in reply to (OT) nofollow considered harmful (was: CPAN::Forum opens its virtual doors)
in thread CPAN::Forum opens its virtual doors

No, it doesn't. Your legitimate users log in, and you trust their links. The jitter you've linked to is from bloggers, who care about their own ranking but don't usually offer their visitors a login. Their inbound links (and thus, rankings) typically come from reciprocating comments on other blogs which don't have logins either, which is why they're worried.
  • Comment on Re: (OT) nofollow considered harmful (was: CPAN::Forum opens its virtual doors)

Replies are listed 'Best First'.
Re^2: (OT) nofollow considered harmful
by Aristotle (Chancellor) on Feb 05, 2005 at 20:37 UTC

    Except that solves nothing at all because it's easy to automate signing up or do it manually. (As a data point, use.perl.org had some spam a while back.)

    And not even that matters much, because regardless of PageRank, someone might actually click on one of the posted links, too (which is what I was referring to with my email spam comparison).

    The depressing fact to keep in mind is that spammers don't care. They won't check whether you use nofollow. Why should they? It just takes time they could spend spamming someone else. Since they're not trying to be nice in the process anyway, whether you are bothered by spam which gains them nothing is going to have exactly zero effect on their behaviour. You are just one flower on a praerie with millions waiting to be pollinated.

    Which is why nofollow doesn't solve the problems of anyone except Google.

    Makeshifts last the longest.

[reply]
      Of anyone except Google and its users, you mean; and also other search engines using some other ranking algorithm that considers inbound links.

      I am well aware of the quantity-not-quality maxim etched into a spammer's brain. However:

      • The proposition that adding a link costs the spammer nothing (presented in one of the articles you linked to) is false. There are several kinds of costs involved in posting a link. These include figuring out what forum software this is and how to post to it, as well as actually making the post. Signing in to many sites *is not* easy; it's probably the most expensive step. Admins can suspend accounts used for spamming (and easily delete all their posts), so it's less attractive for the spammer to use the same account for many posts.

      • The value of a spam comment *is* different for the spammer depending on whether this link is nofollow or not. Not convinced? Google for nofollow and you'll see someone actually advertising for a product/service that alerts advertisers about "cheaters" who carry their ads but add nofollow to them. (This may be a ploy by Google, but that's just a little too conspiracy-theory for me.)

      The idea isn't to stop spam by making it impossible. Like hashcash, and indeed most any technological mechanism against spam, the idea is to make it somewhat less profitable (while not significantly increasing the costs for regular users). One result is that more sites will have an indirect incentive to add prove-you're-a-human measures, which is not a bad thing, even if the state of the art in that field isn't perfect.

      This tech is easy to implement and make use of, so it has a chance of being adopted widely by software used to post comments.

[reply]

        All of these points are already addressed in the posts I linked in my previous node, but to be abundantly explicit, here goes.

        Spammers operate by targetting mass use software. They take a blogging tool, forum engine, or whatever it is, figure out how to spam any site using it, and then look for telltale signs in URLs such as mt-comment.cgi. Often they don't even visit the associated blog or forum. Check the access logs of an affected site if you don't believe me: all they usually do is dump a lump of their links onto the posting script and move on.

        To these spammers, checking for nofollow is just extra cost without any benefit. And there is no cheap defense against them either. If so many people required registration that profitable spamming necessitated dealing with that, then registration would quickly be dealt with by the spammers and would become useless.

        Only as long as your URLs don't look like those of commonly targetted software are you reasonably safe from this sort of automated spam. Unless, that is, it became fashionable for everyone to use custom URLs. But then spammers would actually have to crawl sites to find post forms, in which case the presence of nofollow might make a difference.

        The value of a spam comment *is* different for the spammer depending on whether this link is nofollow or not.

        Sure. Now let's remember that in the time it takes to check whether there is nofollow he could also have delivered a batch of spam, and then explain to me what kind of economic sense it makes for a spammer to check for it.

        The fact is, spammers don't care. If they can spam you, they will. nofollow is useless to you as a site owner. It only helps Google when they visit your site.

        you'll see someone actually advertising for a product/service that alerts advertisers about "cheaters" who carry their ads but add nofollow to them.

        Again this is something addressed by one of the linked posts. And it just goes to show that nofollow will make a much bigger difference for non-spammers than it will ever affect the spamming problem.

        Like hashcash, and indeed most any technological mechanism against spam, the idea is to make it somewhat less profitable

        No, you can't compare the two at all. Hashcash prevents spam from happening in the first place. nofollow makes Google less affected by spam after the fact. In other words, if you aren't Google, then nofollow is useless to you while Hashcash isn't.

        Well, unless you're trying to deprive your competitors of PageRank despite linking to them.

        Makeshifts last the longest.

[reply]

In Section Perl News