I am seriously considering writing a bot script for my images folder telling Google Image to stop cataloguing my photos for their image search. I’ve allowed it thus far as a courtesy to web surfers to enjoy the images I have on my site… but this is getting out of hand. A huge number of people are now hotlinking to my images. It seems to have become somewhat of a practice on the web now. The biggest offenders: people in discussion forums, and people on MySpace and similar social sites. People just hotlink to images rather shamelessly, and it’s getting out of hand. When I look at who is visiting my blog, it seems like one out of every twenty or so visitors is a hotlinker… which means they are not really “visiting” the site, instead they are swiping an image from my site, on my dime, and there is no link back to or credit for my site.

Not that it’s of any real significance, but round numbers can be strangely fascinating. 1400 days of continuous blogging and counting. It’ll be four straight years in exactly two months, by coincidence. A good thing that Sachiko is patient and understanding of this quirk of mine, and doesn’t begrudge the time it sometimes takes.

There are sometimes perks to having a blog; interesting stuff can happen from time to time. Just a few days ago, a rather well-known site featured a blog post of mine on their front page. Some time ago, one of my posts was mentioned on CNN and linked to (though they chose to link to the cross-post on the now-defunct xpat.org). My post on Arguing on the Internet was selected for a college reader (they still haven’t sent me the copy they promised, though). And unless someone was yanking my chain, author John Varley found a review I wrote on one of his books and left a nice comment.

Nothing ground-shaking or anything, but small and enjoyable brushes with third-class fame. And probably a lot less of this would happen if I weren’t posting like a madman , filling my site with huge gobs of writing on a regular basis (1,383 days of non-stop posting, and counting). That certainly helps with The Google, which is what tends to get you noticed. (It also helps to have the word “blog” in the name of your blog, as it is a common search term, and so gets you ranked higher sometimes.)

Recently, a new perk popped up: a freebie DVD. A marketing firm found a post I made recently on WKRP in Cincinnati coming out on DVD. They contacted me and asked if I’d like to review the set on the blog, and if so, they’d send me a copy. A good deal for both of us, to be sure–it’s something I would have eventually bought, and since I spoke favorably of the show before, they know my review will probably be a positive one. Can’t promise anything–the way the music is presented (due to the music labels’ greedy demands for huge payments on the song snippets used in the show) could be fine or it could take away from the quality; the special features, like commentary, could be great, or they could suck big-time like the directors’ commentaries on the DVDs for Airplane! and Young Frankenstein. So we’ll see. Trust me when I say that while I like the idea of freebie DVDs of media that I like, I don’t like it so much that I’d stoop to sucking up for it. But given that I’ve seen all the episodes in question already and really liked them, there’s not really much suspense in that aspect of the review. Look for the post on it sometime soon.

Living in the Age of the Internet can be strange sometimes. Today, I found out that I’ve been syndicated, after a fashion. Came as somewhat of a surprise to me.

Usually, I get an average of just one or two comments per post. If I get more, then most tend to come from a group of long-time readers. Less than 24 hours ago, I wrote a blog post on the RIAA and their tactics in dealing with downloaders. Nothing new, I’ve posted much like it in the past.

But then, I started getting comments. Lots of comments. Not major-site-level comments, but more than a dozen in a single day is unusual (even for my infamous eyelid-twitching post), and all from people I never heard from before. Then a little flag went up, and I recalled when this had happened before. So I check my stats, and indeed, there are several hundred hits from The Raw Story web site. It’s a fairly well-known site, having broken several big political stories. I surf to their site, and sure enough, there’s a link to my blog from the morning on their front page.

What’s more, it’s not just a plain link to my page–it’s a link that maintains the site’s banner with my own blog post in a frame below it.

Now, there’s nothing really wrong with that, and I do appreciate the nod and the traffic. But it’s kinda weird; I feel like my blog article has been syndicated to their site, and I’m kinda the last one to know about it.

That’s just an illusion, from one perspective. The story never left my web site. But the inclusion of the Raw Story’s banner–with advertising which may have earned money for them–above the blog post creates the impression, especially to the novice reader, that the writing was done under the publication’s wing, so to speak; it gives the impression that it’s all part of their site, a site which generates income from advertising. (To be fair, the banner ad, at least at present, is for a Muscular Dystrophy organization; it’s probably a PSA. But the banner does include links that ask people to advertise, which allow people to sign up to pay by subscriptions, or which ask people to donate money to the site.)

It strikes me as somewhat of a grey area. On the one hand, they are using another person’s published work, without asking, to add content to a site which perhaps makes money from advertising on the same screen on which the borrowed work appears (or at least makes money from ads to the main site, which benefits from added content).

On the other hand, it is a media in which people regularly link to the works of others, and others are glad for the attention; furthermore, the publication did not actually transfer my work to their site, they simply split the screen.

Like I said, I’m not complaining. It just strikes me that the proper procedure would be to at the very least notify someone before going that far, or better, to ask permission. A plain link is not improper at all. But to display a banner and advertisements above the work, on a site that gets paid by advertisers for providing content? I doubt anyone would ever sue or even complain too much–on the contrary. It just seems a little… off.

Interesting. Just in the past few hours, I got two different comments on an old post, my post on Gun Control from May last year. Usually I get comments on old posts very sporadically–to get two in such quick succession is very unusual. I thought maybe it was the same person using different names–but the IP addresses were different. Then I thought that someone was linking to my post from a popular forum or something–but no, my “Latest Visitors” stats page showed them coming from Google. Odd.

Then I figured it out: the Virginia Tech shootings. That has prompted people to search for sites that discuss gun control. And if you Google “gun control blog,” I’m #2 on the returns. And sure enough, when I checked my recent stats, the search terms “gun control blog” which lead people from search engines to my site have spiked in the last 24 hours.

Interesting how stuff like that comes together….

Several times on this blog, I have mentioned my problems with hotlinkers. Since I post a large number of photos (more than many, fewer than some), and I keep those photos on my site indefinitely, I have to deal with people stealing those images. Now, I own almost all of the images that I post; if not, I note the source. But if I do use an outside image, one thing I make sure to do is to host the image on my own site. Why is that important? Let me explain.

When someone sets up a web site with their own domain name, they usually have to pay for “hosting” services. That means that they pay a service to give them disk space, maintenance services, and a 24/7 high-speed connection to the Internet. The web pages, images, and other files are kept on that hard disk. But the hosting service usually keeps track of how much bandwidth you use. For example, if I posted a 1MB picture on my site and 99 people downloaded it, that would equal 100 transmissions (1 up, 99 down) of that 1MB file; that would be 100 MB of bandwidth used. Since almost all accounts have a bandwidth limit (my own is 75 GB per month), it is a commodity which you are paying for.

Now, let’s say that someone wants to use that photo on their web site. So they put a command on their web site that embeds the picture into their own web page, so it looks like the image is part of their own page–but the address of the picture is kept as a reference to my web site. In other words, the photo looks like it’s on their site–but my site is where the image is taken from, so I get charged for bandwidth every time somebody views their web site.

This is called “hotlinking,” and I’ve mentioned it before. People will not only steal your images, but then they will hotlink them so you will be forced to pay money for their act of theft against you. Kind of like someone stealing your cell phone, then you get charged for their phone calls.

The one defense you have: the image file resides on your site, so you control it. So, when some thief steals an image and hotlinks it, what I usually do is to change the image file to something insulting or (if I’m really ticked off) obscene. One time, a travel agency hotlinked one of my China travel photos, so I replaced the image with a graphic calling them thieves and warning their customers to not to buy from them (they swapped images and hotlinked from someone else after a few days, but here’s what the site looked like for a while).

However, the real damage comes when someone hotlinks your image, and their site is heavily traveled–which means that you get swamped, and your site could even be in danger of exceeding bandwidth limits, which could get your site shut down. The worst incident I had was when an image on my site was hotlinked by Ain’t It Cool, a popular movie rumor-and-reviews web site. Before I could notice it, my site had suffered 30,000 hits, losing 1.5 GB of bandwidth (this was back when my limit was 15 GB, and I came close to exceeding it sometimes). So I swapped the image with a graphic advertising my site. “Ain’t It Cool” noticed the swap quickly, and then replaced the image.

So, why am I mentioning this? Because hotlinking has, at least momentarily, become an issue in the political arena. One of John McCain’s web techs set up his MySpace page–but when he did so, he hotlinked to an image on someone else’s site. When they made McCain’s page, they used a free template offered by NewsVine, which allows people to use their MySpace template so long as they give credit to NewsVine, and so long as they don’t hotlink.

McCain’s site didn’t honor either condition, so NewsVine’s CEO Mike Davidson swapped out the image McCain’s people were using with one announcing that McCain had reversed is opinion on gay marriage, “Particularly marriage between passionate females.” Since Davidson’s swapped image was on his own web site, and McCain’s people were the one’s who had placed it on their own web site, this was an “immaculate hack” that broke no laws whatsoever. Below are the real and hacked pages captures, the hacked one on the right.

image borrowed, but not hotlinked. Click on the image to visit the source.

Davidson writes about his decision to slap McCain’s hand on this one:

But then I read the article in today’s Newsweek about how politicians are all setting up MySpace pages in order to “connect” with younger audiences. McCain’s MySpace page is listed, as are the pages from several other candidates. I think the idea of politicians setting up MySpace pages and pretending to actually use them is a bit disingenuous, so I figured it was time to play a little prank on Johnny Mac.

Luckily, I had already set up a special .htaccess rule on my server which served my real “contact me” image if the image was referenced from my own MySpace page, and served up a sample image if it was served from anywhere else. This is the whole reason I even figured out what was going on. I had my real image in cache and upon loading McCain’s page, the real image showed up (including my special note that said “NO REQUESTS FOR DESIGN HELP PLEASE”). Thinking it was weird that McCain would get any requests for design help, I immediately realized what happened.

So, the only thing necessary to effectively commandeer McCain’s page with my own messaging was to simply replace my own sample image on my server with a newly created sample on my server. No server but my own was touched and no laws were broken. The immaculate hack.

Abortion? The Iraq War? Probably too heavy to joke about. Gay marriage seemed like a more of a non-lethal subject to center the prank around.

So with a few minutes in Photoshop and a quick FTP, a new John McCain was born…

…and The Straight-Talk Express isn’t just for straight people anymore.

Bravo! This is amusing to me on two levels–the political and the geek levels, to be specific. Well done, Davidson.

Something that I just noticed: spammers are now adding a new tactic to their spamming: searching my blog. Not with Google, but rather using my own blog’s internal software. My blog’s internal search engine records the searches done by visitors; usually it just reads search keywords like “nova drug arrest,” “hypnotoad,” “right eye twitching,” or “google video,” to name four legitimate searches done in the past few days.

However, I am now seeing a few hundred searches performed every week which look for spam keywords; apparently, the spammers have automated programs access my blog’s search engine script to look for spam terms they have undoubtedly tried to get past my filters in comment spam. In the past one week, 127 searches were made for URLs for legitimate sites (usually educational addresses), with words like “viagra” or “cialis” tacked onto the end. Another 44 searches were made directly for the spam terms themselves, like “used rolex,” airline flight tickets cheap airline tickets,” or even strings like “This excellent site!!! Want you good luck!!!” (clearly one of the fake compliments posted riding a spam link).

Apparently, Google ain’t good enough for them. Now they have to directly access the blog’s own search engine script to see if their spam has stuck. Which, of course, it hasn’t. In the same 1-week period, SpamLookup blocked 1,681 comment spam. MT-Blacklist blocks a lot more than that–between 1,000 and 1,500 on any given day. MT-Blacklist blocks spam which matches the blacklist filter; SpamLookup stops the rest that get through, usually on the basis of having URLs or recognized spammer IP addresses, or whatnot.

But to the best of my knowledge, out of 2,301 blog posts and 5,513 comments over the past four years minus a few months, not a single shred or hint of spam exists on this blog. That ain’t gonna stop ’em from continuing their barrage, of course.

I tried to get this blog listed in Google News, after seeing a good number of other political blogs and plain-simple web sites included. Google wrote back:

Thank you for your note. We’ve reviewed http://www.blogd.com but are unable to include it in Google News at this time. We don’t include sites that are written and maintained by one individual. We appreciate your taking the time to contact us and will log your site for consideration should our requirements change.

Yes, yet another weird new word describing something to do with those danged Internet tubes. This is one that I actually reported on six and a half months ago–though at the time, I did not know the name for it. I called them “Spam Blogs,” and have since found that the abbreviated name “Splog” has been applied. An ugly word for an ugly practice, fitting enough.

A Splog is a fake, auto-generated blog that acts as a platform for spam links, or for AdSense or Amazon Associates links that will generate money for the spammer. The idea is to horn in on the keywords generated by blog posts to get listed in search engines, which will lead to people linking in and using the outbound links, thus generating cash for the spammer.

If that weren’t bad enough, these splogs don’t generate their own content. You do it for them, if you have a blog. The splog first finds your blog, then it grabs the text you wrote and automatically slaps all or selected parts of your entry into the splog. One way to discover if your site is being mined by splogs is to search for unique content on your site in Google’s Blog search engine, and then see if more than just your entry comes up. I did a post on “Maeuri-ken,” or advance ticket sales in Japan, just a few days ago… and within two days a splog had swiped my text and used it to try to generate themselves some cash. Here are the results from the Google Blog search (results will disappear after a few weeks of this post).

Here’s the original post, in part (image):

And here’s what comes out on the splog:

The splog page has links to dog breeding and pet care sites, as well as cross-links to other splogs and spam stuff. As splogs go, it is relatively inoffensive. It actually links back to the blog post it stole from, does not go overboard on spammy stuff like some splogs do, and does not inject spam links into the stolen text directly, as has been reported to happen. Also, note that in this case, the splog does not reprint the full text of my post, or even a coherent paragraph. It is more like the result of a search engine query looking for the keywords “small,” “dog,” and “sale,” all of which appear in that post.

That doesn’t mean that it is inoffensive, it just means that it is slightly less offensive than the many other splogs I’ve found mining my writing for their sleazy profit.

I’m rather impressed. Just one and a half days after posting an entry titled “Akemashite Omedeto Gozaimasu,” that blog entry is ranked 8th on Google under a search for that expression. Which is quite something, as it is a common expression in Japanese, at least as far as New Year’s is concerned. Somebody at Google seems to like me.

Or maybe it is a combination of the recency of the posting, along with someone on a Google Blog linking to the entry. That would be my sister-in-law, who has (so far) done a four-part series on New Year’s in Japan, from the neighborhood-at-day perspective.

I love Crooks & Liars. They’re a great blog. They’re on my LinkBoard. But I do think that they’re going way overboard with effusive self-praise at a recent ranking released in the press:

There are literally millions of blogs now.  For one single blog, on its own, to generate 40% of the ten most linked-to posts for the year is a truly remarkable achievement.  It is a testament to the uniquely valuable role C&L plays in the blogosphere — not only in providing invaluable video content but, more importantly, in helping to shape the dialogue and agenda for the liberal blogosphere as a whole.

The thing is, all four of their top 10 most-linked-to blog posts were posts that were linked to because they contained video content, namely Colbert’s White House Correspondents’ dinner monologue, Al Gore’s SNL “presidential address,” and two Keith Olbermann commentaries.

The reason people linked to these posts were not because of the commentary offered by C&L, it was because the video was there. But Glenn Greenwald, author of the self-praising post, claims that C&L’s ability to “shape dialog and agenda” was more important than providing video content. Now, I think that C&L does a good job in regard to shaping the liberal dialog and agenda, but in all fairness, I do not believe that they received all those links on those posts for that. Remove the video content from those posts and allow them to stand on their commentary alone, and they would instantly drop into obscurity.

Don’t get me wrong–providing the video content is fantastic, and I depend on C&L to see so much of this stuff that I would never get to see otherwise, living overseas as I do. But the true credit for the inbound links lies with C&L only insofar as they went to the trouble and expense to provide the video content; the credit for shaping the dialog and agenda goes to Stephen Colbert, Al Gore, and most of all, Keith Olbermann.

This is weird. I have a blog entry from December 2003 where I put up some photos of my dad’s canaries. I made no claims about canary expertise, and made it clear that they were not my canaries. And yet, since then, I have been getting comments from people–most from people with Arabic-sounding names–asking for canary stuff, as if I were a canary go-to guy or something. The comments include:

I WANT FHOTO CANARY FOR BREEDING AND AECHIVES ALBOM
THANK U.   [“Masoud”]

visit [my] site and write me a letter showing me where the canaries live.    [“Meshari”]

Please send me picture and article Kingstroat and Backsrtoat breedings, thank’c (Indonesia)   [“Anjar Siswanto”]

My canary is sick. I’m to give him 3cc of liquid antibiotic two times a day. Is there an easy way to do this? Thanks! G   [“Georgianna”]

In the comments, I replied to these, saying that I know nothing about canaries, they are not mine, I don’t have regular access to them and so on. But the weird comments keep on coming. Just a few minutes ago, another came in from “Rashid”:

hi please send me photo by canary
thanks you.

All part of the risks of blogging on random stuff.

About a month ago, somebody asked me if there was a way they could write their email address on a web page and yet avoid having it picked up by spammers. I was about to tell them it was impossible, but then I had an idea–and it seems to have been a good one. I tested it, and indeed, it did work. The best part is, it incorporates a technique used by spammers themselves, and beats them at their own game!

A little background first. Putting an email address on a web page, or for that matter, anywhere on the Internet where the public can see, is an open invitation for spam. Spammers use automated programs, called “bots,” to “harvest” email addresses. The bots scour every last web page, discussion group, and other public piece of information on the Internet for anything that looks like an email address. When they find one, they add it to a list, and start sending spam to it.

I know this is true because I have tested it. FIrst, I create a brand-new email address (e.g., “brandnewemailaddress@blogd.com”), one which has never been used before, and one which no one but me knows about. I then put the email address up on this blog’s main page. To ensure that only spammers can see it, I make the address the same color as the background, rendering it invisible to the human eye. Five months ago, I put up one such address, and after a week, spam started coming through; after one month, it had drawn 41 spams; this week, it has been getting about 7-8 spams per day, and has collected about 500 spams altogether.

So, I know these bots are constantly surveilling my web site. I know that any email address posted in such a fashion will be picked up. So how could I post an email address and not have it be picked up?

The idea came from a technique I saw spammers use themselves. When spammers send email, they know that certain words will trip spam filters, and that will send their spam to the waste pile, where it will never be read. One key word, for example, is “Viagra.” So spammers who want to use this word will try to disguise is. One way is to misspell the word, for example, “V1@gra” or any other of a hundred variants. But the technique I saw spammers use years ago works to foil the spammers themselves.

It involves the use of HTML code. HTML is the language used to write web pages. If you go to the “View” menu of your browser and choose the “View Source” command (or anything that promises to show the “source”), you’ll see the same page, but as it appears originally, the source code. You will see that it is filled with stuff inside <angled brackets>. On a web page, anything in angled brackets is considered a command for the browser. As a simple example, “<b>” is a command to make text bold. One “harmless” command is <!– text –>. That is a comment command, an exclamation point followed by double-hyphens within a set of angled brackets. It doesn’t do anything, it’s intended solely as a comment in the code. Because it’s an HTML command, it does not “render,” that is, it does not get shown to the viewer on the web page; it is “edited out” by the browser.

Now, spammers used to use this as a way to break up a word so it would get past the spam filters for email. For example, instead of writing “Viagra,” if they instead wrote “Vi<!– text –>ag<!– text –>ra,” the spam filters of the time would not see the word “Viagra,” but since an email reader will render HTML code, the stuff in the brackets would disappear for the person who was looking at the email, and they would see “Viagra” in the clear. Clever! Until, of course, the email spam filters were updated, and it no longer worked for spammers, so they stopped doing it.

But apparently, the spammers never updated their own bots to filter out their own trick! I tried writing an email address in the clear, broken up by this old spammer’s trick, and it has been a month, and not a single spam has been generated! In all other tests where I put up email addresses, spam started coming within a week, and dozens had come by the end of the first month.

So if you want to post an email address so that people can see it but spammers (who are not people, after all) cannot, then add those comment commands within the HTML code on your web page. Look at this new email address I just made:

spammerssuck@blogd.com

Now, I didn’t really type that in the HTML code. You see it as being in the clear, but if you were to look at the HTML code for this page, you would see that it really looks like:

spa<!– toy –>mm<!– blue –>erss<!– bottle –>uck@blo<!– phone –>gd.<!– box –>com

Note that in the HTML comments breaking up the email, I inserted random common words–another spammer’s trick, to throw off filters. But really, you could probably put anything in the comments, it likely doesn’t matter.

Now, will you be safe by doing this forever? Hard to say. Spammers might never pick up on this, or they might write a fix for this tomorrow. Heck, they might read this blog regularly, and I might be tipping them off. My guess is that they won’t bother changing their code to account for this trick until a significant number of people start using it. So if you’re forced to put your email address up on a web page anyway, and you don’t have access to complex coding that might protect it, then you might as well give this method a try.

Yet another of my Internet peeves: stuff like this.

Now, I could have gone ironic and left it at that. But my point is that the post consists solely of a link, but does not describe at all what the link is. This TPM post is more egregious than usual, as it only consists of the word “Yep,” which is a link to a Daily Kos story. Josh Marshall is a repeat offender with this.

There are three reasons I don’t like it when people have links and yet give no clue as to what they are. The first reason is that I don’t like jumping around. If I am on a page where many entries might appear and I haven’t finished all of them yet, I might not want to leave the page to look at something and then have to come back.

The second reason is that I don’t like being led blindly about. I want to know where I am going to before I go. For me, a blind link like Marshall’s is equivalent to someone holding something I can’t identify up to my nose, and without explanation, saying, “smell this!” If you write a post about something, it stands to reason that you should make clear what you are talking about. If you don’t have time for that, maybe you don’t have time for writing the post. Take a minute and at least write a short note about where you’re leading people and why. If the mystery was intentional, I like that even less; being coy may be fun for the writer, but it’s a lot less fun for the reader. Maybe the article is one I’d like to read–but maybe not. People who have slow Internet connections and have to wait a while for pages to load must be really annoyed by stuff like this.

The third reason I am uncomfortable with this is because links go bad. If the post’s archive is kept, people will find it with Google–but the link the entry points to could disappear at any time, especially news stories, which often have a very short lifetime. Without any exposition in the blog entry, the reader will be mystified at what the blogger is talking about. Broken links can also nullify the point of an entry by making key data or evidence inaccessible; ergo, bloggers should take the time to copy and paste the relevant portions of the page they are linking to, so the pertinent information is preserved.

An associated peeve often appears in comments left by readers, usually combative ones: some will make a vague argument (“I disagree with what you said”), and for a riposte they will link to an article–but they do not explain which part of my argument they disagree with, nor why, nor what it is in the article that supports their point. Unless the entire article is their point (which it almost never is), then I am left to read through an often lengthy piece (usually an annoying diatribe by a right-wing pundit), and then guess as to which part of the article the visitor was referring to; essentially, I have to do all the work of creating the visitor’s argument for them, and even then, I am not sure if I understand what they were thinking about. In such cases, I usually ask for specifics and refuse to respond until they are given.

Long story short, it’s best to be specific, and not count on links to tell a story that you should be making yourself.

Coming soon, another pet peeve: people who constantly whine and complain on their blogs. I hate that.

For some of you, this site has not been displaying correctly for a week or so: the header and sidebar remained intact, but the main body of the page with the blog entries disappeared. If that’s what you experienced here, then the problems started when you upgraded to Firefox 2.0 and had a certain screen size. You might have found that decreasing the text size would have brought it back into view, but might have made the text too small to read comfortably.

It took me a bit of work to hunt down and fix the problem–an old bit of css coding (which Movable Type put in the stylesheet years ago) that told browsers to hide “overflow”; Firefox 2.0 must have redefined “overflow” in some way. I removed the offending code, and all should be as it was before. If not, I hope you’ll let me know.

A note on a milestone: this blog received its 5000th comment last night. More than 900 of those comments are for my post on Eyelid Twitching.

That number, of course, does not include any of the spam comments that regularly shower the site (more than 7000 have gotten past my spam filters and had to be manually removed; the filters have caught and blocked hundreds of thousands more–and no, I am not kidding or exaggerating about that number).

5000 comments may sound like a lot, but it averages out to between two and three comments per post. Not too bad, but not as many as blogs with smaller readerships. I think one of the reasons for this is that I am not very good at responding to comments; if readers feel that the blog’s author is not reading the comments, they will be less likely to write more comments. Many prefer conversation of a sort, instead of just leaving a note.

Actually, when you leave a comment on this blog, it generates an email to me, and I read every one. I’m just not good at correspondence, is all. Most times I read it and agree, and have nothing to say. I should respond more, though. My apologies if you commented and I said nothing in response.

Another spam deluge. I have been getting a dozen or two blog comment spams which have been blowing past all my filters, mostly with blogspot addresses. Even if I blocked all blogspot addresses (which I don’t want to do anyway), it still wouldn’t get all of them. I though I could wait the deluge out, but it’s been almost a month now, so for the time being, I’m setting the number of allowed links in the comment text to zero.

You can still leave links though; both in the URL window (less attractive to spammers because it’s a dynamic link which give no Google juice), and in the comment text as straight text; any URL without hyperlink code (the “a href” command) will be OK. In the comment window, leave out the “http://”–just type beginning with “www…”

Furthermore, if you write the URL out in plain text, I will turn it into a hyperlink myself during moderation. So few of my visitors leave URLs that this will not be a problem–and it will certainly be easier than manually deleting the dozens of comment spams that come through in any case.

As always, thanks for your patience in this regard.

If you’ve had trouble getting through to my site, you aren’t alone. I’ve been having small to large outages for the past few weeks. I’m on my web host about this, but sometimes web hosts do this, and you have to bear through it… One of the frustrating things is that you don’t always know what causes it. Web hosts never admit to screwing up. They either dismiss it as a minor technical glitch beyond their control, or they blame it on a disruptive user on the server. With continued outages like this one, neither makes any sense; either they should have repaired the glitch or given the boot to the disruptive user long before now… which probably means it’s the web host screwing up somehow.

My apologies for the inconveniences. I’ll post a quick note when service seems to be stabilized.

Update: Great. I get a message back saying that the problem “was due vulnerable perl scripts running under a user,” and that they have “disabled that user.” Except when I check, my own site’s comment script has been disabled. Charming.

…And as I tried to post this, I got an error message. Can’t post, either. Swell. My site is up, but it’s also dead. [Obviously I posted this after the problem was fixed.]

Great, now I’ve got something new to worry about. It seems that blog spam (comment spam, referral spam, trackback spam) was not enough. Now I’ve seen a Movable Type blog hacked by spammers. True, it was an older version of the MT software–though I’m not even sure that was the weakness the hacker exploited–but it’s now officially got me worried.

It was not my own site, but the site of a family member who needed a web site with certain features, and so I quickly set up an MT blog to fill their needs. I was checking it out today, and suddenly I noticed that on a few entries, a spam link was inserted right smack into the middle of the blog entry page. Worse than that, the browser I was using (Firefox on XP) suddenly bogged down, trying to open up a variety of weird windows and files, to the point where I had to force-quit the application. Later, I tried opening the same pages on my Mac with Safari–and though Safari did not try to open the files, it opened windows filled with junk characters–and it, too, froze and had to be force-quit.

When I looked at the individual pages, it turned out that the link was added directly into the page’s HTML, and there was an indecipherable script added to the bottom of the page. When I checked the entry’s core text on the blog’s control page, it was clean–so the blog’s software and database seem not to have been compromised. But the site’s security apparently was, and that site’s security was standard for the field.

But that wasn’t all. In addition to the 8 pages of the site that were hacked, 3 PHP scripts and an htaccess file were also added to the directory.

Since the original blog database was clean, it was a simple matter to rebuild the site and then erase any files added by the hacker (who apparently did the deed several months ago). So now the site is clean, but whatever scumbag hacked the page might still have access… so I’m going to have to reset the entire site, and then keep an eye out for more stuff like this in the future.

I knew spammers were despicable lowlife criminals, but I’ve never seen or heard of them going this far.

A small note–I’ve just reworked the sidebar a bit. If you use it at all, you’ll notice a few of the changes. The first change is in the LinkBoard. Remember that episode of Seinfeld about speed-dial rankings? I kind of feel like that when I’m reworking the board, wondering if the people listed will notice the changes and say, “Hey! He moved me from 14 to 16! What’s up with that?” Added to the Linkboard is Sean’s and Justin’s blogs (about time), Blog-Q Taro’s (a lot of actual link referrals come from there, I don’t know why), and a completely new Japan blog, “My So-Called Japanese Life,” authored by Shari.

Next, the “Best of BfAD” is revised. There are now sections to the list. I’ve collected all of my serious-issue entries and collected them at the top; if you want to know where I stand on just about any issue, they’re all there, in gory detail. Included is my post on “Arguing on the Internet,” which, to my rather great surprise, was selected by a professor in Texas as an entry in a college reader, a book used by Academic Writing students as examples of writing to emulate. It’s not published yet, but will be out in the next few months, I’m told–I’ll be sure to go on at length about it when it’s released, as if it were an astonishing accomplishment or something.

The second section is entries that come in series, including four almost-categories where I’ve blogged repeatedly on specific matters (The Republican Blame Game, The “Liberal Media” Lie, Right Wing vs. Judiciary & The Constitution , and Church, State, & Christianity ). Not repetitively, though, I hope. The third section is general posts, followed by a few resources in last place.

Next, I’ve gotten rid of a few sections, including the “Media Reviews” panel which showed “What I’m Reading Now,” which, of course, was always out of date (no, I did not read “Big Lies” for two years straight). I figured I don’t change it enough, and certainly I don’t get people ordering from Amazon through it, so out it went.

Last was a small rework of the end links, adding a number of blogs that have been kind enough to link to me over time. I’m sure I’ve missed a few; if I did, please don’t take it the wrong way.