no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
Posted Jun 22, 2014 14:43 UTC (Sun) by khim (subscriber, #9252)In reply to: no one uses them, if they did, search engines would ignore them by anselm
Parent article: Microformats turn 9 years old
Easy. If people will actually start actively using such microformats then spammers could produce legitimately-looking pages of various companies (with correct address information presented on pages!) which will send users to spammer-provided location only when they will try to actually use entry from their address book.
Microformats could only exist in obscurity or in controlled conditions (e.g. on the intranet). Otherwise they will be exploited sooner or later.
Posted Jun 22, 2014 15:56 UTC (Sun)
by anselm (subscriber, #2796)
[Link] (19 responses)
Unlikely. I would expect a »microformat address extractor« to present the extracted address record to me before actually adding it to the address book, with an opportunity to delete or edit any field, or to reject the record outright. Obviously doctored URLs and such wouldn't make it into actual address books. (The extractor could also check blacklists like Spamhaus DBL to see whether the domains of any of the URLs in the record show up there, and emit suitable warnings or reject a record automatically.)
This is a quality-of-implementation issue on the part of software that deals with microformats. By your reasoning, e-mail should have been abolished long ago because most e-mail messages are spam. Yet strangely, for many of us e-mail is still a useful resource.
Posted Jun 22, 2014 18:46 UTC (Sun)
by bronson (subscriber, #4806)
[Link] (7 responses)
I remember people trying that a decade ago. It's too much work -- you need easy-to-use software to discover the record, present it without irritating the user, correct it, and save it somewhere useful. And it must be upgraded as the formats evolve. It sounds great in theory but the end result is always a mess that only appeals to the tiny nerd demographic.
I've got to admit, I'm surprised that not even the calendar event microformat has caught on. That seems so simple and so useful that it's almost cheating. But nope, basically zero uptake.
Posted Jun 22, 2014 22:50 UTC (Sun)
by anselm (subscriber, #2796)
[Link] (6 responses)
This is really a chicken/egg problem. Few people bother to publish data using microformats because there isn't a lot of software that uses them. On the other hand, few people feel the need to write software that uses microformats because they are so little used.
I don't think we need to appeal to the »nerd factor« to explain why we don't see more microformat-enabled web sites.
Posted Jun 23, 2014 2:02 UTC (Mon)
by bronson (subscriber, #4806)
[Link] (5 responses)
When there's demand, it's no problem. When there's very little demand, though...
Posted Jun 23, 2014 8:10 UTC (Mon)
by anselm (subscriber, #2796)
[Link] (4 responses)
Fair enough.
However, let's not forget that the initial question was how a SEO scammer would actually game microformats such as vcard information, to which khim posted a frankly ridiculous and easily refuted answer.
So suppose for a moment that microformats were indeed popular and widespread. How would a spammer arrange to, say, subvert an event microformat when (a) getting data from the page with the event on it into someone's calendar requires an explicit action (unlike spam e-mail, where the spam shows up in your inbox without an explicit action on your part), and (b) the microformat extraction tool implements reasonable and straightforward safeguards similar to those found in most web browsers or MUAs (e.g., the tool would enforce that an event listing in a microformat can only contain URLs with the same domain as the page it is on)?
Posted Jun 24, 2014 6:41 UTC (Tue)
by bronson (subscriber, #4806)
[Link] (3 responses)
Now a bit of speculatin' on the problems that a good, general purpose microformat tool might have to overcome...
First problem might be that people will click absolutely anything with an OK button. When adding calendar events that's no big deal (worst case, alarm at 3:30 in the morning: Buy \/ia9ra!) Other formats would need to be more careful, but how do you do that without harming convenience and usability?
Another problem, seems like users would probably get desensitized to notifications. (on every page: "Add Slate to your address book!" "Add Slate to your address book!") This sounds like a problem like browser popups: only solution is to keep tweaking heuristics until you find an adequate compromise between advertisers and users.
Also, scope. How does one microformat tool integrate with all your other applications? Contacts (email, mail, phone, IM, etc), calendar, social graphs, outlines, CV, and all the other ones? Seems like it's got to be built into the browser?
Those seem fairly insurmountable to me. But then again, so did Linux graphics drivers, Wikipedia, and YouTube's business model. I'd be more than happy to be proven wrong.
Posted Jun 24, 2014 9:53 UTC (Tue)
by krake (guest, #55996)
[Link] (2 responses)
It could be something unobstrusive, like the RSS icon that appears when there is an RSS source available.
This way the user would initiate the data transfer.
> Seems like it's got to be built into the browser?
I guess that makes most sense, the difficulty would be to find some kind of plugin API so that browsers could easily hook into the paltform's data services.
Posted Jun 24, 2014 18:26 UTC (Tue)
by bronson (subscriber, #4806)
[Link] (1 responses)
Posted Jun 25, 2014 6:58 UTC (Wed)
by krake (guest, #55996)
[Link]
They are a trade-off between spacial needs and clarity.
I find the RSS icon useful, I've added many feeds to my reader that way.
But such an icon is just one option, if there are better unobstrusive ways to make the user aware of the additional content then they are obviously also valid and probably preferably choices.
This was just an example that enabling users to access additional content does not require interrupting their present task via a popup.
Posted Jun 22, 2014 19:29 UTC (Sun)
by khim (subscriber, #9252)
[Link] (10 responses)
They wouldn't make in your address book, sure. But people like you and me are insignificant minority. Even if only just half of users will add the spoofed address it'll still be a will. What will it change? People will just not look there! E-mail is kept alive by it's network effect. New service with such a huge percentage of spam will have no chance. We've seen it happening with Jabber: Google tried to “make it work” for years but eventually gave up since most users who tried to talk with GTalk users using not official client but something else were spammers.
Posted Jun 23, 2014 9:32 UTC (Mon)
by zlynx (guest, #2285)
[Link] (1 responses)
Really? I suppose that this could be true.
I rather think that the majority of users were using multi-protocol chat clients like Pidgin, Empathy, Adium, etc.
Out of the people I know personally, the only official GTalk client we use is the one included on Android phones. *Everyone* else uses a unified IM client.
How else would we talk to people on Yahoo, AOL, MSN and Google without running multiple chat clients? Which is just silly.
Posted Jun 23, 2014 14:05 UTC (Mon)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Posted Jun 23, 2014 16:07 UTC (Mon)
by krake (guest, #55996)
[Link] (7 responses)
What?
I've been using Jabber for years, including two gmail accounts and I have not received a single spam messsage. ever.
With email I receive several on each account every day.
Since I have never used GTalk I can only assume that this is a flaw of that particular client software.
Posted Jun 23, 2014 18:21 UTC (Mon)
by raven667 (subscriber, #5198)
[Link] (6 responses)
I don't think federation became super popular because users are used to using multiple clients, or multi-protocol clients, and having accounts on each IM system they use, the problem has been worked around sufficiently that it is in no ones particular interest to consolidate more even if that would be better for the system as a whole, like a Nash Equilibrium.
Posted Jun 23, 2014 18:53 UTC (Mon)
by krake (guest, #55996)
[Link] (2 responses)
I was puzzled by the claim that there was rampant spam on Jabber.
So I was wondering if that was somehow a flaw in the GTalk client the other poster referred to.
Sure, I could have been just very lucky but given the amount of spam I've received in the same time frame via email, I don't consider that very likely.
Posted Jun 23, 2014 23:01 UTC (Mon)
by mathstuf (subscriber, #69389)
[Link] (1 responses)
Posted Jun 24, 2014 7:10 UTC (Tue)
by krake (guest, #55996)
[Link]
Good to know though, thanks!
Posted Jun 23, 2014 23:09 UTC (Mon)
by dlang (guest, #313)
[Link] (2 responses)
Posted Jun 24, 2014 2:35 UTC (Tue)
by raven667 (subscriber, #5198)
[Link] (1 responses)
https://www.eff.org/deeplinks/2013/05/google-abandons-ope...
Posted Jun 24, 2014 5:57 UTC (Tue)
by dlang (guest, #313)
[Link]
Posted Jun 23, 2014 21:27 UTC (Mon)
by ballombe (subscriber, #9523)
[Link]
The fact that these records follow a well-known specification means that I can process them using generic RDFa tools instead of debian.org-specific tools.
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
E.g. a "Contact" icon appearing when there is an embedded contact information.
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
Obviously doctored URLs and such wouldn't make it into actual address books.
I would expect a »microformat address extractor« to present the extracted address record to me before actually adding it to the address book, with an opportunity to delete or edit any field, or to reject the record outright.
By your reasoning, e-mail should have been abolished long ago because most e-mail messages are spam. Yet strangely, for many of us e-mail is still a useful resource.
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
The answer is "we don't", of course.
no one uses them, if they did, search engines would ignore them
How on earth would that possibly work?
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
In my 6 years of using Jabber (probably longer, the current client's logs go back to 2008) I've never received a single spam message on any of the accounts on any of the servers (including gmail).
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
no one uses them, if they did, search engines would ignore them
trust. For example, I trust *.debian.org hosts and they do publish RDFa records, which I use.