boston.com News your connection to The Boston Globe
Globe West Updates News and updates from the Globe West Zone

« Immigration's effects explored | Main | Ad campaign targets parents of overweight kids »

Sunday, January 28, 2007

More news on the blogjacking front

REGION/CYBERSCENES

More interesting news on the blogjacking front.

The folks at Blogger (a.k.a. Google) finally got back to me after I sent them some questions about how widespread the blogjacking phenomenon is and what blog-hosting sites are doing about it. (For those of you just tuning in, Cyberscenes reported last month that the URLs to at least 2 popular local blogs were leading users to porn, scam, and spyware sites.)

Sean Carlson, a spokesman for Google, e-mailed me recently and confirmed that there has been a problem with "dictionary attacks" on Blogger and other blog-hosting sites. "Fraudsters" (his term) have been able to hack some passwords by basically running an electronic dictionary program through the password prompt, he said. If your password is a basic dictionary word like "banana," the bad guys have got you, he said.

Carlson also said that some apparent blogjackings are actually part of an only slightly less annoying trend that could be called bookmark harvesting.

In other words, spammers and scammers can scan domain-name registration sites for recently abandoned URLs that appear to have been blogs and snap them up. It's actually pretty smart in an annoying sort of way. Most of the dead blogs are probably still in the bookmarks and favorites lists of their former readers, and some blogs continue to be listed on blog-aggregating sites for quite a while after their authors have gone on to other pursuits.

Just a day after I heard from the folks at Blogger, I received an e-mail from Cynthia Iris, who was better known as the Wellesley-based blogger behind the Diana Chronicles, one of the blogs I wrote about that was directing users to spyware sites.

It turns out that Cynthia's blog URL appears to have been harvested, rather than blogjacked.

"Several months ago I deleted the blog," Cynthia wrote me. "Haven't given it a thought since. Just thought I'd let you know that the Diana Chronicles have been long gone as a legit blog."

If any of you out there in Wellesley or beyond still have a browser bookmark to the Diana Chronicles, best delete it now.

Read more of Ralph Ranalli's Cyberscenes column, a bi-weekly look at what's going on in the local blogosphere.

-- Ralph Ranalli

Sponsored Links