Slashdot Mirror

The users who didn't "sign up for this kind of thing" can quit themselves. I, for one, did sign up for it, and I'm more than a tad pissed that the one obviously functional way to thwart spammers has been removed from my arsenal.

I can think of four possibilities for the real reason Blue Security is offline now:

1) It's a ruse, perpetrated either by BlueSecurity for unknown purposes, or by someone posing as BlueSecurity. http://www.bluesecurity.com/ is still down, so I'm going to wait and see what shakes out.

2) Reshef received enough serious threats against his person, family, friends to be forced out. This is absolutely possible when someone is the spearhead of stopping a less than legitimate flow of money.

3) Reshef took a payoff from the spammer(s). One would hope this wasn't the case, but it has to be considered as a possibility.

4) BlueSecurity's business model wasn't profitable. It costs a lot of money for hosting and internet services, especially when you're the target of DDoS all the time. BlueSecurity could have run out of money.

In any event - someone with big cohones and a crapload of mon-ay, please pick up the ball and run with it.

On their page (when it's working of course) at http://www.bluesecurity.com/:

Blue Security Ceases Anti-Spam Operations

When we founded Blue Security in 2004, we believed that if we automated a way for users to rise up and exercise their rights under the CAN-SPAM Act, we could reduce the amount of spam on the Internet.

Over the past few months we were able to leverage the power of the Blue Community and convince top spammers responsible for sending over 25% of the world's spam to comply with our users' opt-out list. We were making real progress in eliminating spam from the lives of our users.

However, several leading spammers viewed this change as a strategic threat to their spam business. The week before last, these spammers launched a series of attacks against us, taking down hundreds of thousands of other websites via a massive Denial-of-Service attack and causing damage to ISPs, website owners and Internet users worldwide. They also began a relentless campaign of email intimidation against many members of the Blue Community.

After recovering from the attack, we determined that once we reactivated the Blue Community, spammers would resume their attacks. We cannot take the responsibility for an ever-escalating cyber war through our continued operations.

As we cannot build the Blue Security business on the foundation we originally envisioned, we are discontinuing all of our anti-spam activities on your behalf and are exploring other, non spam-related avenues for our technological developments. As much as it saddens us, we believe this is the responsible thing to do.

You need not do anything as a result of this change. We will continue to protect your names and addresses and honor all privacy commitments we made to you.

We have concluded we should not take Blue Security to the full deployment stage we originally planned to achieve, but we are proud of what we have accomplished thus far as a young startup company.

We are extremely proud to have had the chance to work with such a devoted and dedicated community: thank you for the vote of confidence you gave us over the past few months as well as the particularly vocal support you have shown over the last two weeks.

We will be innovating and building our technology in new, other directions and will continue to give back to you, our Community.

Thank you for your support,

The Blue Security Team.

http://www.bluesecurity.com/ - which seems to be up or down at any given moment.... still under attack?

Since quite a few people don't seem to know how BS/BF work I'm quoting a post I read on http://community.bluesecurity.com/webx?50@527.Rg3A aYm6mEY.0@.3c545f52


Does Blue Frog Employ DDoS Attacks? Some points to consider.
One. When any man woman or child on earth receives an Unsolicited Bulk E-mail message, (UCE) it is essentially just an advertisement:
1a. The recipient has been -invited- to visit the advertised service and conduct business. Real Distributed Denial of Service (DDoS) attacks are never preceded by an -invitation- from the party that is to be allegedly attacked. By sending the advertisement, the advertiser is consenting to receive a response if the recipient feels so inclined. It is advertisers hope that visiting will yield them money. It's called a market economy.
1b. Dissatisfaction is a valid transaction. Advertisers may not just cherry pick the cash yielding sales. If an advertiser does something to insult or enrage their target audience, they can expect to get a lot of phone calls - this is a healthy market dynamic which drives improved business performance and customer satisfaction. If it works for broadcast and print media, why would UCE marketers be immune from this healthy form of feedback?
1c. The recipient of the advertisement is not prohibited by law to conduct business transactions with the advertised service - just as the service is not prohibited by law to advertise. Should the recipient be dissatisfied and not wish to receive future advertisements, a single request for distribution list removal each time an advertisement is received is a valid practice within the law. The advertiser bears some duty to comply with removal requests in good faith. 1 to 1 responses do not constitute a DDoS attack as the sender of the solicitation has direct control of the responses they will receive. No court of law would be convinced otherwise for the following reasons: Intent to disrupt is not present, the objective of the opt-out request is clearly stated in civil terms, the origin of the opt out request is not hidden (though rendered anonymous for practical reasons), no extortion, blackmail or other form of crime is involved in the request, the advertiser has a clear and simple method of avoiding this undesirable traffic and was given due time to conform. None of these conditions are true under a typical real denial of service attack which sets apart the Blue Security method.
1d. Prior to the existence of the Blue Security service, recipients were technically not able to respond in quantity or form equal to the advertisements received. Filtration was the only effective solution to conduct e-commerce and personal correspondence amidst a constant flood of UCE. Historically to respond to a UCE was often dangerous or caused retribution attacks against the unhappy recipient. (The UCE industry refers to vocal negative recipients as "antis".) Responding to UCE has now become safe and feasible via the Blue Security system. The underlying method employed by Blue Security whereby "Party A advertises - therefore Party B responds" remains both ethical and legal. Not an attack.
Two. Regarding why the services advertised in UCE might crash or fail as a result of Blue Frog Opt-out requests, there are exactly two possible causes:
2a. The advertising party did not sufficiently design their infrastructure to be capable of managing the traffic which was generated by their ad campaign.
2b. The advertising party did not decrease their ad campaign to be commensurate with their capacity to manage response traffic.
-- The issue of UCE advertised servers crashing has nothing to do with the recipients of the ad campaign or any imagined DDoS attack. It has everything to do with the UCE senders being irresponsible and unprepared for their own actions. In simple terms, it would seem that UCE marketers who target Blue Frog members end u

How many of you, who were already subscribed before the attack can still use you client without problems?
It seems like the member section of BS site is down ATM for maintanace. Check http://members.bluesecurity.com/cwa

Skybox Security Solutions

Simulated DDoS Network Attacks and Network Intrusions

Customer Challenge:
Large corporations often hire consultants to conduct quarterly penetration (DDoS)
testing on specific segments of their corporate network. This testing can cost over
hundreds of thousands of dollars, and also exposes the network to many potential
disruptions. These disruptions are the result of the intense DDoS attacks testers
can impose on live networks in order to isolate vulnerabilities and weaknesses.
Since the network is constantly changing, and DDoS attacks are rarely dispersed
from a centralized location, the penetration test results often become nullified and
end up being limited to a small portion of the total network.

The Skybox Solution:
Skybox Security performs accurate and non-intrusive DDoS attacks across a larger
portion of the corporate network. The tests are modeled and analyzed through an
automated process via our large botnet network rather than manually performed on a
live network. As a result, the tests are repeated rigorously on a scheduled basis
without any fear of network disruption. Through DDoS attack and access simulation,
vulnerability exposures as well as security control weaknesses are revealed instantly.
DDoS attack simulation discovers all possible attack scenarios and reveals the step
by step process that an attacker or worm may follow. It illustrates specific vulnerabilities
to be exploited and network access traversed for each exploitable path. Access simulation
calculates network access privileges determined by firewall and routing configuration.
Our botnet helps characterize the interconnectivity between any two given points, reporting
not just whether access is possible, but also the detailed path to reach a final destination.
Based on these combined results, security personnel are able to determine what additional
DDoS attacks are necessary and where to deploy our organizations penetration testers.

Awards:
Info Security - Info Security Hot Companies 2006
The Wall Street Journal - One of the most innovative companies in 2005
Information Security Magazine - Product of the year
Network Magazine - Most Visionary Security Product
Network Magazine - Best of the Best in all categories
Secure Enterprise Magazine - Editors Choice
Gartner - " Cool Vendor " in the security & privacy space
SC Magazine Awards 2006 Winner - The Best Security Solution for Financial Services
IM2005 Award finalist - Information Security and Product of the Year

Company Profile:
Eran Reshef
Founder, Chairman & CEO of Blue Security ( www.bluesecurity.com )

A serial entrepreneur, Eran is currently the founder, chairman & CEO of Blue Security,
the do-not-disturb registry pioneer. Prior to Blue, Eran co-founded Skybox Security and
served as its Chairman. Prior to Skybox Eran founded and managed Sanctum (acquired
by WatchFire), the leader in web application security. Eran holds a variety of security-
related patents that are based on his inventions.

Rina Shainski
General Partner at Carmel Ventures ( www.carmelventures.com )

Following a successful career leading business development and R&D operations in
high-growth software companies, Rina has been investing in software companies ever since.
Before joining Carmel she served as the VP Business Development at Clal Industries and
Investments where she was responsible for software investments. From 1989 to 1996, Rina
hel

They deserve a break

No I think they like it

I just wanted to confirm what spyrochaete said: I was able to register, but I didn't get the confirmation email. When I try checking my account's email/domain page, it says:

Here's a link to their New User registration page, it should have been easier to find.

Really now. The problem with unwanted, unsolicited emails is that they exist in the first place. If you aren't being sent a hundred ads for Viagra, mortgage refinancing, and the latest greatest boomer stock, then you don't have to have a spam blocker or filter installed, and you will miss exactly NONE of your important emails. Best way to do this? Unsubscribe from every spam you get. A daunting task, to be sure, but not if you use BlueFrog. It does it for you, and with almost half a million users, it is a force the spammers can't ignore. www.bluesecurity.com to get signed up and download the client, or if you're just looking for more information. I highly recommend reading up on it, as the last few days have seen a small war between one irate spammer and the half-million people who are saying 'enough is enough'.

here's the one I got: From: "xxxxxxxxxxxxxx" Reply-To: "xxxxxxxxxxxxxxxxxxxx" To: xxxxxxxxxxx@gmail.com Cc: xxxxxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxxxxxgmail.com, xxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxx@gmail.com Subject: re:Don't pay attention to this email! Date: Mon, 01 May 2006 14:40:55 +0100 X-Mailer: Microsoft Outlook, Build 10.0.2627 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="--xxxxxxxxxxxxxxxxxxxxx" X-Priority: 3 X-MSMail-Priority: Normal Content-Type: text/plain; Content-Transfer-Encoding: 7Bit You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/ [bluesecurity.com] Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold. BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone. BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog. They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now? 1. Using your computer to send spam ? 2. Using your computer to attack competitor websites? 3. Phishing through your files for your identity and banking information? If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning...

here's the whole thing:

X-Gmail-Received: xxxxxxxxxxxxxxxxxxxxxxxxxx
Delivered-To: xxxxxxxxxxxx
Received: by xxxxxxxxxxxxx with SMTP id xxxxxxxxxxxxxxxxxxxxxxxxx;
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Received: by xxxxxxxxxxxxxx with SMTP id xxxxxxxxxxxxxxxxxxxxxxxxxx;
Mon, 01 May 2006 05:50:09 -0700 (PDT)
Return-Path:
Received: from 3CF5918 ([218.23.108.114])
by mx.gmail.com with SMTP id a1si5179001ugf.2006.05.01.05.49.58;
Mon, 01 May 2006 05:50:09 -0700 (PDT)
Received-SPF: neutral (gmail.com: 218.23.108.114 is neither permitted nor denied by best guess record for domain of thabto@esplanade.com)
Received: from 250.0.102.32 by 218.23.108.114; Mon, 01 May 2006 16:44:55 +0300
Message-ID:
From: "BARTHOLOMEW Julius"
Reply-To: "BARTHOLOMEW Julius"
To: xxxxxxxxxxx@gmail.com
Cc: xxxxxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxxxxxgmail.com, xxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxxxxx@gmail.com, xxxxxxxxxxxxxxxx@gmail.com
Subject: re:Don't pay attention to this email!
Date: Mon, 01 May 2006 14:40:55 +0100
X-Mailer: Microsoft Outlook, Build 10.0.2627
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--xxxxxxxxxxxxxxxxxxxxx"
X-Priority: 3
X-MSMail-Priority: Normal

----8335755536655359
Content-Type: text/plain;
Content-Transfer-Encoding: 7Bit

You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/

Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.

BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.

BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.

They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?

1. Using your computer to send spam ?
2. Using your computer to attack competitor websites?
3. Phishing through your files for your identity and banking information?

If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning...

----xxxxxxxxxxxxxxxx--

I was more worried about these spammers when they didn't care about Blue.

Now I know they are scared.

Once BlueSecurity gets over its slashdotting, check out their forums. Lots of angry rhetoric from spammers is posted there (http://community.bluesecurity.com/webx?14@780.8kU AaIRZk2e.54@.3c52c5a1)

For what its worth, I have about 30 protected email addresses at BlueFrog, and only the ones that were already getting spammed have been at all affected. Their extra spam is insignificant. They doubled my spam catch for a day. Feel me tremble.

I just got the following NDR email (which GMail flagged as spam, but I read anyway). Looks like the pissy spammer is using email addresses from his list in the From field, and generating false spam for BlueSecurity.

I have deleted contact information at the end, for the sanity of those involved.

Begin

Subject: FW:Automaticly send 1000s of DDOS complaints for each spam you recieve

The trackback URL for this blog entry is:
http://community.bluesecurity.com/

Bringing spammers to Their Knees:
Bluesecurity.com hopes you'll join thousands of others in an army capable
of crippling spammers' Web sites.

A few thousand spammers have ruined our internet. They've clogged our
mailboxes with filth. Already, 90% of email traffic is made up of
spam. Let us no longer blind ourselves to the irrefutable facts:
current measures have failed to stop spammers. The experience of the
past several years has proven that passive measures are just not the
answer.

Retribution is the only real answer to spam. We must punish spammers
ourselves to prevent them from taking over cyberspace. We must reclaim
our territory. We need direct action to eliminate spammers for good.

The magnitude of the task which lies before us is great. We are fighting
for the future of the Internet. What we need to do now is get as many
users as possible into our community. We already have a botnet with
hundreds of thousands of computers working together to induce commercial
loss on spammers and their ISPs. We have launched numerous
Denial-of-Service Attacks on Chinese spam networks with great success,
and plan many more!

We have excellent financiers who allow us continued success with our botnet
growth and Denial-of-Service Attacks. We thank the government agencies
involved
for their continued cooperation. We thank our leader, Eran Reshef,
for continued strategies of DoS attack operations. Also, US-based Rembrandt

Ventures & Skybox Security for their extensive funding & continued support.
And a
very special thanks to Douglas Schrier who has helped our botnet come to
life.

If you haven't signed up with the registry and installed a blue frog yet,
please sign up now.
If your friends have not yet joined us, we will convince them to do so.

Let's stop filtering spam and start eliminating spammers.
Together, we will reclaim the Internet, One ddos at a time.

Please Contact Us for any questions on signup via the following info:

address and phone deleted

Israel HQ: address and phone deleted

Current and potential investor relations:
Rembrandt Venture Partners address and phone deleted

Fight back spam! Join our Botnet today.
Download our .EXE here: http:/// www.bluesecurity.com/ blue-frog/

[Crap. Accidentally hit instead of ] > From: "BlueFrog member" > Date: May 2, 2006 5:19:45 AM MDT (CA) > To: > Subject: FW:Prevent spam, by participying is a DDOS attacks against > spam sites > > > The trackback URL for this blog entry is: > http://community.bluesecurity.com/ > > Bringing spammers to Their Knees: > Bluesecurity.com hopes you'll join thousands of others in an army > capable > of crippling spammers' Web sites. > > A few thousand spammers have ruined our internet. They've clogged our > mailboxes with filth. Already, 90% of email traffic is made up of > spam. Let us no longer blind ourselves to the irrefutable facts: > current measures have failed to stop spammers. The experience of the > past several years has proven that passive measures are just not the > answer. > > Retribution is the only real answer to spam. We must punish spammers > ourselves to prevent them from taking over cyberspace. We must reclaim > our territory. We need direct action to eliminate spammers for good. > > The magnitude of the task which lies before us is great. We are > fighting > for the future of the Internet. What we need to do now is get as many > users as possible into our community. We already have a botnet with > hundreds of thousands of computers working together to induce > commercial > loss on spammers and their ISPs. We have launched numerous > Denial-of-Service Attacks on Chinese spam networks with great success, > and plan many more! > > We have excellent financiers who allow us continued success with > our botnet > growth and Denial-of-Service Attacks. We thank the government agencies > involved > for their continued cooperation. We thank our leader, Eran Reshef, > for continued strategies of DoS attack operations. Also, US-based > Rembrandt > > Ventures & Skybox Security for their extensive funding & continued > support. > And a > very special thanks to Douglas Schrier who has helped our botnet > come to > life. > > If you haven't signed up with the registry and installed a blue > frog yet, > please sign up now. > If your friends have not yet joined us, we will convince them to do > so. > > Let's stop filtering spam and start eliminating spammers. > Together, we will reclaim the Internet, One ddos at a time. > > Please Contact Us for any questions on signup via the following info: [ Contact info deleted.] > > > ----- > Fight back spam! Join our Botnet today. > Download our .EXE here: http://www.bluesecurity.com/blue-frog/ >

[Crap. Accidentally hit instead of ] > From: "BlueFrog member" > Date: May 2, 2006 5:19:45 AM MDT (CA) > To: > Subject: FW:Prevent spam, by participying is a DDOS attacks against > spam sites > > > The trackback URL for this blog entry is: > http://community.bluesecurity.com/ > > Bringing spammers to Their Knees: > Bluesecurity.com hopes you'll join thousands of others in an army > capable > of crippling spammers' Web sites. > > A few thousand spammers have ruined our internet. They've clogged our > mailboxes with filth. Already, 90% of email traffic is made up of > spam. Let us no longer blind ourselves to the irrefutable facts: > current measures have failed to stop spammers. The experience of the > past several years has proven that passive measures are just not the > answer. > > Retribution is the only real answer to spam. We must punish spammers > ourselves to prevent them from taking over cyberspace. We must reclaim > our territory. We need direct action to eliminate spammers for good. > > The magnitude of the task which lies before us is great. We are > fighting > for the future of the Internet. What we need to do now is get as many > users as possible into our community. We already have a botnet with > hundreds of thousands of computers working together to induce > commercial > loss on spammers and their ISPs. We have launched numerous > Denial-of-Service Attacks on Chinese spam networks with great success, > and plan many more! > > We have excellent financiers who allow us continued success with > our botnet > growth and Denial-of-Service Attacks. We thank the government agencies > involved > for their continued cooperation. We thank our leader, Eran Reshef, > for continued strategies of DoS attack operations. Also, US-based > Rembrandt > > Ventures & Skybox Security for their extensive funding & continued > support. > And a > very special thanks to Douglas Schrier who has helped our botnet > come to > life. > > If you haven't signed up with the registry and installed a blue > frog yet, > please sign up now. > If your friends have not yet joined us, we will convince them to do > so. > > Let's stop filtering spam and start eliminating spammers. > Together, we will reclaim the Internet, One ddos at a time. > > Please Contact Us for any questions on signup via the following info: [ Contact info deleted.] > > > ----- > Fight back spam! Join our Botnet today. > Download our .EXE here: http://www.bluesecurity.com/blue-frog/ >

> From: "BlueFrog member" > Date: May 2, 2006 5:19:45 AM MDT (CA) > To: > Subject: FW:Prevent spam, by participying is a DDOS attacks against > spam sites > > > The trackback URL for this blog entry is: > http://community.bluesecurity.com/ > > Bringing spammers to Their Knees: > Bluesecurity.com hopes you'll join thousands of others in an army > capable > of crippling spammers' Web sites. > > A few thousand spammers have ruined our internet. They've clogged our > mailboxes with filth. Already, 90% of email traffic is made up of > spam. Let us no longer blind ourselves to the irrefutable facts: > current measures have failed to stop spammers. The experience of the > past several years has proven that passive measures are just not the > answer. > > Retribution is the only real answer to spam. We must punish spammers > ourselves to prevent them from taking over cyberspace. We must reclaim > our territory. We need direct action to eliminate spammers for good. > > The magnitude of the task which lies before us is great. We are > fighting > for the future of the Internet. What we need to do now is get as many > users as possible into our community. We already have a botnet with > hundreds of thousands of computers working together to induce > commercial > loss on spammers and their ISPs. We have launched numerous > Denial-of-Service Attacks on Chinese spam networks with great success, > and plan many more! > > We have excellent financiers who allow us continued success with > our botnet > growth and Denial-of-Service Attacks. We thank the government agencies > involved > for their continued cooperation. We thank our leader, Eran Reshef, > for continued strategies of DoS attack operations. Also, US-based > Rembrandt > > Ventures & Skybox Security for their extensive funding & continued > support. > And a > very special thanks to Douglas Schrier who has helped our botnet > come to > life. > > If you haven't signed up with the registry and installed a blue > frog yet, > please sign up now. > If your friends have not yet joined us, we will convince them to do > so. > > Let's stop filtering spam and start eliminating spammers. > Together, we will reclaim the Internet, One ddos at a time. > > Please Contact Us for any questions on signup via the following info: [ Contact info deleted.] > > > ----- > Fight back spam! Join our Botnet today. > Download our .EXE here: http://www.bluesecurity.com/blue-frog/ >

> From: "BlueFrog member" > Date: May 2, 2006 5:19:45 AM MDT (CA) > To: > Subject: FW:Prevent spam, by participying is a DDOS attacks against > spam sites > > > The trackback URL for this blog entry is: > http://community.bluesecurity.com/ > > Bringing spammers to Their Knees: > Bluesecurity.com hopes you'll join thousands of others in an army > capable > of crippling spammers' Web sites. > > A few thousand spammers have ruined our internet. They've clogged our > mailboxes with filth. Already, 90% of email traffic is made up of > spam. Let us no longer blind ourselves to the irrefutable facts: > current measures have failed to stop spammers. The experience of the > past several years has proven that passive measures are just not the > answer. > > Retribution is the only real answer to spam. We must punish spammers > ourselves to prevent them from taking over cyberspace. We must reclaim > our territory. We need direct action to eliminate spammers for good. > > The magnitude of the task which lies before us is great. We are > fighting > for the future of the Internet. What we need to do now is get as many > users as possible into our community. We already have a botnet with > hundreds of thousands of computers working together to induce > commercial > loss on spammers and their ISPs. We have launched numerous > Denial-of-Service Attacks on Chinese spam networks with great success, > and plan many more! > > We have excellent financiers who allow us continued success with > our botnet > growth and Denial-of-Service Attacks. We thank the government agencies > involved > for their continued cooperation. We thank our leader, Eran Reshef, > for continued strategies of DoS attack operations. Also, US-based > Rembrandt > > Ventures & Skybox Security for their extensive funding & continued > support. > And a > very special thanks to Douglas Schrier who has helped our botnet > come to > life. > > If you haven't signed up with the registry and installed a blue > frog yet, > please sign up now. > If your friends have not yet joined us, we will convince them to do > so. > > Let's stop filtering spam and start eliminating spammers. > Together, we will reclaim the Internet, One ddos at a time. > > Please Contact Us for any questions on signup via the following info: [ Contact info deleted.] > > > ----- > Fight back spam! Join our Botnet today. > Download our .EXE here: http://www.bluesecurity.com/blue-frog/ >

They have only hit one of my addresses. I had four messages yesterday. None today so the filter is working properly and learning well. I also notice that the spammers still do not send an actual working address which I can reply to, not do they offer any URL which can be visited. They do demand we go to http://www.bluesecurity.com/ to remove our name, then laugh about the site being down, then again demand we go to a site which they say is down and remove our name. My, what intelligence.

Blurry Hash

Blurry hash was developed by Blue Security to safeguard the content of the Registry from being jeopardized by malicious hackers. It is an evolution of traditional hashing methods that ensures that even brute force attacks are futile.

Traditional hashing solutions use one-way encryption methods that transform clear-text data into a pseudo-random bit sequence. For example, hashing each Do Not Intrude Registry entry transforms the e-mail address into a 128-bit string.

The idea behind Blue Security's blurry hash is simple. The process starts by using a standard hash function to calculate the 128-bit hash values of the e-mail addresses in the Registry. The output is then trimmed to a shorter sequence (e.g., 30-bits). A large number of random 30-bit values are then added to the list to create the Do Not Intrude Registry.

Blurry Hash mitigates the privacy risks associated with publishing the Registry;

        * Using addresses removed from the spammer's original mailing list.

            When a spammer notices that an e-mail address has been deleted from his list, he has no way of knowing if it was filtered because it was a legitimate user's e-mail address, a honeypot address or a random entry in the hashed Registry.
        * Dictionary Attacks

            A spammer may also attempt to uncover the registry's content using dictionary attacks. These attempts are worthless due to the random information in the Registry that ensures that some percentage of e-mail addresses enumerated by the spammer will match hashed registry entries, even though they are not actually listed in the Registry. Hence, a spammer will not be able to tell whether the matches are valid e-mails addresses.

I'm not on Blue Frog's list. This morning I got the note below. It's clearly a joe job; that is, sent by a spammer to discredit the Blue Frog people:

The trackback URL for this blog entry is:
http://community.bluesecurity.com/

Bringing spammers to Their Knees:
Bluesecurity.com hopes you'll join thousands of others in an army capable
of crippling spammers' Web sites.

A few thousand spammers have ruined our internet. They've clogged our
mailboxes with filth. Already, 90% of email traffic is made up of
spam. Let us no longer blind ourselves to the irrefutable facts:
current measures have failed to stop spammers. The experience of the
past several years has proven that passive measures are just not the
answer.

Retribution is the only real answer to spam. We must punish spammers
ourselves to prevent them from taking over cyberspace. We must reclaim
our territory. We need direct action to eliminate spammers for good.

The magnitude of the task which lies before us is great. We are fighting
for the future of the Internet. What we need to do now is get as many
users as possible into our community. We already have a botnet with
hundreds of thousands of computers working together to induce commercial
loss on spammers and their ISPs. We have launched numerous
Denial-of-Service Attacks on Chinese spam networks with great success,
and plan many more!

We have excellent financiers who allow us continued success with our botnet
growth and Denial-of-Service Attacks. We thank the government agencies
involved
for their continued cooperation. We thank our leader, Eran Reshef,
for continued strategies of DoS attack operations. Also, US-based Rembrandt

Ventures & Skybox Security for their extensive funding & continued support.
And a
very special thanks to Douglas Schrier who has helped our botnet come to
life.

If you haven't signed up with the registry and installed a blue frog yet,
please sign up now.
If your friends have not yet joined us, we will convince them to do so.

Let's stop filtering spam and start eliminating spammers.
Together, we will reclaim the Internet, One ddos at a time.

Please Contact Us for any questions on signup via the following info:

2077 Gateway Place, Suite 550
San Jose, California 95110 USA
Phone: 866-6SKYBOX
Phone: 408 441 8060
Fax: 408 441 8068

Israel HQ:
60 Medinat Hayehudim St.
P.O.Box 4109
Herzliya Pituach 46140 Israel
Phone: +972-9-9545922

Current and potential investor relations:
Rembrandt Venture Partners
2200 Sand Hill Road, Suite 160
Menlo Park, CA 94025

T: 650.326.7070
F: 650.326.3780

-----
Fight back spam! Join our Botnet today.
Download our .EXE here: http://www.bluesecurity.com/blue-frog/

I'm not on Blue Frog's list. This morning I got the note below. It's clearly a joe job; that is, sent by a spammer to discredit the Blue Frog people:

The trackback URL for this blog entry is:
http://community.bluesecurity.com/

Bringing spammers to Their Knees:
Bluesecurity.com hopes you'll join thousands of others in an army capable
of crippling spammers' Web sites.

A few thousand spammers have ruined our internet. They've clogged our
mailboxes with filth. Already, 90% of email traffic is made up of
spam. Let us no longer blind ourselves to the irrefutable facts:
current measures have failed to stop spammers. The experience of the
past several years has proven that passive measures are just not the
answer.

Retribution is the only real answer to spam. We must punish spammers
ourselves to prevent them from taking over cyberspace. We must reclaim
our territory. We need direct action to eliminate spammers for good.

The magnitude of the task which lies before us is great. We are fighting
for the future of the Internet. What we need to do now is get as many
users as possible into our community. We already have a botnet with
hundreds of thousands of computers working together to induce commercial
loss on spammers and their ISPs. We have launched numerous
Denial-of-Service Attacks on Chinese spam networks with great success,
and plan many more!

We have excellent financiers who allow us continued success with our botnet
growth and Denial-of-Service Attacks. We thank the government agencies
involved
for their continued cooperation. We thank our leader, Eran Reshef,
for continued strategies of DoS attack operations. Also, US-based Rembrandt

Ventures & Skybox Security for their extensive funding & continued support.
And a
very special thanks to Douglas Schrier who has helped our botnet come to
life.

If you haven't signed up with the registry and installed a blue frog yet,
please sign up now.
If your friends have not yet joined us, we will convince them to do so.

Let's stop filtering spam and start eliminating spammers.
Together, we will reclaim the Internet, One ddos at a time.

Please Contact Us for any questions on signup via the following info:

2077 Gateway Place, Suite 550
San Jose, California 95110 USA
Phone: 866-6SKYBOX
Phone: 408 441 8060
Fax: 408 441 8068

Israel HQ:
60 Medinat Hayehudim St.
P.O.Box 4109
Herzliya Pituach 46140 Israel
Phone: +972-9-9545922

Current and potential investor relations:
Rembrandt Venture Partners
2200 Sand Hill Road, Suite 160
Menlo Park, CA 94025

T: 650.326.7070
F: 650.326.3780

-----
Fight back spam! Join our Botnet today.
Download our .EXE here: http://www.bluesecurity.com/blue-frog/

Here's the dld link:
http://download.bluesecurity.com/ds/generic/BlueFr ogSetup.exe

Yep, you can download the tool yourself and try it: http://download.bluesecurity.com/registry/linux/rc t-1.3.3.1041.i386.tar.gz

rct --use-wget

Put a bunch of email addresses in the source file, and dest will be your clean list.

Scanning emails records in email addresses file...
100% file complete, 100% total complete

Success:
addresses.txt: OK, processed 6 addresses, 3 protected addresses found
Done.
Output file clean.txt created (Scanned 6 records, found 3 protected addresses)

The files are easily diffed to expose the registered addresses. Also remember that bluesecurity allows users to register a full domain to be protected. It will allow every address within the domain to be excluded (or in the spammers case, included if they are doing a diff).

What many spammers already understand, including the criminal who is now threathening Blue Security's users and trying to DDoS their website, is that this is a new era in the fight against spam - and for the first time, spammers know they are losing the fight.

This is not just another passive mesure tryig to keep spam away; Blue Security's solution undermines the economy spammers rely on, the economy that motivates them to send billions of unsolicited messages. They know they will have to adapt to this new reality - some will comply now (Blue Security claims top spammers already comply) and others will try to put up a fight before understanding they have no other choice but to stop spamming the users that are willing to stand up for their rights and do something to fight spam.

I call all Internet users with any sense of responsibility for the future of the Internet to join the ranks of the Blue Community and make sure that spammers realize that common sense and justice will prevail.

Blue Frog can be downloaded from Blue Security's site or from major download sites such as download.com.

Do the right thing - join the fight now!

-- A proud member of the Blue Community

http://www.bluesecurity.com/register
http://download.bluesecurity.com/BlueFrog
http://www.download.com/Blue-Frog/3000-2092_4-1052 7188.html (download.com)

What many spammers already understand, including the criminal who is now threathening Blue Security's users and trying to DDoS their website, is that this is a new era in the fight against spam - and for the first time, spammers know they are losing the fight.

This is not just another passive mesure tryig to keep spam away; Blue Security's solution undermines the economy spammers rely on, the economy that motivates them to send billions of unsolicited messages. They know they will have to adapt to this new reality - some will comply now (Blue Security claims top spammers already comply) and others will try to put up a fight before understanding they have no other choice but to stop spamming the users that are willing to stand up for their rights and do something to fight spam.

I call all Internet users with any sense of responsibility for the future of the Internet to join the ranks of the Blue Community and make sure that spammers realize that common sense and justice will prevail.

Blue Frog can be downloaded from Blue Security's site or from major download sites such as download.com.

Do the right thing - join the fight now!

-- A proud member of the Blue Community

http://www.bluesecurity.com/register
http://download.bluesecurity.com/BlueFrog
http://www.download.com/Blue-Frog/3000-2092_4-1052 7188.html (download.com)

here

This is going to end up working like a giant marketing campaign for blue security once the spammers fail miserably. Sending more spam to people who are already using BlueFrog is going to backfire because BlueFrog works. Publishing the list blue security subscribers isn't going to do any good since they all have BlueFrog, and will just push the little "Report New Messages In Spam Folder" button. Then, having shown that BlueFrog works, and having foiled the spammers, more people will sign up. Also, the blue security website is still up. check it

This was sent out on an anti-spam list this morning:

http://www.bluesecurity.com/Announcements/spam.asp

"A major spammer had started spamming our members with discouraging
messages in an attempt to demoralize our community. This spammer is
using mailing lists he already owns that may contain addresses of
some community members.

"We have also received complaints from users about spam allegedly
sent from Blue Security promoting our anti-spam solution and our web
site. This is yet another tactic used by some spammers in an attempt
to slander us by sending unsolicited email forged to appear as if it
was sent from Blue Security. Blue Security is an anti-spam company
determined to fight spam and as such never has and never will send
unsolicited email.

"Our answer to those criminals should be one - we will not be
discouraged; We will continue to exercise our right to opt-out of
spam.

As many spammers choose to comply with the Registry (see our recent blog posts here, here and here), other spammers may resort to other means in an attempt to avoid compliance.

A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.

We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.

Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.

If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.

If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.

We regret any inconvenience caused by this incident.

Best Regards,

Blue Security.

As many spammers choose to comply with the Registry (see our recent blog posts here, here and here), other spammers may resort to other means in an attempt to avoid compliance.

A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.

We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.

Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.

If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.

If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.

We regret any inconvenience caused by this incident.

Best Regards,

Blue Security.

As many spammers choose to comply with the Registry (see our recent blog posts here, here and here), other spammers may resort to other means in an attempt to avoid compliance.

A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.

We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.

Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.

If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.

If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.

We regret any inconvenience caused by this incident.

Best Regards,

Blue Security.

As many spammers choose to comply with the Registry (see our recent blog posts here, here and here), other spammers may resort to other means in an attempt to avoid compliance.

A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.

We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.

Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.

If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.

If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.

We regret any inconvenience caused by this incident.

Best Regards,

Blue Security.

Below is an email that I received, which pretty much confirms that they have been hacked.

----

You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/

Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.

BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.

BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.

They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?

1. Using your computer to send spam ?
2. Using your computer to attack competitor websites?
3. Phishing through your files for your identity and banking information?

If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning...

To me the easiest/most effective way to fight spam is not fighting the people who send spam, but the companies who employ spammers... (no more false positive/negative blocks)
http://www.bluesecurity.com/ claims to be working like that...

I recommend these programs to all my co-workers, friends and family.
BlueFrog - Fight spam with the Blue Community
DefilerPak - Video/Audio Codec Pak
FireFox - IE replacement
Foobar2000 - Audio Player
MyUninstaller - ADD/Remove Programs alternative
Nero - CD/DVD burning software
NOD32 - Very fast and accurate Virus Scanner
Thunderbird - Outlook Express Replacement
Treewalk DNS - Local caching DNS
Trillian - Many IM Clients in One
UltraEdit32 - Best Windows Text Editor (check out column mode)
UltraMon - If you multiple monitors this program is great
Zoomplayer - DVD/Media player

Personally, I still have my first email address from circa 1997. I have used it for a number of years on forms and I am sure that a google search would find numerous listings.

Right now I get approxamtely 10-15 spam messages a day. That is without any sort of blocking and is on the high end of what I generally get.

Surprisingly the majority of spam actually goes away if you unsubscribe from it at the bottom. I used to get 1500-2000 spam messages a week until I started unsubscribing.

I am currently trying out http://www.bluesecurity.com/ to see if that improves things even further.

Crashes for me too on Fedora with Firefox 1.0.6. It's not a kernel/linux error. It's firefox. I can reproduce the same behavior on my Powerbook with 1.0.6. I filed a bug (Bug 304731) yesterday on this because it was crashing on another link from a slashdot posting yesterday as well (http://bluesecurity.com/community/gallery.asp). However, they closed the bug because the crash doesn't occur in Deer Park (next version of Firefox).

Best,
Arash

On this web page, which was the first one cited in the original story, they say that the spammer's registrar changed its policies at the time Blue Security did their organized complaining. This surely was not a complaint, but I don't see anything in Blue Security's actions that would give the registrar an incentive to change behavior. Does anyone know why the registrar changed their policy?

Three cheers for them and where can I sign up?

http://www.bluesecurity.com/

Personally, I am all for it.

Blue Security

Since no links were given nor in the slashdot article nor in the one linked, here are they:

Company's website:
http://www.bluesecurity.com/

Public beta of the anti-spam stuff:
https://members.bluesecurity.com/cwa/register_form .do?from=corporate

Since no links were given nor in the slashdot article nor in the one linked, here are they:

Company's website:
http://www.bluesecurity.com/

Public beta of the anti-spam stuff:
https://members.bluesecurity.com/cwa/register_form .do?from=corporate

In a blog entry [June 20, 2005], Blue Security representatives responded to the DDoS issue. Apparently the company has decided to drop its technique of forwarding every spam and multiplying the reply rate. Instead, only one complaint per spam is generated. They also said that the responses are staggered to minimize the possibility of a DDoS attack from Blue Frog's network.

Blue Frog clients do not arbitrarily perform DDoS on spam sites. They complain about specific spam messages received in mailboxes belonging to our users. Our users exercise their right to complain about the spam they receive. They are merely responding to invitations to the spammer's website.

The Blue Frog enters the site and sends a complaint just as a user would do manually. It does not consume more resources from the site or from its ISP than a user could do manually. Many users have tried sending complaint to spammers at some point requesting to unsubscribe. We merely allow the users to do it in a safe and automated manner.

Our goal is to force spammers to comply with the Do-Not-Intrude Registry - to clean out our users' addresses from their mailing lists. When they do so, they will not receive even one single complaint from community members.

We perform thorough manual (human) validation on the spam messages we act upon, to prevent Joe Jobs and to make sure we minimize any possible impact on third parties.

Guy Rosen
Blue Security, Director of Operations
http://www.bluesecurity.com/

The CNet article does not mention any sites that are vulnerable to registration attacks and password reminder attacks by name. The study http://www.bluesecurity.com/the_blue_zone/2005/05/ hostile_consume.html that sparked this article does not mention any sites either. I found only one article http://www.businessweek.com/magazine/content/05_23 /b3936026_mz006.htm/ that does name vulnerable sites, including Victoria's Secret, Amazon.com and L.L. Bean. I checked them out, and indeed those sites are vulnerable.

Perhaps someone from these sites is willing to confirm (or deny) that there were actual attacks? Are there any other web masters or users that have some clear evidence of actual exploits?

Also, the Blue Security's original paper claims most ISPs and Web Email Providers leak their users' email addresses. Has anyone seen some examples of vulnerable sites? I was unable to find any specific examples in the press. It looks like Gmail is not vulnerable, but I did not check other email providers.

Blue Security have published another interesting article lately about how spammers are using P2P networks to harvest email addresses.
They claim to have developed a new approach to dealing with spam and say that filters just don't cut it anymore.

Blue Security have published another interesting article lately about how spammers are using P2P networks to harvest email addresses.
They claim to have developed a new approach to dealing with spam and say that filters just don't cut it anymore.

Blue Security have published another interesting article lately about how spammers are using P2P networks to harvest email addresses.
They claim to have developed a new approach to dealing with spam and say that filters just don't cut it anymore.

Anyone know what the writers of the report are up to? Their site has a few more research papers and some teasers, but otherwise it's lacking in details. Is anyone familiar with what they do?