ongoing has had comments for a couple of months now; I’m really happy with the way it’s worked out, so, first of all, Thank you! to the people who are doing it; I checked this morning and there’ve been 449 contributions. The quality is by and large high; for example, in the last day, Kill Switch Nightmare got a really smart comment from Colin Jeanne pointing out that for the bad guys, there may be easier and deadlier attack vectors than the Vista/Office “Kill Switch”. And somewhat to my surprise, Bob Aman responded to On Attacking Iran, taking the other side of the issue and demonstrating that not everyone who’s considering this is a complete fruit-loop. Yes, they’re still moderated; I’d like to turn that off, but I watch everyone I know on commercial packages burning time and cycles battling the ever-mounting spam wave, and I get scared. Call me a chicken. Cluck-cluck. I’ve got a to-do list for a dozen minor improvements, all suggested by you (thanks!); I’ll get to them.



Contributions

Comment feed for ongoing:Comments feed

From: Hub (Nov 21 2006, at 12:47)

I wonder also how much spam you get if any? Because blogs running WordPress or Dotclear (or any other popular and "packaged" blog software) gets a lot unless you put on drastic protection like captcha or bayesian filtering.

Yours being purely custom, maybe it is not worth the effor to write a robot.

[link]

From: Michael Buckbee (Nov 21 2006, at 12:59)

Tim,

Have you considered integrating with Akismet?

It's often associated only with WordPress, but it does have an open API - http://akismet.com/development/

[link]

From: Rob Sayre (Nov 21 2006, at 13:58)

I use HMPassphrase and I never get spam.

http://projects.heavymeta.org/HMPassphrase

[link]

From: Daniel Haran (Nov 21 2006, at 14:43)

Are there any web services for checking whether comments are spam or not? It seems to me this isn't something every blogging package should be reinventing.

[link]

From: Steven (Nov 21 2006, at 15:47)

"I watch everyone I know on commercial packages burning time and cycles battling the ever-mounting spam wave."

Have you been watching your wife? The only anti-comment spam package that we've ever used is Spam Karma II on Wordpress, which I believe I discovered via your wife's blog, and it works amazingly well. I'd say we get one or two spams per month slipping through, and our site is a widely linked-to site in a field that attracts a lot of spam. The only spam it doesn't catch is manually enterred spam (people submitting relevant comments manually, linked to irrelevant AdSense-farm sites), which are arguably not spam anyway, since they are not automated.

In borderline cases Spam Karma II throws up a captcha. It seems to me that using a captcha 100% of the time would be an even more perfect solution. This would be easy for you to do, and wouldn't involve reinventing the wheel.

[link]

From: Matt Gifford (Nov 21 2006, at 15:58)

Daniel, check out the link to Akismet in Michael's comment above.

[link]

From: AlastairC (Nov 21 2006, at 16:42)

Akismet is a good service, assuming you don't mind each comment going to a 3rd party (or paying if you get a *lot* of spam). It checks each comment against a central database, which you can contribute to by marking ones it doesn't catch, or vice versa.

It was catching over 800 per day for me (on Wordpress), so I also installed "Bad Behaviour", which tries to identify 'bad bots' and prevent them accessing the site at all.

That is preventing about 3,000 accesses a week, and has brought down the Akismet caught spam to about 100 a day. I believe that both of these are available for non-Wordpress uses.

Although this site probably won't fall foul of the common robots that target Wordpress sites, there are a lot of ones that are either adaptable or manual. I've had spam comments on (Media)wikis, trac tickets (very difficult to deal with), and every contact form I've used, so please don't underestimate how low they will go.

[link]

From: Phillip Kast (Nov 22 2006, at 01:11)

"It seems to me that using a captcha 100% of the time would be an even more perfect solution."

Presenting a captcha only in borderline cases is almost certainly better than always presenting it:

1. It's a pain in the butt to solve those things.

2. They have well known accessibility issues, and it's hard to get around that completely.

3. If you are also doing some kind of statistical spam filtering, you can tune it to produce lots of false positives and no false negatives: a slightly higher percentage of the real people will see the captcha but you're still more or less spam-tight.

[link]

From: Sander (Nov 23 2006, at 11:37)

I assume someone will have requested this already, but just in case not (I haven't been following comments too closely), I'd really like it if the "[x comments]" bit at the end of each entry could be linked directly to those comments. I can feel myself spending conscious effort hunting for the way to read those comments until I realize where I am and move my eyes way back to the start/title of the entry. I don't know if that can be called a usability problem, but the same concepts apply.

[link]

author · Dad · software · colophon · rights
picture of the day
November 21, 2006
· The World (115 fragments)
· · Life Online (267 more)
· Technology (85 fragments)
· · Publishing (156 more)

By

I am an employee of Amazon.com, but the opinions expressed here are my own, and no other party necessarily agrees with them.

A full disclosure of my professional interests is on the author page.