Tag Archives: Square

2441 – Otherside

As I said in the last post, today Venice is less oriented towards its canals, and that’s for a reason: Fewer and fewer people actually live there.

Venice has lost all its political power in the aftermath of the Napoleonic Wars. It fell to Austria, and although Austria soon lost it to the newly formed Italian state, this state was ruled by a Piedmontese dynasty. The center of Italy’s political power shifted to Turin, Florence and finally Rome.

Of course Venice was still rich, had a peculiar architectural style and was full of the finest pieces of art, yes was a piece of art itself, and thus it became one of Italy’s most important tourist attractions. Over time though the rich people began to move elsewhere, following the power, leaving their palaces as museums and hotels.

While tourists still use boats, it’s mostly the big bus boats, the Vaporetti. Those are much too big for the many small canals, and that frequently renders the former main entrances useless. Life has shifted from the canals to the small squares again, and at night, when most tourists have left, Venice is almost empty, only a ghost of its former self.

The Song of the Day is the Red Hot Chilli Peppers cover “Otherside” by Ben L’Oncle Soul. I have it as track four of the German edition of his self-titled 2010 album. It’s not on the US version that I link to, but at least you can hear it on YouTube.

1760 – Twilight

It’s past midnight, I’m in may hotel room in Františkovy Lázne in the Czech Republic. This is an old spa that, among many others, the great German poet Johann Wolfgang von Goethe used to visit. I have no idea how it fared through the days of Communism, but today it has regained a splendor that I did not expect to find. A beautiful place and you can be certain to see more of it and its surroundings in the next week.

“Twilight” is the Song of the Day. It’s the last song of Melody Gardot’s 2008 album “Worrisome Heart”.

It starts off as an instrumental, followed by a ghost song after a long pause. Oh dear, it was really funny that first time so many years ago, but can we stop that nonsense now? The song is nice though. Hear it on YouTube.

1635 – In Case You Wonder Why

Do you have a blog? Quite a lot of my readers do, and I thought I’d better relate something that I’ve found out today. Sort of a warning.

Do you get comment SPAM? Well, if you use WordPress, you most likely use Akismet to battle SPAM, and Akismet is really quite successful at it. Of course neither my reader counts (around 140 per day, around 200 page views on my photoblog, around 220 visits, around 320 page views on my programming blog) nor the number of comments are so high that I couldn’t do without it, but Akismet has made my blogging life quite easy.

There are different kinds of comment SPAM and due to the different natures of email and blogs, they are slightly different from what you may encounter in your inbox.

Some typical email SPAM types wouldn’t work as blog comments. This is certainly true of all types of advance-fee fraud, but also the typical phishing attacks make no sense. Both need the illusion of private messages being sent to you. With comments being public by nature, that doesn’t make sense.

A type that is common to email and comment SPAM is what I call the honest attempt to sell. Most of the time it’s something that would enlarge body parts or lengthen durations of inter-personal links, but whatever the product, the presentation is direct and up-front. You get some key words, sometimes embedded in completely unrelated prose, and finally you get links to the sites selling the stuff. Honest and straight-forward.

A variant is SPAM that doesn’t want to sell, but that wants to lure you to a page where your computer will get infected with malware. It’s less honest, less straight-forward, but it is a variant anyway, because both types want blog visitors to follow the links.

Then there is the other prototypical kind of comment SPAM, and that’s a blog-only type. It’s about building up links to the spammer’s sites, it’s about increasing one’s Google page rank. Here the spammer is not interested in blog visitors following the links, the only visitor they care about is the Google bot. Therefore they place such comments preferably on older blog posts, they try to be the only commenter on the post, in short, they prefer their comment not being read by humans at all.

As a commenter you have typically two ways to place a link: directly in the body of the comment or as the commenter’s home page. In trying to combat sales SPAM, blog software and anti-SPAM plugins typically limit the number of links allowed in a comment before it is flagged as SPAM, thus the link network builders tend to use the home page link, because as a blog owner you can’t really block those links. You want to encourage people to comment, and one of the incentives is the link back to their site.

After this somewhat lengthy introduction, what would you make of this comment, one in a series of similar comments that I got yesterday?

Author : Bertie (IP: , hist.multinet.no)
E-mail : 432@www.nak-nordhorn.de
URL : http://www.yahoo.com/
Comment: edfGDT Kudos! What a neat way of thinking about it.

Interesting, huh? The email is only visible for the moderator and it is doubtlessly made up. The author’s name is made up as well, the IP address may be from the actual connection and thus correct, but as SPAM is never sent from the spammer’s computer, it can’t be used to track him down. It won’t be part of the comment on the blog either, thus it does not matter.

What remains are the URL and the body of the comment. In about ten comments to as many different older posts, the URL was either http://www.bing.com, or as in this case http://www.yahoo.com. I guess, even though Microsoft partners with Yahoo recently, we can take for granted that this is not an attempt of Microhoo to increase their Google page rank. Obviously the link is not used here, the field was only filled out because SPAM bots like to fill out form fields.

The message itself consists of two parts, one six character token at the beginning and then a rather generic compliment. The compliment is directed at the moderator, as an enticement to get the message approved, but also to just have any text at all. Thus obviously it is about the token.

Author name, Token and compliment were different in all comments, only the home page URL was mostly the same. Actually it was the URL that immediately caught my attention, not the token, that gave away the spammy nature. Of course after the second comment it was clear, but what was not clear, was the question: WHY???

It took me some time, in my research I found an “Ultimate WordPress Comment Spammer” (google that phrase, it’s interesting), but that all was about link building or selling, never about SPAM without links.

In the end I found the solution. It is not verified, but I am pretty convinced that I’m right.

The settings that I use on my blog, what is most convenient for visitors and what is fairly safe for the blog as well, these settings are a WordPress setup where I set comments to “moderated” in general, but allow unmoderated comments for a particular visitor, after the first comment of that visitor has been approved. I don’t know how WordPress identifies visitors, I suppose it is just the private email address. The attack is directed at exactly this quite common and safe blog setup.

It’s a two part attack. First you place a comment with a generated, unique email address and a generated unique token. You do this in parallel on many blogs and on many posts. You save the combination of blog, email address and token in a database, and then you wait for some days.

We all know, Google is your friend, and that’s why the spammer keeps quiet for some time. It’s to let Google do its work. After a few days they just have to search Google for the unique tokens. Those that show up are on blogs where the moderators have approved the posts. If the blog setup is like on mine, the blog is now fair game. No further comments from that user will be subject to moderation, now the payload can be delivered, and that’s again “normal” SPAM.

The attack is still easy to identify as SPAM, even though it needs some pondering to realize what’s the purpose. I expect it to improve though.

One obvious improvement would be to use other URLs. I often don’t have the time to follow a commenter’s URL, thus it may go undetected.

The second thing is the token. It is easy to spot “edfGDT” or “xzaKRB” as synthetic tokens, but what about

Author : Bernie (IP: , hist.multinet.no)
E-mail : 432@www.nak-nordhorn.de
URL : http://www.berniephoto.com/
Comment: Kudos! What a neat way of thikning about it.

Here is no obvious token, only a typo in “thinking”. Sure, Google has 26,500 results for “thikning”, but up to now, there was not a single occurrence on manessinger.com, and Google allows you to restrict searches to a certain domain.

In the end I think we have lost another battle against the spammers. Carefully executed, this attack can’t be blocked automatically, because there are no indicators left. Unfortunately there is also no easy way for the moderator to decide. Generic comments are common. I make them at times and so do my visitors.

Take PJ‘s comment to “1630 – Some Excuse To Use “Mississippi Half-Step Uptown Toodloo”“. PJ writes

I love this photo. The lines and angles are superb.

Sure, the comment refers to a photo, but from the tags on my blog, it is easy to automatically classify it as a photoblog. The comment is a compliment, but I often get compliments. It speaks about lines and angles, but lines and angles are quite common in photographs. In fact, there is no substantial difference between PJ’s comment and the fictional Bernie’s, apart from the fact that PJ’s comment contains no spelling error or typo, but typos are common as well.

Sorry, PJ, for singling you out, hope you don’t mind.

Once again, this is not verified, but I think, though the technical details may vary, the general attack scenario is correct. I can’t think of anything else that would make sense.

So here’s the warning: Just keep an eye on the messages that you moderate, and remember that it does not take a link to make a message SPAM.

The Image of the Day is rather unrelated. I made it today in Villach. The Song of the Day is “Pourquoi (Why)” from Vieux Diop’s 2000 album “Afrika Wassa”. I couldn’t find this beautiful song on YouTube, thus I have uploaded it myself. Enjoy!

1275 – An Architect’s Dream II

We’ve been to Palmanova yesterday. That’s a small town south of Udine, just where the highway coming from Austria, the A23, meets the highway A4, Trieste – Venice.

It was built from 1593 as an ideal city – which mostly meant ideally suited for war. It’s a gigantic fortress in the shape of a nine-pointed star, designed by Vincenzo Scamozzi, and in the middel there is a completely oversized piazza, circular, with the cathedral on one side.

Palmanova is a nice place to visit, sit in the sun, sip a drink and watch people. At least that’s what we did 🙂

The Song of the Day is once more “An Architect’s Dream” from Kate Bush’s 2005 album “Aerial”. I used the title a year ago for “950 – An Architect’s Dream“. Hear the Song on YouTube.

889 – Nessun Dorma

Did you know that yesterday was the “World Day of Sleep”, trying to boost awareness of insomnia?

Well, I learned only today, but somehow it matches this image well 🙂

The Song of the Day is “Nobody sleeps”, “Nessun Dorma” from Puccini’s last opera Turandot.

Of course the orthodox version is the one by Luciano Pavarotti. If any song at all, this was his signature. Basically you can take any of his recordings, but why not the one from the original Three Tenors concert? YouTube has it for you.

On the other hand, what I really wanted to show you, was Lester Bowie’s spectacular rendition on one of his last albums with the Brass Fantasy, “The Odyssey Of Funk & Popular Music”. This is pure genius! Unfortunately I can’t really demonstrate it. YouTube has nothing at all, there’s nothing on Deezer and Amazon won’t give us sound samples. There is a 30 seconds sample from the beginning on MP3Shake, one of the Russian music download sites, but you really would have to hear the whole almost seven minutes. You can get it on iTunes, or otherwise you’ll simply have to believe me 🙂

888 – Cold & Wet II

Well, if 666 is the Number of the Beast, what may 888 be? Any idea? But whatever it is, 4554 is the Number of the Train, that’s for sure 🙂

Yup! From southern sun back to northern cold. Ouch, that hurt! We even had snow in the morning, and actually quite much of it.

Photographically this wasn’t my best day either. In the morning I was in a hurry, in the evening my brain hurt from hunting other people’s bugs in a heap of highly toxic code. Oh well!

The Song of the Day is one more time “Cold & Wet” from Bonnie “Prince” Billy’s 2006 album “The Letting Go”. The last time I used it on an image of our poor little cat 🙂

881 – Shadows and Light

This is an image made Thursday morning. We had a beautiful sunrise, rain as I left home, then again some sun while I was on my way, rain later and in the evening … you get it.

It was one of the short moments of blinding sun. I wanted to take an image of something completely different, when in a second the sun was there and I saw people coming my way and the shadows that they cast. I made three images, this being the best.

Basically there was not much choice of composition. I had the 35/1.8 mounted, people and their shadows were moving, the sun could have been gone in an instant (actually it happened just like that), there was only one option: shoot regardless, and do everything else later in post-processing.

The Song of the Day is “Shadows and Light“, originally from Joni Mitchell’s 1975 album “The Hissing of Summer Lawns”. There is also a 1980 live double album of that name, where she performs together with Pat Metheny, Lyle Mays and The Persuasions. I didn’t know about that, but I’ve just ordered it from Amazon. YouTube has the very compelling version from that live concert.

861 – On the Streets I Ran

Oh dear, six images shot today, two attempts at one subject (both came to nothing) and four in this place. Not much to choose from 🙂

Anyway. This is a place where I’ve tried my luck many times before. In fact, I like this place. It has a wild curve, there are people, so why shouldn’t there be thousands of opportunities?

Well, there never were. Normally, on my way to work, when I reach the place, I am already in a hurry. The other problem is, the traffic. It’s hard to take an image from this perspective, without getting crossing cars into the frame. This time I was lucky though. Just as I framed the shot, I saw the young man approaching. I made three shots of him and the second was pretty perfect. Not quite the perfection of HCB’s shot, but well, who would complain 🙂

Finding a Song of the Day took me some time, but “On the Streets I Ran” from Morrissey’s 2006 album “Ringleader of the Tormentors” is not such a bad match.

859 – Cold

As I said this morning, not much has changed. We still have snowfall, it still does not amount to much, but at least the cold has put an end to the slush on the streets.

It’s hard to choose an Image of the Day today. Initially I was sure I would go with this one of a young man crossing the street, obviously feeling uncomfortable in this weather. From a compositional point of view one could argue that I have cropped a little too tight from the right side, but I actually like that for two reasons: First, being close against the frame makes him look even more uncomfortable, and second, his position strongly emphasizes the implied movement along his line of sight, a line that roughly meets with the tracks on the left edge of the frame.

The other candidate, a snowed-in pavilion in a park is interesting for mainly what it contains. I’m afraid you can’t really see it even at the size that you get when you click the thumbnail, but there are blankets on the benches inside the pavilion. It looks like homeless people have slept there, and that must be one of the more miserable places to sleep, especially when the snow comes horizontally at you.

I finally settled with an evening image, the bicycles. I was not even sure if I should process it. After all, I had the guy crossing the street, but then I did, and when I let the reins loose, I was pretty satisfied with what I got. Looks somewhat mysterious to me.

The Song of the Day is “Cold” from Annie Lennox’ 1992 solo debut “Diva”. See the video on YouTube. Now tell me that this does not begin with a reference to Vivaldi’s winter 🙂

858 – More Winter

We had five centimeters of liquid snow in the morning, then falling temperatures and ice in the evening. Seems like it’s going on, and I suppose I like the cold version better 🙂

I write this in the morning, and as I’m looking out of the window, I see it’s snowing again. Guess what you’ll see tomorrow 🙂

Unfortunately I am beginning to experience computer crashes again. I think the culprit may be my oldest hard drive, the one with my music collection. I have deactivated it for the moment and have to do without music. No problem, I have it all in Carinthia and at work, nothing is lost.

It’s bad timing though. I have planned to buy a 2TB disk as soon as it is available, but that seems to take some more weeks. Some shops here in Vienna list the new Western Digital 2TB “Green” disk as available from next week. We’ll see. Normally that only means “not now” and it may take some more weeks.

Anyway. I’ll wait, then change the 1TB image disk for the new 2TB, the 1TB becomes the music and spare disk, and the old 500GB disk gets replaced. At least that’s the plan. Now let’s hope that the crashes stop, or else the plan would need reconsideration 🙂

Music-wise I’d like to stay with Vivaldi’s “Winter”, but this time we look at the complete opposite to yesterday’s Nigel Kennedy: Herbert von Karajan and Anne Sophie Mutter. No, it’s not fashionable, no, it’s not on period instruments, but, boy does this recording sing! In a way it’s the technical culmination of the pre-“period instrument” age, and it’s certainly perfect. Hear “Winter” again on YouTube.