Slashdot Mirror
Spammer Pleads Guilty
Rick Zeman writes: "A spammer faces up to seven years in jail after pleading guilty to "computer hijacking." " He apparently hijacked a mail server, and used it
to send millions of forged email to make it come from IBM domains. He's pleaded guilty to forgery and I hope he gets all 7 years. But
then again, I also wish someone would get 7 years every time they mail
me a credit card offer, or call me and ask me to change my long distance service.
No, you are living in ignorance. Hacking and cracking are the same thing, but this dumb "cracking" word was invented later. Check the Jargon File, sense 8:
Note the word 'deprecated'. ESR may have decided to deprecate this sense of the word, but I have not, and I don't recognize his authority to do so. That was a political move, not a factual move.
--
Sometimes it's best to just let stupid people be stupid.
Because it's theft. I don't like being stolen from.
But not just because it's theft. The real fight is how we preserve email as a useful communications medium.
> Add to that the fact that I can block senders,[ ... ]
And how much of your time do you spend doing this, when you could be doing other things? You say you've never had more than 10 a week. Before I started reading headers, I was up to 10 a day. And I'm on the light side. Others I know were in the hundreds per day.
Consider this - if we give Jay Garon net.access in prison, and only 1% of legitimate small businesses (ignoring the MMFools and pr0n-hawkers and snake-oil "pharmacists") in the US spam Jay Garon once a year. Jay will have to "just hit delete" 240,000 times a year. That's 657 a day.
As punishment, I think Jay Garon should have to reply to an email from the warden, three times a day, to get his meals served. Failure to answer the mail within an hour results in no meal service.
Now how long do you think it would be before Jay starved to death, "just hitting delete"?
> Now I just delete and forget.
I used to delete spam. Now I delete spammers.
Speaking of whom... hey Garon, seen any sexy babes lately? How's Premier Financial?
The wheels of justice grind slowly - Garon's spamhaus dates back to early 1999 - but they grind extremely fine. I'm gonna eat an 8-oz filet mignon tonight. I'm sure Jay will be eating meat soon too, but of a different sort.
Buh-bye, Jay. You might as well let the door hit you in the ass on the way out. A little tenderizing might make it easier on ya when Bubba comes a knockin'.
- He's pleaded guilty to forgery and I hope he gets all 7 years. But then again, I
also wish someone would get 7 years every time they mail me a credit card offer, or call me
and ask me to change my long distance service.
you gotta be joking... you think SEVENS years of real prison time is adequate for faking emails?!?!sure the guy has to pay a big monetary fine, but this isn't in the league an assault, burglary, rape or kidnapping
spamming is not a violent crime.
______________________________________________
sigamajig...
I should have figured it out using your wage, that would have been much more funny.
I love the smell of Karma in the morning
Mail servers are wonderful devices - they can automatically copy a single message to multiple recipients regardless of how many recipients you specify. Imagine if your local post office offered the service of copying your letter to hundreds of thousands of recipients for free.
Even a server that limits the number of RCPT TO commands per message to, say twenty-five, can still be forced to send out twenty-five times the amount of garbage as is coming from that little dial-up. Even if this was only AOL recipients, which I doubt highly, as even mail servers are smart enough to use multiple RCPT TO commands for the same domain.
Let's not forget the really 'modern' spamware disguised as CGI scripts running on multiple web servers, complete with their own lists of known open mail servers and e-mail address lists. You have the makings of a DDOS if you got into enough web servers.
Use Evolution instead of Outlook? Bewa
In the old days it was a big insult to call someone 'a horse thief'.
Imagine trying to implement a reliable security scheme to protect horses from theft.
Horses are easy to steal/hard to secure. They provide their own get away vehicle, and even identification/proof of ownership can be unreliable. (Branding is write once, read many)
The result was that punishment for horse theft was DEATH or worse.
The punishment isn't only based on the value of the thing stolen, but also on the consequences to society if the type of behavior continues...
It is because Spamming is so easy to do and easy to get away with/hard to prosecute that the punishment should be harsher than other crimes.
The punishment is supposed to fit the crime, and I can't agree that it would take 7 years to straighten this guy out. Inprisonment is not to be taken lightly. What would this guy learn in 7 years that he would not learn in 5? 3?
---
Ben Garvey
Ben Garvey
"Life is too short to get on the good rides"
Maybe he pissed off some geeks to the point that the got off their fat asses and got some sunshine. He should be rewarded. These are JUST STUPID LITTLE BOXES.
Spam is more than just a small nuisance. I don't know how anyone would defend that practice. Spam in all forms, email, snail, phone -- it's a constant grating deluge of noise that costs time and effort to deal with. If that's not already the case, imagine if your phone was ringing every five minutes with prerecorded commercial messages and a quickie radio ad disclaimer voice near the end of the tape with 'removal instructions' involving dialing a 900 number to get taken off the list that you never wanted to be on in the first place. This is exactly how spam email works! Your channel of communication is cluttered by ruthless mail bombers and it becomes YOUR chore to tidy up the mess and extract the trickle of signal from all the noise. How is this reasonable? It's just as unreasonable that US postal service permits their system to violate our mailboxes with junk mail that threatens important signal (bills, personal communication) from being drowned in noise (spam, junk mail). Is this reasonable? I think not. Also, usenet has been reduced from a once healthy and significant forum for the exchange of ideas to little more than a shooting range where those foolish enough to post a message without cautious stealth and cloak and dagger games, will be BLASTED out of the sky with spammers culling email addresses from the forum. This is a detriment to free public communication. It should be possible to post your email address and only have those with a legit reason to contact you, use it. The honor system is obviously a joke these days, so let's have the law help us get rid of these unsavory scammers and spammers ruining the net. Hang all spammers! Hang em good.
Make him ride the Lightning...
A computer hacker? He'll be sent to min security prison and I'm sure he won't get much sex action.
Prison is just like the rest of society. They don't let white collars mingle with the lower classes.
http://overwhelmed.org
Since there was no death involved with the spamming or compromising of systems in this case. I'd leave guns and tractor deaths out of all analogies. Especially since I think that if you leave your door unlocked and a child get's a hold of your gun, the gun owner might just be in trouble.
That all asside, if you left your door unlocked, and I went inside your house with no intention of commiting a crime, say to sleep, would I be committing a crime? Not in some states, believe it or not!
I wonder if I go in to your house and use your desk and mailbox to send out hundreds of adds, is that a crime? Perhaps.
Certainly not a crime that gives us the right to put the criminal in prison for 7 years, especially if the criminal did not harm anyone. (Monetary damages asside, which should be paid by the criminal.)
ok ok, my $0.03
--Fac Iustum Nec Time-- --Veritas Prevalibit--
but all responsible gun nuts^H^H^H^H users^H^H^H^H^H^H owners have a locked gun cabinet - like the blasting caps.
"don't fall into the fallacy of believing that Perl can solve social problems. Maybe Perl 6 can, but that's a ways off"
Ok, so he used IBM to do it, and the /. crowd falls over itself talking about how bad that was. Now what if he had used a M$ server to do it? Just curious...
People replying to my sig annoy me. That's why I change it all the time.
It's also abouot deterrents, and cash penalties have proven so far to be of limited effect against spammers.
If only spamming could be used for good instead of evil. Perhaps submitting something like majordomo@www.goatse.cx to a spambot. =)
Inheritance is the sincerest form of nepotism.
Stop insulting prison bitches. Spammer ass is worth maybe one drag on a cigarette. Barely a full cig. Sure as hell not a pack :-)
all spam all the time...
Seven years might no be harsh for the IBM case, but that involves forgery, a very serious crime. Spamming should not be a felony, but a misdemeanor, punishable by fines. Lots of ISPs already do this.
What really gets me is that the same people who are calling for the book to be thrown at this guy were the same people who said that Kevin Mitnick was getting the raw end of the stick.
The fact is, spamming may be a looser profession, but nobody got hurt, and I am sure that the costs to IBM were minimal.
That would be considered animal abuse, I think...that's worse than a death penalty, IMHO.
People replying to my sig annoy me. That's why I change it all the time.
Comment removed based on user account deletion
It's the difference between finding a back of US mail & returning it to the Post Office, or filling it with postage-due credit card scams.
s/back/bag/
Seriously, isn't what the Spammer did much worse than what Metnick did?
How could it be any worse than stealing someone's cell phone service?? I am sick of hearing that Kevin did nothing wrong. I am sure you would feel different if he "duped" YOUR cell phone and was making calls on YOUR dime. Or if he hacked into your system and decided to take personal copies of anything that looked important.
I by no means advocate spam -- I personally wish they would coral all the spammers, telemarketers, people who think it is fun to port scan me and try to break into my system, and other con man and thugs --- and put them all in line to boost George Dubbya's numbers in Texas.
(+1 Funny) only if I laugh out loud.
Why does everyone get so damn pissed off at spam?
I can't post to USENET with an e-mail address that I actually use (I did once, and I'm paying for it now).
I can't read much of USENET with the S/N ratio being as low as it is.
Those are my two main gripes.
--
This kind of crap -- "hijacking", they call it -- wouldn't be possible if sysadmins would LEARN how to SECURE their mailservers!!!
Or if they must run third party relays (e.g. to cope with crippled software.) They make sure that their machine adds IP address, reverse DNS, identd to the headers and has an accurate clock.
Anyway with just about any modern piece of software you explicitally need to set it up to act as a relay in the first place.
make him eat SPAM every day for 7 years.
That would be a deterent.
That's the whole point. It is a non-issue with me because I sheild myself behind a hotmail account. I find it much easier to sift through spam when there are almost no useful messages in the box. As such it takes such a small amount of my time that I can't even be bothered getting upset at it. In fact, I find some of the spam so lame it makes me laugh, and we all know the world could use more laughter.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
Whenever I get unsolicited phone calls, I always ask them to put me on the do-not-call list, which they are required to do by law. I figure that over time my name will be on fewer and fewer lists, or at the very least the number of lists I'm on will remain relatively constant over time and not increase. (After all, I am constantly filling out my info on the web, so I partly bring it on myself.)
:-)
NY state has initiated a statewide do-not-call list that any resident can sign up for. Beginning next April, telemarketers will be required by law to use this list before they start calling our homes. Why not have a similar list for spam? No guarantee they'll all follow it, but at least there would be legal recourse should you find yourself inundated with junk mail. Of course, if this list were global it could grow to be absolutely huge, but then again it's just text, right? How bad could it be?
Was that out loud?
No way this guy does 7 years for this; he'll be out in 6 months.
That fuckhead spammer is going to look like the ``starring attraction'' at goatse.cx. I think millions of mail system administrators and mail users everywhere have just been avenged...
Note that this is supposed to be an in-joke for those that have already inadvertantly been to goatse.cx, I don't advocate going for those of you whose eyes are untarnished. You Have Been Warned.
--
News for Geeks in Austin, TX
The phone spammers have to take you off their list if you ask; if you ask, and they call again in a certain time period (one year?) they are liable for $500 per call. (IIRC)
As for credit card offers; just call the three credit reporting bureaus and ask to be taken off of *their* lists.
He actually passed his guilty plea to the judge in the form of a chain letter:
Please e-mail this plea to 5 people in the courtroom, who will then in turn e-mail it to 5 more people...
Failure to do so will result in the death of your immediate family, increase of Oracle pricing for your employer, and the installation of RedHat 7 on your C++ development machine.
Thank you.
You're apparently missing the point. Let me clarify: Reality #1: There will always be idiots on the Internet (everywhere for that matter, but we have to limit the scope here). Reality #2: In the absence of deterrents, a criminal element will take advantage of free resources to send fraud and garbage (i.e. spam). How do you go about fixing this situation: -Eliminate idiots on the net? impossible, how could you begin to create that filter? -Eliminate open relays on the net? impossible, no way to search/justify filters. MAPS does a good job...but it doesn't do a damn thing to the throw-away dial-up account user -Penalize open relays on the net? not likely, how could you justify a fine? This isn't exactly a gun-locks-in-the-presence-of-small-children issue -Penalize spamming? difficult...but at least more relevant. In the absence of deterrents... I find it shocking that some of you are "defending" this spammer. White hat hacking comparisons? You're way off base here. This isn't ethical, it isn't honorable, and certainly shouldn't be looked at with a tolerant attitude. Seven years in jail or a public stoning...I don't really care which. Set an example with a few and perhaps the rest of them will go back to stealing our money in other ways. /g
While I'm happy there are laws against this sort of obnoxious behaviour, I'm sickened that someone will go to prison for this and that so many of you (CmdrTaco included) would take that punishment so lightly. Fines, probation, community service, etc. are all acceptable for this sort of offense. Prison should be reserved for truly dangerous criminals.
Wil
--
Wil
wiki
--
send all spam to theotherwhitemeat@ropine.com
--
--
Mod up a post Rob doesn't like and you'll never mod again
>This is evidence of a judicial system that is
>more about revenge than correction
You're mislead. It is not about revenge. It is about PREVENTION.
If murderers are just "corrected" without lowering their overall happiness, hell sure many more people will get killed everyday.
There are basically two ways to induce incentive for people so that they won't commit crimes:
1. prize for being good - it would vastly be uneconomical. And you should be good only to get something in return?
2. punishment - it is the present system. Heck. If I want to stay out of jail, I'd better be good. Also, correction comes as a nice *SIDE-EFFECT* when criminal serve their years.
"the system is about correction" is bull. Show me how you can make correction on some dedicated criminals without making them suffer, either monetarily, physically or mentally.
+4 insightful? Are you all RETARDED? I mean...COME ON! This is clearly a load of Utopian garbage. Allow me to educate you imbiciles: Human beings are inherently corrupt. Human beings are not perfect. Am I wrong? No. So keep that in mind. That's why ideas like Communism do not work. Yet there are many who have yet to learn this lesson. Amazing. Simply amazing.
--
Daniel J. Kelly
Many years ago I worked out a simple way of preventing spam. AFAICT, it'll still work. It's dead simple:
Only allow one message to be sent per second, per client, by each mail server.
To individual users, this is no hardship. (My mailer takes longer than that just to do its housekeeping.) Mailing lists will, of course, need special treatment, but they should be on special mail servers anyway.
But this would be the kiss of death to spammers. Now they can only send 60 messages per minute, 3600 per hour! Now it'll take them just under two weeks of continuous connect time to send a million messages. It's now not worth the effort to do it.
The changes to the mail servers should be pretty simple, too. There'd be a bit of extra overhead, but not much. You'd have to keep track of who connected in the last second to prevent people connecting, sending one message, disconnecting, reconnecting, sending another message, etc.
Any ideas if there's anyone I could suggest this to to find out if it's actually workable? (Other than here?)
If people don't fight spam, it will get worse. If Coca-Cola, the Gap, and McDonald's figured that everyone had finally accepted spam, we'd get buried under thousands of messages a day and E-mail would be useless.
Spam costs basically nothing to send. There is no cure for it other than to fight every single message and make sure the marketing weenies keep thinking it's sleezy and unacceptable (and believe me, that's a hard sell for most of them).
"By leaving the port for some service open to the public you have in effect issued an invitation. Placing a public resource in a public place and being surprised when it is used by the public is stupid."
What you left out of that statement is "used properly". If you have port 80 open then you can reasonably expect people to connect using a web browser. This would be similar to knocking on the door. If they try to hack through port 80 it would be similar to someone turning the door handle and entering the house. That's wrong. The fact that the door/port 80 is there invites proper access, not breaking and entering.
Again, the breaking and entering should be a punishable crime.
Steve
Make him perform some community service for 7 years like having him be the focal point to send "drop me from my list" emails for everyone. Have him be the one that tracks other spammers and makes them remove people from their list. This way I don't have to cut and paste the "reply to be removed from the list" email address (which I don't think they do even though they have to by law) into another email. Just forward all spam to him and he will deal with it!
The word "hacker" predated computers by decades. It meant someone who who did "quick and dirty" work with no regard to quality. In the building trades, a contracter who works quick and dirty is called a "hack". A general contracter who is behind budget will tell his foreman to "go get a hacker". Or consider the hack writer. He wants to write the next great novel, but he has to feed his family so he hacks out romances.
Does this meaning fit today's computer hackers and "crackers"? Scary, ain't it?
A Government Is a Body of People, Usually Notably Ungoverned
There is no such thing as 'ethical' hacking.
You say that spamming is the same thing as forging someone's signature on a check. I'll accept that for the purposes of this argument.
What would constitute 'ethical' check fraud? If I paid my neighbor's water bill by writing and signing one of her checks, would that be 'ethical'? The fact that I performed a service for my neighbor does not make my forging of her signature legal.
Since 'ethics' are an abstract concept, it is difficult or impossible to make policy based on someone behaving 'ethically'. Who decides that spam is unethical and passively hacking is ok? You? My isp? The gov't?
Conformity is the jailer of freedom and enemy of growth. -JFK
Not even Mitnick got half of it. I think the guy needs another correctional measure. To write 1000 time "I'm sorry" and be kept in jail until he writes up 2,5 million times the stuff... That's a good punishment for a spammer.
Hey if he will write 1000 "I'm sorries" a day, that will mean 7 years... Oh damn...
7 years in prison does seem a bit harsh. On the other hand
"I had to pay $50 and pick up the garbage."
sounds a bit light.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
What???
So my neighbor comes in a borrows some sugar from me. What about my neighbors neighbor? And so on and so forth?
What if I only have 1 cup of sugar left, was planning on baking my own cookies that same day, and my neighbor borrows it? Now I have to go to the store and buy my own...AGAIN.
Do I make a list of things my neighbor can and cannot take? If so, then what is the point of leaving my house open? I don't want my neighbor to take just anything.
And lastly, what about privacy? I certainly don't want my neighbor coming in to get sugar for her baking at 3am, when I'm hacking naked, or in the shower, or sleeping or whatever.
I can't believe this got modded up....
Lerxst
He should be drawn and quartered instead. I'd pay to see that. I just bitched out Circuit City for spamming (we went to buy a printer once and the salesman was talking to a supervisor. Both of them looked over and saw my wife and I standing there obviously waiting for help, then walked off together. We went across the street to Best Buy. If CC didn't need my money then, they sure as fuck don't need it now), and also EBay ("eBay sent this e-mail to you because your Notification Preferences indicate that you want to receive information about Special Promotions, Offers and Events"...er, no, it was still set to "no" when I double-checked. Fuck you, EBay).
OK, the drawn and quartered thing was tongue-in-cheek. What the judge should have done was to make this piece of shit pay restitution to every single person he spammed and every single person on the system he stole resources from. Even at, say, 10 cents per person, this ass would be in debt for a very long time.
-Legion
>heady enjoyment of corrupting spammers'
>databases
Yeah. Damaging their databases unknowingly. Go to their site, manually edit the cookies. Let them retrieve them and corrupt their databases by their own hands.
If there's a software that does this for you. I'll pay for it.
Now is there any?
I think 7 years is a slap on the wrist for this piece of filth and any other dungbeetles like him. It is not just the annoyance factor of being pestered by some strange putz you do not know trying to convince you they are the better rip-off.
This sort of spam goes beyond just forgery, he was _stealing_ resources. Stealing processor time, memory, connection, bandwidth, diskspace, etc. On top of this add the cherry of unsolicited garbage going out to countless addresses wasting resources everywhere their emails travel. Not to mention the obvious that he had to have hacked the server where he was performing his mass acts of theft and waste. Personally, I hate getting anything I did not request including those ads and coupons in the mail but spam just plain infuriates me. I don't pay to access the internet to have to waste my time and resources not matter how big or small getting rid of crap I never wanted even the slightest to do with in the first place.
IMHO:
He should have the inner cavity of his leg bones hollowed out with a powerdrill using a rather large drill bit, his nails pulled off and then using a sledgehammer pulp his fingertips, his eyes should be exploded by sticking a hot soldering iron in his eyeballs to turn the inner eye fluid into steam, and then for every spammail he was responsible for he should have an 1/8 inch square of flesh torn off his body...then this child's play should stop and he should be tortured horribly.
-1 Overrated (Too many big words for me to comprehend)
This to me seems like a reasonable comparison. How much time would a person serve for this? They would be fined and serve some time, but not 7 years in prison!
I think those who are voting for prison time in this case should go visit a prison. PRISON SUCKS HARD. This is a place for our toughest criminals. It should be reserved for criminals that have intentionally harmed people with physical and mental brutality.
Prison certainly is not a place for drug users, people who evade taxes, or computer criminals who have not harmed others, execpt in a monetary fasion.
There are better punishments for these crimes.
More than my $0.02
--Fac Iustum Nec Time-- --Veritas Prevalibit--
I think he should at least get fined, and possibly minimal jail time. I mean, think about it, he committed a relatively harmless crime, and he should be punished for it, but 7 years of jail time will seriously damage this person.
Anyone who thinks 7 years in jail is a fitting punishment has a screw loose. Do you realize what 7 years in prison will do to someone? 1 month - 1 year is a deterrent, 7 years will make this guy bitter and angry, and likely to commit some more serious(violent) crimes when he gets out.
Sticking feathers up your butt does not make you a chicken - Tyler Durden
I hate spam. Send the bastard to jail.
E-mail & postal mail spammers and telephone solicitors should all be PUT TO DEATH. There is nothing more obnoxious, nothing more wasteful of everyone else's time and resources, than having to receive and dispose of unsolicited advertisements.
Telemarketing should be a federal crime punishable by death. Some of you claim it's merely annoying, not harmful, but you're wrong. Telemarketing increases the load on the already over-burdened phone networks, raising local and long distance service rates for everyone else, so in effect we are all paying for it. Telemarketing saps the performance and availability out of the phone networks, and it can also often times be life-threateningly dangerous, such as those telemarketed automated messages that refuse to disconnect even when you hang the phone up for a good 30 seconds and pick it up again, totally blocking your ability to make outgoing calls at that moment.
E-mail spamming should be a federal crime punishable by death. This is regardless of whether the spammer hijacked a server or used their own--they are still burdening down the public infrastructure of the net with all their crap either way, and causing the rest of us to suffer for it. And in most countries outside the US, consumers already pay per-minute for internet usage, so modem users are actually paying good money to suffer through ridiculously large downloads of spam mail.
Postal mail spamming should be a federal crime punishable by death. It is a waste of trees, one of our most valuable natural resources. It also burdens down the entire postal system, causing postage rates and reliability of the postal system as a whole to worsen for everyone else.
It's time we all stand up to advertisers and spell things out clearly:
"Even if I wanted information about your fucking weekend jewelry sale, or your fake college diploma & bestiality pics web site, or your excellent informational offer about auto insurance, I wouldn't want your fucking spam e-mails, flyers crammed in my apartment mail slot, or mindless zombies calling me at dinner time. If I were interested, I'd go look up the information myself when I needed it. Obviously I'm NOT INTERESTED because I don't respond, I just throw all your crap away and forward your scams to the Federal Trade Commission day after day after day. So take your flyers and shove them up your ass, and then go send some pornographic e-mails to yourself while we have everyone line up and call you to offer you special deals which we swear are not attempts to sell you something, you lying pricks!"
(Can you tell I'm upset?)
- "It's just a matter of opinion!" - PRIMUS
5-6 years ago, it was. That's why so many servers are still open - they're run by lazy admins, or come configured with relay turned on by default (Sendmail 8.6 on SUN, anyone?)
Today, it's not. The 'net changes. Deal.
> Locks should be to prevent kids from playing with balsting caps, not to keep theives out.
Today, an open relay is an "attractive nuisance" - that is, it's analagous to leaving your garage, full of blasting caps, wide open, and hanging a sign on the door saying "Hey kids, don't come in here and play with the blasting caps!"
I think you're actually trolling, but I'll take you seriously for one more moment.
> An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections.
If you're operating such a relay as a favor to a friend in such a situation, it's your responsibility to make sure it's not abused.
By way of constructive suggestions, you can require that users of your relay authenticate before using it, or you can restrict use of that relay to a specific IP address.
-Legion
But honestly, I'm glad they got him on the forgery charge instead of all of the above charges (i.e. forging a bogus return address)
Actually, it's the forgery charge that most worries me.
Unlike forging a signature on a cheque, or an official document, there is nothing in the RFC822 headers of an email that was ever designed to act as proof of a message's origin. It was well known twenty years ago that email was not resistant to forgery, and that has been an accepted limitation of the system all along.
I would like to see to what extent this spammer went to conceal the source of his messages, and how easily they were traced (the article seems to imply that they were traced fairly easily to his apartment). If all he did was use a false return address, does this mean that incorrectly filling out my Netscape preferences is a criminal offence? (Not to mention the people who would falsify an email address in their slashdot profile :)
I'm sure there must be more than enough evidence to convict him on the other charges -- misuse of computer resources and all that -- that there is no need to set a precedent like this for plain (non-signed) email
-- cicadia
Living better through chemicals
I am _very_ aware of what PopLaunch is.
I used to work for the guy that developed it. As soon as I found out what and how his "business" made money, I left.
I know where he lives.
Please, someone, confirm for me, that this is illegal and that he is in fact wanted by the FBI.
It'd still be forgery. Hell, it'd be the same offense if he were hijacking a site run by Cyberpromo at the height of Sanford Wallace's spamming days, regardless of whatever MSFT and Cyberpromo have done.
Only the dead have seen the end of war.
If you want to cure an open relay problem, send the admins a message or contact ORBS. It's absolutely asinine for people to use other's systems without their approval.
Lets see. You advocate the use of ORBS, yet ORBS launches a 15+ test attack on a target machine WITHOUT the premission of the sysadmin of the machine who's accused annonymously of having an open relay.
If it is asinine to use anothers system without premission, then why advocate ORBS, who do exactly that....launch a 15+ probe attack VS a host without that sysadmins premission, all based on submissions which proof can not be provided for?
If it was said on slashdot, it MUST be true!
Maybe you should try re-reading the initial comment? The author doesn't suggest that you should give up your precious badwidth or resources for his or her use, but instead that the author would like to live in a world where he could open up his resources for anyone to use without fear of invansion or misuse. A comment which begins with the line "You sir are a moron." proves that we are not to that point yet.
The subject of "harm" is perhaps one place to look. In the case of check fraud, the money or property probably won't be recovered, or only partially recovered, and either the bank or account holder will take a loss. In the case of spam, a whole lot of users press delete, maybe an ISP bears some bandwidth or mail server load (low incremental cost), and maybe a couple stupid suckers fall for whatever scam the message is hawking, and take a minor loss, but from their own action (any they probably learn something from it).
Now this guy crashed someone server by sending too much stuff so quickly, so there is some real harm, but 7 years in jail? I'd personally like to see him do at least a little time, perhaps only to strike some fear into all the other spammers out there, but 7 years sounds pretty damn harsh.
PJRC: Electronic Projects, 8051 Microcontroller Tools
I got tired of seeing that mindwire sig, so I went over to look. The only article that hadn't been pretty much covered by /. already was an article about smoking where the headline was completely wrong.
/. is the way that, when you sort by rating, you ALWAYS seem to get the most useful information about the story within the first 3 posts.
/. users are damn bright, and the rating system--however imperfect you may perceive it, works amazingly well.
Also it had a first post article.
Also it only had 2 replies, neither of which noticed the inaccuracy of the headline (even though one of the posts was ABOUT the inaccurate figures mentioned)
And Karma whoring? The best thing about
ps. Also due to the rating system, I have not seen a "First Post" post for years except when I'm moderating--seriously, years.
Sorry, but the
so now moderate me to hell for being off topic, but please don't put stuff like that on here and not expect to be called on it.
Does anyone actually believe that prison is an appropriate punishment for this? It's not like he killed anyone or burned someone's house down. I think losing the privelege of net access or access to computers is a more fitting repair and future protection of society than prison. I find it pretty incredible that many folks here are so gung ho on such a medieval treatment for a modern crime.
This is evidence of a judicial system that is more about revenge than correction.
I always thought it was about punishment, neither revenge nor correction. Just good old fashioned punishment for a crime. 7 years is a little extreme and I'm sure he won't get that, but there should be some punishment.
Finkployd
> If you're operating such a relay as a favor to a friend in such a situation, it's your responsibility to make sure it's not abused.
If someone stole my car and ran someone over with it, is that my responsibility too? What if I left the doors unlocked and the keys in the ignition? Have I committed a crime? I think not.
...how long is the guy who came up with Outlook going away for?
This
Maybe the ISP's staff spends dozens or hundreds of hours fielding the responses from people who were spammed demanding that the ISP do something about the spammer.
Maybe the ISP finds itself blocked by hundreds or thousands of mail admins around the world, and its subscribers decamp en masse because they can no longer get mail through. The ISP then goes belly-up.
Unless the spammer is willing to bear ALL of those costs (and has an agreement with the ISP holding the ISP harmless, sufficient credit to pay the costs, etc. etc.), s/he should go to jail as the thief and vandal s/he is.
Spam is theft of service. Spammers have no business existing. Anyone who spams should have to pay back the trebled costs of their damages (including people's time to download, recognize and delete the spam) preferably from wages earned from a work-release program shoveling muck out of sewer pipes (one of the few poetically just outcomes). Or they could just die painfully.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \
Time is Nature's way of keeping everything from happening at once... the bitch.
Although I hate deleting spam as much as the next guy, this is ridiculous. Considering other all other crimes, 7 years is a ludicrous amount of time for anyone to spend in prison for a crime that causes little harm.
I see that the Legislature and "Justice" departments are at it again, they are trying to set punishments so the first people to be punished are examples for those to come.
I detest this bombastic view that has been done in many computer crimes, and when compared to other crimes, the amount of prison time, and monetary punishments just don't jive with other crimes.
It seems that computer crimes are becoming the drug crimes of their time. This is a just another example of a misunderstood boogie monster crime that must exaggerated in media coverage and criminal punishments. All this does in the end is fill our prisons with over punished people. This costs us too much money and causes us to have more criminals in the end.
I think 1-12 months in a county jail would do the trick, don't you? If not subsequent violations could result in a few years of prison, but really, I'd rather delete a few extra e-mail a day then pay more in taxes for prisons, and cause the creation of more criminals.
-My $0.02
--Fac Iustum Nec Time-- --Veritas Prevalibit--
Maybe if Hormel started suing people for using their patent... ;)
~moofbong
If 'con' is the opposite of 'pro', what is the opposite of 'progress'?
>This is evidence of a judicial system that is more about revenge than correction.
>>It's also abouot deterrents, and cash penalties have proven so far to be of limited effect against spammers.
Could you post those figures that show that monetary penalties are of limited effect? I'm curious because I wonder why they don't just increase the penalty with subsequent offences, instead of pushing people in jail.
I know there are plenty of studies that show that prison time deters criminal activity... so I won't bother backing up that claim.
Thanks!
--Fac Iustum Nec Time-- --Veritas Prevalibit--
It's "Don't forge the return address as Ibm.net." More than likely IBM got into the trial and helped get this guy landed in prison. If he had forged some much smaller company's domain name, there probably won't be too much repercussion.
I've had my e-mail address forged in spam that went out. It was great to wake up and find over 500 e-mails, mostly failures, but maybe 20 or so of people tell me not to spam them. I told my e-mail ISP, Newsguy.com, in case they get abuse reports about me. I could have found out this guy's real information but it would have involved finding who registered a PO Box in Florida somehwere and that would have been much too much work and money. However, for a week I was ready to hire an investigator to find out who owned that box and then make a little vacation to Florida with some... tools. Instead I reported the incident to the postal investigators, since this was also fraud using the USPS services and mailed the postmaster at the zip code of the PO Box.
If all the lazy or stupid admins out there won't shut off open relaying, the only option possibly out there to prevent spamming is to create some kind of list globally of IPs of "good" or "trusted" servers. Then e-mail admins can set their servers to accept mail only from these IPs. It's kind of the opposite of MAPS (Mail Abuse Prevention System) but works in the same way. If you want to run an SMTP server to deliver mail, you go to the web site of the organization that runs this "good server" list and enter your IP. A script will then attempt to relay mail through that IP. If the server passes, the IP becomes appended to the list.
It'll be huge no doubt but as more and more people get broadband and decide that it'd be neat to run an SMTP server on it, there will just be more and more PCs with open relay on them.
It's really unfortunate. There are probably tons of flaws to my idea, including the fact that it'll never happen since everybody now would have to go register and nobody will want to do that, and undoubtedly it's come up before and had been put down, but it's just an idea.
> After all, no-one is complaining that having
> open mailboxes outside every post office is a
> security problem
Yes, they are. You can no longer post packages
via public mailbox because of security reasons.
Remember the IMF protests in Washington back in
April? I work half a dozen blocks from the IMF;
I remember when the security guys came and removed
all our street mailboxes to prepare for the
protests. They did put 'em back afterwards, but
still, it was a pain.
Chris Mattern
Sorry you feel that way, it is quite unfortunate.
No we don't live in a wonderful perfect utopia, even the previous poster acknowledged that.
Human beings are not perfect, however they are not inherently corrupt either.
It is sad that you have no hope for the future, no desire to see the world become a better place.
I'm glad that others see that there are problems and there is a better way.
Please e-mail this plea to 5 people in the courtroom, who will then in turn e-mail it to 5 more people...
Failure to do so will result in the death of your immediate family, increase of Oracle pricing for your employer, and the installation of RedHat 7 on your C++ development machine.
Thank you.
Actually, most spam these days is forged one way or another. Which stoopid spammer would put his own address on his tripe? Now, if he really hacked that machine, rather than just noticing that it was an open relay, that would be a different matter. But it's somewhat hard to tell what really happened from this rather non-technical article.
> I could go to jail if I stole someone elses car and got caught speeding
Hmm, but in that case, you'd go to jail for the theft, rather than for the speeding. Unless the US judicial system is really screwed up.
> could go to jail by jay-walking if I was running away with someone elses purse.
Same point as above.
Say no to software patents.
Okay. I agree with you here. Spam is harmful in open forums where there is no way to filter it. Imagine if people started advertising pornography here on slashdot, and there was no way to... oh, sorry.
I figure that if other people aren't using free e-mail accounts to filter out their spam, and then complain about it, they rank on the same level as sys admins who don't apply the latest security patches and whine when a skript kiddie roots their box. I appreciate your "once-bitten twice-shy" scenario, though. I had one of those too.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
I'll agree that "human beings are not perfect" but not that "human beings are inherently corrupt." When we work together, we can accomplish a lot more than by working individually. However, that leaves us open to abuse by the relative few who are corrupt. It is those few who are corrupt that keeps communism from working properly. Unfortunately, there is no easy way to detect and delete those who are both corrupt and intelligent before they gain power and twist everyone else's goodwill to their own ends.
Edward Burr
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
Ways to get on the list:
Submit USENET news
Be a bidder or seller on eBay
Leave your complete email address _anywhere_ public online
Problem is, eventually some twerp will be paying vietnamese laborers to decode your cleverly disguised slashdot email addresses (e.g. joeATcrudDOT.com) There are ways, with keys and stuff to protect yourself, but you're really erecting barriers to people trying get in touch with you. Best to set some examples.
--
A feeling of having made the same mistake before: Deja Foobar
7 yrs is too harsh. make the punishment fit the crime.
Cut off his hands?
The system that he hijacked was that of a design firm called Market Vision, not IBM.NET's. The forging part was when he made the mail messages look like they came from addresses at IBM.NET. I don't know if this was your usual email address spoofing or something more tricky, but it's a different deal than what you seem to be suggesting.
It's a lot easier to hack the little guys than Big Blue (or AT&T actually, since they own IBM.NET).
You are right, you should be punished "dependent on the nature of your crime". In this case it is just a tad over the line, don't you think?
In effect he stole and committed forgery. In effect he e-mailed a bunch of folks, and pointed the finger to someone else when it came to who sent the e-mail.
Assault? Not a chance.
Does this all add up to something that is "maddening and sickening"? To decide if you, I, and the rest of e-mail users are really mad and sick of this, go visit a prison and compare sitting in there, and deleting 30 e-mail.
I don't like deleting spam, but mad and sick? Not a chance.
--Fac Iustum Nec Time-- --Veritas Prevalibit--
Oh, come on, that's easy. Just pull the plug.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
he'll get another form of spam...
bad meat in the can!
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Ah, I think you hit on a point here. I'm too lazy to look up the law, but if I walked into a house that had an open door, I can't be charged with "breaking and entering". I think the most I can get is "illegal entry". IIRC, B&E requires that the criminal either break something or open something, with the intent to gain entry and commit another crime.
An open port is an open door. (H|Cr)acking a firewall is B&E.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
Taking down a server at a legitimate business and annoying MILLIONS of people is what he did. He deserves the seven years.
I highly doubt that any judge would convict a person for forging e-mail! There are NO safety precautions anywhere that prevents forging e-mails!!
ibm.net knew this. The fact that they didn't invent such a system to prevent forgery and what-not means that it is their own fault!
so, what you are saying is, the guy who counterfiets 100 $1 bills should get 100 x as long a sentence as the person who makes one $100 dollar bill? :-) i like it.
what hump?
Now you got me marked as a troll. I'm honestly expressing my opinions here. Geez.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
How about we give 7 years in jail to everyone who ever breaks into a computer system? I mean, I sure hate spam as much as the next guy, but "hijacking" mail servers is a crimial offense now? And 7 years jail for doing it? Incredible! How could we endorse this when we as a community often advocate white hat hacking and general system exploration? I mean, a civil action would be merited, and perhaps some monetary penalty, but JAIL??? I don't know, this worries me. It is a dangerous precedent.
I don't know much about the PopLaunch saga, but if you're serious, I'd encourage you to check up on some pseudonymizing options and get involved on news.admin.net-abuse.email. There are people there that are probably well-situated to help you help them out.
He would starve to death. I would add, besides the opener, a terminal permanently logged to hotmail. In the intervals between meals, he would be able to get car financing, buy pheromone based perfumes, buy printer cartridges, get incredible sex, etc, etc...
My user name is Latin and refers to the power of Fokker airplanes
----
It does not specify but they should charge him with fraud for every email he sent. Lets see that would be about a million counts of fraud...that should up that sentance quite a bit. That way the bigger a spammer as person is the more years and bigger fines they can get.
Remove the spam reference to email
Maybe 3 months max jailtime and a fine proportional to the damages. I don't even really agree with the jailtime...
-chris
There is a third option. Kick them out of the comunity. This is how it used to work. They used to kick criminals out of the towns. Now that there is no new places to go jails are used.
I'd argue that a closer analogy would be taking a delivery truck for a spin in the middle of the day, while it's full of merchandise that needs to be delivered. Furthermore, that analogy doesn't cover the resulting backlash of spam complaints back to the source. It'd be as if a number of the thousands (millions?) of people that he cut off in traffic all called your business to complain about your reckless driver.
An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections. I temparly store mail on your server until my buddy gets online, and then you send it while my server is offline.
Well you could have a neat system which works the following way... When you want to send mail you check with something (e.g. DNS) where to send it. Getting back a list of possibilities (which can be spread all over the world. All nicely documented in RFC 974...
Now why exactly do we still need third party relays?
If I had a dollar for every open relay on the Internet, I'd be a very rich person. This kind of crap -- "hijacking", they call it -- wouldn't be possible if sysadmins would LEARN how to SECURE their mailservers!!! Here's a hint: turn off relaying! It's absolutely asinine to allow the entire Internet to send mail through your machines; hopefully $18,000 in losses has taught this person that.
- A.P.
--
* CmdrTaco is an idiot.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
Umm, ever heard of blue-collar crimes?
Umm, yep, but they have nothing to do with stock fraud or computer theft. What you're talking about are white-collar crimes. Blue-collar crimes are the more traditional ones. (As if pipefitters and truck drivers were more likely to commit murder or rob a bank.)
Indeed, in the case of worshipping Satan, great financial gains can be realized. Look how well Torvalds is doing!
Now that is just funny. LMAO!
Admit nothing, deny everything and make counter-accusations.
I'm all for not coddling people, but seven years for SPAM (yes I hate it too) isn't realistic....
there are no stupid questions, but there are a lot of inquisitive idiots
Rob is on the wrong side of the argument. While everyone hates spam, this person is not charged for spamming; rather he was charged for unauthorized usage of IBM's computing resources. The community generally do not like the idea of imposing serious punishment to this type of offense. After all, it's the same readon why we supported that scum bag Kevin Mitnick.
I want to ask: what is the rational behind "stealing MP3 is not a crime, but sending spam is?"
Just because you hate spammers doesn't mean that they deserve to lose thier freedom. It is the same argument that just because you hate blacks, homosexuals, jews or whatever does not give you any more rights than what they have. If a kid hacks into IBM's mail server just to exploit security holes, would you like to see him sentences for 7 years in jail?
The support for freedom means freedom for EVERYBODY. That is freedom for those you disagree with, freedom for anyone. Look around the posts, you'd find that most people in the industry will first point fingers at the admin; because that's where the blame should go.
What makes you think MP3 pirates have more freedom than spammers?
Or you just used the stolen tractor to deliver unsolicited mail. That's a better analogy.
No one was killed, people! Please stop comparing spam to murder.
-
IBM and Market Vision will both be sending email to everyone who was spammed to apologise for flooding their inboxes with unsolicited email. These mails will include details of several special offers and discounts being offered only to the spam victims which they will be able to claim by visiting the companies respective online stores.
Slashdot: Proof that a million monkeys at a million typewriters can create a masterpiece
Some spam that I get has a legal disclaimer at the bottom. It's something to do with some law that congress passed. Something about it not being spam for whatever reason. Anyway, I don't care whether it's valid or not, and I don't even want to try and understand it: US law doesn't apply where I live. It just makes the spammer look more ignorant to me.
That's the whole point I'm trying to make. Manage spam by having your real account, as well as a *free* account from hotmail, yahoo, or wherever. Whenever you need to distribute your email on the web, use the free account. When dealing with people you trust, use your real account. Then, when you find you free account getting overloaded, drop it and create a new one.
I agree with you that spam is a Bad Thing(tm), but there are a couple of simple steps you can take to minimize its effect on your life.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
Comment removed based on user account deletion
PRISON is for keeping violent people from hurting the rest of society.
Umm, ever heard of blue-collar crimes? If an unscrupulous stockbroker steals $X million dollars from Y l'il ol' ladies, I certainly hope that he would go to prison, whether he is violent or not. Legally there was no violence involved, but there was certainly a heinous crime worthy of punishment.
Now, while I agree with you that in America the "Book em, Danno" mindset towards people who commit crimes is way, way, way overused, I do think there are still circumstances where non-violent offenders should be locked away. This is one of them. Smoking/selling marijuana/LSD/ecstasy, buying/reading/selling porn, and worshipping Satan should not be against the law. But there are no financial losses involved in any of these. (Indeed, in the case of worshipping Satan, great financial gains can be realized. Look how well Torvalds is doing!)
Seems more like the guy calls someone's house asking if the homeowner has a gun. The homeowner says yes there's a gun at the house. The guy then proceeds to load the gun with millions of his bullets and shoots lots of people in the mailbox.
Inheritance is the sincerest form of nepotism.
The defense team, when confronted on this issue replied that the end recipient would know that it was a contest and that it was "understood" that they were not actually going to recieve 1 million dollars. If I recall correctly, the judge told them that putting "You are a Winner" (or whatever) on the package or atempting to impersonate federal documents, regardless of the awareness of the recipient, was illegal.
By using ibm.net, the spammer attempted to legitimize his spam, and thus is guilty of a vast amount of naughtyness. I'm surprised that IBM isn't attempting to spank him as well.
Of course, IANAL....
-- "I am disrespectful to dirt. Can you not see that I am serious!"
You see, you can't hold the incompetent sysadmins responsible for not securing their systems. You have to consider their feelings. Maybe they were having a bad day or just forgot to disable telnet! It's not their fault that they were inadequate and incompetent, and for this reason, we must manipulate the laws so that they fully protect the people.
I think we truly need to cede more of our rights to the government. You have to understand that most people aren't as smart as those that run the government. Governmental agencies know more than the common person, so we must give them the ultimate power to enforce the law. We can't allow the individual to control his or her own destiny, because he or she might forget to run proper security procedures.
Furthermore, I think that execution should be the punishment for all crimes! With all the little hidden laws we have, we'll be the savior of the planet, just based on the rapidly decreasing population. I can envision not less than twenty more government agencies that could spring up just to handle the weapons-manufacturing, stormtrooper training, jackboot production, and body disposal. Sure, the odds of you getting shot for jaywalking are greatly increased, but think about the jobs we could create! We could employ millions of starving children in Africa.
Frankly, I'm tired of being responsible for my own actions. I prefer to rely on the crutch of ancient bloated beauraucracies!
http://unxmaal.com
DrStrangeWeasel@intergalacticestateuniversity.edu
s() th3r3!
--
A feeling of having made the same mistake before: Deja Foobar
http://unxmaal.com
And we're putting this guy in prison. He's not dangerous. Heck, he's technically minded. His action was inspired by capitalism, and therefore the logical punishment is to fine him. A big, hefty fine. And heck, while we're at it, we should be using these fines for a (real) good cause. Let's fine this guy a million dollars, and then use that to feed the hungry.
Now, there's no point filling up our prisons. In a capitalist society, economic punishment is effective enough! And, it lets him spend his time working- although he won't see the benefits of his labor until the debt is paid off, the rest of us will.
-bugg
Uhm.. SPAM isn't like the end of the world or something, 7 yrs is a bit too much. I bet you voted for George Hitl... ahum W. Bush or something.
If he gets 7 years, it's a sad day indeed. Mike Tyson got less then 7 for rape, didn't he?
After I have received the wisdom of good teaching, I will untiringly teach all people. - The Teachings of Buddha
I've always been too lazy to find sites like this myself, good links.
Interesting. A while back (maybe two years now) I got a lot of spam apparently from ibm domains and reported it to postmaster there. They said they'd look in to it. I wonder if this is connected. If this is the same hijack, did it really take all this time to catch the culprit, or is it just that the case took ages to come to court? And if it's not the same hijack, how many times a year does IBM get subverted?
How many karma points do I get for being quoted in someone elses sig?
Thanks, John.
--
--
E_NOSIG
In fact, the sympathetic response by many of those on Slashdot suggests to me that maybe punishments need to be made stronger in order to firmly establish that breaking into someone's computer is NO DIFFERENT from breaking into someone's house.
It is different, if you think about it. I'd rather you broke in to my computer, for instance. I use cryptography for my privacy and backups to prevent things from going missing on my computer. My house requires expensive insurance and my rates might go up.
I live in my house, and don't want to be disturbed by un-invited guests. I don't like un-invited guests on my computer either, but I certainly don't freak out about hackers like I do if someone breaks down my house door.
And, my defense of each might be just a little bit different too.
I don't think we need to firmly establish that breaking in to a computer is the same as breaking in to someone's home or business.
And we certaily should not punish a first timer in such a crime with a year in prison, or even 7 years in prison.
Go visit a prison for proof of this.
--Fac Iustum Nec Time-- --Veritas Prevalibit--
In fact, the sympathetic response by many of those on Slashdot suggests to me that maybe punishments need to be made stronger in order to firmly establish that breaking into someone's computer is NO DIFFERENT from breaking into someone's house. If you want to take a look at someone's house, and slip a note in their mailbox if you notice they've left a window open, well that's one thing. If you crawl through the window and take a look around, even if you don't do any damage, that's a problem.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Imagine this:
Congress is about to pass a change to the tax code that would place a 50% tax (a sin tax, in the spirit of tobacco) on beanie baby sales. As a professional beanie collector who makes his living selling them on ebay, this would put quite a crimp in my business. Although nobody has sympathy for beanie baby collectors, I figure that senior citizens have a lot of clout. (they do) So, I write up a letter on faked AARP letterhead that tells them that the new tax bill will place a 50% tax on Social Security, take it down to Kinko's and make 100,000 copies when nobody is looking, mail them off with a rubber stamp I "borrowed" from behind the counter when the grunt took a bathroom break, and then sneak out before he comes back, without paying. I have them all addressed to a bunch of addresses I found in a dumpster somewhere that may or may not be senior citizens, and figure that at least some will hit their mark and benefit my cause. Most will be ignored because they're mistargetted, but it doesn't matter to me because it didn't cost me anything. It cost Kinko's to make and mail the copies, and it gives the AARP a headache when people start calling complaining about this junk mail that's a lie.
Now, the fact that I lied in the message (common in spam) probably constitutes fraud on its own, but that's harder to prosecute than the much more obvious theft from Kinko's and impersonation of the AARP. That's what's going on in this case, and whether you think the guy has a right to spam or not, he certainly does not have a right to steal someone else's resources or impersonate another party.
WARNING: there is a trojan on your
Don't you think it is about time that the government makes some formal laws related to "hacking" and other computer activities. It always seems that lately whenever someone is caught the penalty is never known. I think the federal government should look into Computer Crime seriously and determine what the penalty is. It would be unfair if someone got punished more then someone else just because one judge thought spamming was more serious then another judge. I think this is another case of technology passing up society. With cyber crime becoming more and more common a lot of people do not know what to do with the criminals.
>neotope
Do you really believe this? Not only Communism, but society itself could not exist if your statement was correct. At some level, humans have to place their trust in each other. Without trust there is absolute anarchy. A society could not maintain the rule of law if its citizens were completely unwilling to put their trust in the goverment. You may be a cynic and say that society is inheriently corrumpt, but you place your trust in society everyday. The world you describe is as unrealistic as a utopian society. Reality lies somewhere inbetween.
Come on! I understand the frustration with spamming, but this is a relatively harmless, non-violent crime. A lot of murderers and rapists don't get 7 years!
Put it this way; this is just another variance on hacking*. How would you like it if a hacker got 7 years for breaking into a computer system?
*The proper word is "hacking". I don't recognize the 'c' word.
--
Sometimes it's best to just let stupid people be stupid.
I hate spam as much as the next guy, but 7 YEARS?? That seems a might excessive for any computer crime. It's not like he went and changed medical records which resulted in the death of someone, or caused any other physical harm to anyone.
This just seems wrong...
Do you really consider an unsolicited e-mail an "attack"? And one that deserves jail time?
We can discuss the punishment for breaking into a computer system and bringing it down, but jail time for spamming alone would have to be an overkill!
Never underestimate the bandwidth of a 747 filled with CD-ROMs.
-Legion
Has anyone noticed that Sam Khuri/Benchmark Print Supply has been sending out Spam under a new company name, despite (or 'to spite') court rulings against him? I recently received several spams with the same "800 number" but no company name, and then more recently I've seen them with other company names.
-Chris
...More Powerful than Otto Preminger...
I mean, really?
I have three e-mail addresses: one at work (spam free), one at school (almost completely spam free) and one at hotmail (spammed constantly). I only ever give out my hotmail address on the web, and can drop it with no hard feelings at a moments notice.
Add to that the fact that I can block senders, and they have some other spam-detterents in hotmail, and it doesn't really bug me that much. I've never had more than about 10 spams a week, and since there is almost never any useful content in that box, it takes no time to delete them.
When I first started getting spam, I got irate and tried sending them false information, rude replies, etc. Although this was fun for the first couple of times, the heady enjoyment of corrupting spammers' databases quickly wore off. Now I just delete and forget.
So I guess I ask my original question again: Why does everyone get so damn pissed off at spam?
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
(I'll bet he's a Linux user... they're criminals, all right. Each and every one.)
See you in hell,
Bill Fuckin' Gates®.
See you in hell,
Bill Fuckin' Gates®.
(This post is ©2001 Microsoft(TM) Corporation.)
I think what is being missed is the "up to" part. I doubt this guy will get the full shot. Secondly, because this isn't a narcotics crime, with mandatory sentencing, this guy will get time off for good behavior. So if this guy keeps his nose clean, even in a worst case senario, he will be looking at 3.5 years. Granted, this is not a vacation, but not that extreme. re:hat colors. I think that people who endorse white/grey hat hacking should be after this guy's head on a stick; it is black hat activity like this that that corrupts the perception of the entire "community" in the eyes of the public.
Commercial email is required to have a real, working unsubscribe link, just as telemarketers have to stop calling if you tell them to take you off their lists. So yeah, most of that spam actually is against the law.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
any jail sentence would be way out of perspective.
let's face it, the campaigners of the wanna-be president of the US have spammed people as far as Russia and China to vote for their candidate [or at least not to vote for anyone else - or to vote twice - or to to forge ballots...].
of course the highjacking of the mail server does deserve punishment. but, condsidering that it takes skill to hijack a mail server, the worst punishment would be to seize all his electronic goodies and forbid him the use of a computer for twelve months.
if that type of punishement is used against hobbyists regularly, then it might actually be enough of a threat for many small-time hacks to think twice before messing around [or before confessing to having messed around...].
keep some space in jail for important cses and real gangsters [politicians, bankers, clerics, etc.]
Just keep sending back your junk mail AND get yourself off the direct marketing mailing list.
Go here to be able to create forms with the address already on it. I am not sure how other countries can do it, but I used this site and I get only a few pieces of junk a week now. Also, Junk Busters is good, but the other site is easier to use.
=-=-=-=-=
"Do you hear the Slashdotters sing,
=-=-=-=-=-=-=-=-=
Oh bother.
s/car/gun/g
s/ran someone over/drove away with the child I was babysitting but left in the back seat when I went to the store/g
People have been charged for precisely those kinds of irresponsibility.
(I'm not advocating criminal charges against admins of open relays - just pointing out that there's plenty of legal precedent for the moral tenet that one should take responsibility to see that one's property is not abused to the detriment of third parties.)
To simply ruin the guy financially. Sure, it would be satisfying to see him beaten to a pulp, and I'd be first in line to pelt him with overripe vegetables, but he certainly doesn't deserve any more jail time than someone who broke into ten million people's houses and stole a 33 cent stamp from each of them.
Come to think of it, seven years is actually a pretty good call.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I don't know about you, but I'd take the jail sentence. :)
--
All men are great
before declaring war
A government is a body of people notably ungoverned - AC
Prison is also a deterrent to let others no that their actions are unacceptable. Hopefully this guy will get the full sentence to let spammers know that people are sick of it.
Spammers however not only are resource thieves but send offensive email into family boxes. They are also time thieves since so many of us play merry-go-round with multiple mail boxes to avoid spam. We spend time setting up filters and getting new boxes and worrying about who we can mail from our home account. We spend time going out to a hotmail account to email some business to make sure that we get no spam at home. People on Slashdot add all sorts of wacky stuff in posting their email addresses to make sure that the addresses don't get harvested.
All this adds up and is maddening and sickening. This guy in effect not only stole and committed forgery, but assaulted a million people.
I say, get a rope!
Hey, you think your house is cool?
I can't divulge that information, you'll have to ask Bill....:)
Burn Hollywood Burn
I think you'll have a hard time finding a "murderer" whose original sentence was less, or even a jurisdiction that allows such a sentence. ----->> In Canada, I believe that the minimum sentence for the crime of "manslaughter" is 7 years. With time off for behaving yourself and so on, that comes to about 4 years actually in jail. "Manslaughter" is un-premeditated killing of someone else. Anything from "near-accident" to "near-murder". First Degree Murder and Second Degree Murder are sentenced to Life with no parole for X years. (Usually 20.)
If you're a zombie and you know it, bite your friend!
Mmm... fried SPAM.
If the judge was smart, he'd make this guy work a supervised tech job for the city- with an "intern's pay."
-p4
(c) All Rights Released.
He should get 7 years of trying to secure an Windows computer...that ought to teach him...
Burn Hollywood Burn
Apparently you've never been to a minimum security prison, which is where he'd likely be serving his seven years.
Ranessin
It is the most informative and insightful post about spam I've read in months. Good job on explaining the situation.
Um... no. Mailservers are public in terms of receiving, but not for sending, and that's what he did, send millions of mails from a server which he had no right to use.
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
Comment removed based on user account deletion
They deserve every damned bit of it. :-)
The best thing to do is to tell them they
owe you $500.
M$ stock dropped in 1/2 since last year. If you are a MCSE, you will be broke.
Which means, if you leave your belongings wide open, you are not guilty if someone comes and steals them, but it's still your responsibility to take proper care of them.
My user name is Latin and refers to the power of Fokker airplanes
The following is my logic. I'm not sure if it is right, but it can make sense.
How many % of (let's say) US citizens are criminals?
(From now on, I'm assuming the answer to the above question is less than a few percent)
If this % is small, how economic is building jails, hiring polices, putting people on trial, etc. to just correct this minority?
Does the correction of this 2-5% of the whole population actually make a significant difference to the sanity of the society?
On the other hand, the system as a prevention tool makes economical sense, because it purports to keep the rest (i.e. 90% or more) of the population from committing crimes.
A thought experiment: imagine that, you see the news on your local TV channel that "for the next 3 days our local police department is going on a strike. There'll be no street patrol..."
Will you get nervous about the news? Then, think about *why* think you'll get nervous. It likely will point to the crime prevention function of the system.
>Reduce the incentive for murder. Why are people
>murdered? There are many social ills that drive
>people to kill. Try to correct these things, and
>you've prevented more murders than sending >someone to jail--where they get angry, lift
>weights, and prepare for their next crime spree
Yes. Sound in theory. Extremely difficult for practice. Murderers kill people for various reasons, some of which totally out of any stretch of our imagination.
It is not possible to make everyone happy at the same time over a series of many government decisions. Some must be upset, for individual reasons. If we cannot take care of each of them, there're bound to be criminals.
e.g. free food for everybody would definitely make a lot of people happy, and prevents helluva lot of crimes. However, it may create a riot among shareholders of big food companies.
Interesting text, but it does make one base assumption that isn't always true: punishment is a deterent for crime.
Hey, c'mon yourself. I don't think you read the whole story. His actions caused monetary damages to one network, and he spewed porn to many more than a few people. A heinous act, perhaps not legally, but at least morally. Let people go and find the porn via legit advertising; who knows how many addressees were kids?
Anyway, spammers need a lesson in humility--they are laughing in our face at our feeble attempts to curb the onslaught of spam. Spam costs me time and money, every day. Without there being any consequences in forging others' domain names (and possibly tarnishing the owner's reputation), hijacking the network resources of others, and spreading rip-offs to millions the world-over, nothing is ever going to change, and our mailboxes will still be deluged.
No, he deserves jail time. I'll admit that seven years is probably too much, but 6 months or a year ought to do nicely.
This is ironic. Us computer geeks look up to crackers like Kevin Mitnik. And by doing so we are promoting criminal activities like this. I'll be in a couple of years when this spammer gets out of jail there'd be people looking up to him like a god. Sigh... How quickly people forget...
Seriously, this spammer should be locked up for 10 years just to set an example for all the would-be junkmailers. I mean, if we don't set an example of him, others would just think "oh it's only a minor crime with minor consequences. I'll just keep on spamming!"
Who have killed and gotten less time. He was put on house arrest but then arrested for violating parole because he had stolen property. He is now out because of over crowding.
I think it's unfair to give this guy 7 years. I mean, it in no way makes me feel better that this mother f***er will be in jail for 7 years. This is why I think it's time to bring back public stonings.
*sigh*... You and other system administrators wouldn't have to worry about getting vengence on spammers in the first place if you use an MTA like PostFix or qmail. They're a lot easier to configure to filter out all the crap. They're pretty secure, too.
Friends don't let friends use multiple inheritance.
Or is it an utopia?
We will never get rid of spammers. We will never get rid of telemarketers. We will never get rid of Jehova's Witnesses. We will never get rid of television commercials.
I'm afraid that you may just have to swallow the fact that this isn't a perfect world and we must do what we can to protect ourselves. I could be a bastard here and extend your line of thought to home security (why should I have to buy a door lock?), but I won't. Oops. Sorry.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
There is a big difference between what is right and what we do. When I left my house this morning I locked the door behind me. The right thing to do however would be to leave the door unlocked so that if my neighbor ran out of sugar in her baking she could walk in and get it. I know she will return the favor next time I'm short and egg for my morning omlet.
An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections. I temparly store mail on your server until my buddy gets online, and then you send it while my server is offline.
Trust for your fellow man should be the normal way of dealing with things. Locks should be to prevent kids from playing with balsting caps, not to keep theives out. Fraud and abuse should be completely unknown.
No I agree admins should lock down their mail servers. However everyone should feel very bas about having to do it. Locking down a mail server says bad things about socity.
I know there's no way this guy will actually spend the 7 years behind bars, but violent criminals like murderers and rapists get sentenced for less. Are the courts sending the message that spamming is equivalent to rape in the eyes of the law?
***
I completely agree with you, I just wanted to inject a bit of anti-rabid-spammer-hating into the discussion, since rabid anything usually results in faster than desirable erosion of civil liberties (witness the rabid fear of drugs destroying our society and the effect of the so-called War on Drugs). I do think that criminal cases related to computer crimes are going to be a case of "the big guy is always right." so that we will continue to see people like Randal Schwartz and Emmanual Goldstein get whatever legal treatment the law department of a large company decides they should get.
I do not have a signature
His point was that even if you leave your door unlocked, it's NOT YOUR FAULT if someone comes in a steals something. It is the fault of the person that did the stealing.
It's no different than Napster being held responsible for people using their service to illegally copy music.
In reality, you should obviously lock your door, but in locking your door you should realize that it's a sad thing to have to do so.
Get your head on straight and stop thinking like the mainstream, realize where the blame really lies. I mean, where will it end? Will you be at fault for dying from a gunshot because you didn't wear your bullet proof vest? Is it your fault your car was stolen because you didn't have "the club"?
Protect yourself if you so choose, but remember that having to do so is a bad thing, not the right thing.
Sticking feathers up your butt does not make you a chicken - Tyler Durden
So you would want to do, what exactly? Spank him? Actually, I've heard caning works quite well for Singapore... Seriously, for punishing crime you've got two options, pain or containment. Pain has the advantage of being better at discouragement, while containment has the advantage of physically stopping people from committing crimes for a certain amount of time.
Of course, there's always the "psychological counselling" option, but that's just bullshit. First, there's lots of people who commit crimes who aren't messed up in any way. They just don't care much for others. Counselling may help some people get over their surpressed memories of being beaten as children, but it won't help people who just honestly don't feel bad about messing with other people's personal property. Second, counselling is not a deterrent. Even if it were effective, it would only help after the crime had been committed.
As for stopping it by removing any "profit" incentives, profit is not merely monetary. This guy probably didn't do this for the money, he probably just gets a thrill out of annoying and cheating people, same way trolls on slashdot get off by annoying people.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
The government should be congratulating him, not imprisoning him!
Got friends?
I agree with the other posts that have said that 7 years in jail seems a bit over the top, especially considering that many of us endorse white hat hacking. Maybe even grey hat.
I think computer security law should reflect physical security law, and provide for different kinds of crime. As far as I know, neither "trespassing" nor "breaking and entering" land you seven years in the slammer.
Now, using a mail server to send unauthorized resource wasting mail is probably a crime. Taking someone's car for a spin w/o permission or pirating airwaves on a spectrum allocated to someone else are probably comparable law breaking actions (if you disagree, find something closer). Is 7 years in jail a crime fitting punishment?
There's different grades of trespassing and use of others property. Computer law should reflect this as well.
Tweet, tweet.
It's not like this guy cracked a root shell and used /usr/lib/sendmail to send the mail. He connected remotely to port 25 on this system and did this. The admin is partly at fault! The admin said "Sure take my gun and start shooting people."
Also I agree with other people that 7 years is an awful lot too. It's not like he was killing people. Murderers and rapists don't get that much time usually anyway....
And no I'm not defending him. I think he should do SOME time. But he should get 7 years when rapists get life. And the admin should at LEAST get fired.
--
Garett
I suppose with the demise of UUCP mail (cue for someone with a ! in their email address to pipe up), and the increased connectivity of the internet, no-one really needs to relay email any more.
Even if someone was connected by UUCP you probably couldn't tell from the mail address.
On a UUCP set up you can't assume that connections will be made in real time also there is no equivalent of DNS. Instead UUCP "maps" were propergated as news postings.
I suppose with the demise of UUCP mail (cue for someone with a ! in their email address to pipe up), and the increased connectivity of the internet, no-one really needs to relay email any more. I still think it's sad that this has to be done. After all, no-one is complaining that having open mailboxes outside every post office is a security problem, yet this is the exact real-world analogy (allowing for differences in sender-pays versus recipient-pays).
/. are clear cut. If the guy had hacked in and left the sysadmin a note how he did it, he should walk away. But because he was using the machine for spam (not to be confused with SPAM) he should be hanged, drawn & quartered. And that's only because we're feeling nice. It's the difference between finding a back of US mail & returning it to the Post Office, or filling it with postage-due credit card scams.
I think the sympathies here on
Just find out which prison/jail he is going to and make arrangements to get "Bruno" extra cigarettes in exchange for making this guy his new girlfriend. I got this spam "from" ibm when it happened. (*&(*&^% all those people who think 7 years is too harsh. Its a slap on the wrist. Send a half dozen more spammers to prison and continue to do so until they are running scared.
Kill them all, let god sort them out!!!
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
You don't even get that for *murder* in America these days.
You wanna stop being spammed? Use Spamido techniques:
http://www.yelm.freeserve.co.uk/spamido/
Government of the people, by corporate executives, for corporate profits.
So can I go to jail for 7 years for hacking a Quake server?
It's amazing how many people still believe punishment is the key to solve a social problem. A spammer will spam what he can just like any other criminal do what he will do. Is this really the way we're going to continue after the year 2000?
NB: If everyone shall have their "justful" revenge, there will be noone left on this planet.
- Steeltoe
http://www.debunkingskeptics.com/
C'mon, be rational here. The guy annoys a few people and you want to throw him in the slammer next to rapists and murders for 7 years? I say slap him with a big fine and some community service at the very most. Anything else is barbaric and absurd.
I agree. People who get carried away with lines like "lock them up and throw away the key" often forget one important question - which is, who pays for it?
It costs over $50,000 a year to keep someone in prison, which is something like twice the average income. Now, why should I pay for someone to sit in a square box and rot away, possibly be abused and develop mental problems of a sexual nature, and then be released into society with no skills? Just because revenge feels good?
Countries that have get-tough-on-crime policies have worse crime rates and a fucked up society. The US has the largest prison population in the developed world, larger than some european nations put together.
I've lived in other countries with different approaches to crime. The ones that focus on lighter sentences + rehabilitation have lower crime rates and less expensive prison systems. Of course, they also don't have electorates that fall for catchy soundbites like 3 strikes and you're out.
Well, hey, this guy hijacked an unsecured server and sent spam, therefore we should hold him for 5 years without trial. (Remember to use Gestapo techniques to get him to wave his rights first).
You have to be careful of people like this, I bet this spammer can whistle into a telephone and take over all the sendmail servers world wide. Heck, keep him away from a AM/FM walkman too, because he could break into the wardens office and start sending spam with the walkman and the wardens computer!!!
(For those of you about to slap me with a -1 Offtopic rating, you may want to read a little about Mitnick and realize that I am not offtopic.)
Try to hack my 31337 firewall!
Heh.
"Make Money Fast, Do Time Slow"
One of the features of HouseKeeper is to be able to fetch various items from the household for a person requesting it.
As a default, HouseKeeper is configured to fetch anything for anyone. At page 384 in the manual there are (slightly outdated) instructions on how to restrict access to that functionality, for example set it to refuse to fetch the gun for anybody but you, but happliy lend a neighbour a cup of sugar.
Now due to either a bug in HouseKeeper, a faulty manual or negligence, the owner failed to restrict anonymous access to the fetch(gun) command. This, luckily, did not result in a killing spree, but "only" in some late night target practice, which caused considerable irritation for a lot of people and a lot of work patching bullet holes the following day.
All opinions are my own - until criticized
I agree.
However, is the guy who gets 20 years for pot possession also a danger to society?
The justice system is set up to punish the lower classes and minorities more, regardless or the circumstanses of the crime.
Arn't the guys who run S&L scams and threaten the whole economy doing a lot more damage than those who steal cars or just happen to be carry enough drugs to get counted as a dealer?
http://overwhelmed.org
My ISP was unavailable last year for approx 437 hours, and by Ed's calculations, I figure I'm out approx. 1.3 billion dollars.
Does anyone know the name of a good lawyer so I can sue the bastards??
I love the smell of Karma in the morning
To: LtBurrito@slashdot.org
Re: Take Time Off From The Daily Grind! Learn How!
Don't delete this email until after you've read it And then you won't at all. Guarranteed system means you will never have to work another day! You'll be going places in no time! You will be waited upon by servants, have people bending over to please you, live in an enormous house wear jewelry and be chauffered everywhere you go!
Call 1-800-555-1212 and ask for information!
To jail, to court, to jail, to prison...
Specifically, civil servants, i.e. prison guards
Or visa-versa
Also known as the Big House
Bracelets anyway
By a guard named Elmo
--
A feeling of having made the same mistake before: Deja Foobar
As for the "moron leaving his window open" bit, do you belive anyone who doesn't buy an car alarm should get his cd-player stolen? Where do you draw the line? No matter how easy it is to commit the crime, it's still a crime, and ought to be punished accordingly.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
In reference to CmdrTaco's comment about credit card spam. Credit bureaus publish lists of people who have "good credit". Many credit card companies seem to use that list as their own personal mailing list, which is why some people get so many applications.
If you go to the web page of Equifax (I believe they are the largest national credit bureau) you will find this number: 1-888-567-8688 to call to "Opt-Out". The direct link to the number is on this page.
If you call this number and give them your information, you will be removed from the list of four credit bureaus (which I believe are Experian, Equifax, Novus and Trans Union).
It's a somewhat of an annoying process because it's all automated (at no point do you talk to a real person). Also, they mailed me a form to fill out and send back. But, I don't think I received more than 2 credit card applications in the last 3-4 months, whereas I was getting at least 3-4 a week before.
Sometimes I feel that whole judicial system is screwed up. Prison is for violent people. The rest should have to do community service. Putting a non-violent person in jail is a waste of taxes.
America has the highest per capita incarcerated people of anywhere. And it's crackhead stuff like this mostly.
I wish some of the canidates had brought up prison reform during the election.
The one interesting thing about this though is that mostly it's just poor people who go to jail. And this guy doesn't seem like he should be poor...
It seems to me that you're both right, because you're using the word 'right' in two different ways.
;)
When the original poster referred to "the right thing to do", he meant the thing that would be right in an ideal situation. And he was right about this. If I could trust the world with it, I'd much rather give everyone open access to any part of my computer that wasn't specifically private (personal email, etc.) or reserved for something else (say, 2G of disk space that look free, but that I need for the BeOS installation I'm planning). In the absence of misuse (like spamming), an internet of open systems could be used far more efficiently than an internet of closed systems.
On the other hand, you're talking about what's right given the conditions of the real world. This is also a useful thing to consider--indeed, as the original poster seemed to acknowledge (remember, he does lock his house each morning), this is what should guide how we actually behave. When people act as though they're living in an ideal situation, they usually end up hurting themselves and others.
The reason that it's still useful to think about an ideal situation--always remembering that we live in the real world--is that it gives us an absolute standard for how good things could get. If we aren't reaching that standard, we can keep looking for ways to improve the situation.
Just to make things (a tiny bit) more concrete, consider the example of the Prisoner's Dilemma. Ideally, the best strategy should be 'trust always'--if everyone can be trusted to follow this strategy, the total score in the game will be as high as it possibly can[1]. In a random population of different strategies, though, 'trust always' fails miserably. 'Tit for tat' does quite well--probably better than any other general strategy--but still doesn't quite live up to the ideal. The reason to keep the ideal in mind is that it reminds us to keep trying to refine the 'tit for tat' strategy, even though it does better than everything else around, until it can do as well as the ideal of 'universal trust everyone'.[2]
[1] Assuming I'm remembering the scoring correctly. If one player cooperates and the other defects, the sum of their scores is less than it would be if they both cooperated, right?
[2] Such improvements are possible--just not through a change in general strategy. One solution would be to ensure that 'tit for tat' is as widespread in the population as possible. Another would be to change your strategy based on the previous performance of your opponent.
P.S. I've just been reading Dawkins's The Selfish Gene, and I think it's colored how I talk about the Prisoner's Dilemma--anyway, I don't think this talk of 'populations' is natural to game theory. But I hope my point is clear enough, anyway.
--Moss
--Moss
This is a
Now there are two of them.
There are two _____.
I think in this case the maintainer of the open relay server should also be punished. it would be an interesting precident.
In the case where a kid takes a gun from someone, and then uses the gun to kill someone, the person that let the kid get the gun also in the past has faced some charges.
I think it applies here also---the people that maintained this spam sending facility should be at least fined for allowing it to get into the wrong hands.
More precisely, you can only mailbox packages up to 16 ounces, or 454 grams for you non-Yankees; if you've got a heavier package than that, you have to either go to a US Postal Service window or use a competing package carrier like Fedex or DHL.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
No figures yet, just anecdotes. Take Sam Khuri, toner hawker extraordinaire, for instance - it's taken the direct threat of prison time, by a judge, to slow him down.
A lot of spammers are actually judgement proof, so while you can try to impose cash penalties as much as you like, they can rarely be made to pay.
The major notable case of a cash penalty stopping somebody is Sanford Wallace (Cyber Promotions), although he also came to see the error of his ways, so the degree to which the penalty had an effect is unknown.
He didn't sneak into Verizon by any chance die he?
That seems just a bit harsh in this case, but, still, the judge needs to send a 'message' as it were. I think something like community service or reparations to IBM are in order. Or, maybe, he can be asked to mail an apology email to everyone he spammed. No, wait, that'd be spam, too! Dammit, he did a Bad Deed(TM), but I don't think he needs to get sent to jail for it, at least not for 7 years. Maybe 6 months jail time and 5000 hrs. community service teaching lusers to use AOL would be torturous enough to teach him a 'lesson' and would certainly send a 'message' to all other would-be server hijackers.
-- Count Spatula: The Culinary Vampire "...because my cooking sucks."
He clogs the email servers of the " Market Vision graphics studio company" thats one ibm.net (IBM's ISP). He does this from home. Which means he has at best a DSL or Cable modem connection. How does he actually clong their servers, since most likely they have a faster internet connection? This is a serious question. If some guy at home can clog a professioonaly maintained server by bounching email from them, either he is using means outside of his home computer or the admins maintaining the server are totally inept.
Burn Hollywood Burn
Thats a REALLY bad analogy.
More accurate would be, I left my gun in my house. You then went into my unlocked house grabbed my gun, and went and shot someone.
I am guilty of negilgence ONLY if you *should* have had access to my house.
However, you clearly werent meant to be in my house, I never gave you permission to be in my house, I simply forgot to look the door.
THAT is how the law works, no matter how unfair you may think that is.
GPL'd web-based tradewars themed space game
Maybe I am offtopic but...
No one likes spammers, and truly I think if convicted they should really lose their internet privileges, but PRISON?
This is evidence of a judicial system that is more about revenge than correction.
PRISON is for keeping violent people from hurting the rest of society. PRISON is for people who must be physically restrained. In the US, we send more non-violent offenders to prison than most other countries. Should you go to jail if you are caught speeding on the highway? How about jay-walking? Why do we send SOME non-violent criminals to prison and not others?
I killed someone and didnt even get that much time... (with GB)
I dunno, seven years sounds a bit steep, but even if he doesn't serve the full term, the whole thing just might send a message to the current and would-be spammers out there to quit the shit. As to high-jacking the mail server, I wish the article had a bit more info on that......On a side but somwwhat related note re. high-jacking a mail server:
We runa turnkey firewall setup - the vendor has full control of the routers and the fw box. This has its upside and downside, and I remember a real downside. We were switching vendors, so the current guys pretty much left the fw box alone. Well, about a day or two before the new vendor was going to install its stuff I notice the fw box just freaking out - thrashing and the activity light like an epileptic fit. Seems that the sendmail version on the firewall was not updated ('cause we were changing vendors, so it was like "Fuck off, we don't do support for you anymore!") and some asshole grabbed the thing and was using it as a relay. I had no options but to holler for the vendor's tech support folks. Bad thing was that we were w/o email for days 'cause as soon as email would be turned on, the spammer was back w/ a vengence.
Moral of the story? Run your email boxen behind a solid firewall and, as one poster has mentioned, turn off relaying.
"shop smart:shop s-mart" ash
A better analogy for "ethical" hacking would be a person exploiting a flaw in my home alarm system and breaking into my house. This person entering my house may make claims to me that this was merely ethical breaking and entering (or ethical home invasion?) and that he was merely pointing out flaws in my home alarm system. He can keep claiming that this was "ethical" behavior right up to the point where I put him down with my 9mm home protection device, or until the cops haul him away.
Of course then everybody will be whining when this guy gets some prison time (probably more than seven years) because really very little damage was done when he broke into my home and he was merely "helping" me to see the flaws in my home security system. But hopefully, the effect would be that those practicing the arts of "ethical" breaking and entering will think twice before they decide to do it again.
I guess you're entitled to your opinion, but this kind of attitude strikes me as incredibly insensitive. It's tough to get good at computer security, and new exploits are discovered all the time. It's easy to forget to close a window. One should always take whatever steps possible to protect oneself, but that doesn't make the criminal any less evil for taking advantage of someone who did an imperfect job of it.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
In my ideal world, you'd be allowed to accept banishment from your country to any country in which what you had done was not against the law. I think it would have the effect of doing away with a lot of ridiculous victimless "crimes." I'm sure places like Columbia would think "America already knows we make drugs, why not officially acknowledge it and get a bunch of wealthy educated coke-addicts to come to our country as an alternative to serving jail time?" Hell, as it is, I bet Amsterdam makes a fucking fortune in tourist money simply off of people who like the idea of smoking pot legally for a week or so.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
>Just because you hate spammers doesn't mean that >they deserve to lose thier freedom. It is the >same argument that just because you hate blacks, >homosexuals, jews or whatever... Wrong. Waaaaay wrong. Hating someone because of who they are or their skin color or what they believe is indefensible. Hating someone because of the things they do however is not. Spam is evil and cannot be defended. So are those who make a living from it.
"So on one hand, honey is an amazingly sophisticated and efficient food source. On the other hand it's bee backwash."
If only that could happen to all spammers...
Aidrocsid Liah Lla! Sire Liah!
Freedom for all doesn't mean freedom to hijack computer servers and generally do whatever you want no matter who it screws. No mention from you of the problems caused to the admins that had to deal with locking the server down. You say nothing of efforts (=$$$) that could have been spent on other projects being spent on dealing with this guy. That's all OK, isn't it? Screw the spammers.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
--
A feeling of having made the same mistake before: Deja Foobar
We will never get rid of spammers. We will never get rid of telemarketers.
Why not? The world of email and telephones existed without them for many years (hint: Sendmail is over 25 years old, spam is a very recent phenomenon)
These are two things that just harrass people.. if it were criminalized, then only criminals would do it.. (just like only criminals steal... by definition)
I don't put locks on my doors because I think it's OK for people to steal from others.. I put them on because I dont think it's OK - that there is a small amount of people who would steal from me (even though most won't)... it's not unreasonable to do this...
Now ask me if it's unreasonable to have to walk around packing sawed-off shotguns, wearing kevlar battlgear, and drive an armored car., because theft is so common that "if you're not armored, it's your own fault that those muggers killed you"..
You live in the world where you have to armor yourself - I don't..
Hi! This is the Sig, blatantly attached to the end of this comment.
"Manslaughter" is un-premeditated killing of someone else.
Sorry, wrong definition..
"Premeditated" means that you meant to kill them, and planed it out beforehand... That's first degree
"Un-premeditated" (if there is such a thing) would therefore mean that you meant to kill them, but didn't plan it out beforehand.
Manslaugther means that you didn't mean to kill them, but it's still your fault because you were neglegent.
"Think about addiction,
wonder if I'm a junkie now,
SPAM! in my lunch box at work!
Think about what it's been made from
wonder if it's mystery meat?"
Wierd "Al" Rocks!
Fawking Trolls!
"Going to war without France is like going deer hunting without your accordion." - Jed Babbin
Send him to Texas and give him the chair!
Seriously, isn't what the Spammer did much worse than what Metnick did? That guy is really being screwed, so this guy shouldn't allowed near a computer for the rest of his life.
I just don't know about that mass forgery charge. It sounds like it's close to what he did, but without formal "hack" laws, it's still questionable.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
Here's a FAQ on the subject by a company that has the misfortune to make a product with the same name.
So an SEC investigation of the VA Systems IPO isn't News For Nerds? ;-)
According to the article, the charge pleaded to was second-degree forgery (for forging the return address to be ibm.net). Is there more information elsewhere that indicates the spammer also pleaded to charges relating to unauthorised relay?
in jail, but hey, lets sentence a spammer to over half that because fuck it, I hate spammers. Folks our criminal justice system is seriously fucked up when I can go out and shoot someone dead, and get out of jail after 6 years for 2nd degree murder, but if I get busted on a federal charges with no loss of life or personal injury I'm looking at 20 years.
Actually, for the few remaining spammers (especially Sam i-eat-toner Kuhri), I think that we need to decide as a society that what they are doing is sociopathic behavior. Let's lock them in mental institutions, where they obviously belong if they believe that anybody wants anything from them.
Remove all digits to email me.
Why does everyone get so damn pissed off at spam?
Because I don't pay for my email box so that someone can send me endless pyriamid scams or port offers. I pay for my email box to communicate with others, NOT to be a target for con men.
Because all spammers are con artists*, using a new medium where there are very little rules, and they can falsely cry "First Amendment" anytime someone tries to block them.
*Yes, they ALL are - if they weren't why do they try to hide their identity, or rape someone else's mail server? If they were on the up-and-up, they'd give us all their real email addresses, and use their ISP's mailservers in accordance with the ISP's AUP.
Spam in my email doesn't bother me. It takes me (seriously) 1 or 2 seconds to sort the "real" email from the junk. I think a lot of people use email (and the internet in general) for inane, useless purposes. Think about it: you feel angered when unsolicited advertisements desecrate your $1000 monitor (that was bought to increase your "productivity"). You spent all this money, yet there was no magical time saving effect; your problems didn't evaporate when you doubled your ram and installed win2k. I think people rage against spam because it's a mockery of what our great technology is used for: $, porn, and useless chatter -- we are feeling the SPAM!
Hell, it'd be nice to see people serve 7 years for murder
For spamming it'd be more appropriate to give them a large fine and temporarily ban them from any computer career (a la Mitnik).
Let's see, theft of services (relay hijacking), theft of identity (ibm.net), theft of services again (recipients pay to receive spam).
What do your local laws say is an adequate punishment for repeated theft?
Use Evolution instead of Outlook? Bewa
Imagine if the telephone solicitor called you collect. They would clearly deserve serious jail time.
For some limited discussion of this fundamental point see the email blocking policy of Cranfield University
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
I do believe they were disbarred, so it wouldn't be advisable.
See, that's what spam can do to you... get disbarred, go to jail, go directly to jail...
I had a friend who spent a month in jail, not sure where. It wasn't some minimum security place, he was there with murderers and such. That prison wasn't terribly violent, and he never heard of anyone getting raped while he was there. On the other hand, some places there are rapes and fights constantly.
What a sick society we are where we throw almost 1 out of every 100 of us in a cell and just turn a blind eye to the attrocities committed there.(in the US that is).
Sticking feathers up your butt does not make you a chicken - Tyler Durden
Granted, what he done was bad. (he plead guilty)
Forgery is a stretch - if he'd made it look like official communication (IBM endorses this get - Super-rich - kwik solution), it would be forgery, but my impression of the article is that, once the user read the email it was obvious that the communication didn't come from IBM.
Personally I rage against it because it takes me a lot longer than 1 or 2 seconds to download up to 50 items of junk mail often with pictures attached, and to separate those items from the approximately equivalent number of legitimate items of mail (especially when they tend to have misleading subject lines).
A more realistic estimate of how long it would take me to just download and delete them would be 15-20 minutes a day. That's 2-3 man-weeks a year stolen from me, nothing to do with desecrating my monitor. Multiply me by a few million others and maybe, just maybe, spammers are costing the world more than the y2k fiasco did.
Custom Rules For SpamAssassin
I don't like spam at all. I get about 5 - 10 spams per day. Seven years in jail would be too harsh.
I'd be interested to know what the law reguarding spam is. For example, is it legal to spam as long as you make it clear to the recipients how to remove themselves from the spammers list? I know most of the spam I keep getting does not, in fact if you try to remove yourself I just get even more spam. That should be illegal for sure.
"There are no cool guys in musicals." -- Coach McGuirk
sorry for seeming the firebrand, but the only reason that this case went to court at all is due to the judicial realization of corporate interests in the internet. it's about money, folks -- now that god knows how much of our national economy is tied up in these flighty internet fancies, we're seeing more and more legistlation/court precedents emerging -- many of which only superficially protect users, and more often then not, protect the newly empowered. would they prosecute this sort of thing for mister (even doctor) joe q. user? doubtful.
course i am speaking without reading the damn article, so whatever, mr. I.P.-Ho.
fishfucekr.
If they call during lunch/dinner just say "Hold on while I get a pen."
:).
Then finish your lunch/dinner or whatever. Then come back with a pen - you've got to get their name if they actually hold on for that long
This increases their costs since it takes them longer to go through their list of numbers.
Cheerio,
Link.
I made the unfortunate mistake of doing one of those "Submit your site to 100 search engines" (SITE-SEE.COM), which was just a front for selling email addresses to thousands of spammers. Luckily, I tagged my email as sitesee@... so I now know when a spam is coming in and auto-delete it. But from this one service alone (WHICH I PAID FOR), I am getting 50-80 SPAMS a day. Jennifer.
I think we really ought to straighten our priorities--you might get murdered by somebody released too early, but you won't get spammed cause we locked away all the spammers.
Bah.
"[T]he single essential element on which all discoveries will be dependent is human freedom." -- Barry Goldwater
what do you suppose he'd ask for in the way of a last meal?
--
Freeper Logic
Comment removed based on user account deletion
Funny thing is, I get so much spam from Russia and China these days that I figure abuse@blah.ru is just a spambot waiting for me to report them.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
--
A feeling of having made the same mistake before: Deja Foobar