Feb 172005

Spammers. They’re the flu of the internet. They spread their disease in bursts and leave behind headaches and phlegm and general ill-feeling. Like telemarketers, they know that they’re universally reviled, and they don’t care because they’re making money at it.

I bet the first phone call Alexander Graham got was from a telemarketer. Because their ilk has been exploiting every communication medium we’ve come up with since, using other people’s resources to subsidize their advertising. They’ve done their best to make e-mail and instant messaging useless, and their latest target are the weblogs.

You folks don’t see the spam, of course—I still retain enough of my geek skills to route the crap into a moderation queue instead of letting them dump it right onto my blog. But spam they do. They post URLs to their sites in the form of comments to random posts, sometimes posts from years ago (before I installed a WordPress plugin that would close comments after a week). Then they keep posting spam to comments, even to posts whose comments are closed, by running the comment script directly. With some help from my mate, the computer guru, I set the blog to only accept comments posted from the web form. Now they’re spamming via trackback, the blog community’s chummy mechanism for saying “hey, I liked your article, and I’ve discussed it over on my own blog.”

Why are they so determined to post porn ads and casino links to my obscure little blog? Compared to the vastness of the web, my readership is practically nil. I’m never going to slashdot anyone’s site because I mentioned it in my burblings, and the kinds of folks who are interested in my burblings don’t tend to go for hot teen lesbo porn or casino poker sites. Or at least the ones who do go for those things have found them long before they ever wandered over here.

No, my friends, the comment spammers aren’t targetting you. They’re targetting the search engines—specifically, the search engines, most notably Google, which determine a site’s ranking by how many other sites have linked to it. The more links you’ve got on other sites, the higher up in Google’s rankings you are.

Ahhh, now you’re starting to understand their motivation, aren’t you? A few dozen links on my blog are annoying to me, but that’s not their goal. Their goal is a few hundred thousand links across all the blogs on the web, artificially pumping up their Google rankings so that their site comes up first whenever someone does a search for “hot teen lesbo porn” or “online poker.” They used to accomplish this by posting the hundreds of links on their affiliate sites, in an incestuous self-promotion that would have been right at home on the Lifetime channel. Then Google wised up and fixed their ranking algorithm so that sites playing ring-around-the-rosy with their referrers would no longer benefit. So the spammers turned their greedy little gaze onto the plethora of weblogs that were blooming across the web.

Okay, you’re thinking. So what we need is a way to tell Google that some URLs on our site don’t “count,” somehow. Well, Google thought of that too—you can now add the nofollow attribute to links that you don’t want to count towards Google’s page rankings. At first glance, this looks great; after all, if the spammers don’t benefit from spamming, they’ve got no reason to do it any more, right?

Unfortunately, further reflection leads me to think this will do more harm than good. Spammers will not stop spamming, because (as we’ve learned in the e-mail variety), there will always be some clueless sysadmin somewhere who leaves his system open for abuse. Even now there are open proxies which allow anyone and everyone to send whatever they want, requiring no authentication. And e-mail servers are systems that we should reasonably expect to be run by people who have some idea what they’re doing. Your average blog is run by your average Joe, who might not be heavily involved in the nuts and bolts (nor should he need to be).

So there will always be some number of blogs open to abuse—and as the number of blogs using “nofollow” to curtail the usefulness of comment/referral spam increases, the spammers will simply pump out more and more spam to compensate. The spam will not stop. In fact, the only purpose that will be served by “nofollow” will be that the search engines won’t see it; in other words, “nofollow” will benefit the search engines, not the bloggers using it.

And as with everything else, “nofollow” can be used for abuse itself. Want to make snide remarks about another blog, but make it difficult for them to find out? Link to them with the “nofollow” tag so your vitriol won’t show up in search engines. Got a lot of reciprocal links with sister sites? Set them all to “nofollow” so the search engines will think all that popularity is one-way. Want to plagiarize a well-crafted article? With “nofollow” the search engines won’t be able to attribute it to its source. And if a little geek wannabe like myself can come up with these, you can bet that a real geek with malice on his mind will think of many more.

Alas, we have no panacea in nofollow. A more effective solution would be a means of refusing connections from insecure systems and promiscuous open proxies, but sadly there are too many big-name ISPs who would be blocked by such a maneuver, so it’s impractical. So I’ll keep working in my fumbling amateur way, another foot soldier in the war of escalation between the leeching spammers and the people whose resources they want to exploit.

And for now, at least, I think I’ve solved the issue of the trackback spamming. Time for a little R&R before the next sally.

 Posted by at 1:43 pm

Sorry, the comment form is closed at this time.