Image and video hosting by TinyPic

Monday, January 25, 2010

More non-sequiturs

I promise not to make a habit of bothering my readers with this issue. But I just received -- in rapid succession -- two more "non-sequitur" comments. (If you scroll down a few posts, you'll see a fairly lengthy discussion of this strange phenomenon.) Both of these new examples were directed toward old stories.

The first read:
Botswana search wangammc exciting frames adlnet biased features ones marwaan overlap servimundos melifermuly
The second read:
Facie contracted sort ipso formerly barring controlling uttering discharge operate redress servimundos melifermuly
In our previous discussion, readers suggested that these comments use hidden HTML code to sneak malware onto a website. But I could see no code -- just text.

For some reason, I'm not able to track the responsible parties via my stat service.

Why would anyone send unfathomable messages of this sort? I know that I'm not the only blogger who receives these mystery comments.

Both of the above comments contain the nonsense phrase "servimundos melifermuly." Google reveals that this phrase has appeared on many other sites. Some other blog owners do not moderate comments, which means that the non-sequitur offerings are automatically published on those sites.

If someone has invented a clever new way of sneaking virii and trojans into innocent web sites, then we may be facing a serious problem.
I've seen it (or something very similar to this ) pop up over at my blog.

Although I am in no way as big or as known as most, I have encountered it.
That's why I put my "Moderator" back in place.
I recall these nonsense messages being delivered in spam email and that somehow it could confuse the email filter into accepting the email.

However, why do it on a blog?
Some purely speculative thoughts.

1. Random text comments could be sent to a large set of blogs, just to determine how much gets through at each blog. This could easily be automated. The results would determine which blogs are suitable targets for conventional spam (advertising products). I.e. It’s a type of probe. And the random text is kind of “neutral” (in some ways the results of such a probe might be more informative about susceptibility of a blog than sending, for example, Viagra ads).

2. It has been hypothesized that random text spams can be used to poison the databases of automated spam filters. Statistical spam filters are in common usage, and poisoning the filters (with a large volume of pseudo-random text that isn’t advertising anything) could allow advertising spam to then get through.

3. It has also been hypothesized that many purely random text spams are the result of malfunctioning spammer software. Random text is often appended to commercial messages to increase the odds of the spam message getting past filters – but bugs in the spamming scripts/software can result in purely random text messages getting sent (without the intended payload being included).
This undoubtedly is related to the recent spate of goofy and ugly faces used to promote sham offers. Must be some marketing trick that plays on the mind's tendency to focus on the unusual.
1. The first 11 words planted by the robot are decoys, purpose is to conceal the last two words (Get past blogspot's spam filter, as G suggests).

2. Then either robots or actual humans do Google searches for the unique term "servimu..." Any blogs containing the phrase are considered safe places to leave spam links.

So it's a 2 phase project, I think.
Perhaps web bot type predictive methods (like Clif High's halfpasthuman Asymmetric Linguistic Trend Analysis) are getting warm with their results , and this is an attempt to address the issue.
Huh. I think you're getting messages from Indrid Cold.
Why wouldn't they be coded spy communications? Years ago when I lived on the beach I had a multi-band radio. Somebody on the short-wave band was broadcasting "yamma-ramma-bamma-whamma-yamma-yamma-bamma-ramma" everytime I checked over a period of months.
Anonymous (comment just after Tamerlane) & G's #1 seem to be it. On a number of blogs that got hit with this, you find a spate of spam adds one week afterward (early Feb).
Post a Comment

<< Home

This page is 

powered by Blogger. 

Isn't yours?

Image and video hosting by TinyPic

Image and video hosting by TinyPic