It’s famous last words, but the problem is currently under control – one spam comment in the last few days, which is two orders of magnitude less than before. The spammers are using spambots to exploit a weakness in the blogging software for which I don’t think there’s any sure cure given the way it’s currently written. My fixes currently depend on some weaknesses in the spambots, but a smart spammer would be able to circumvent them with some thought.

If you get a “possible spam detected” message when you try to post a comment, please email me and let me know (lawfont at gmail dot com.

One useful tidbit: the spammers have cottoned on to an open redirect script on that doesn’t properly check destination (naughty!). This would be an excellent vector for a phishing attack, as the URL would display in an email client as resolving to (example: If you get a link to adobe in an email, don’t click it.