Fighting Spam in Drupal with Mollom and Hashcash

I hate spam. Of course, I imagine the overworked, underpaid dupes in Pakistan dishing it out at 5¢ per hundred comments don't particularly like it much either. It's just their job.

So anyway, about a year ago, the spam on this site was getting a bit out of control. Fortunately, Mollom had just whipped out their new, free spam-blocking service about the same time, so I gladly installed it. As you can see in the graph below (the orange being 'Spam attempts blocked'), this has been a fantastic boon for the site, with over 700,000 spam attempts blocked in the past year.

Mollom blocks spam (2008-2009)

Looking at that graph, you can see the spam attempts really dropped off sometime in April or May. I really don't know why; if anything, the traffic to this site has steadily increased over the year. I suspect that whatever methods spammers were using were not paying off as well, perhaps in part due to the diligence of the great folks over at Mollom?

However, read on to see how it's been fairing lately...

Drupal Media Presentation in Colorado

If you haven't gotten your ticket for DrupalCamp Colorado, there's still time! Along with other excellent and anticipated sessions, I'll be presenting the current state of Drupal Media on Sunday, July 28, at 2:30 PM. The next day, Denver Open Media is hosting a Media Code Shiai / Sprint -- interested developers of all levels are invited and welcome!

Media Module Mockup

For anyone interested, here's the latest mockup for the Media module, courtesy of Maarten Verbaarschot (mverbaar) of the D7UX team!

Media Module Mock-up
(original at http://www.flickr.com/photos/mverbaar/3632702590/in/set-72157619245872526/)

You can see more screenshots at the D7UX Microproject - Media Library for D7 issue.

And Jon Stacey (jmstacey) is doing a bang-up job of helping to realize this vision, via the Google Summer of Code! He's been hard at work with Andrew Morton (drewish), another co-mentor, to make this happen for Drupal 7. (And yes, we're also continuing to back-port this work into 6.)

A Visit from the Drupal Security Police

Caveat: The following should be read with the understanding that I absolutely respect and admire the job that the volunteers of the Drupal Security Team do! Without their gallant efforts, Drupal wouldn't be the safe framework that it is. And as an aside, all module maintainers, developers, and anyone interested in learning more about how to lock down their site should read Cracking Drupal: A Drop in the Bucket, by Greg Knaddison (greggles), who happens to be a member of that crack force.

Drupal Security Team

Last week, I received a visit from the Drupal Security Team, telling me that the Embedded Media Field module contains a XSS vulnerability.

That put the fear of Drupal into me! The next day, I had a spanking new fix for it, and was ready to make a new release. That's when I actually read the instructions about what to do when you've been contacted by the Drupal Security Team...

Read about how to avoid the panic...

Everything is Miscellaneous

At the Open Media Camp in Denver yesterday, Kevin Reynen (kreynen) got things off to a great start with Overview of Metadata Standards for Video - Why doesn't it work like a Library? We discussed the difficulties of even agreeing on a standard set of genres for tagging video, from how to decide what genres to include in a taxonomy to the user interface in presenting those options to editors. (For instance, he said that his experience with the standards used at PEGMedia.org is that editors often use the Action genre by default, which is listed first in the listing, rather than scrolling through the hierarchy of available choices.)

Everything is Miscellaneous

I was reminded during this discussion of a book I read last summer, Everything is Miscellaneous: The Power of the New Digital Disorder, by David Weinberger. I mentioned the book, and got a few nods and a few shakes of the head. Seems quite a few people have looked at these issues from a lot of directions...

Media Sprint at Open Media Camp in Denver!

Make sure to attend the Media Sprint Update Panel and join the Media Sprint 2009 at Open Media Camp in Denver, on April 18-19!

The presenters of this panel, including Aaron Winborn (aaron), Arthur Foelsche (arthurf), and Alex Urevick-Ackelsberg (Alex UA), will discuss the ongoing efforts of the Media Sprint by the Drupal Media working group to bring to fruition the Media module and related work.

This panel will begin with a demonstration and discussion of the current state of the ongoing development of the Media module, and a thorough examination of the concept for its extensible API. Finally, we'll discuss the near and far-term plans, including the Media Sprint planned for the next day of the Open Media Camp.

Video for Drupal Multimedia Panel at DrupalCon

Here's the video for the Drupal Multimedia panel at DrupalCon. Presenting were Arthur Foelsche, Alex Urevick-Ackelsberg, and myself.

By the way, the dev version of Embedded Media Field now supports Archive.org. Hopefully the Drupalcon site will install the module so we can see all the videos directly from that site; even if not, I'm sure it won't be long before someone takes advantage of it and posts a DrupalCon wall of Video...

Video: 
See video

File API Panel and Follow-Up Media BOF

Wednesday afternoon/evening (starting at 5:15), Andrew Morton (drewish) and I will be co-presenting The Future of Files and Media in Drupal 7, where we'll talk about the big changes to the File API from 6 to 7, and efforts to backport some of the functionality into 6. Following this, we'll segue into a BOF with Arthur Foelsche (arthurf), where we'll discuss some of the exciting things coming from the Media Sprint 2009. (In fact, he and I worked on the Media module some tonight, putting in some exciting md5 hashing to allow jQuery to communicate indirectly with Drupal about uploaded files without compromising security or speed).

See you then!

Syndicate content

The Society for Venturism has chosen me as the recipient of its charity for this year, to hopefully offer me cryonic preservation when the time comes. And this month, Longecity, an excellent forum for the discussion of issues related to extending the lifespan of humans, has offered up a matching grant of up to a thousand dollars to help out! So help out! Please.