SVN::Web and Google Code Hosting

You're probably aware of Google's code hosting service. They use Subversion as their revision control system, so if you want to contribute to a project hosted there you really need a Subversion client.

I was reading the FAQ for the hosting service the other day and a particular entry struck me.

Planet Subversion

I've been experimenting with Plagger, a tool for plugging together chains of filters, pumping RSS/ATOM feeds in one end, and getting transformed output at the other end.

This doesn't have to be as simple as chaining a few XSLT transformations together, as Plagger filters can carry out additional actions (such as e-mailing the results to you, calling on the power of Perl modules to create summaries, and so on).

As a learning exercise, I've built Planet Subversion (edit I've updated the URL to point to the official domain). This takes feeds from a number of different sources and builds a "Planet" site from them. And, of course, with Plagger being open source, it's easy to contribute any fixes back to the author.

Please let me know if you use Subversion and can recommend any other feeds to add.

If you'd like to produce your own aggregation site using Plagger, here's the config file that I'm using for Planet Subversion.

Trigger happy hosting / spam @ The Guardian

Two spam related pieces of information today.

The first concerns what happens if you're hosted at an ISP with an anti-spam policy, an itchy-trigger finger, and a support desk that is devoid of clue.

It appears as though the fine folk over at The Weekly had their infrastructure on a shared server at their ISP, HostingPlex. That same server was then used by a spammer to send spam, which was caught by SpamCop. Rather than track down the actual culprits, HostingPlex have locked The Weekly's account, and are demanding US$150 to reinstate access to the server, while ignoring repeated e-mails from The Weekly that contain what appears to be pretty straightforward evidence of their innocence.

I paraphase somewhat, you can read the The Weekly's side of the story for yourself.

In other news, "Thoughts on stopping spam" appeared, somewhat edited, as an article in The Guardian yesterday.

CAPTCHA farming

Charles Arthur's wondering why spam came through his CAPTCHA system, and concludes that people are probably being paid to sit there and fill out CAPTCHAs.

There are a couple of other possibilities. The first is that the CAPTCHA system he's using might be compromised. Some OCR systems can be surprisingly effective on them.

The second is his CAPTCHAs are being reproduced on another site for humans to solve. The canonical example would be where a visitor to a porn site is shown a CAPTCHA and asked to solve it before they can, er, continue. Unbeknownst to them, however, the CAPTCHA is actually coming from Charles' system, and the solution is then used to send him spam. This is "CAPTCHA farming".

Searching for "CAPTCHA porn" turns up a number of stories about this over the past few years.

Thoughts on stopping spam

I was pinged on IRC earlier today by someone who was having an e-mail discussion with Charles Arthur of the Guardian, in response to this article on Six steps to stopping spam. Since I spend a lot of my day job doing anti-spam engineering for a large organisation, Robbie thought that I might have some useful comment.

I've fired an e-mail off, which I reproduce below, in the hope that it might be useful to a wider audience.