September 8, 2003 16:08 | WebBlogging


Gen Kanai (Gen: sorry for the dual Trackback!) blogged about "ZipCode", the blog comments spammer, whom I have been affected by as well.

Gen says:

We may need to implement some kind of anti-spam comment posting mechanism in the not-too-distant future.

I think that's entirely the wrong route. Witness how well it is working for email... NOT. ;)

We need to put locks on our doors. Many ways to do this. Authentication, identification, etc...

Or how about one of those little sliding slits where you speak the secret and you are shown in?

I have used a little PHP and some GIFs to demonstrates how this may work. Go post a comment on this entry... You will notice a field titled "Secret" with a 5 character, randomly generated image based "secret" you must retype exactly in order for the comment to get posted. Well... not really... I don't have the wizardry to actually make this work.. it is just for show... (oh wait.. i can make it more convincing using JavaScript.. I will do this later tonight!)

Lemme know what your thoughts are on this.


Nice trick (if it worked). But wouldn't the spammers just find a way to read the secret and use it?

I'm not a violent person -- almost a pacifist in fact -- but I think it should be legal to smash up spammer's equipment and to beat the crap out of the people running it. It won't stop the problem but it might slow it down, and it would allow for some revenge!

Hi Blork.
Like I said this is a non-functioning mockup. The "real-deal" would not be "readable". The idea is not new. Many sites use randomy generated GIFs of random letters and numbers which you need to enter by hand to "verify that you are a sentient human being" (as opposed to a bot).

There are many different levels and types of "authentication" and "verification". It all depends on what you want to accomplish and how much you need to protect. In this case, you want to make it just enough of a hassle for Spammers to not post to your blog and avoid the creation of spam bots. This is why I suggest this method.

We could go with full on authentication schemes, but that become even more restrictive and annoying, etc...

As for spammers: it takes all kinds. I have no animosity towards them. They are a logical and natural effect of the causes in effect. Shame on you, Mr. "I am almost a pacifist". ;)

Your trick has a strong problem.....

It's not accessible. :))))))

Gar... screen readers... forgot... damn...
Any suggestions Karl for blogspam guards?