Exquisite Tweets from @jcroft, @mikeindustries, @shauninman

How I shut down comment spam on jeffcroft.com:

jeffcroft.com/blog/2012/jan/…

#1 5:24pm Jan 31st 2012 via Twitter for Mac

Reply Retweet Favorite

@jcroft Dude, the whole reason that system works is because no one knows about it. Why would you publish that???

#2 5:25pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries Information wants to be free.

#3 5:25pm Jan 31st 2012 via Twitter for Mac in reply to mikeindustries

Reply Retweet Favorite

@jcroft Last time I give you any useful advice.

#4 5:26pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries You posted it on Twitter. What's the difference?

#5 5:26pm Jan 31st 2012 via Twitter for Mac in reply to mikeindustries

Reply Retweet Favorite

@jcroft Because tweets essentially disappear a week or two after you post them.

#6 5:26pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries What do you want to bet I don't start getting comment spam anytime soon?

#7 5:27pm Jan 31st 2012 via Twitter for Mac in reply to mikeindustries

Reply Retweet Favorite

@jcroft You're totally missing the point of it. Security by obscurity. As soon as someone writes a WP plug-in for it, it's done.

#8 5:35pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries Nah. Not the way my version works. Just change the secret string if/when someone catches on.

#9 5:38pm Jan 31st 2012 via Twitter for iPhone in reply to mikeindustries

Reply Retweet Favorite

@mikeindustries Mine works a good bit differently than yours...you just pointed me down the right path.

#10 5:38pm Jan 31st 2012 via Twitter for iPhone in reply to mikeindustries

Reply Retweet Favorite

@jcroft No, when a WP plug-in is written, the spambots will get rejiggered to manually set off the timer.

#11 5:38pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries Mine is two-pronged, though. The timer alone isn't good enough.

#12 5:39pm Jan 31st 2012 via Twitter for iPhone in reply to mikeindustries

Reply Retweet Favorite

(@mikeindustries's circle of trust) @jcroft

#13 5:40pm Jan 31st 2012 via web in reply to mikeindustries

Reply Retweet Favorite

@shauninman Yep. @jcroft got just array_pop'ped.

#14 5:42pm Jan 31st 2012 via Echofon in reply to shauninman

Reply Retweet Favorite

@jcroft Sure it is. Yours works essentially the same. Bots aren't going to store your key.

#15 5:44pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite

@mikeindustries Don't forget that the single biggest reason this is effective is that it requires JS, and bots don't have JS.

#16 6:13pm Jan 31st 2012 via Twitter for Mac in reply to mikeindustries

Reply Retweet Favorite

@jcroft Some do. The more popular a JS-based technique gets, the more bots will use JS.

#17 6:14pm Jan 31st 2012 via Echofon in reply to jcroft

Reply Retweet Favorite