December 28, 2004
Blog spam on ISP reviews

Recently I started getting a number of bogus ISP reviews submitted to the ISP review system. They're just a long list of links, the same type of junk you see being posted to blog comment systems in an attempt by the spammer to improve their sites' Google rankings. It's the kind of stuff that made me shut down the comment system on this blog. My guess is the ISP review form looks enough like the MovableType (or some other software's) comment form to look like a target to the clients. I moderate all new posts so they never get seen, but that doesn't stop the bots from trying.

So what I did is simple, I made more fields required including ones the robots don't know to fill in. Now I'm wondering...

Is it time to use less obvious form names? "comment" is nicely mneumonic, but perhaps it should be off limits now.

How long before someone writes a spider client that fills in random but heuristically intelligent values to form fields on the web? It could even go so far as to enter CRC-compliant credit card numbers into order forms, if the form field names are somewhat standard. I'm wondering if in the future we'll have to fill out more "what is the word hidden in this graphic", are-you-really-a-human tests before long.

Hmm, there's probably big (but dirty) money to be made in writing an automatic word recognizer. Then you can make big (and clean) money writing the next generation are-you-human test.

Another loss of innocence for the net...

Posted by Jason Hunter at 09:22 PM
December 14, 2004
Top 10 Must-Read Java Programming Books

Greg Murray pointed out to me that my book "Java Servlet Programming" made the "Top 10 Must-Read Java Books" list. (

It's really unbelievable. I remember the day I sat down to start the book, sitting in front of an empty screen thinking, "Who am I to write an O'Reilly book? Man, I hope I don't seriously embarrass myself." Had you told me then that I'd end up on anyone's Top 10 list of all Java books, I would have pushed you out the window, Elaine style.

Posted by Jason Hunter at 05:38 PM
December 10, 2004
New Poll: Choose an XML object model

I've noticed that XQJ (the XQuery API for Java) has first class support for reading and writing DOM nodes but using JDOM and the other Java-based XML object models requires a lot more work. I'm wondering if that's proper. Is DOM really more popular among Java programmers? There's no sales numbers to compare so let's conduct a little poll. Please select the XML object model you use most (SAX and StAX aren't included as they're not object models).

No fair posting links to this poll to a product-specific mailing list and stuffing the ballot.

Posted by Jason Hunter at 03:10 PM