Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(July 2007) Posts

Democamp Fun

Posted: 25 Jul 2007 06:37 PM | Defensio, the blog | no comments


Last night, Carl and I had the opportunity to present a short demo of the Defensio spam filtering service at DemocampMontreal3 . It was fun, and we received a lot of great feedback from the local community. Best of all were some of the discussion questions that came at the end of the presentation. For the benefit of all you who were too busy to attend (what could be more important than Democamp!?) or not in Montreal (we'll forgive you for that) I'd like to run through some of the more important questions that were asked, and our silky-smooth responses: Q: Some bloggers have turned off comments because of spam, others have turned off comments due to a philosophical belief, espoused by Dave Winer , Joel Spolsky (among others), that comments should not actually be part of the blogosphere. Where do you stand on this? A: Well, we vehemently believe that comments should be part of the conversation on the Web, for many reasons: Comment threads, while sometimes childish and petty, are more often valuable sources of insight beyond the original blog post. Commenting on your own blog in response to another post, is often not the right venue - especially for short comments -- and would often be completely out of context for your blog's readership. Allowing only trackbacks does not immunize you from spam -- in fact, much of the worst comment spam is in pingback/trackback form. Most importantly, we think closing comments generally dampens conversation, which is fundamentally bad for freedom of expression and the overall thought exchange process that blogs are so wonderful at enabling. Q: How quickly will your filter learn? A: We can't provide precise numbers, but we can say that filter performance will continue to improve over time and that respectable results should be seen after a week or two of use. Q: Isn't spam only a problem for the largest blogs out there? A: While spam is definitely a bigger problem for the most influential blogs, it is decidedly an annoyance that MOST moderately successful bloggers face. Based on the initial interest that has been expressed in our service, we think this view is vindicated. Q: What can you tell us about how your filter works? A: Nothing, sorry. Q: Will you buy everyone free beer because you used slides in your presentation? A: No. Learn to love slides.

Read more > 

Filed under: ,

Where's the Beef?

Posted: 19 Jul 2007 03:33 PM | Defensio, the blog | no comments


If you're concerned about not yet receiving your Defensio private-beta-invite: don't panic! Our team is banging hard to get our servers ready for the unexpectedly large amount of interest we received (from bloggers and developers alike). Beta accounts will be going live soon!

Read more > 

Filed under:

A Short History

Posted: 09 Jul 2007 10:49 AM | Defensio, the blog | no comments


The Defensio story begins not-so-long ago with our team looking at the web ecosystem and thinking about those nagging problems that have yet to be satisfactorily resolved. One of the first and most annoying that jumped to mind was spam. As we all know, spam is a scourge that mercilessly plagues our e-mail inboxes. But spam has also crept up on us in the blogosphere: slowly at first, and then exponentially of late, comment spam has begun, much to our collective chagrin, to inundate our blogs like a tidal wave of smelly, post-processed meat sledge. Vowing to take on the multi-headed beast that is blog spam, the Defensio team set up shop in an old tobacco factory outside of Montreal, plugged in our laptops to large monitors, and started writing spam-shredding Ruby on Rails code. And because no Silicon Valley Eastern-Township startup would be complete without free pop and nerdy games of skill, we rounded out the office space with a fridge and a ping-pong table. [ . . . time passes, much diet pepsi and pizza is consumed . . . ] After months of R&D, the Defensio blog spam filter was nearing launch-ready state. Encouraging results on our internal testbed prompted us to solicit a few brave local souls (infinite thanks to Julien, Ben and Pat) to run our alpha code on their very own blogs. As we worked out the kinks in the code, we realized that our newborn nameless app urgently needed to be christened with a brand that screamed "spam's worst nightmare". Many brainstorming sessions and many terrible candidate names later (mZego anyone?) our shiny new monicker came to light: DEFENSIO. Strong. Dependable. Spam-aint-gettin-through. Perfect? Yes, but one problem: the domain name was in that murky state known as "redemption period". We can admit to some sleepless nights as we watched the domain status incessantly. Being the uber-geeks that we are, we wrote a script that polled the WHOIS server every hour and would notify us of a change in state. Eventually, the name became poised for deletion, but it would not be ours until we were dragged into the slimy, wet mud of a bidding war with a shadowy character named 'halvarez', who had a reputation for sniping domain names at the very last second - a formidable opponent, to say the least. Fortunately though, our steely nerves saw us through this online game of chicken, and we prevailed, defensio.com in hand. Which brings us to the present. Our web-service is now nearing launch ready state, already smoking many thousands of spam comments every day, under the Defensio banner we all so love. Yet, this is but the beginning of what is sure to be a long, protracted war. As spammers don't sleep, nor will we.

Read more > 

Filed under: ,

Our Take on Comment Spam

Posted: 03 Jul 2007 06:51 AM | Defensio, the blog | no comments


When working in the spam space (dare I say spamosphere?) you have to be careful not to disclose too much about what goes on "under the hood", as spammers are always seeking to exploit any informational edge they can. At the same time, we think it's important to make sure our community understands what Defensio is all about, and the philosophy behind our approach. We believe, as most of you will, that comment spam is a big problem (and getting worse). The way we see it, there are two ways to attack the issue: 1) At the source: trying to shut down the spammers altogether 2) At the destination: trying to stop spam as it attempts to hit your blog The first option is a valuable approach, and there are many initiatives going on to try to thwart spammers directly (such as pursuing them through legal/criminal action or developing new technical specifications that would make spam impossible). This is certainly the ideal way forward, but its Achilles heel is timing and consensus . Making these wheels turn is a long, slow process - and all the while, spam will continue to pour into the blogosphere like a meaty, raging waterfall, and the techniques used will continue to evolve. And let's not forget that actively pursuing thousands of spammers all over the world is a logistical and jurisdictional nightmare, especially when you consider the grey zone in which spammers operate in many countries without spam legislation. At Defensio, we adopt the second option, not because it's better, but because it's the pragmatist's approach. We (reluctantly) accept that the spam firehose will likely continue to be aimed at our collective heads for some time to come, and so we feel the need to develop good tools to handle the onslaught. And by better tools we mean both improving how spam is caught and how spam is managed . Some may think it defeatist, (or a "leaky condom" as one colorful critic called it) but we call it practical and effective. So what this means is that: Defensio's web service is designed to filter all incoming comments and trackbacks to your blog, banishing spam to a quarantine (using of secret-sauce of counter-spammy intelligence) Provide you with a convenient and hassle-free way of sorting through quarantined comments Learn and improve over-time, in a way that is personalized to your individual blog Hope that sheds some light on our philosophy and some of the high-level mechanics of the Defensio platform! Of course, you'll have a chance to see this in action for yourself once we start rolling out accounts to our eager beta-testers (soon, we promise!).

Read more > 

Filed under: