The Red-faced Blue Frog

What’s intriguing about this Blue Security/Blue Frog episode, where angry spammers attack the anti-spam company with a Distributed Denial of Service (DDoS) attack, which in turn directs traffic (unwittingly or wittingly, it’s not clear yet) and temporarily brings down blog hoster TypePad, is this: The guy behind Blue Security, Eran Reshef, is founder of Skybox, a company “focused on enabling the continuous enterprise-wide assessment of vulnerabilities and threats affecting corporate networks.”

This is at best somewhat embarrassing for Reshef, and for Blue Security, at worst it exposes him and the company to ridicule and lawsuits. Getting involved in battling spammers is not a task taken on lightly, and the one thing that Blue Security had going for it was that it seemed to know what it was doing. Users download software and register their email addresses in a central database. Spammers are encouraged to remove those email addresses; if they don’t, the software will respond to subsequent spam by visiting the website advertised and automatically filling the order form. If enough people have the software running this, in theory, creates an overwhelming amount of traffic for the spammer and brings their business to a halt. Blue Security now says it has tens of thousands of members.

But then came last week’s attack. Reshef initially said that that no such DDoS took place on the www.bluesecurity.com server, something contested by some analysts. He has since said that a DDoS did take place, but against operational, back-end servers  and not connected to his company’s front door. This, he said, he only spotted later. He says that when he redirected traffic to his blog at TypePad there was no DDoS on the bluesecurity.com website; that, he says, came later. This appears to be borne out by web logs provided to TechWeb journalist Gregg Keizer.

Blue Security’s handling of this raises more questions than it answers. Many are highly technical and not ones I understand. But there are some basic ones. Was the company not prepared for spammers to retaliate? Did it not have any procedures in place? Why did it redirect traffic to TypePad without informing them first? Why did it not coordinate closely with its ISP? And why, given Reshef’s expertise on DDoS attacks with Skybox, was he not able to spot the DDoS attack on his backend servers?

Blogging Bloggers Just Want To Blog Blogs

A fair summary of blogs?

Peter Hartlaub, Pop Culture Critic at The San Francisco Chronicle, writes today of the blogging phenomenon at the Democratic convention and, surprisingly, concludes that “for several moments in four days of sleepless and often stream-of-consciousness coverage, the collection of mostly young writers ably explained their existence — while raising questions about the established media’s ability to stay in touch with readers, viewers and listeners”.

Quite positive, but I’m not crazy about the other things he says. He seems to think the only valuable blogs are political: “Every Web log hosted by a good writer who can type an interesting account of their day (such as Wilwheaton.net) is matched by 100 that constantly hit up readers for money, link any article that predicts a bright future for Web logs and name-drop other sites that do the same thing. Yes, most bloggers blog about blogs. But the political bloggers, as a breed, are a more focused group.”

Hmmm. Are the rest of us interested only in perpetuating our species? I doubt it somehow. It’s the typical perspective of mainstream media, I suspect (of which I’m still a member, I guess). Turn it around: Judging blogging by the most inane, self-absorbed blogs you come across is a bit like judging the mainstream media from a selective reading of family newsletters, parish fliers, smalltown rags and Fox. Blogging covers every conceivable topic, and unlike academia and localized publications, breaks out of any geographical or generic boundary. Political bloggers may be more focused, but where’s the serendipity in that? OK, so not all bloggers are Renaissance figures but I can think of quite a few who are. Blogging breaks more molds than we give it credit for.

OK, I’m waxing again. I’ll stop.

Service: Phlog? Photog? Photblog? Phoblog?

 From my friend Rani in Singapore, I read with interest of a new service designed by two 19-year old twins Keng and Seng. It’s called Phone Logger, or Phlogger, and it allows anyone (not just those residing in Singapore) to update their blogs (online journals called web logs, or simply blogs) via their handphone’s Short Message Service, or SMS. Actually it utilizes the more advanced MMS, or Multimedia Messaging Service, which includes longer messages and photos. The service is free, and while testing has already got 340 registered users.
 
An interesting idea, and great that it’s being developed in this part of the world. My main worry, apart from the less-than-mouthwatering name, is that it’s already been adopted to mean Photo Logging — see phlog.net, by a guy called Alan from Reading in the UK. Who was first? There’s also moblogging, for mobile blogging, which is pretty much the same thing as Photo Logging, firing off photos from your handphone to a website. Fotopages is one example of this. Other terms still floating around: Photog, Photblog, Phoblog. I’d plump for moblog to mean any blog that’s being updated wirelessly, whether it’s pictures or text. Objections, anyone?