I feel badly for Prof. DeLong, who is battling comment spam (and wrestling with Movable Type) over at his semi-daily journal. He’s currently swearing by MT-Blacklist, but I read another recent blog posting which complains that MT-Blacklist isn’t all it’s cracked up to be, and can even trade your spam problem for a server load problem.

The article goes on to suggest darkly that Google hasn’t acted against comment spam because of their financial stake in Blogger, but I think this is unlikely — I think it’s just a very hard problem. Staying ahead of a motivated attacker is nearly impossible, as countless computer security experts will attest — close one hole and a motivated attacker will just find another. I looked for a reference to this idea on Bruce Schneier’s site, but I couldn’t find one.

It’s the evil-Universe doppleganger of Open Source software development: not only do we have “given enough eyes, all bugs are shallow,” but also “given enough spammers, all opportunities will be exploited.” It’s the same everywhere — a truly determined attacker, no matter how many holes you plug, will find a new hole.

It’s not enough to blacklist commenters, to bayesian sort your email, to digitally-rights-manage your music, to X-ray every bag at the airport. Motivated parties will find a new way, a new method, a new weakness to exploit. There just isn’t a long-term technical solution, as far as I can see.

I shrugged it off, back in 1994, but maybe spam is going to turn out to be a big problem.

So I was at Best Buy the other day, buying a couple of DVDs with a gift card from Xmas that I came across. I stumbled upon this Halo 2 Preview Pack they’re selling there, a box with an XBox controller and a Halo 2 non-playable demo disc, and some Best Buy coupons for $9.99. “Heck,” I said to myself, “even if it’s a cheap controller and a non-playable sucky demo, it’s probably still worth $10.”

Here’s the thing: it’s not. The “nonplayable demo” isn’t even really a demo — it’s a DVD. And the controller is so awful, just holding it in my hands makes me feel like a loser. And the coupons are all for XBox titles from two years ago. So yeah, I got ripped off by Best Buy.

Prince of Persia: The Sands of Time — this may be the best video game since the Wind Waker Zelda game. There are a few things about this game that I find really enjoyable. Firstly, the graphics (at least on the XBox version) are fantastic, and the huge areas and vistas are beautiful. The way the prince moves is so fluid and natural, I find myself stopping to marvel at it, even halfway into the game. Second, the gameplay is really well designed and fun. Nothing seems hard exactly, but there is just enough challenge to keep me interested, but not so much that I’m losing patience with the game, like in Splinter Cell, where things were either ludicrously easy or insanely difficult (for me, anyway). Also, the designers built the levels in such a way that new puzzles and types of actions are constantly becoming available to maintain interest, in contrast to games like, say, Deus Ex 2, where the only things that revealed themselves over the course of the game were lame new type of guns and enemies that were harder to kill.

Gamefly delivered Star Wars: Knights of the Old Republic to me yesterday. So far, it’s pretty great. It turns out that I’m really into RPGs. Must have been my nethack upbringing. Oh, for a crysknife!