1. State of the Splogosphere, Part IV
2. Ringo is Malware
3. Use Firefox, avoid WMF Exploit
4. They Shared My Email Address
5. State of the Splogosphere, Part II
6. The AdSense Scam
7. Spam Bot Bomb
8. Banned From Digg
9. Spyware Rubbernecking
10. It's not a bug, it's a feature

Sometime yesterday a blog comment spam DOS attack started on my website. I've received thousands, possible tens of thousands of blog comment spams. It even took out my site for a bit. But I'm back.

Update: In particular, this blog entry seems to be getting the brunt of the attack with thousands of blog comment spams daily. I disabled comments on that one entry. I also note that the majority of blog comment spam are faking the referrer.

The following is a paid review:

Norton Antivirus is one of the most popular lines of anti-virus software. I'm sure most of my readers have already heard of it and I'm sure many of you are already using it. Personally, I don't install any anti-virus software, but let me explain why. I have used anti-virus software from time-to-time in the past, but a few years ago I found the software was actually slowing my computer and quite often when I needed most to get work done. Now I'm an uber-geek. My income is based 100% on how much work I can get done on a computer. I need maximum performance all-the-time. Further, I know how to avoid viruses. In fact, I've only had one virus in my life and that was in the 80s. It was the Stoned virus. The university I was attending distributed versions of Minix on floppy disks, which happen to all contain the virus. We all got infected. Since then, I've been overly cautious and eventually I realized that the virus shield software was a nuisance that did nothing for me. I still do use virus scanning software from time-to-time, but now I use Windows Live OneCare. It has a small footprint, runs in your Web browser and it's free.

Am I suggesting that you shouldn't use Norton Antivirus? Of course not. Let me ask you some questions. Do you install software from small publishers on your computer? If you do, then you should consider a virus shield. Do you open attachments from Aunty Joanne? If you do, then you should consider a virus shield. Do you share music or porn online? If you do, then you should consider a virus shield. You may ask what I mean by a virus shield. Well, Windows Live OneCare is not a virus shield. It only scans your computer for existing viruses, it doesn't protect you from getting viruses in the first place. Norton Antivirus, on the other hand, can protect you from getting the virus in the first place because it actively scans your memory and downloads for viruses. Let me also point out that most all anti-virus software not only protect you from viruses, but they also protect you from other forms of malware; adware, spyware and more.

I have multiple computers in my household and not one of them have anti-virus software installed. And I have a 3 year-old that surfs the Internet several hours per day. I also have a 6 and 8 year-old that surf from time-to-time. I protect their computers by using the content filters built into Internet Explorer. They can't go to a website unless I specifically add the website to my whitelist. The point is that there is hundreds of ways of protecting computers from virus. Norton Antivirus is one of them and likely a very good one for most everybody, just not me. Children and particularly teenagers are very susceptible to viruses, because they tend to be very aggressive and naive.

Now, if and once you've decided to purchase Norton Antivirus, the next step is determining where to buy it. You can go to your local computer store, but it online at Amazon, but it directly from Symantec, buy it from Rmail shopping or buy it from a third party website. If you use this 3rd party website (antivirusdownload.com), then be sure to use their coupon for 10% off. This'll reduce the price from $39.99 to $35.99. This seems to beat the best price I can find online by $1. Now normally, I wouldn't suggest buying software from a 3rd party website like antivirusdownload.com, but after investigating the site, I found that this website is simply an very good affiliate website and that your actual purchase will be directly with Symantec and $4 cheaper. That's quite safe, but you never know when it may change. Make sure when you download the software that you are getting it directly from Symantec.

http://www.antivirusdownload.com/norton-antivirus/

I [Robert Scoble] find it ironic that in a search of who is linking to Mashable’s report about StumbleUpon that a splogger is there using MY blog post (a splogger is someone who uses a system to automatically copy blog posts from other people). But notice that neither Google nor Technorati have my own blog post displayed right now.

Consumer Affairs has posted a top 10 list of scams for 2006. I’m sure most of us know about these scams but there are others who are not as web savvy as we are and it wouldn’t hurt to pass these along to them. Scammers scored at will,...

Some observations based on examination of spams [Don Park] I've received over the past few weeks:

1. most of the spams are still text-based.
2. most of text-based spams are successfully deflected by text-based spam filters.
3. most of the image spams are getting through.
4. most of the image spams are coming from foreign countries.
5. there are only a handful of image-based spamming operations currently active.

I'm amazed just how bad Google Gmail's phishing detection is. I must have reported hundreds of phishing emails, but Gmail doesn't learn. In fact, it's the same phishing attack almost every day. You know the one addressed to PayPal members and they link www.paypal.com to an IP address. Just how hard is it to detect this? If an email contains the base URL www.paypal.com and links to an IP address, then it's phishing. I suspect that most mature Internet users know to avoid these, but the mundane users must be scammed daily.

Google, please get some reasonable anti-phishing technology in Gmail.

Everytime I [Eric Lunt] give my email address to a company, I create a new email address that I can trace back to that company. That way, I can see who's selling my email address by looking at the "To" header in spams that I receive.That way, I can see who's selling my email address by looking at the "To" header in spams that I receive. [cut] These are the companies that have sold my email address without my consent. [cut]

 - Datek, which merged with Ameritrade in 2002 and is now TD Ameritrade
 - United Airlines. I've created multiple email addresses for United and received spam on all of them
 - Micro Center, the electronic store
 - Vindigo. I no longer use their service.
 - Network Solutions. That gives you confidence, eh?
 - 1-800-Flowers

If I haven't said it already, Eric Lunt is a genious. If you don't like spam, then here's some companies you likely don't want to do business with.

Just need to take a moment to vent here. I just went to moderate our comments, as I do every couple of weeks. Know how many there were? 5,288. FIVE THOUSAND, TWO HUNDRED AND EIGHTY-EIGHT! I’ve been spam bombed!! It’s amazing how...

I thought it was just me receiving hundreds of e-mail messages over the past few weeks featuring the subject line "It's me, xxxx" that featured information about some yet-to-be-discovered stock but it turns out I'm just being caught up in the new spam...

Hearing from a lot of new friends lately? You know, the ones that write "It's me, Esmeralda," and tip you off to an obscure stock that is "poised to explode" or a great deal on prescription drugs.

KUTV - (KUTV) A new internet worm is targeting the ultra-popular "Myspace" network. If you or your kids use "Myspace" it could come after you. Several internet security companies confirm this worm exploits an element of the Quicktime player which many...

In late 2005 and earlier 2006, I wrote three pieces on the state of the splogosphere, which were basically an enumeration of how splogging was destroying the blogosphere. In the six months since my last piece, the percentage of blogs that are splogs is on the decline and major blogging platforms (Blogspot) have done a great job of cleaning up their act. A big congratulations go to Technorati and Google blog search, which has considerably improved their splog detection.

Early splogosphere growth occurred on hosted blogging platforms, like Blogspot. Lately, splogs are mostly found on self-hosted blogging platforms, primarily Wordpress. This has moved the fight against splogs from the domain of blog hosting services, to the domain of blog aggregation services and blog search engines.

If you compare the growth of email spam to the growth of blog spam, then you'll see two completely different curves. Email spam, even after years of growth, is still growing, whereas blog spam has already peaked. The difference is that email hubs are mostly controlled by large corporations and government, which are not quick to react and spammers easily out-maneuver them. On the other hand, the blogosphere hubs are controlled by small and nimble companies (Google was a start-up on 5 years ago, Technorati, Wordpress), which are capable of keeping up and even out-maneuvering spammers.

But now, the spammers have turned their attention to another hole in the blogosphere; comment spam. Comment spam is completely out of control lately. In fact, I'm considering revising my comment posting rules to automatically queue any comments that contain URLs for moderation. I don't want to do this because my moderation-less comment system is quite popular and I don't want to hamper that popularity and my AdSense earnings.

Previous State of the Splogosphere articles...

• State of the Splogosphere, Part I
• State of the Splogosphere, Part II
• State of the Splogosphere, Part III