LiveSide - News blog : spam

LiveSide: the latest on Link Spam

Kip Kniskern — Thu, 22 Oct 2009 01:23:00 GMT

If you’d been watching our membership counter in the past week or so, you would have noticed that we’ve gained about 300 users this past week, with more coming in all the time. Normally you might think this was a good thing, but most if not all of those new users are only here hoping to use this site to create backlinks to their sites, or sites they are “promoting”. From what we can gather, these people are getting paid to create backlinks in places like our user profile.

In addition, we blocked and then deleted about 1,000 more before we had controls in place to try to keep this site from becoming a quagmire. Of course we’re not alone in having to deal with link spam - Danny Sullivan, who runs a business based on search engine optimization, recently ranted about link spam on his personal blog:

No, the core problem is that the web has people who think nothing of vandalizing other web sites. That’s what link spamming is. You’re not adding value to a site. You’re simply spray painting garbage on someone else’s property, for your own personal benefit. You have no manners. You have no morals. You ought to be ashamed.

We thought we could get these people to go away by creating a provisional user profile that didn’t allow any html, and then allowing more access after a period of time. Well that’s not going to work, as we simply can’t take the time to go back and check on these hundreds of users to see if they came back after a month to “spray paint garbage” on our site.

So for now (in addition to adding “NoFollow” tags to all user links, including links in comments), we’re shutting down any ability to create html in user profiles. Sorry but it’s just not worth the trouble. You’ll still be able to choose or upload an avatar, etc., just no linkable bio entries. If you already had a bio you now need to edit, email us at feedback *at* liveside *dot* net, and put Edit Bio in the subject. Apologies for any inconvenience, this has been a big pain for us, too.

As for all those new users, while we wish they were actually visiting the site enough to make a difference in our traffic (or rss feeds or twitter followers), they’re not. Go figure.

Jamie gets mad at spam and Spaces; and hears about new anti-spam measures

Kip Kniskern — Tue, 02 Dec 2008 23:49:18 GMT

Jamie Thomson, an avid blogger and Windows Live enthusiast, blogs regularly on his Spaces blog about Windows Live, but today he had enough. Having to deal with and delete 51 comment spam posts on a recent blog entry in the space of an hour got the best of him, and he fired off a rant, calling out Spaces for their perceived lack of attention to comment spam:

As happy as I am to see Windows Live Wave 3 rolling out this week and as much as I offer my thanks and congratulations to the people that built it I can no longer hide my anger and resentment toward those same people –some of which I have met and dined with- that have habitually failed to address this rampant abuse of Live Spaces. Why is this not a priority?

Luckily for Jamie, one of the comments on to his rant he didn't delete was from Marcus Schmidt from Microsoft, who responded with a list of what Spaces is and will be doing about comment spam, starting with the new release that we're expecting at any time now from www.spaces.live.com:

I've talked to the Spaces team and this is what we're doing with the Wave 3 release that is rolling out today to help mitigate the spam problem:
1. We've taken some measures on the backend that will reduce the amount of comment spam
2. We're actively looking for and disabling spammer accounts
3. We've built a better recent comments page that will allow you to see up to 50 recent comments on one page and delete any spam comments from that page.
4. We're continuing to invest in anti-spam and abuse measures that will roll out in future releases.
Plus we're doing some more secretive stuff that I can't really declare publicly because it would tip off the spammers.

Good to hear from Marcus and Spaces on this, and although the comment spam issue is a lot bigger than Spaces (it's why we ask you to log in to LiveSide to leave a comment, for example), spam is never fun to deal with.

Windows Live and SkyDrive: safe havens for spam?

Kip Kniskern — Sat, 22 Nov 2008 05:04:10 GMT

A blog post today on a Washington Post blog, Brian Kreb’s Security Fix, pointing to the Spamhaus.org Top 10 list, reports that Windows Live, through live.com and livefilestore.com domains, has vaulted to be the #5 “most spam friendly” Internet Service Provider. Spamhaus, which since 1998 has maintained block lists of known spammers that are used worldwide, had Microsoft at the #9 spot (#1 being the worst) earlier this month, but in the last few days has risen rapidly. One problem is in blocking a popular site such as microsoft.com causes its own problems, according to the blog post:

Richard Cox, Spamhaus's chief information officer, said spammers advertise the links at Microsoft's properties by the tens of thousands at a time, because they know anti-spam groups are unlikely to block Microsoft properties outright.

Spammers are using SkyDrive accounts to hold snippets of javascript code that, when run, redirect anyone led to them by an email link to various scammer websites, including gaming and online pharmacy sites.

Others have reported on problems with spam hosted on SkyDrive accounts recently as well, according to Kreb. In January, McAfee wrote about it in a blog post of their own, and last month UK security firm Marshal posted as well

Microsoft has been slow to react to the issue, according to Cox.

"It should not be difficult for a company with Microsoft's resources to identify and mitigate that abuse in-house without any external input, but so far this has not happened," Cox said. "Microsoft's live.com system has for some time been supporting an illegal drug sales operation, and Microsoft has known this."

When contacted by Security Fix, Microsoft declined to offer anyone up for an interview, although it issued a statement through John Scarrow, general manager of safety services at Microsoft. Scarrow said, in part:

We take protecting our customers' security and privacy seriously and are continually working to improve their experiences while making industry leading progress to mitigate such attacks through both oversight and technology advancements. Using Windows Live services for spam is explicitly prohibited by the terms of service, and Windows Live accounts that are found to be used by spammers are aggressively removed."

It isn’t clear to Spamhaus, or to Brian Kreb, that Microsoft is acting as aggressively as it says. Some live.com properties listed on Spamhaus.org over a month ago are still active.

Windows Live Hotmail “CAPTCHA” security compromised; bot attacks in 6 seconds or less, according to security blog

Kip Kniskern — Wed, 16 Apr 2008 10:12:55 GMT

Via Ars Technica

The Websense Security Labs blog is reporting that a new bot threat is capable of defeating the Windows Live Hotmail CAPTCHA security measure, and can break that code in less than 6 seconds, create new accounts, and use them to send spam.

The blog has a detailed analysis of exactly how the bot is working, some of it pretty technical, but it does appear that the CAPTCHA process has been compromised. Earlier this year, reports of the same thing happening to Hotmail accounts, and then to GMail accounts surfaced, and it appears that the methods for attacking CAPTCHA are rapidly becoming more sophisticated and more widespread, and could result in a significant increase in spam, unless new measures are implemented. This all becomes something of a cat and mouse game, as security measures are devised, and then in turn, defeated.

Trying to defeat spammers and malicious bot networks is an ongoing battle that hasn’t been easy to win. Microsoft Research has developed a system they are calling ASIRRA (Animal Species Image Recognition for Restricting Access), which requires the recognition of a picture of a dog or a cat, something fairly easy for a human but quite difficult for a computer program. ASIRRA, in partnership with Petfinder.com (who supply the pictures) is available now, but whether or not ASIRRA, or any other security system, will appear as a replacement for CAPTCHA in Windows Live Hotmail remains to be seen.