In Markos' recent diary, he mentioned the following:
The UID is no longer a marker of site growth, since spambots create fake accounts by the hundreds every day. We don't know why those are created, and they've never done anything. We mark them as spam and segregate them to make sure they do no harm, but those fake accounts have never done anything wrong ... except skew the UID. So you win, spambots! No more UIDs!
And in a number of front-page diaries, I've seen comments like
this:
#937,200: JuivgaleneJacquomes
#937,300: lywaEleonoreNowunnery
#937,400: PulriscilyzyklaWarnock
#937,500: AqontoinetigteCihoulter
#937,600: CaguddedollCharibolette
#937,700: adamrockey (spammer)
#937,800: violin14hose
#937,900: MevcdanieldyFlwoorence
#938,000: YajaiitpuraSyxnoddy
#938,100: seed67ease (spammer)
#938,200: EwudelsteuliqynIlana
#938,300: AgebolixStuweeny
#938,400: sistereditor1
#938,500: carbonpruner35
#938,600: ElsaHijawesthobyrne
We've added a whopping 1,525 more users in the last 24 hours. This is a continuation going back to May where we've been absolutely flooded with new users. I'm pretty sure almost all of these new users are spammers or bots. While the rate had been getting faster, it seems they suddenly started slowing down right when Hurricane Sandy hit. It slowed down to under 1,000 new users in a 24-hour period, and we were back down to somewhat over 100 new users every 24 hours or so, until about January 30th, when it exploded again. What are they planning?
The answer is that they're signing up merely to create backlinks on profiles for SEO purposes, as you can see on the profiles of those two users marked "spammer." Their work is already done, which is why they're not posting comments or diaries filled with spam. The fact that not all the new sign-ups are putting links in profiles is a standard ploy to mask the sign-ups that are putting links -- i.e., it's common to automatically create, say, 30 new accounts with only, say, 1 of them containing a backlink.
If you use your favorite search engine that accommodates government interception equipment on company premises (but supposedly offers the government no "direct access" or "backdoor access"), you'll find that DailyKos features in several lists of "high-PR backlinks." There are even SEO professionals offering link-building services in which they dump backlinks for particular search keywords on thousands of high-PR sites, including DailyKos.
The root of the problem is that DailyKos isn't attaching "nofollow" to links in profiles. Details:
nofollow is a value that can be assigned to the rel attribute of an HTML a element to instruct some search engines that a hyperlink should not influence the link target's ranking in the search engine's index. It is intended to reduce the effectiveness of certain types of internet advertising because their search algorithm depends heavily on the amount of links to a website when determining which websites should be listed in what order in their search results for any given term.
The solution is to use "nofollow" in profiles (and possibly elsewhere -- I don't know every nook and cranny of this site). Eventually the spammers will realize that DailyKos is no longer passing on ranking power.
You're fucking welcome.
UPDATE #1: The Google page on "nofollow" is a bit more helpful than the Wikipedia article (though, to be fair, in terms of meta-helpfulness, Wikipedia doesn't issue a diabolically pointless 301 redirect from a non-SSL+PRISM page to an SSL+PRISM page):
Here are some cases in which you might want to consider using nofollow:
Untrusted content: If you can't or don't want to vouch for the content of pages you link to from your site — for example, untrusted user comments or guestbook entries — you should nofollow those links. This can discourage spammers from targeting your site, and will help keep your site from inadvertently passing PageRank to bad neighborhoods on the web. In particular, comment spammers may decide not to target a specific content management system or blog service if they can see that untrusted links in that service are nofollowed. If you want to recognize and reward trustworthy contributors, you could decide to automatically or manually remove the nofollow attribute on links posted by members or users who have consistently made high-quality contributions over time.
UPDATE #2: Can't believe you've sent a boring asshat like me to the rec list. You ought to be ashamed of yourselves. Thanks anyway, I guess.
UPDATE #3: OK, I've just noticed that DailyKos has the following robots.txt exclusion for multiple spiders/crawlers:
Disallow: /user
It's possible I'm overlooking further mitigating factors. Granting the best-case scenario, this means the search engines aren't even seeing the links on the spammers' profiles.
The problem is then that the spammers don't realize it. Even adding the "nofollow" to profile links, which is redundant in the best-case scenario, depends on the spammers being aware of its presence (not going by an outdated list of "dofollow* high-PR sites," for instance) and understanding its meaning. So a lot of this comes down to spammer awareness. If they think they're going to benefit by creating spammy accounts here, it doesn't really matter whether they will actually benefit or not -- the annoying sign-up problem is going to result anyway.
A note on the registration page, something to the effect of "Spammers: This site uses robots.txt exclusions and the 'nofollow' property to STOP SEARCH ENGINES RECOGNIZING YOUR MOUTH-BREATHER LINKS," may help (those who aren't as much of a douchebag as I am can no doubt word that better and in a way that doesn't discourage sign-ups altogether).
* Trivia: There's actually no "dofollow" property you can add to code, but "dofollow" is commonly used on the spammer market to mean "non-nofollow."
UPDATE #4: Some people have made the observation that anti-spammer measures may unfairly affect legit site users, who deserve a little boost for their sites. In light of the discovery in UPDATE #3, legit site users don't appear to be getting a boost from their profiles anyway (diaries and such are a different matter, of course).