Full disclosure: Duncan Riley was one of the founders of b5media, my current employer. He is no longer with the company. That said, he left before I was hired, and I don’t know him, other than by what information is publicy available. This post is written by me as an individual WordPress developer, not a b5media employee.
Matt Mullenweg, co-founder and one of the lead developers of WordPress:
Vanilla, the popular open source forum software, is now embedding sponsored links in every download so when you install it they’re on your site. This strikes me as a bad idea the same way sponsored themes are, except worse because it’s in the core code.
Duncan Riley responded at TechCrunch with How Grey Is Your Valley: Making Money From Open Source. The main point of the post seemed to be that since Matt (via Automattic) is making money off of Open Source software, he has no room to critize others for making money from Open Source software.
This is a complete straw man. Matt wasn’t criticizing people for making money off of Open Source software, he was criticizing the way they were making money in this specific instance: namely, by participating in search engine spamming schemes. Search engine spamming isn’t a grey area — it’s a black area. Duncan tries to lump all money-making activities that leverage Open Source software into a grey area — a position that morally equates spamming with a legitimate enterprise like Automattic. The entire premise of the article is incorrect: Matt wasn’t criticizing the idea of profiting from Open Source software, and the case he was specifically addressing was not a grey area… it was spam.
Duncan makes a few other remarks that deserve a response.
Akismet is a service that relies on the failure of the WordPress code to be able to natively deal with comment spam.
This assumes that an Open Source application which, until recently, was only updated roughly once every 6-9 months, should be able to deal with the comment/trackback spam issue in a way that doesn’t require a lot of maintenance or unduly burden users.
One method of web spam prevention is a CAPTCHA (you know, one of those distorted letters-in-an-image things). Problems with CAPTCHA:
- cheap human labor can be used to solve these and enable spamming
- computers can technically solve them
- Disabled users (or even those with slightly less than perfect eyesight) can’t solve them. Heck, sometimes I can’t solve them, and I have perfect vision!
- They place a burden on your users
- Does not apply to Trackback/Pingback spam
Another way is by using a complicated anti-spam plugin like Spam Karma 2. Problems:
- It’s really complicated
- It requires a lot of tweaking
- Spammers can see how it works, and can thus circumvent it
And both these solutions share a common flaw: they’re Club solutions. That is, the more people who use them, the less effective they become. If you’re operating the only blog in the world with CAPTCHA and Spam Karma 2 — you’re going to be fairly spam-free. But once enough people use those measures to make it worth spammers’ while to figure out a way to beat those measures, they’ll spend the effort. So these methods require constant updates (tricker CAPTCHA, better Spam Karma 2 rules) to work.
Akismet works for three reasons: spam reporting is communal, so when one site reports spam, all other sites benefit. Another reason that it works is that its sauce is secret. Spammers don’t know why a particular comment was blocked, so they can’t easily learn how to work around that block. The last reason is that Akismet is a remote service, and thus is being constantly updated for all users. No one needs to upgrade their blog or a plugin in order to get the latest level of Akismet spam protection.
Akismet was created because Open Source locally-run anti-spam measures have shortcomings, and because Matt knew that he could build a service that didn’t have those shortcomings. If a blog-level anti-spam solution without such shortcomings presented itself, I have no doubt that Matt would have it in WordPress in an instant. And if he didn’t, well, he’s not the only one with commit access to WordPress. I know I’d put it in, and I don’t have the conflict of interest Matt is accused of having.
It was not that long ago that Mullenweg was sprung for including in excess of 150,000 spam pages on WordPress.org; it was an honest mistake but as they say, people who live in glass houses…
Matt made a huge mistake by allowing that. I was disappointed in him at the time, both personally and professionally. But he’s learned from that mistake. More than that, he’s lead efforts to warn others about that kind of behavior. That’s what the whole “sponsored themes” thing was about. That’s what the Vanilla comment was about.
I just remain unconvinced that those offering the odd paid link on a WordPress template is any different or worse than Mullenweg, who not only stuffs links to his own blog in every standard install of WordPress [...]
The default blogroll is a source of contention, to be sure. Personally, I’d like to replace those links with links to WordPress documentation and resources, and stick the WordPress “credits” and “props” inside the admin, where they won’t be indexed by search engines. But even so, there is a huge difference between paid commercial links and unpaid non-commercial links. Also consider that the default blogroll is “legacy.” That is, it was created in a much more innocent time, when people didn’t consider the SEO ramifications of such an inclusion. To hear Matt, me and several other WP developers weigh in on this issue, watch this video (timecode 109:55).