Our Blogger blogs are hosted on our own domain. Are we at just as much risk as those blogs hosted on blogspot?
My immediate answer was "Somewhat". Then I realised that's pretty useless. A useful answer needs qualitative analysis.
Then I asked myself how relevant each of these issues are, anyway? So I rewrote the issues, and described them as threats. Some threats you can avoid, others you can't.
Threats that you may be able to avoid.
- Blogger accounts attacked by password guessing.
- Blogger blogs hijacked when deleted by the owner, and when deleted by a Blogger anti-splog bot.
- Blogger accounts attacked by identity theft.
Here you are vulnerable to an attack thru your Blogger account, which controls the Blogger database containing your blog, before publishing. You are not vulnerable to an attack against your blog, directly. The address of your blog (its URL) is not in the Blogspot domain. No botnets targeting Blogger will find your website, so you are safe there. Nor will any Blogger anti-splog bots scan your website.
Once attacked thru your Blogger account, you are only temporarily inconvenienced. You (not Blogger) control your external domain. You (not Blogger) can immediately, upon discovery of an attack, delete the splog content. Then you can restore your external website from backup (you are backing up regularly, right?).
My suspicion is that sploggers won't even bother to hijack an externally published blog, based simply upon the above. So in conclusion, you are probably safe.
Threats that you probably cannot avoid:
- Predictable online presence.
- Blog owners lack of technical experience.
- Blog readers lack of technical experience.
- Blogger blogs attractiveness to search engines.
- Homogenous nature of Blogger / Blogspot structure.
Here, I would suspect that your readers would be attractive targets, and your blogs attractiveness to search engines still makes it a juicy attraction to sploggers. But based upon the scenario above, I don't see them exploiting either of those factors.
In conclusion, for at least these threats, as analysed, I see the blogs published locally on Blogspot as being the only possible targets. Externally published blogs are not at risk.
(Edit 10/26): Today, I must revise the above assessment. Now, we see actual detection of a serious hijack of an externally published blog.