The obligatory 'over lunch' session with Allen Noren (VP Digital Initiatives O'Reilly), Jonah Stein (ItstheROI), Steve Huffman (Co-Founder Reddit), Matt Cutts (Google) and me - totally off the record but very interesting.

World 2.0 Myths and Reality
About growth outside of Western Europe and the US.

Aldas Kirvaitis. Forticom
David Jones. Friendster - biggest in Asia
Benjamin Wegg - Prosser. SUP

- You can take an existing large user base and convert it into a social network service, this is what LiveJournal is good at.
- The opportunities for foreign companies to simply enter Russia and the Baltics that existed a few years ago no longer exist. Local businesses and entrepreneurs are now more succesful. IN dealing with Russians you need to be a lot more direct about you aims and direction.
- Not all revenue models for social media sites work in all territories.
- In China there is a mindset that China is so big companies should only focus onthe Chinese markets, which is why some great companies aren't looking to expand overseas from China.
- Tencent QQ (QQ) in China is massive. However most revenue comes from virtual currencies. Ripe for acquisition.

Defending Web 2.0 from Virtual Blight (the spam session)
A session about virtual blight, spammers, hackers, vandals....
Moderator. Jonah Stein - http://www.itstheroi.com - Moderator is a search marketer.

Steve Huffman - Reddit
- Karma, people get obessed with getting numbers, "video game mentality", getting more karma on Reddit incentivises people to submit links.
- It's usually possible to spot spam using common heuristics.
- Humans usually only submit once per hour, bots submit every minute. (Reddit introduced rate limiting)
- Introduced Captha  - stopped 99% spam
- State or art is bayesian spam filters.
- 50% submissions are spam.
- Tells story about how their number on user, was workign for an ISP, and using it for spam.
- Collaborative spam groups are current biggest issue.
- Use tricks so spammers think they are winning.

Jonathan Hockman - Defending Wikipedia
What they do to keep wikipedia free of blight.
- Shows how Wikipedia is #1 for lot of searches. "High visibility attracts trouble makers"
- Any social, political or other issue that exists in the real world exists in microcosm on wikipedia.
- The human causes of blight.
- 'Patrols' are used in wikipedia to watch over a class of content and take appropriate action.
- Use bots. 'cluebot' does a lot of the work on Wikipedia. Wk bots play nicely with human editors.
- Cruft is a form of blight - its like litter/garbage
- Wikipedia spam blacklist. It's very good and available to other people to use. Jonathan thinks Matt Cutts from Google might use it but Matt wont confirm.
- Cabalism - how do you stop powerful Cabals forming. Refers similarity with Reddits issue with collaborative spam groups.

Sanjay Sehdal - Pramana
- Tech licensed from Georgia Tech IT dept.
- In the business of bot detection for other websites.
- Captcha, it should be good but the problem is it wont work for the visually impaired.
- Lists: varients of captcha and issues - image, audio, math problem (as used by Matt Cutts), logic puzzles, video, ascii image.
- Jokes: math problems are commonly used in Brazil, but this presumes all Brazilians are good at maths...

Matt Cutts - Google
Gets introduced by Jonah as "the enemy of search marketers everywhere, but he has probably done more to illiminate spam from the internet than anyone else".

If you are as succesful as Reddit and Wikipedia what kind of attacks might you see.
Blight: Links
- Blog spam - shows an example.
- Are you susceptable. If you provide a service that provides links...you'll get hit.
- Says "don't nofollow every link to a third party site, that's not what it is designed for" just links you don't trust, allow links you trust.

Blight: Parasitic hosting / Landing pages
- If you have a service where people can add a page or profile they will add content for links.
- Shows example of a Javascript hidden in a hosted page that does a redirect. The javascript is all encoded to hide the redirect. Says Google loads Javascript and evaluates it.
- Don't allow users to load code in your site.

Blight: Hacking
- Firstly it is Illegal
- Infects sites or users in order to get links
- Says in tests they did Google found 1.5% of links in search results led to malware. March 2008.
- Shows an example of a new employee at Google on the anti-spam team who's site had been hacked...much to his surprise. So it can happen to anyone.
- Wordpress...make sure you upgrade to new versions or you will get hacked.
- Cpanel has had a lot of security holes.

Blackhat mindset: How can your system be abused?
Gives some examples of scenarios which get his blackhat mindset working.
- Handing in old passes at the web 2.0 conference? what could I do with those?
- Buying new domains year on year? Doesn't that set you up for spammers buying the future domains.
- Old domian names expiring, gives askjeeves example.

Blight in perspective
- any succesful site will bring out spammers
- If your being attacked you are doing something right

Reference material
White Paper: "All your iFRAMES point to us" (pdf)
White Paper: "Ghost in Browser" (malware detection) (pdf)
Google Security Blog: http://googleonlinesecurity.blogspot.com

Additional references and quotes:
http://www.virtualblight.com

"frustrating a spammer is as much fun as blocking them"
"captchas wont be the only solution"