Software, Fitness, and Gaming – Jesse Warden

Blog

  • Blogspam == DNS Attack

    I’m starting to think blogspam is the equivalent of a DNS attack. Currently, I’m effectively shut down. I cannot blog, because if I post an entry, I cannot allow feedback. My comments, if opened, will be open to predations by hundreds of blog spam comments a day. I don’t have time to sort through and delete 300+ comments a day whilst ensuring the real comments stay in and get approved.

    Now, this has been going on for the past 2 months. When I turned on MoveableType’s comment approval, it significantly helped my cleanup efforts because deleting un-approved comments was much faster than rebuilding the entry they had polluted, and no negative content was posted on the front of my site.

    Things got so bad, my web hosting provider, Mediatemple, called my cellphone to inform me my site was consuming a lot of bandwidth because blogspammings were hitting my mt-comments.cgi during their weekely cron-job weekend forays. I’ve been imitating the admins behavior of renaming the file to mt-comments.cgi.removed when I needed a break, and back again to enable comments.

    However, after my 2nd failed attempt to install a Captcha test, the best defense against scripts since scripts can’t “see” images, I had to re-install MoveableType since my pryings into Perl foobarred something. I chose to use the MySQL option instead of the Perl flat-file database since I know MySQL a little bit, and was pleased with the enormous speed improvements in site rebuilds. However, users started reporting they couldn’t comment. Whatever flag sets how many db connections at one time was being overwhelmed by the blogspam scripts.

    Now, if you haven’t successfully obtained a single blogspam comment on my site in 3 months, why would you continue? Only 1 reason: To shut me down.

    You want proof of their tenacity? Check the email address of this lastest blog spam comment (I renamed my mt-comments.cgi to mt-comments.cgi.remove):

    gocha9818@see.it

    Yep, blogspam; the poor man’s DNS attack.

    I can’t blog without comments because that defeats the purpose of getting feedback, positive or negative. However, I want to continue blogging, and will do so once I find a solution.

    A collegue and I are creating our own blogging solution with 2 goals being the driving forces behind it:
    – easy to use. installation should be painless.
    – built in blogspam protection

    There are more, but those are the main 2 that are extremely important to me, and seriously lacking in MoveableType. MT Blacklist doesn’t work in newer versions of MT, and installing Captcha assumes you know and can debug Perl, which I can’t. This stuff should just work.

    I’m tempted to download MT 2.66 and reinstall an older version of MT-Blacklist; when they actually worked. How can people screw up software this much?

    Just to counter, unless you can provide me with a solution that does the following, I’m continuing on my own endeavor like Oscar Trelles, and building my own:
    – allows comments anonymously
    – supports blacklisting of urls
    – supports captcha tests or other means of script prevention
    – generates static content that is easily indexed by search engines
    – is free, including the server-side portion that powers it

    My apologies to those who have commented in the past 2 weeks only to end up with error pages. I’m defeated, for now. JesterXL always wins the game, and I’ll take this round as a defeat knowing I’ll dominate the next one. I realize I’m merely feeding the spammer by acknowledging his victory, but as a man of honor, I understand the game, and give credit were credit is due. Dude, this is war!

    *** Update: I was told to go here, but my reservations are it is pretty much the same process that the Captcha test wants you to do with the same risk I’ll screw something up. Going to try to ease the pain…

  • Collection & Iterator and Class(cast)

    I learned how to utilize the Collection and Iterator patterns yesterday, thanks to Dan, the Java head (head of Java) at my job. I had previously asked Kenny B awhile ago, and he had explained it just as thoroughly, but typecasting to interfaces was a fuzzy subject, as was why one would do such a thing.

    Additionally, so satisfy Google keyword searchs for said topic since the ones I found were pathetic, I hope to create a new tutorial this weekend on AMFPHP and utilizing the mx.utils.Collection, mx.utils.CollectionImpl, mx.utils.Iterator, and mx.utils.IteratorImpl. Contrary to the docs, the whole dragging of an SWC file to get the classes file to work doesn’t work; I tried. You have to get the files from the AS2 Remoting Source files download, as mentioned at Rich-Internet.

    The only roadblock I’m having with them is I can’t get my authoring component to work. The code itself works beautifully, and I’m overjoyed at how neat Collections and Iterators are; you can do a crapload more than one could do using arrays and looping through them with far less code. However, following the docs to the T, I still couldn’t get my component properties inspector to show anything. If you know, let me know.

    Secondly, something I saw in Moock’s book and in the docs which baffles me is the whole:

    var value:Class = Class(something);

    Now, I know do this to avoid a type-mismatch error:

    var i:Number = 1;
    var o = String(i);
    var str:String = new String(o);
    trace(str); // 1
    trace(typeof(str)); // object
    trace(str instanceof String); // true

    The conversion of i to a string via using the String class constructor makes sense, as does Number (although, I recommend parseInt). But when the docs do like:

    var button:ButtonC = ButtonC(someObj);

    That's weird... it doesn't work. In the example they give for CompactDisk, the constructor does not do any initialization at all. Maybe it works in other languages but you cannot assume that doing the above will work like an attachMovie initialization object, and simply set the class's member variables to the value passed in; it only works for Intrinsic classes OR ones you've specifically wrote yourself. By Intrinsic, I mean:

    s = String(num);
    num = Number(s);
    d = new Date(2004);
    a = new Array("mic", "check");

    But if you make a class CompactDisc, and don't do squat with your constructor, passing in an object into CompactDisc will NOT return a valid object. My example didnt' work till I did this myself:

    function MyCollectionDataConstructor()
    {
    if(arguments[0] != null)
    {
    for(var p in arguments[0])
    {
    this[p] = arguments[0][p];
    }
    }
    }

    When I did that, she worked like a charm. My guess is, in Java or some other language, this just works:

    var val:NewClass = NewClass(o);

    Where o is some object with data, not of class NewClass, and by doing the above it returns a converted instance or something... whatever man, not in Flash. Do the above, and you get the same effect, though.

  • AOL Instant Messenger Uses Flash Video?

    I started AIM this morning, and it displayed a little video where the ads are up top. It crashed after about 3 seconds of playing (I had a big SWF compiling, and had iTunes eating mad bandwidth).

    I opened and closed the Buddy List trying to get the video to play again (since a new ad comes up when you do this). However, the closest I got was the M&M ad for m-azing.com. I tried clearing my cache in both IE and Firefox, and dug around in my registry as well as the AIM install directory trying to find out if it did a setting somewhere to register I viewed the video to no avail.

    Anyway, curious if someone can find out if it was done with Flash Video. The website doesn’t use it (Windows Media or Quicktime).

    Sorry about my comments being down; MoveableType is extremely easy to break, and considering I don’t know Perl, upon attempting an installation of a Captcha test, I broke something. Until Perl blog spam bots go extinct, I have to deal with these issues.

  • Undoing the Industrial Revolution

    Via her majesty.

    Jakob Nielsen writes about Undoing the Industrial Revolution. I thought it was a good article full of futurist thinking & rhetoric to make you believe what he’s saying things will eventually do or be.

    I disagree with his point that people will never really leave work because they are so accessible via communication technology is a positive thing. I’m sure he meant it a lot deeper since he only uses a short description to talk about it. That’s a bad thing for those who don’t have a choice. Stress is the biggest health problem in this country, and it’s only getting worse. Being accessible 24×7 does not facilitate one being able to leave work at work. My dad is a salesman, and although this ability makes him really successful and builds his reptutation as dependable, he’s always on call and at times makes him diffucult to deal with family wise.

    However, I cannot deny the positives. I fully agree with his geographically dispersed companies and services. The ability for me to work at home, and provide my talents remotely to a still physically accessible team is great. I save money, significantly reduce wear and tear on my car, gain at least 2 hours of my day back from driving, and have a lot less stress.

    It’s nice, too, to hear about the need for colaboration technologies. In my own experience and talking to others, the biggest challenge to getting outsourcing to really work is communication barriers via distance. Time is one thing, but software to help offset that is another. I’m sure as technologies such as Breeze, LiveMeeting, and Convoq’s ASAP mature, we’ll see this improve, but I’m not sure if it will catch up to the point where we need it now, for someone like me at home use and for companies who are outsourcing abroad… or by the time it does, it’ll start an exodus, kind of like how I only work 2 hours away, but then increasing numbers could do that, and eventually remote locations are far more accessible; as soon as such technology successful satisfies our needs, and we in turn adapt to some their new paradigms, if any.

    Good article.