For those who don’t know, WordPress has a comments option. In practice, reading article comments is generally of very limited value, but depending on the type of article and the people it attracts, the comments can at times still prove to be thought-provoking. And what writer doesn’t appreciate the occasional thumbs up? So I leave them enabled. However, in order to ebb the potential abuse of said comments option, WordPress has various controls in place. I keep the defaults enabled, which require the user to self-identify. Obviously, there are problems with that policy. But, the defaults also require the admin to personally approve each initial post from an individual. Consequently, I’ve gotten some spam comments, but I haven’t approved them. For amusement though, I will post them here, with all information which could prove beneficial to the spammer appropriately redacted.
The first comment I received was from a “Jean Miller” in response to S/MIME Email Encryption:
Emails stored on some third party servers can never be secure. [REDACTED COMPANY NAME] on the other hand bypasses cloud storage servers making it very safe to send secure email. See [REDACTED URL].
There’s a lot wrong with this. First of all, unless you’re self-hosting email, all servers are 3rd party, or 2nd party if you’re considering the relationship between yourself and the email provider. In any case, you can’t generally determine what security measures are in place beyond the company’s privacy policy, and even that isn’t a guarantee. And any email you send is going to someone else’s email provider, which is beyond your control as well. And the communication protocol behind email itself doesn’t enforce encryption–that’s the problem with email as a whole. Also, “the cloud” is just internet servers, sooooo you can’t bypass cloud storage for email, unless you’re considering self-hosted to not be cloud per se.
The second comment I received was from a “Web Scripts” in response to Pumpkins!:
i love funny stuffs, but i specially like funny movies and funny videos on the internet**
I read once that spam intentionally utilizes bad grammar. The concept is that an attentive reader will immediately identify the message as spam, and thus ignore it. This is to mitigate wasting time of the spammer, for presumably the attentive spamee in this instance would more readily identify a scam, whilst the non-attentive reader might not. It sounds like a good theory anyway. And what’s with the double “**”? Is there more to follow? Are there specific conditions under which this spammer likes humor that I should be aware of? If nothing else, they at least honestly self-identified as a bot.
Lastly, I received a comment just recently from a “private event security services” in response to “Mantis“:
My family members all the time say that I am killing my time here at net, however I know I am getting experience every day by
reading such pleasant posts.
It almost sounds like a believable comment, as the grammar could be attributed to the “.de” domain, except I’ve never heard someone mention that the Scandinavians have any trouble with the English language (also, there’s the name that was used). I’d like to think that someone somewhere just wanted to compliment my writing. Except, who has family that actively criticizes one’s internet usage, unless they’re an adolescent? On a related topic, France and Denmark are the only two foreign countries that I whitelist (after receiving numerous attempts by Russian and Chinese IPs to brute-force my mail server) because I had family over there for a time. Interesting that a bot there found this site.
So there we have it. I’ve turned an irritation into entertainment. Only humans and fully-autonomous AIs may leave comments.
–Simon