Are your sneakers tied?
Here’s a not-so-funny joke that actually has a whole lot more to do with protecting your blog from spam than you might think. The joke is from the article discussed in my last blog entry. If you recall I said I’d speculate on the meaning of this joke next time around. So here’s the joke for all you who’ve not taken time to read Ned’s article about a simple way to protect your site:
Jim and Joe are out hiking in the forest, when in the distance, they see a huge bear. The bear notices them, and begins angrily running toward them. Jim calmly checks the knots of his shoes and stretches his legs. Joe asks incredulously, “What are you doing? Do you think you can outrun that bear!?” Jim replies, “I don’t have to outrun the bear, I just have to outrun you.”
When it comes to locking your blog down from SPAM attacks, you don’t have to own the most secure blog in town; it just has to be more secure than the other blogs being chased by the same bear.
Volume cures a multitude of sins or, in the case of spammers, volume causes a multitude of sins. Spammers depend on being able to get their crappy messages posted to as many blogs as possible in the shortest amount of time. Like the bear, they’re going to catch the slowest “runners.” They don’t have the time or the patience to go after the quicker guys.
It’s the same for your average house burglar. It’s pretty near impossible to fully burglar-proof a home against someone who is determined to break into it. However, unless your home is specifically targeted by a thief who knows exactly what’s inside and is determined to get at it, decent locks and an alarm system are going to send the burglar scurrying off to another house down the street that’s less protected.
So I ask you: Are your sneaker’s tied? I hope so because for a spammer, it’s much more profitable to skip the sites protected by ATC; it’s much cheaper and easier to spam the unprotected ones!
August 27th, 2007 at 10:31 pm
Here is the same idea, expressed in other words. foundin phpbb.com forum:
http://www.phpbb.com/community/viewtopic.php?p=3172783#p3172783
No hacker is going to waste a nanosecond to get past your security, even if it’s simple. Just to add one single forum to their collection. They have what, ten thousand other forums to worry about? Do they have time to spend even fifteen seconds per forum? No. So all you need to do is break their automation by making your registration process different from all the other forums on the internet and implementing a solution that has several variables.
September 23rd, 2007 at 12:41 am
[…] The first method is the most obvious, many people think it compromises the protection, but I (and practice) disagree. The arguments are in this blog post: “Are your sneakers tied?” […]
October 9th, 2007 at 8:55 am
On my website’s ‘email me’ page, I have a form, with a big text area. After a while, I started getting an email a day full of pornographic links!
The solution? Change my text area’s ‘name’ attribute from ‘comments’ to ‘zurbology’.
I suppose the spammer’s script thought my email-me form was a guestbook form!
October 9th, 2007 at 10:28 pm
Yes, it should work, at least for some time. But some spammers are like crazy. They spam to any web form they can found. I don’t understand why.
November 28th, 2007 at 12:29 am
[…] ACD is smart enough to stay ahead of the spammers, and that’s all that needs to happen to get the job done. That sort of reminds me of the two guys that were being chased by a bear. One of them quickly figured out the secret of avoiding being eaten alive. You can learn that secret and see how it applies to spam protection, by clicking here. […]