Spamming for profit

I never wanted to spam the Internet. Google made me do it.
This is what I told myself back then.
If spamming is so wrong, I wondered, how come it always works so well?

A long read, but a good read. Jeff Deutsch explains how starting in 2009 he was able to work only a few hours daily and still rake in a $50,000 a month in profit, by becoming a professional spammer.

It’s a pretty interesting perspective piece, since I spend my days and nights on the other side of the fence working on Akismet, which combats spam on millions upon millions of sites, including all of WordPress.com.

So, without further ado: Confessions of a Google spammer

WordPress announces the availability of Two-Factor Authentication

wordpress-logo-notext-rgbI’d like to preface this entire post with this: Way to go WordPress! I’m very excited to see this feature!

Today, WordPress joined the ranks of Google,  Apple and others in announcing support for two-factor authentication for it’s user accounts.  The only thing you need to take advantage of this added layer of security is a cellphone.  If you have a smartphone (iPhone, Android or Blackberry) then you can download the Google Authenticator app to display the login codes.  If you don’t have a smartphone or prefer not to use the Google Authenticator app, you can choose to have the authentication codes sent via SMS to your handset.

If you choose to go the Google route, you have the option to generate “backup codes” and “application specific passwords”.  The backup codes should be written down and stored in a safe place, you’ll need to use those if you lose/forget your phone and need access to your account. They’re single use and you get ten.

The application specific passwords are for apps that store a password and aren’t capable of interacting with a user for the verification code (the WordPress app for iPad is a good example).

I’ve been using the two-factor authentication from Google for my email account, hosted services and some linked accounts for quite a while now, and the added security is absolutely worth the extra few seconds it takes to login.  And while we’re on the subject of two-factor authentication; if you’d like to use your Google Authenticator app to provide an added layer of security to an SSH account (provided you have root access) there’s a great tutorial here.

A detailed write-up with step-by-step directions on how to enable this fantastic security feature for your account is available here:
http://en.support.wordpress.com/security/two-step-authentication/