Friday, September 02, 2005

Next Splog (part 4)

It looks like the reason some Blogspot blogs don't have the Flag as Objectionable button is because they haven't been updated since the button was implemented. A few stale blogs I check occasionally are missing the button.

I also checked on some of the splogs listed before that didn't have the button. One of them does have it now. And another has been removed from Blogspot.

Spammers certainly aren't giving up on Blogspot yet, I found these splogs that need flagging from Blogger's Recently Updated blogs list:


If I were Blogger I think I could come up with some simple methods that would identify a large portion of splogs. It wouldn't be hard, they share so many characteristics that few normal blogs have.

A few of the blogs I listed before are being shut down, but it is such a small portion I am having a hard time seeing much evidence that blogger is improving the splog problem. I guess it could be just that they were so full of spam it takes them a while to get to all the user flagged sites.

The mortgagesforex blog seems to have been removed. Hopefully by the administrators.
Some of the other blogs had a "View my complete profile" link. And some of those revealed more splogs:
The volkswagen guy also likes Porsches,
Mr. Active-l1, is also active as l2, l3, l4, and as active-living.

And the pet lover not only loves pets, but also telecom (which I find really odd) and computers (which is strange too if you think about it).
I just took a closer look at what happens when you click that 'flag' button. Not much, it seems.

Some JavaScript is triggered that sets a cookie on your machine. The cookie is then used to decide whether you get to see the flag or the unflag button.

When the cookie is set, the flag image is also changed and another image is loaded off the server. That's the only thing that's really transmitted to the server. For the 'love-pets' splog, the image url looks like this: flag-blog.g?nav=1&toFlag=15747752&d=1125744316223

All you have to do to be able to flag a splog more than once is clear your cookies.
I discovered the ability to flag blogs multiple times yesterday by accident by using a different computer. I thought the flag was only accesable to logged in Blogspot users (that was what the documentation implied) and would be stored in my blogger account. Apparently not. Hopefully at least they associate flag reports to the logged in account when someone is logged in. That way they could tell the accurate reporters from the wackos and prioritize looking at flagged blogs accordingly.

I suspect if they are smart they will work on that. Because it would be pretty easy to abuse if everyone can flag a blog as much as they want.
It would indeed be pretty easy to abuse this. To me, this flagging thing smells a bit like a way to get less complaints by email. Give the people a nice flag and they'll hopefully shut up. Of course, I hope that this is not the case.
Post a Comment

<< Home