6 Feb 2010 8191   » (Apprentice)

It's way to easy to do hit-and-run spamming on Advogato. It's so easy to automate, I'm surprised that the recentlog isn't completely dominated by spam. The reason it didn't happen yet is probably that the spammers are, well, dumb (evidence: they don't understand nofollow), but one can't rely on security through stupidity forever. Here's a very simple suggestion, which I volunteer to implement in case the Advogato community agrees: instead of asking for a password on registration, create a random password and mail it to the user; the user should then be able to change the password when she logs in. A password reminding mechanism already exists.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!