Following up on blog comments is part of the job for those of us contributing to the ThreatBlog. Well, I suppose it is: no-one else does it if we don't. :-)
Much of the time, comment handling involves dealing with the occasional comment spam that slips through our filters (there's an interesting item on a novel approach to blog-spam at Hype-Free, by the way that casts some light on how some spam evades filtering by seeming to be on-topic). However, given some of the stuff that I've noticed in the past few weeks, I thought it might be useful to give you some idea of how we deal with stuff that isn't blatant or not so blatant spam.
We're quite a small team and we all have a lot of other work to do, but we do approve appropriate comments pretty quickly, in general: we're not always as quick to respond as we'd like to be in responding, but we do our best.
Some comments are perfectly relevant: some are positive, some commentary is hostile, but that doesn't mean it isn't constructive or useful, and we don't reject comments just because they're critical of us or of ESET. Actually, we're more likely to approve comments that are critical but appropriate than we are comments that simply say "I agree" or "brilliant blog!":
- Sometimes, this is just generic wordage intended to get a specific link onto our pages.
- Lots of comments with no significant content that sound supportive are often assumed to be put up by ESET, and as members of the Research team, we intend to provide technical content and informed opinion, rather than pure marketing material. Not that there's anything wrong with marketing - that's what pays our salaries! - but that's not our work area.
A lot of the comments we see are actually nothing to do with the topic. (Of course, comment spam is hardly ever on topic, but that's not what I'm talking about here.) This is problematic, in that more often than not, there's no point in simply approving an otherwise legitimate if irrelevant post, since it requires an answer. Sometimes we'll answer these in email rather than approve and answer a comment.
Either way, a lot of these turn out to be support queries. Sorry, but we can't answer support queries: we would if we could (and some of us have, in other contexts), but we're not resourced to do that in this team, and our expertise isn't in the minutiae of ESET products. So unless it's something we happen to know the answer to off the top of our heads, I'm afraid we'll have to refer you to support resources like the ESET knowledge base at http://kb.eset.com/esetkb.
Then we have the occasional interesting comment compromised by the fact that it's clearly aimed at promoting a rival company. Sorry, but it has to be really interesting before we'll consider that, and the security equivalent of an unpublished Shakespeare play before we'll consider approving it before editing out the advertorial comment. Unfortunately, that means that such posts will generally have to wait until we have time to edit them...
All that said, we really do appreciate all the informed comments and debate that some of our blogs attract!
David Harley
Director of Malware Intelligence
