Tag Archives: webspam

abuse Akismet blogging comment spam compliment spam Google Google Webmaster Central hacked phpBB scam search security social software social web spam trust web dev WordPress

Thoughts on Blog Usability

DSC_0723 I’ve been kicking around the idea of redesigning my homepage and blog, though I’m not sure I really have the free time to do it. To start, I thought I would to put down a few thoughts about applying usability principles when designing blogs.

When you starting thinking about usability it’s temping to jump right into lists of principles and rules of thumb. It’s a little silly applying Fitt’s Law when you haven’t even established what you want your site to accomplish in the first place. So what, generally, do you want your blog to do?

Personal Goals

  • Share thoughts and work with others
  • Collect a body of work to represent myself (like a portfolio)
  • Collect information for later discovery (by myself and others)
  • Provide an outlet to continue practice writing
  • Allow others to communicate with me and comment

If you’re creating or redesigning a blog for a company, the goal set may be very different. Below are some examples that don’t actually apply in my case.

Business goals

  • Communicate with customers
  • Build long term relationships with customers
  • Produce quality content to drive search traffic
  • Generate revenue through advertising
  • Etc.

Many projects don’t even get this far before the graphic designers and web developers are already making mock-ups, but we still have one more important step to do. We know why you’re building a blog, but why are users coming to it?

Continue reading

Stuffing online polls with amazing results

Having run a big online poll and seen some abuse, I had to share this story posted on the Music Machinery blog. Every year, Time collects their list of 100 most influential people and conducts an online poll. Most years it’s a healthy ballot-stuffing competition between Stephen Colbert fans and fans of the Korean singer Rain.

You can see the list of the top 100 this year here. Does anything look strange to you?

Time.com's mot influential poll

Through a combination of seeding forums with misdirected vote links and clever vote bots, the fans of 4chan not only got moot to the number 1 position but spelled out a message with the first letters of the following positions. That’s a truly amazing hack, and a surprisingly mild response from Time’s developers.

This is also an interesting look into the kind of tactic used by web spammers. Funny in this case, but this is the kind of thing we’re up against.

Open Redirects Under Attack by Spammers

Albino alligator

I wrote a post last Friday on the Google Webmaster Central Blog about the widespread abuse of open redirects round the web.  If you have some code on your site that will redirect users to an arbitrary destination based on url parameters, watch out.

“But Jason,” you say, “why would I have code that would redirect users to an arbitrary destination based on url parameters?”  You might be surprised.  Code that tracks clicks for ads or analytics, search results pages, and even some login pages are vulnerable.

There are actually lots of legitimate reasons to redirect users, but unfortunately spammers can use them too if you’re not careful.  Read the post to find out more and learn ways to make your site less attractive to attackers.