New Spam Frontier: Referer Logs 317
geoffsmith writes "Wired News is reporting that spammers are using referer logs as a cheap new way to
spam small sites. Anyone running a website has probably already seen this phenomenon; I'm thinking of writing a script to remove these entries from my access_log by looking for hits that don't grab my images. (sorry lynx users!)"
They will never stop. (Score:4, Insightful)
Re:They will never stop. (Score:5, Interesting)
Lowlife (but capitolist god bless 'em) pigs generate spam to sell their penis enlargement scam and mail clients develop ways to filter and block email. Distraction.
Distributed Denial of Service attacks attempt to shake the very foundations of the NET through bandwidth flooding and sysadmins implement redundancy and load balancing. Jamming - Frequency Hopping.
Remote exploits and virus appear everyday and patches are generated quickly for the more quality OS's and virus updates are required daily for Micro$oft OS's. Infiltration.
Governing bodies exist that the people disagree with such as the RIAA and MPAA. Demonstrations are held in both violent(DDoS) and non-violent(civil disobedience of P2P) manners. Revolution.
Needless to say, civilization has managed to survive for thousands of years despite man's desire to control everything including his fellow men. I think the internet will find a way.
Re:They will never stop. (Score:2)
So are you saying that spam, DDOSs, exploits and the (RI|MP)AA all drive natural selection in the ecosystem that is the internet? What an interesting thought.
Re:They will never stop. (Score:5, Informative)
If you want to learn about what civil disobedience really is, check this [eserver.org] or this [actupny.org] out.
If you think that the Internet is the most active battlefield today, you need to visit [un.org] a [disastercenter.com] few [yahoo.com] places [yahoo.com].
Re:They will never stop. (Score:2)
As far as what's going on in the middle east... You can link to web sites all you want, but until you come and work with me out here in the III Marine Expeditionary Force, where our Area Of Responsibility includes Afghanistan, Iraq, Indi-Pakistan, North Korea, the Philippines and Indonesia; You have no concept of either A)what a battlefield is, or B)what's REALLY going on in the world. Just a note: We have more attacks per day on one of our public
Re:They will never stop. (Score:2)
Re:They will never stop. (Score:4, Insightful)
I agree that the Internet can be and is a battlefield. So can Wall Street or the TSE. Or major media sources. Or the telephone. I don't agree that it is the most active - perhaps from a first world perspective, but I try and think a little more globally than that.
And how many people died due to those attacks on the public
Hacking a
(And anyone considering invoking Godwin's law... piss off
I concede that the Internet certainly *is* a battlefield. However, considering that conflict on the Internet barely affects most of the people of the world, I wouldn't rate it so high.
Re:They will never stop. (Score:2)
haha I've also noticed the beer inside my stomach is the most delicious outside of my body. And the milk in my fridge is the best drink on my desk. And the car that's in my driveway is at the shop.
riiiight.
The internet is NOT unique (Score:2, Interesting)
So at minimum the internet deserves regulatory parity with these other media. Abuse of telephones and faxes was dealt with years ago -- (albeit incompletely -- our phone rings off the hook, I'll rant another day). For some reason business was quick to push for the outright ban on junk faxes, but hasn't for email which must waste a lot of their employees' time and hassle IT, in the end costing them money. Money talks, so I which there was a more concerted effort by those businesses that would never themselves spam.
As with junk faxes (again, analogies everywhere) the injury from each incident is too small to do anything about; but we can act collectively through our government to attack the collective harm that is quite large.
I won't comment on the current political obsessions in DC on anything but domestic policy, but I hope we see something soon. I don't think state-by-state legislation will do the trick. Your opinion will count if you express it to the right people. Writing your congresspeople for one is NOT a futile activity: they carefully tally what their constituents are saying, and you will likely get at least a form letter in reply. (BTW, I think a real paper letter carries more punch than email.)
Exasperated outside DC, Andrew
Why not fight back against the scumbags? (Score:2)
If only a few hundred more people started doing this - absolutely flooding these spammed Pr0n sites, and get-a-big-dick-quick scams they would have HUGE bandwidth bills, and think twice about using the same marketting technique again.
It's no use trying to email abuse depts, or reason with this scum, you have to hit them where it hurts, in the wallet. The only way to do this (for us at least) is to suck their bandwidth dry
The spammer speaks... (Score:5, Interesting)
Heh, it's funny that this guy can make this statement and expect to be taken seriously. It's even more pathetic that he actually thinks he's "innnovative".
Re:The spammer speaks... (Score:4, Insightful)
Anyhow, unless the traffic is completely disabling, I don't see this as more than an annoyance that technology will filter out when it becomes sufficiently obnoxious.
You can do better than that (Score:3, Insightful)
Re:You can do better than that (Score:2, Funny)
Spam Lite (Score:4, Insightful)
Re:Spam Lite (Score:3, Interesting)
Re:Spam Lite (Score:3, Interesting)
Wish I could remember where I read it, I would give you a link. Best I can find right now is:
http://join.msn.com/?page=features/junkmail&pgm
Re:Spam Lite (Score:3, Interesting)
Re:Spam Lite Hotmail? (Score:2, Informative)
Haven't Microsoft started using brightmail to filter spam from hotmail?
According to MS themselves: Brightmail to Deploy Server-Side Technology on MSN Hotmail [microsoft.com]
This might be something to do with it...
Lynx users? (Score:5, Funny)
Don't worry. It's highly unlikely that any of the 4 current users will visit your website anyway.
Re:Lynx users? (Score:2)
I use opera most of the time with images off if I am on dial-up. Surely at least 3 percent of the population turns of images for non porna browsing.
It is a very convienient way to avoid adds and decrease load times.
Re:Lynx users? (Score:2)
Re:Lynx users? (Score:2, Funny)
Don't worry. It's highly unlikely that any of the 4 current users will visit your website anyway.
You mean there's another 3 lynx users out there? I'm not alone!
How is that any good? (Score:3, Insightful)
So, you mean you sit there and count how many links are on a page, then figure out where on the page #25 is, and then type all that in to go to it, instead of just scrolling down and clicking or something similar? How incredibly stone-age.
- A.P.
Re:Lynx users? (Score:2, Funny)
Of course, it's all us Internet Explorer users who've hacked it to report as Lynx so that we can be outraged when web sites refuse us too. Why should the rest of you get all the fun?
It's probably (Score:2)
Well.. (Score:3, Insightful)
In other news... (Score:5, Funny)
Re:Page fault ignorance (Score:2)
I don't know if these are *as* bad. (Score:2, Interesting)
On the other hand, I usually get a few thousand refer logs, and I *already* get a bunch of bogus refer logs from buggy browsers or something (like, a refer from a site I link to, I guess from people hitting the back button, that kind of thing).
On the other hand, I could see how it could get annoying for small sites.
The "solution" you mentioned wouldn't really work, as the spammers could simply download your images as well.
A more effective way to block these would be to scan sites in your logs and check to see if they link to you. It might take a while for huge sites, but then huge sites probably don't look through their refer logs as much.
OTOH, you would miss out on hits from sites that have random URLs or that kind of thing (like goggle's 'get lucky button')
Re:I don't know if these are *as* bad. (Score:3, Interesting)
I see a solution in this. It would be the spammer's own DOS attack. If they willing to download
referer information should be disabled by default (Score:5, Interesting)
Re:referer information should be disabled by defau (Score:4, Insightful)
Then there is the statistics, learn how people navigate around your site. referer can help you see a pattern and improve your layout.
Also it can prevent bandwidth hogs, mostly a issue with ad. graphics and pron sites where people use graphics from others servers on html pages on their own sites but also on free servers where people place graphics and files and link to those directly without using any html and then not showing any of the free servers ad's which provides them with money to run the sites in the first place.
Re:referer information should be disabled by defau (Score:5, Informative)
Furthermore I can restrict traffic for some areas of my site (like some sites that block links from slashdot) for particular reasons or uses. "You just came from the page of an associate and are able to receive a discount." "This page is restricted to users of xyz.com. Please go there first."
Lastly, it protects my image content. My images are not stellar, and yet other sites continue to use them on their pages. I can use the referrer to limit the damage done by only allowing the images to be referred by pages from my own site.
Referrer information may be annoying to you, but it's an extrememly useful tool. If taken away one restricts opportunities for the site operator to personalize and protect content on their site. Not a huge loss, but it isn't really as great a privacy issue as you seem to believe.
-Adam
Re:referer information should be disabled by defau (Score:4, Insightful)
This is so damned annoying. If I'm searching for some specific information, I don't give a damn about your idiotic welcome page. I don't care what your website is about or what you have to say on your other pages - all I care about is the specific technical information that google told me you have.
More and more, I'm finding myself using googles cache instead of clicking on the actual links. I know you couldn't care less about my insignificant browsing habits, but the more people start doing annoying crap like this, the more people start using google instead of the web.
"This page is restricted to users of xyz.com. Please go there first."
Do you realize how stupid this is? You're trying to control how I use my browser. Of course I'm not going to go to xyz.com and try to use their idiotic navigation looking for a link to you. You're simply advocating another form of advertisement and I'm not interested. I care about the data you're providing, not how you're getting funded.
I can use the referrer to limit the damage done by only allowing the images to be referred by pages from my own site.
And this is, of course, broken behaviour. Did you know that when you open a new link in Netscape/Mozilla that the browser does not send any referer at all? This means that I can't open your images in new windows and I'm constrained to view your images one at a time. Also, the some browsers change the referer for images when you "save" images (eg, right-click and choose "Save as..." may not send the referer you're expecting).
If taken away one restricts opportunities for the site operator to personalize and protect content on their site.
If you're using this to restrict content to your site ... well, forget it. If you have something I really want, I'll open up a terminal and telnet to port 80. Yes, this is indeed effective restriction. (Quiz to see if you really know what you're doing: how would you set it up so that you know that a user has previously visited another site, with cryptographic confidence?)
As for "personalizing" content, please stop. The only times I've seen that word being used in a web context is to personalize advertising (and also restricting content because I'm not using IE, but don't get me started on that). I've never seen anyone "personalize" a site in a useful way, eg, "You're a C programmer who writes Solaris kernel modules, so you're probably not going to spring for my Herbal viagra scheme and I'm going to cut the marketing BS and give you only useful information."
Why do these "blogs" even keep logs of referer links? This is pure narcisism (and more importantly, a waste of disk space - even though disk is cheap, it's still worth more than someone else's paltry feeling of acceptance). If you're going to say something, just say it. Don't base your life around how many people like what you say. "Ohh, somebody linked to my journal, that means I'm special and I can now feel good about myself." Ahh - get a life.
I swear, "webmasters" piss me off.
Referer checking for images (Score:4, Interesting)
And this is, of course, broken behaviour.
So do you have an alternative proposal to prevent resource (i.e. bandwidth) theft? That is a very real problem, and no amount of arguing that the current solution is "broken" will get people to change unless you provide them an alternative.
Re:Referer checking for images (Score:4, Insightful)
Session cookies based a cryptographic hash of browser-identifiable information. Just hashing the IP and some secret string will prevent the bandwidth-stealing problem (not ideal since it breaks with NAT, but that's irrelevant if you're only trying to solve the deep-linking problem).
In php, setcookie('hash', md5($ENV[REMOTE_ADDR] . "TOPSECRET)) on page load, link to a file "image.php" instead of the .jpg and "image.php" does something like this: if (getcookie('hash') != md5($ENV[REMOTE_ADDR] . "TOPSECRET")) { header("Location: /error-documents/403.html"); exit(); }. This isn't complete (probably not even syntactically correct and be careful with what image.php allows one to download), but you get the idea. The actual image files can't be downloaded by apache, but can only be opened and sent to the browser through "image.php". For extra fun, re-generate the secret string from /dev/random every ten minutes (and keep around the last version of the key to avoid breaking on-going sessions).
This stops everyone from stealing bandwidth (including telnet-wielding network programmers like me) and it annoys no one.
Re:referer information should be disabled by defau (Score:2)
no it doesn't... it protects your BANDWIDTH. by keeping joesimagewhores.com from embedding your images directly in their html you protect your BANDWIDTH.. there is nothing you can do to keep me from copying your images from your site and using them in my site.. you can try the lame Java and Javascript solutions... those won't even slow down a web-user with 1/2 a brain.
so please, tell us the truth, you are protecting your bandwidth and rightfully so.
Me? I have more fun with it... I have a perl script that returns random porn if the photo is asked for from outside my site or it uses imagwmagick's mogrify to place "stolen from MEMEME.COM" in the center of the image... depending on my mood... (No I will NOT post my personal website on slashdot... I'm not about to get a huge bandwidth bill because of you guys!)
I dont care if they steal my images. I care if they try to steal my bandwidth though...
Re:referer information should be disabled by defau (Score:2)
For instance, if a person goes from a Monster.com search page to his Yahoo mail account, Yahoo now knows where the person is looking for a job, what type of job he is looking for, etc. (it's all encoded in the URL). Yahoo also has access to his address book and all his email messages.
I see a scenario where Yahoo subtly threatens to email your boss to let him know you're thinking about quitting... unless you upgrade your account/add more storage space. It won't happen tomorrow, but Yahoo is sleazy enough to try something like that and they have the information... all they need is the technology to make that connection.
That's just one example, but it illustrates the point that referrer information is none of your business. You only want it because you can profit from it without any complaints from your audience.
Another example:
A lot of people apparently email the URL of my site to their friends. In my site logs, I often see the email addresses of the person who sent the message and the poor sap who clicked the link. These people have no idea they have divulged their email addresses to me via referrer info. If they wanted me to have that info, they would have given it to me. Sometimes I also see the subject of the message, which is particularly funny when it was sent by a competitor along the lines of "Have you seen what <insert_url_here> is doing?"
But as you said, "it isn't really as great a privacy issue as you seem to believe." It's worse than you realize.
Bottom Line
Companies will do just about anything to make an extra buck. So it shouldn't surprise anyone that they use technology against users to that end. But it's a two-way street -- people just need to wake up and start using technology to protect themselves.
Re:referer information should be disabled by defau (Score:2)
Re:referer information should be disabled by defau (Score:3, Insightful)
Incidentally, I don't know why anyone bothers with logging referrer information. The only use sounds like what the bloggers do. If you're not a blogger, why do you even care who the referrer is? Half the time it's bogus or one of your own pages.
Re:referer information should be disabled by defau (Score:2)
It's good to know who is sending users to a dead link. Just by checking the referrer information for the 404 entries in your logs can determine what website is pointing users to a document that you have deleted or moved.
Re:referer information should be disabled by defau (Score:2)
Re:referer information should be disabled by defau (Score:4, Interesting)
It is extremely useful for security purposes.
No, not the security most people are thinking of. Checking to see if the user came from FeedBack.html before executing FormMail.pl is no security, since spammers can forge any referer they want.
I'm talking about security which stops a human user who is logged in to a particular website from being tricked into performing actions they didn't authorise. For instance: I log into my server's adminsitrative area. Then, in another window, I browse someone's blog. And I click on their "search" button. As it turns out, this search button is a trap, which sends me to my own admin area with a command to delete someone's account. I'm logged in, I have a valid network address, I'm active, there's no problem. Except that fortunately my browser sends "Referer: www.blog.org" instead of "Referer: www.admin.com".
That's why referer info is useful: to prevent a user from being hijacked.
Re:referer information should be disabled by defau (Score:2)
Re:referer information should be disabled by defau (Score:2)
Because it's nice for us site hosts to know where the traffic is coming from, helping us to realize just how few constituents are visiting our sites...
*mutter* Last damn time I put a URL in my sig...
Finding bad links (Score:2)
Perhaps referrer information should be released depending on the site's posted P3P privacy policies. If a site is interested in collecting information like this for marketing purposes, I can understand someone's reluctance to have their browser provide it. But for the rest of the sites (including those I maintain), the information is only ever used strictly for legitimate needs like those mentioned above. Please don't advocate that referrer information be restricted by default or for everyone, because that hampers my ability to troubleshoot problems.
Re:referer information should be disabled by defau (Score:2)
And why wouldn't you? The user is basically direct marketing his/her user credentials especially for you. Also ever wonder how these highly confidential web pages entered google. Yes, ofcourse google indexed a cool "these guys referred us page". And ofcourse the poor author of the page "for your eyes" only, did not think he would need to password protect it - because it will only be accessed by the 100 company executives (...who happily browse to pr0n sites to leave referral marks after reading the study on intranet security...)... I think I will pop!
Re:referer information should be disabled by defau (Score:5, Funny)
Yes, referrer information makes an excellent authentication scheme for highly confidential system dealing with transfer of mission critical information. ... Just also check for a magic string in the user agent and voila! trusted computing reinvented. To make it unhackable - just add a few more levels of obfuscation. ;))) The sad part of this, is that I have actually seen authentication schemes like this. Don't know whether I should cry or laugh :)
Re:referer information should be disabled by defau (Score:2)
This is for people who don't want people "deep linking" to material within their sites. As an example www.gamefaqs.com allows people to link to some of the pages within their site, but not directly to the FAQs they host (which are merely sumbitted text files) by using the refer info. This stops people from bypassing the ads which pay for the site.
Re:referer information should be disabled by defau (Score:3, Insightful)
Just also check for a magic string in the user agent and voila! trusted computing reinvented. To make it unhackable - just add a few more levels of obfuscation. ;))) The sad part of this, is that I have actually seen authentication schemes like this. Don't know whether I should cry or laugh :)
probably cry... what you described could easily be enforced with the DMCA.
If you use wget, watch out when using "--referer" and "--user-agent".... you just might be breaking TEH LAW!!!
Re:referer information should be disabled by defau (Score:2, Redundant)
Re:referer information should be disabled by defau (Score:2)
I.e. for something other than the WWW.
Re:referer information should be disabled by defau (Score:2)
No, it isn't perfect, but it is one mechanism.
Re:referer information should be disabled by defau (Score:2)
Re:referer information should be disabled by defau (Score:2)
Re:referer information should be disabled by defau (Score:2)
Hah. Since this is highly competed marketed, the first argument used when selling a 8-year old his first "web space" is "YES! Ofcourse you have full access to log files, what did you expect?!" "Don't believe us?! Let's look at this company's report as a showcase, just for you..boy...ermm. Sir."
Re:referer information should be disabled by defau (Score:3, Informative)
15.1.3 Encoding Sensitive Information in URI's Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent. For example, a browser client could have a toggle switch for browsing openly/anonymously, which would respectively enable/disable the sending of Referer and From information. Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol. Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI. Many existing servers, proxies, and user agents will log the request URI in some place where it might be visible to third parties. Servers can use POST-based form submission instead
Sorry 'bout what? (Score:3, Insightful)
Sorry about what? Why should they care wether you keep them in your log or not?
Boost search engine ranking? (Score:3, Insightful)
From the wired article:
Umm, huh? I don't think the spammers actually link to the sites, they probably just send HTTP requests with faked referrer headers that contain the URLs of the spammer's web site. That won't boost your search engine rankings.
Re:Boost search engine ranking? (Score:2, Informative)
Several weblogs make their referrer lists public. To a spider, a spammed link is very hard to distinguish from a normal hyperlink. That's how the boost occurs.
Score another for Opera! (Score:3, Informative)
what is this? (Score:3, Interesting)
Or are they just bots that hit random web sites and send fake referers along?
Either way, I have absolutely no clue why this would be abusive or even annoying? Can someone explain? Do people sit around checking their referers all day long?? (Then again, I don't understand why anyone would run a blog, so maybe I'm just out of touch).
I clean out all my outgoing referers (thanks squid), so maybe I subconciously assume everybody else does too. Never thought of the referers as anything but a silly waste of bandwidth, since they can be forged so easily.
Re:what is this? (Score:2)
They hit your site with a referrer address of whatever they want you to read. They count on your curiosity to go there when you are investigating your referrer logs.
I have been bitten by this once or twice.
Re:what is this? (Score:3, Interesting)
I don't think the spammer would bother creating an actual link on their porn/spam site to the blog, although this would work as well. It's silly though since it's more work and it still requires that someone actually click on the link for the porn URL to make it into the referer log. Why bother when they could just run an automated script to hit the blog with the forged "Referer:" and then discard the results. The only possible reason to do it this way is that the spam URL would be sent multiple times from different IP addresses, and hence harder to filter or ignore.
The confusing bit is that the article mentions that this might prop up the blog's SearchRank relevancy. This would only be the case with the latter method (creating an actual link) whereas the more straightforwad way would have no such effect.
RTFA (Score:3, Informative)
It's ironic... (Score:4, Funny)
"... they are hitting my site so hard. One day there were more than a thousand hits from one single porn site," complained Åsk Wäppling, known to bloggers as "Dabitch."
Ok - this guy's name is Dabitch in an obvious reference to the whole pimp-bitch-rape-mysogynist thing that seems to be all over the Internet (and that I can't stand), and he's complaining that a porn site is effectively doing a denial-of-service. I think it's just desserts.
Re:It's ironic... (Score:5, Funny)
By making over 1000 "hits" in a day, which isn't even one per minute. Sounds like "Dabitch" needs to consider hosting that blog at an ISP instead of over a 28kbps modem.
referer not trusted information (Score:4, Insightful)
Who reads their logs? (Score:2)
875M
I really don't plan to read them
I do run webalizer over them of course.
Re:Who reads their logs? (Score:2, Funny)
Here's some scripts ... (Score:3, Informative)
Also, showpath.pl and spampath.pl are handy to see where the vister went, and check for obvious robot behaviour:
http://www.turnstep.com/Spambot/Programs/
What do small website admins do with apache logs? (Score:5, Funny)
1. To see how search engine users have found my pages. I think it is amazing that I will get hits from people looking at the 100th page generated by google. I mean, c'mon on, 100 clicks on "next" before you think the I have the info you are looking for?! All I have is crap.
2. To see if slashdotters actually click on my postings' links.
Come to think of it, the only other thing I even look at the logs for are to see what search engines are indexing me (and are they obeying robots.txt) and to harrass people with infected iis machines.
You mean code red is spam? (Score:4, Funny)
Referal Log? (Score:2)
New Spam Frontier: Reefer Legos (Score:2)
Obligatory Simpsons Reference (Score:5, Funny)
"No! That's German for 'the spammers, the.'"
"No one who speaks German could be an evil man."
Spamfilter (Score:2)
Re:Spamfilter (Score:5, Informative)
(Sorry, Unix-like systems only.)
ewww! (Score:3, Informative)
Old trick (Score:5, Informative)
I asked the owner.... (Score:4, Informative)
From: "[ f ]"
Date: Thu, October 24, 2002 12:19 pm
Subject: Re: logs
Hi!
You can send us your URL and we'll permenantely remove it from our database.
It's not a spider, it reads only the blogs in the database.
Regards,
Francois
And to add to that, one of the comments on my weblog was that there is also an opt-out list [mastodonte.com].
Keep in mind... (Score:2)
That's easy for him to say. (Score:2, Funny)
Your script would be counter productive. (Score:2, Insightful)
Any method that relies on obfuscation or silly tricks becomes a lot less effective once posted here.
check for valid referrers (Score:5, Informative)
Re:check for valid referrers (Score:2)
backlink links (Score:4, Interesting)
While the process has gained some popularity [decafbad.com] of late in the blogosphere, the idea has been around [unrealities.com] for quite some time [gmu.edu].
Are tactics like this legitimate forms of marketing? Would you term it Gonzo Marketing [gonzomarkets.com]? Viral Marketing [wilsonweb.com]? Whatever term you use, it will definitely be interesting to see where this one goes.
Script to check it out... (Score:4, Informative)
Backlinking (Score:5, Insightful)
Also, this quote from the article is ludicrous: "bloggers are not thrilled, even though they ruefully admit that the log spamming may falsely boost their ranking on some search engines."
There is no search engine that bases your rank on the number of sites that you LINK to. I believe the bloggers actually mean that they're sorry to see their backlinks (read: link farms) go, since those do in fact raise search rankings. What a travesty- Sites may have to rely on the actual quality of their content, rather than trading links!
Amidst the alarmist cries in the article, "spammers will destroy our practice of posting referral logs," nobody has even mentioned that there is a ridiculously easy technical solution. Before posting a referral link, why not just have your software visit the referring site and detemine if it actually links to your page? This will defeat the referral advertisers.
Guestbook spam (Score:4, Interesting)
For now I'll delete the entries by hand, but if this increases it could get really annoying.
AlpineR
Re:*sigh* (Score:2)
Re:*sigh* (Score:5, Insightful)
[Wishful thinking mode ON!]
This implies that there are, maybe, all of 10,000 suckers who keep every spammer on the planet in business. If we find them and cut them off, spam response would drop to about 1 per billion and there's just no way they could make any money off of that.
Re:*sigh* (Score:3, Insightful)
I always use the example of my father, who is your archetypical pre-UNIX geek. He did all the PDP-11 stuff, worked with the VAXes and hacked machine code in ways that I don't yet understand -- an intensely intelligent man. Yet, every few months when I go to visit him, we get to talking about the internet and the first thing he does is talk about what he's bought online. For him, paying spammers is part and parcel of buying online -- he's paid spammers for search engine placings for his personal site, silly trinkets like water pumps and gardening tools and books.
To people who aren't part of the current 'geek' cognoscenti, spam is just another form of valid advertising, like the leaflets they get in the post and the billboards they walk past on their way to work. This isn't a specific group of people -- you can't "find them and cut them off" -- you need to target the problem at its source.
Re:*sigh* (Score:4, Insightful)
The guy who sold it to me was obviouly a late teen, and was making ok money selling shirts at about $5 profit per when I called him.
I think most geeks have no problem with spam itself (in fact targeted spams that interest me often get clicks, I get about two of those a year), they have a problem with the number of scams that are sent using spam.
Re:*sigh* (Score:2)
Re:huh (Score:5, Informative)
255.255.255.255 - - [27/Oct/2002:00:00:00 -0000] "GET /perfectly/valid/page/at/yoursite.html" 200 2467 "http://www.wilddonkeysex.com_for_Wild_Donkey_Sex/ " "(SpamBot5000)"
and then people looking at the report would say, "hey, the page at wilddonkeysex links to my perfectly/valid/page and it's getting like 500 hits a day from there, woo! let's click on that url and see what the link to my page looks like!"
-calyxa
Re:huh (Score:4, Informative)
I think it's more than the web site's owner clicking on the page - a lot of bloggers post a list of "top referrers" on their web site as a way of thanking the referrers, and therefore they generate a lot of traffic to their referrers from their own visitors.
Re:huh (Score:3, Insightful)
People don't have to visit the "victim" site at all, and they certainly don't have to browse the stats. The stats programs and search engine spiders will take care of everything. Got a low-ranking, poor traffic site that nobody links to? No problem, you can have 1,000 people linking to you by the end of the week, whether they know it or not. This really is nothing new, and the spamming side of it (i.e. repeatedly hammering a site) reminds me of how most TopSites work. These have been around forever, and so have the many methods of tricking them.
Placing your URL as the referer to sites with public stats can be quite helpful in boosting your rank, and a slightly hacked copy of wget or w3mir [langfeldt.net] can make it an easy task. I guess the only real "news" here is that, once again, a few village idiots have failed to realize that some things are only good in moderation. There's neither a need nor an excuse to log yourself as a referer to any particular site more than once a month; and hundreds or thousands of times in a day is just plain stupid.
Shaun
Re:lynch mob (Score:2)