ScrollingText

So a while ago I wrote about CAPTCHA's. And I ended up saying how I was going to try out Mollom for my automated spam removal. Well, a couple of weeks later, I'm returning to this topic to give some kind of review of Mollom.

So I have to say that right off the bat that it works, and it works well. At the moment of this writing, not one piece of spam has infected my comments. While at the same time, people created comments have gotten through. And for all you out there wondering how Mollom can tell the difference. And while that could be a whole blog post just to itself, we can just shorten the idea down to a view simple concepts: Bayesian probability and a very large sample set. We get an idea of how large of a sample set that Mollom might have just by reading the a part of their front page (please note that these numbers are dynamic and will change):

“Mollom is currently protecting 10,310 active websites. The average efficiency is 99.91%. This means that only 9 in 10,000 spam messages were not caught. Mollom has caught 107,635,481 spam messages since it started. Today we caught 179,461 spam messages. On average, 90% of all messages are spam.”

And doing some math with that statical model, you could probably come up with a good sized grid of what are "good" words used in comments and what are "bad" words used in spam.

One of the things I do like about Mollom, is within the Drupal module it has a nice graph to let you know how much spam has been blocked and how many legitimate operations have happened, as shown in the picture below:

Some people might find this helpful, some might not. I do because it gives me a metric towards how frequently my site is getting attacked by spammers.

Some of you might be wondering about false positives. Mollom by default sets up comments to be checked with the Mollom servers and if a comment is flagged as potential spam, it requests the submitter to verify the comment through an image based CAPTCHA. So while there is still a CAPTCHA involved, its not the primary means of human authentication, so I feel this is a healthy compromise.

The short of it is that if you happen to run a Drupal based site, and want to avoid spam , I couldn't recommend Mollom enough.

In a conversation with a good friend of mine regarding his flash site, he said that he would like to see tutorials created to help someone get started in Flash. And seeing as how I'm a novice writer, as well as novice Flash programmer, I thought that I would take this time to come up with a few simple and easy to follow Flash tutorials to help someone get a little exposure to doing some simple Flash stuff.

Since this tutorial is for the absolute beginner, I will start in the usual fashion with the ever popular “Hello World” program. However, I'm going to deviate from the norm at this point. If you search on the interwebs for “Flash Hello World” you can already find some basic write-ups on how to get a Flash program to regurgitate “Hello World”. However, those write-ups show you how to do this in text. And this is where I see a chance to do something a little different. I'm going to show you how to do a “Hello World” but with a graphic instead. Is this more productive? I have no idea... but feel free to tell me if you think it is or isn't.

Ok, first think you need to do is either download this image file, or create your own image file. Now don't forget where you put it, we're going to need it soon.

So let's start up by getting your Adobe Flash going. And of course once its up click on File-> New. At this point a new window should pop up. Go ahead and make sure that “Flash File (Actionscript 3.0)” is highlighted, if not then highlight it, and click “Ok”.

At this point you should be looking at a fresh new Flash file. AAAHHH just get a wiff of that new file smell. So now lets go and bring up the Library (for CS4 you can just hit CTL+L, don't ask me how to do that in CS3, but if I did have to guess I'd try Window->Library). And let's go and add a new symbol. Right click in that empty space, and choose “New Symbol” in the menu.

After selecting “New Symbol” a new window should pop up resembling this one:

so let's give this new symbol a name. How about “hello_btn”? And also make sure to choose “Button” in the type section. And click “Ok”. And now you should see your new symbol in the Library. Now, while your able to edit this button. Go open up that image file we talked about earlier. And just copy and paste it into that button. Alright, click on the icon called “Scene 1”. And all you have to do at this point is take your mouse, click, and drag the “hello_btn” over to the display area. And just put that right in the center like so (yes, I recognize that the photo isn't the best if the mouse was included it would probably look better and make more sense. But that is what you'll be looking at when you move the icon from the library to the main page):

when you release the mouse, you'll notice that your text is right where you left it. At this point we're done with the labor. Save your file, and hit either Shift+F12 or go File->Publish. And after a little bit of compiling (Chug, Chug, Chug) you'll have you first Flash Hello World program. And you should feel proud of your new accomplishment.

I think the next flash tutorial will be about adding mouse interactions to our button, but I'm not sure yet. We'll just have to see what happens.

Some of you might not know this, but I manage two different Drupal sites. This blog (obviously ;) ) and the website for Freaky Tiki Productions. And for Freaky Tiki, spam comments were quite a problem. The first way I tried to handle this was to require all comments to be approved. Well, I'm pretty sure we knew what happened with that. I wouldn't log in for months at a time, and have handfuls of spam comments to delete, but also if someone put in a legitimate comment, they would have to wait just as long to have it posted. Not the best thing to do if you want people to continue posting comments... damn you instant gratification.

So I decided I would use CAPTCHA's to help me out with this. Grabbed the Drupal's CAPTCHA module installed and configured it. Now to be honest, I HATE CAPTCHA's. But at that moment I did not know of any other alternative that would allow me to protect my site while also not having to approve every comment. So I made a personal compromise to use a text based CAPTCHA instead of the image-based one because I felt that the text was less annoying. A couple of mouse clicks later, the settings have been applied. And I had a nice warm fuzzy feeling inside. I checked up on the site a couple of days later, and there was five or six spammer comments on the site. I wasn't happy. So logged into the site and deleted those comments. After doing that I took a quick moment to find out how I could make sure it didn't happen again and that is when Captain Obvious slapped me upside my head. I took a good look at the test-based CAPTCHA (examples below):

What is the fifth word in the phrase "oqun oza edazoc qivu asic"?
What is the second word in the phrase "yuyow ufif qugoto op ivasu oxadewa"?

That slap hurt, but it caused me to realize that the format is very static and thus easy to automate. And just to prove it I whipped up this little kluge
in PERL:

Of course, text based CAPTCHA's weren't going to protect my site. So the first thing I did was change to image based CAPTCHA's. My dislike of them still exists, but as the better of two evils I accepted them... what else could I do?

Days passed, the site is still comment spam clean (that I'm aware of anyway), and I was talking to my good friend OJ, who happens to write his own blog, about my experience. And through the natural progression of the conversation he shared his secret with me on how he doesn't need CAPTCHA's on his site. For WordPress there are tools to automate comment filtering. I wasn't aware that tools like this existed. (Yeah, I should have thought about that, but I've never done this before, so there is still a learning curve.) So it was only a couple more clicks until I found these same tools for Drupal. And after some research, I decided to use the Mollom module.

I'm not sure how well it'll work out. But for the price (free) it can't hurt to try it.

So since the last update of Pidgin for Ubuntu broke yahoo compatibility. There are currently two fixes for the problem:

1) Go through the process of configuring your sources.apt file, and downloading the latest Pidgin client.

2) Make a small change in the current client's Yahoo account settings.

Just for simplicity's sake, I choose (and am going to explain how to do) the second.

SO start with opening up the account manager like so:

Then highlight the Yahoo account and click on the "Modify" button, like so:

A new window will pop up, click on the "Advance" tab on the top left. And then add "cn." to the text area for "Pager Server" like it shows below:

And that is all you have to do, and you'll be chatting with your Yahoo friends again in no time.