly pass your contact information along the next time I run into them; but don’t count on me making a phone call just to do that.
Of course, this only applies to personal phone numbers and emails. Business information for the purposes of business should be completely public.
In summary: If you don’t know his email address he probably doesn’t belong on your MySpace friends list anyway, and if he didn’t give you his phone number there’s probably a reason. Please stop asking, it’s rather rude. Don’t you think?
August 30th, 2006
Dear Dell,
Let me tell you about my recent experience with your company. I recently ordered a new computer that cost me $1074.54. Due to a glitch in your system, my order went through twice and I recieved 2 computers.
I told fedex to deliver one, and I refused delivery on the other. I called support and you said “don’t worry about it, when we recieve it, we’ll credit you”.
Looking at my credit card bill, I was only credited $899.36. That’s a difference of $175.18.
I called your support line today at 6:30, and it took until 8:30 to get a real person on the other end. My cell phone battery actually died while waiting on hold, and I had to call again.
When I finally got somebody, I was scolded for not knowing my order number, and then placed on hold before he hung up on me. I called back and your annoying computer told me my wait time would be 20 minutes. I also fired off an email, but got no reply.
Now, there’s some obvious problems with this. First of all, you cheated me out of $175. Secondly, you fucking hung up on me. Third, you just showed me that I could have somehow bought my computer for only $899.36…. so you cheated me again.
You owe me $350.36 (not to metion the time I spent on the phone.) I charge clients $50/hour. I couldn’t talk to a client while my phone was tied up, so therefore your owing me total is now about $550.36.
I have already contacted the BBB, and will try again tomorrow to contact you. Please note that I will be charging an additional $50/hour for however long it takes me to rectify this situation. Please let me know where to send a bill.
Thank you very little
Ryan Jones.
August 28th, 2006
If you don’t regularly read Wired magazine, they have a Great Article about all the over reactions to terrorism and how we need to refuse to be terrorized.
Contrary to what people believe, a terrorist’s goal isn’t to kill us. Their main goal is to change our lives; and frankly we’re letting them do that. Terrorists account for .00008% of all deaths in our country. Statistically polish grandmothers have killed more people since 9-11 than terrorists have, but you don’t see people going crazy about shutting down bingo night at the local church. (please don’t take offense, I’m polish that’s why I used it)
In the past few months we’ve grounded airplanes for the following reasons:
- A man in a leather jacket was speaking arabic and looking at his watch
- A woman had a bottle of water and a bar of soap
- Passengers weren’t wearing their seatbelts
- People were playing with their cell phones
- The bathroom door was locked
- Somebody burnt the toast
Hell, we even closed a school recently because little Michael Morrissey brought in a Burrito. (::insert “explosive” toilet humor here::)
Does this sound stupid to anybody else? Am I the only one who thinks our fears aren’t justified?
It’s time to stop acting irrational out of fear and get on living our own lives. We need to stop acting like that old cartoon housewife who goes crazy and stands on the table everytime she sees a mouse. You know, the one who will throw a lamp or break her entire kitchen trying to kill it… that’s what we’re doing with our freedoms, our rights, and our way of life. We’re throwing it away in an attempt to feel safe.
But safe from what? Terrorists, or just a Man with a Penis Pump?
NOTE: Comments functionaly still isn’t done. I appologize, as I realize that this piece will undoubtedly attract some. If it makes you feel better, I composed this entire thing in phpMyAdmin.
August 28th, 2006
I’m still working on the dotCULT backend re-design. Until then, I bet you didn’t know I wrote a book did you?
The NoSlang.com Internet Slang Dictionary is now available in book form! The new book is 172 pages long, includes over 2,000 terms, tips for parents, tips for teens, and more information about slang! This book is a Must have for all parents or teachers.
For a limited time, the book is availble for the discounted price of only $9.54. It’s going to sell for over $10 on Amazon.com in a couple weeks, so get yours today before the price goes up.
Order Your Copy Here
(Select US Postal Regular Media for Cheapest Shipping)
Here’s what other people are saying about the book:
“As an Internet author and expert, I knkow a lot about the Internet. However, as an adult and parent, most INternet slang has PMB (passed me by). In a simple manner, this authoritative guide has leveled the playing field for all parents and adults. I suggest placing this book by the computer. Now your kids will know that you know what they’re saying.” — Ken Leebow. Author of 300 Incredible Things to Do on the Internet
“I bought this book and boy was I amazed of how much I learned about internet slang. I would watch my 13 year old use AOL IM and I had no clue what she was saying. With this book I can now monitor her activity and she doesn’t even know it. A must have if you have children using instant messengers.”
— Review posted on LuLu.com
“The Internet Slang Dictionary is a must have for parents with kids online, never again be in the dark about a term or phrase you don’t understand.” -Rich creator of TheParentsEdge.com
August 18th, 2006
Next Posts
Previous Posts
