Posts from Wednesday, January 26th, 2005

S5 Update

Published 19 years, 1 month past

I know it’s been a while since the last beta version of S5 was released, but between doing client work, flying to and from Albany (speaking of that, big ups to Dan “So Fine” Feinberg, Ed “The Shark” Skawinski, Ric “Darin” DiDonato, and the rest of the ITU Crew), diversions into PHP hacking, judging a markover contest, starting ballroom dancing classes, and spending time with my family, time has been a wee bit tight.  Things will only get worse once March rolls into town, so I’m going to try to push 1.1 into final status before February is done.

In the meantime, I wanted to point to some cool things that I’ve heard about with regards to S5.

  • S5 was adapted to create an online tour of Epocrates, a popular medical reference package for handhelds.  Kat uses it, as a matter of fact.
  • Ludovic Dubost, developer of XWiki, created an XWiki-based S5 creator, which you can read more about in his blog entry about it.
  • Pelle Braendgaard launched soapbx.com, a Web-driven S5 editor.  You can pick a theme, write the content in a wiki-like form, and get a slideshow.  It was apparently developed using Ruby On Rails.
  • Not quite ten hours after getting Pelle’s e-mail, a message from Lucas Carlson arrived regarding the creation of his own S5 creator: s5presents.com.  It too was developed using Ruby On Rails.
  • Earlier today, Eric Eggert reported that S5 got coverage in the German version of Internet World magazine.  I’m sort of hoping to see a scan of the article at some point.  (Is it copyright infringement if I possess a scanned copy but can’t understand what it says?  Just wondering.)  Update: I’ve seen a copy of the article, so there’s no more need for scans.

In other, less specific news, I know that people have created or are working on creating translators of one kind or another.  A popular request seems to be an OPML-to-S5 translator of some kind, and there’s always the Keynote-to-S5 idea.  So I’m going to throw open comments for people to post links to S5-related projects, translators, and what have you.  Heck, if you’ve recently done a presentation using S5, let’s see it, especially if you created a new theme.  Just please leave this post’s comment clear of bug reports or feature requests.  As of this writing, you can drop those on the S5 1.1b3 post, or else wait for the forthcoming post on 1.1b4.  I hope that’ll go up in the next couple of days, but no promises.


Gatekeeper In Perspective

Published 19 years, 1 month past

So when I said on Monday:

Got feedback?  Let’s hear it?

…what I actually meant was:

Got feedback about the code or how the package works once it’s installed in WordPress?  Let’s hear it.

I should have realized that otherwise, the comments would turn into an argument about comment spam, fighting it, ways the general idea could be defeated, and more.  Which they did.

Look, folks, despite what some people might tell you, I’m not so arrogant as to think that I could single-handedly solve the comment spamming problem for all time.  Even if I were, I very much doubt I’d be so clueless as to think that WP-Gatekeeper was that solution.  And if both those things were the case, I’m pretty darned near certain I would have very explicitly made the claim of having beaten the spammers.  Likely in big, boldfaced, red, capitalized, blinking letters, plus a background MIDI of “We Are The Champions”.

WP-Gatekeeper is not going to stop every possible comment spam attack, human or automated, for the rest of time.  Neither is any other defense you can name, without exception.  There may be measures that currently have 100% resistance to scripted attacks.  They will one day fail—I can pretty much guarantee it.  Even today, they are defeatable by actual humans sitting at computers and posting comment spam on every site they find.  That kind of spamming is very, very rare, but it happens.  I had such an incident within the last month.  If I hadn’t been keeping a close eye on new comments just then, I’d likely have missed it completely.

I’m fully aware that there are ways a spambot could defeat WP-Gatekeeper.  At the moment, none of them can.  That will one day change, of course, assuming challenges become at all popular.  Comment spam and the fighting thereof is a dance, a tennis match, an arms race.  Neither side will ever win.  As one side adopts a new tactic, the other side will move to counter it.  The countermeasure will itself be countered.  And so it goes.  Eventually, either spambots or spam defenses (or the two in combination) will become so advanced that they’ll gain self-awareness, and then we’ll all be royally hosed.

I know this.  You know this.  Let’s move on from there, okay?

In the end, the goal is to add another arrow to the quiver at the disposal of spam fighters.  Think this approach is wrongheaded, annoying, or otherwise pointless?  Fine.  Don’t use it.  For those who want to add this kind of capability—and since I instituted it on meyerweb, I’ve had not a single piece of spam make it onto the site or hit the moderation queue, whereas in my pre-defense days, I’d get at least twenty every day—then the package is there.  You can combine it with other defenses, if you like, for even more coverage.  I may upgrade it in the future, depending how far I get in learning PHP, mySQL, and form handling, and what feedback I get from people who know PHP better than I do.  I may not, in which case the system as it stands is effective, and probably will be for a while.  Even if I do one day abandon further development, the code is out there for someone else to improve if they so choose.

In the meantime, if there’s anyone who is using WP-Gatekeeper or has looked at the code, and has feedback on the coding or the way it works for the administrator of a WP blog, please feel free to share.  Also, if anyone can point me to an example of PHP code for collecting all of the HTTP_VARS that are returned by an XHTML form and then looking through them, even when the variable names aren’t necessarily known ahead of time, I’d really like to see it.  Thanks.


Browse the Archive