I don’t know why, but since last night, the American Spectator’s website at spectator.org has been blocked for being a “reported attack site”:
Fortunately, perhaps, Google provides diagnostic tools for those curious about where the site has gone:
Alas, I don’t know enough about network security to make a diagnosis. (Dammit Jim, I’m a private eye, not a doctor.)
As of this morning, I can get the website to load in Safari but not in Firefox 3, albeit intermittently. The front page is accessible, but when I try to visit the blog, I get this instead:
In the past, Google has been accused of removing conservative-aligned content from YouTube and from Google News, but I see no evidence that this is what’s happened this time. I’m not even quite sure why Google is responsible for making this call or providing these diagnostics.
What’s most likely is the Spectator’s webmaster left a security hole unplugged and the site was taken advantage of by opportunistic spammers, which is something of a tautology.
I’ve put an e-mail in to a contact at the Spectator, and if I find out what happened, I’ll provide an update in this post.
Update: Looks like I called it. The site still isn’t working for me in Firefox, but via Safari, they offer this explanation:
We have received a number of inquiries regarding the fact that Spectator.org has been designated a “harmful site” by Google, because of outside entities attempting to use our site to distribute malicious software. We have been working with our Web hosting company to address the issue, and believe that it has been resolved and that our site is safe to visit, though there is a lag time before Google can remove the “harmful site” status. In the meantime, if you normally find us via Google, you can still visit us by typing Spectator.org directly into your browser, or by entering our site via Yahoo. Thank you for your understanding.
But when I checked out the account this morning, the sidebar looked as it does in the graphic to the right of these words. For readers who don’t know me, I am not one of the 5 accounts being followed.
I knew the account he spoke of; I am one of those also being followed by the 
Everything in Moderation: A Closer Look at Comment Spam
At my ever more occasionally updated personal blog, I’ve long published a series of posts called “Great Spams of the Internet” wherein I highlight a particularly amusing bit of e-mail spam and even the occasional e-mail interaction. Once when a 419 scammer tried to get me to call him on the telephone, I replied:
He was very understanding, writing back the next day:
At least I think he understood. In any case, this is the long way around getting to my real point.
As you may know, I run a blog here. As you can probably guess, I get my share of spam comments; most are caught by the Akismet plug-in for WordPress. But then, most are fully automated and advertise prescription drugs, gambling websites or sex acts that would probably boost my unique visitor counts if I mentioned them, but I don’t need that kind of traffic.
However, a small percentage of it manages to evade Akismet’s filters and find its way into my moderation queue. In some cases, they are only barely distinguishable from real comments. In some cases not listed here, I’ve approved comments that I am sure were intended only to improve the SEO of the website linked, but were interesting enough to allow through on their own merits.
Most are not, but this doesn’t mean they’re entirely without value. Some of them are clever, some are just amusing. I’ve been holding onto a few of them to discuss here, so let’s open up the queue, if for no other reason than now I can finally delete them:
Here, somebody is pushing what appears to be a YouTube clone, even using a joking nickname YouTube acquired once the site itself was acquired by Google. In fact, the site turns out to be a combination of Google’s input forms. Though the IP address indeed traces back to the United Kingdom, the author is not especially concerned with proper English spelling or punctuation. They also have no system for keeping track of which websites they have already hit, or they just don’t care. I’m leaning toward the latter.
Here is one that, at first glance, looks like a genuine comment: This was intended for a post that mentioned Ron Paul, just as the one above tried attaching itself to a post discussing Google and YouTube. But if you follow the link, it goes to a blog whose posts consist of only of one YouTube video and sometimes-relevant text copied from other websites — “scraped” as it’s called. And there’s a good reason why it sounds like a real comment: It was scraped from another comment from the same thread.
This one promotes yet another inscrutable blog, this time in a foreign language that I presume to be Turkish. I guess this because the IP address resolves to Izmir, Turkey. The one above resolves to Istanbul, Turkey. The two cities are not close by, so they are probably not the same person. But if Turkey is a hotbed of comment spam, that’s news to me.
Undoubtedly, this one is my favorite. Like the Wikipedia vandal whose edit summary consisted of “Blanked the page” or the panhandler who admits he needs the money for booze, “Sohbet” is admirably honest about his intentions. I might even consider throwing him a link, except that the website no longer exists — less than a month after he was trying to extract Google juice/build traffic for it. Also of note: the IP address resolves to Antalya, Turkey. Still, if Turkish comment spam is a known phenomenon, I can’t find any discussion about it.
Funny at first, but tedious. I get a lot of these, and it’s kind of similar to another common tactic I’ll get to in just a bit. Flattery will get you everywhere with some people, but not me. Also, the linked site is in Russian. Russian spam at least I am familiar with.
Better than YouTube! Quite a claim. Surprisingly, the website is well-designed, coherent and legitimate. For someone who just wanted to find videos related to a presidential or prospective VP candidate, it might actually be better than YouTube. So here we can start to draw a clear distinction: Some spam comment campaigns aim to promote fake websites that seek ad revenue or to promote another website. Others are spammy promotions for real websites; it’s very possible the creators of this website don’t know exactly what their SEO is up to. But I’m not particularly offended by this comment. It doesn’t add to the conversation so I won’t approve it, but it got the general subject matter of this website correct, it’s vaguely conversational, and it doesn’t represent itself as anything other than what it is: a pitch.
Lastly, this one I’m including not because it’s compelling, but because it’s so common. Also, because it represents the dishonest counterpoint to the previous example. Here, the commenter announces enthusiasm for the targeted website (in this case mine), then immediately starts pitching another website. Notice that his subject matter is completely off-base with what Blog P.I. is about. The targeted post — which I wrote in July, 2006 — included exactly one use of the word “wedding,” in a throwaway reference to New York Times announcements page thereof.
Predictably, the website being promoted is commercial in nature, but doesn’t offer anything for sale itself. What it does, though, is link to pages on a real wedding supply website, which presumably hired the spammer to boost their search engine ranking. A bit of rudimentary sleuthing reveals the SEO’s identity and company; he’s using his real name (which is something, I guess) and he didn’t even register the URL anonymously.
But I’m not going to single him out with a link or textual mention that could turn up in a search engine. He’s not doing anything illegal and, as noted above, similar practices are exceedingly common. I’ve been a critic of certain SEO practices, but I’m fascinated by also them, and clearly I think some tactics are better than others. The way I see it, if you’re going to do black hat SEO, why not do it with some style?
Also, the joke is on them: Every link in my comment section is automatically assigned a nofollow attribute.