Dealing with blog spam

Julien,
the majority of comment spam can be dealt with very simply by including
a turing test. On my blog, when I first started getting comment spam, I
added a check box asking if the poster was a human. For a human, it’s
not a massive inconvience to tick a box, but for an automated tool, it’s
a major problem. Was implemented in 3 lines of html and one line of
python. Since I added it, I haven’t recieved a single piece of
spam.

I don’t believe it’s had a major effect on people commenting,
although I currently can’t tell. I could change it to hide posts that claim to be non-human
until I’ve checked them. If spam tools work out this simple problem, I
could change the nature of the test to randomly change between “I am a
human” and “I am not a human”. After that I could include a simple sum
or some other simple question. It also has an advantage over captchas
that it is accessible.

It is a simple change which massively reduces spam by increasing the
cost of spamming and I’m surprised that most people don’t do something
similar.

Installing Oracle XE on Debian

I’ve spent the weekend playing around with the new Oracle XE Debian
packages in preparation of having to use them at work in the near
future. I’ve written up my experiences of setting the server and
connecting remote clients in my latest
article.

Talking of work, we have a position for a junior support role open. If
you live in or around Brighton, England and know a little bit about
Linux, Debian, Tomcat, Java, PostgreSQL and Oracle and willing to learn
more, have a look at the job
description and get in contact.

Empty elements in XSLT

I recently wanted to deal with docbook <ulink> elements that
didn’t have any contents by displaying the url as the link text. I
wanted to convert: 

<ulink url="http://www.example.com">Example.com<ulink>
<ulink url="http://www.example.com"/>

to

<a href="http://www.example.com">Example.com<a>
<a href="http://www.example.com">http://www.example.com<a>

I originally had:

<xsl:template match="ulink">
   <xsl:element name="a">
      <xsl:attribute name="href"><xsl:value-of select="@url"/></xsl:attribute>
      <xsl:apply-templates/>
   </xsl:element>
</xsl:template>

This sucessfully dealt with the first form of <ulink> that had
content, but not with the second example with an empty element.
The solution is the use an <xsl:choose> element with a test to see
if the current node has any child nodes. Using child::node() we
can get any child nodes. We can then test if the node has any children using the
count() function. The resulting xslt is:

<xsl:template match="ulink">
   <xsl:element name="a">
      <xsl:attribute name="href"><xsl:value-of select="@url"/></xsl:attribute>
      <xsl:choose>
         <xsl:when test="count(child::node())">
            <xsl:apply-templates/>
         </xsl:when>
         <xsl:otherwise>
            <xsl:value-of select="@url"/>
         </xsl:otherwise>
      </xsl:choose>
   </xsl:element>
</xsl:template>

Creating a Certificate Authority

Sometimes you need to generate several SSL certificates, but don’t want to pay money to a Trusted Root, and self-signed certificates just won’t cut it. If you’ve ever had this dilemma, just for you, here’s an article describing how to set up your own trusted root certificate and how to import it into several common applications. If you want me to add your favourite application, feel free to email me with instructions and screenshots if appropriate.

Atom feed and Planet Debian

I upgraded my atom feed to atom 1.0 during the week. This appears to
have broken my entries on Planet Debian. If anyone has any ideas on what
I can do to make planet like me with a valid atom 1.0 feed, please let
me know.

Update: I’ve changed my feed from having html
content to xhtml, which isn’t encoded. Hopefully Planet will like this.
If not I’ll have to fix it in the morning.

PostgreSQL User Administration

Over the weekend, I managed to revive my main desktop machine, which
as spent the last 15 months turned off under a desk because it was
showing some odd behaviour and didn’t have time to fix it. I’ve upgraded
it to the latest sid and given it to my girlfriend to use instead of the
Windows machine she had been using. She appears to have fallen in love
with tuxpaint. 🙂

In the process of setting it up I discovered printconf, which
automatically sets up parallel and USB printers under cups. Plugged in
my printer, went to print in firefox and there was the printer. These
things just get easier and easier. Gone are the days when you spent
hours writing a printcap entry for your printer. One thing I would like
is for DBus support in CUPS so I know when the print job has finished.

Just finished writing an article on PostgreSQL
user administration. Go read it.

Comment Form Attack

Came back from a nice walk on the seafront, including a 30 minute professional
firework display from a boat 20 meters offshore and about 50 people
watching, to find that someone had attempted to attack my blog comment
to send spam. Fortunately according to my mail logs, nothing went out,
but it did make me go through and read the comment plugin code. I did
wonder if every suitable field had been cleaned and have now made sure
that it is. Looks like it came from several IP addresses over a 5 minute
period and got past my (admittedly very) simple turing test, so I don’t
think it was an automated script. For an example of the attacks, check out this old
posting.

Notice Periods in UK

Clint,
I don’t know about Belgium, but in the UK, the norm is a month for most
people and 3 months for senior members of staff. Of course, you may or
may not be given work to do during that period. Usually your employers
will want you to document and help hand over to a new person. However if
you have a bad relationship with your employers, they may put you on garden
leave where you arent in the office, but are being paid. Presumably
this is to stop you stealing their data or doing some other malicious
act. All this stuff is normally written into your employment contract.
Without one it is possible to leave your employer within
a week.