Slashdot Mirror

← Back to Stories (view on slashdot.org)

Prosecuting A Spam Artist

Posted by timothy on from the please-gag-spammers-before-tossing-to-pigs dept.

ronmon writes: "DSLReports has discovered evidence of a creative Spammer / Data Miner who has managed to glean email addresses from their member's information pages. Apparently someone has gotten around to writing a script that decodes obfuscated addresses like imasobATspam_centralDOTcom, which was only a matter of time. Server logs show well over half a million requests from several IPs in a specific block and they have been advised that they are in a good postion to prosecute. They're asking for legal help, so any of you good hearted lawyers out there looking to boost your karma, here's your chance :)"

35 comments

  1. Post this to the front page... by Anonymous Coward · · Score: 0

    ...and you might get some actual responses.

    Seriously. What's the criteria for something making the front page of Slashdot? I think this question deserves to be up there, especially because it means that Slashcode is going to have to be changed, or that slashdot is going to consider free email forwarding/bouncing for certain people.

    1. Re:Post this to the front page... by Anonymous Coward · · Score: 0
      What's the criteria for something making the front page of Slashdot?
      /dev/random...?
  2. A suggested solution by Second_Derivative · · Score: 2, Interesting

    I'm of the opinion that there's only really one proper way to do this: an image generator. The site should keep a database of emails, together with a random ID. Then, whenever an email needs to be displayed on a page, you insert an image tag that looks like, say /> or whatever. This script looks up the email address in its database, then draws it. It then applies some noise and distorts it so that the email is more or less readable, but you'll have a hell of a job trying to automatically read these emails. Dunno, anyone think this will work?

    1. Re:A suggested solution by TheGratefulNet · · Score: 2
      yes, I believe it would work.

      I have a .gif on my website that is readable by humans but doubtful its easily readable by auto-spammers.

      --

      --
      "It is now safe to switch off your computer."
    2. Re:A suggested solution by Cow4263 · · Score: 1

      In theory, it will work. However, it will probably wreak havoc apon the design of your page (probably, however your results may vary). An alternate idea that I was thinking is to use the actual character entities for the email (i.e. cow4263yahoocom), although I have to admit, my knowledge on auto-spammers is somewhat limited seeing as how I don't use them. Another anti-spam method is described on this previous /. article. But, we are slowly getting offtopic, so I'll degress

    3. Re:A suggested solution by mosch · · Score: 3, Insightful
      That's a great way to make your site less accessible to people with disabilities. You've succesfully made it so people with visual disabilities cannot get your email address.

      Your solution breaks the web even more than it's already broken, as a blind person, I find your idea contemptable.

    4. Re:A suggested solution by Anonymous Coward · · Score: 0
      Even people without disabilities, who use text-based browsers, will have trouble accessing the site. To fix this, instead of an image, a link could be used. This would link to a dynamically generated page that displays the users email address as text. Users shouldn't be able to request an address more than once per minute, 20 times per day, etc., and the script could alert the admin if someone requests a lot of pages.

      Another solution is to have a "reply through email" link beside each comment, that shows a form with a text box. Registered users (with verified email addresses) could send email messages to a user with this form, without ever seeing their addresses. But users should still have the option to show their address to others.

    5. Re:A suggested solution by Anonymous Coward · · Score: 0

      If you really wanted someone's email that is "encrypted" this way, I can't believe it would be that difficult for you to find someone with the gift of sight to "decrypt" it for you.

      I am not sure what options blind people have when it comes to viewing the web, however I remember a few years ago reading an article on a process that turned paintings into a type of braile -- using a different pattern of bumps to convey different colors. Since the resulting images from this encryption would most likely result in a very high contrasted image (black on white) this process would be ideal. Ofcourse I realize most blind people aren't going to know what an alphanumeric character looks like to be able to feel out its shape. But I would think it would be pretty easy to learn, especially if you had a braile to image conversion chart handy that you could feel your way along.

    6. Re:A suggested solution by TheGratefulNet · · Score: 2
      You've succesfully made it so people with visual disabilities cannot get your email address.


      no, I've made it difficult for most people to reach me. I'm a curmudgeon, I don't like email from strangers.

      but if you must reach me, there's a cgi form that is very simple and even lynx friendly, that you can fill out and I'll get your info and be able to email you.

      if you bothered to even click on that gif, you'd have been taken to such a cgi form. and if its lynx-friendly, it will work for everyone.

      --

      --
      "It is now safe to switch off your computer."
    7. Re:A suggested solution by Anonymous Coward · · Score: 0
      Your solution breaks the web even more than it's already broken, as a blind person, I find your idea contemptable.

      Oh, fuck off. Do we really need to reduce the web to the least common denominator?

      I find your notion that we should all slow down and wait for you to play catch-up contemptable.

    8. Re:A suggested solution by mosch · · Score: 2
      There's no need to be testy and defensive, just because you're wrong.

      Your site may have linked to a form that is able to be filled out by a person with visual disabilities, however you did not suggest this in your post. You merely suggested obfuscating all addresses in images, thus making it a little harder for me to use the web.

      For those of you who are complaining that this brings the web down to the least common denominator, you're missing another important point. Pages that work well for people with disabilities work well for people using alternate browsers, such as those that you might want to use someday on your PDA, or cell phone, or car radio.

      Everybody, please validate your pages with Bobby.

    9. Re:A suggested solution by SEWilco · · Score: 1

      You're trying to use technology to fight technology. It's easy to make scripts which untangle many of the existing text obfuscations. If enough people obfuscate with graphic images of text, OCR technology will be used to read the images.

    10. Re:A suggested solution by Anonymous Coward · · Score: 0

      Oh fuck off. Do we really need to reduce the web
      to the least common detrollinator?
      I find your notion that we should all listen
      to trolls like you contemptible.

    11. Re:A suggested solution by Anonymous Coward · · Score: 0

      >>There's no need to be testy and defensive, just because you're wrong.

      I think that statement applies to you as well. If he wants to make it purposefully difficult for anyone to email him, then why should it matter if J. Random Websurfer is blind or not?

    12. Re:A suggested solution by Anonymous Coward · · Score: 0

      "I am not sure what options blind people have when it comes to viewing the web"

      They can get their computers to read it to them. That's what most blind people do.

  3. You know, I don't think spam is all bad. by Anton+Anatopopov · · Score: 0, Troll
    Sometimes, you get something through the snail mail that actually interests you. Occasionally those carefully targetted advertizing campaigns actually hit the mark.

    Now I am not trying to apologize for irresponsible spammers, but you have to admit, some spam is actually interesting. I am talking about the mailings from corporations whose product you have bought in the past, and who you might be interested in dealing with again.

    So before jumping on the spam==bad bandwagon, stop for a minute and think. Is it really bad ? Or are you just being a bit of a whiner...

    1. Re:You know, I don't think spam is all bad. by Snowfox · · Score: 2
      Sometimes, you get something through the snail mail that actually interests you. Occasionally those carefully targetted advertizing campaigns actually hit the mark.

      Now I am not trying to apologize for irresponsible spammers, but you have to admit, some spam is actually interesting. I am talking about the mailings from corporations whose product you have bought in the past, and who you might be interested in dealing with again.

      I actively avoid supporting marketers who annoy me, and I urge you to do the same. If a company is advertising in a magazine I like, in a banner ad on a web page I like, or on a TV show I like, they're starting out with an even trade. A little support for my interests in exchange for a little bit of my attention.

      If they spam, throw junk mail at me, pop up annoying windows all over my desktop, stick business cards or flyers on my windshield or otherwise inconvenience me, I ensure that I never ever support them. I've stopped dealing with companies I previously liked because they started engaging in these practices.

      Spamming is essentially stealing. I don't know why the hell I'd want to support someone whose first action was to take from me without giving anything in return.

    2. Re:You know, I don't think spam is all bad. by The+G · · Score: 1

      Of course, this will only have an effect if a large number of people act in a relatively concerted way. I have frequently thought that there ought to be some sort of centralized database-based "blacklist" of which companies use various irresponsible marketing techniques.

      Of course, I sure don't have the time to build such a list, or the money to withstand the lawsuits it would spawn.
      --G

    3. Re:You know, I don't think spam is all bad. by Snowfox · · Score: 2
      Of course, this will only have an effect if a large number of people act in a relatively concerted way. I have frequently thought that there ought to be some sort of centralized database-based "blacklist" of which companies use various irresponsible marketing techniques.

      It's already had an effect. The kinds of places that spam are the kinds of places that don't give a fuck about anything but growing the business. By avoiding spammers, I'm increasing the probability that I'm dealing with a company that has some measure of a concern about the consumer.

      The rest will sort itself out. The worse spam gets, the more likely it is to get legislated into a black hole, or the more likely it is that enough ISPs will start deploying cooperative spam circumvention devices to make it effective.

      It'll get there, through law or common sense. In this day and age, the problem just has to become expensive to big business first.

    4. Re:You know, I don't think spam is all bad. by DreamerFi · · Score: 2

      I do the same, with twist. I actively tell them I stop doing business with them. It tends to surprise the fuck out of them that somebody actually is not only not interested in their "great business opportunity" but enough so to avoid them. If one person does that, they usually think "lunatic" and just go on. If several people tell them, they either get a clue, or are out of business a few years later...
      -John

    5. Re:You know, I don't think spam is all bad. by BobMarley · · Score: 2, Interesting

      I've resisted the urge to follow the link in a spam if the link looks like it might be interesting.

      The definition of "spam", at least in my book, is "Unsolicited Commercial Email".. for the most part, anyway. There's non-commercial spam too. The whole concept being that it's UNSOLICITED. I get tons of mailings (electronic and dead-tree versions) from organizations whose products I have purchased. I don't consider this spam, because by purchasing their product, I have elected to become part of their "previous customer" list. If I have a choice, however, I ALWAYS elect not to have my contact information sent to any outside parties, and I won't knowingly do business with any organizations who do this without my knowledge.

      cheers
      BM

    6. Re:You know, I don't think spam is all bad. by Mysticalfruit · · Score: 1

      That's what has happened with all of those who maintained MBL lists. They got sued until they ran out of money, lost or won. If they won, the suer would then just go after their ISP to get them cut off.

      Thats why most sites just maintain our own block lists and/or do content blocking (aka, all mail with the word "brest" gets deferred)

      --
      Yes Francis, the world has gone crazy.
    7. Re:You know, I don't think spam is all bad. by Anonymous Coward · · Score: 1, Insightful
      Sometimes, you get something through the snail mail that actually interests you. Occasionally those carefully targetted advertizing campaigns actually hit the mark.

      No, I don't, and no, they NEVER hit the mark where I am concerned. In fact, I proactively boycott companies that violate my privacy to send me advertising, and I proactively do what I can to do monetary damage to them. If a company buys or sells or harvests information about me for the purposes of sending me unwanted, unsolicited advertising, I will make them pay for it.

      Now I am not trying to apologize for irresponsible spammers, but you have to admit, some spam is actually interesting. I am talking about the mailings from corporations whose product you have bought in the past, and who you might be interested in dealing with again.

      You are dead wrong. When I buy from a corporation, I explicitely tell them not to attempt to advertise to me in the future. I do NOT want to hear from them. If I have any interest in purchasing anything from them in the future, I will do so of my own volition. If they attempt to pressure me to purchase from them my making any attempt to send targetted advertising to me, they win an instant enemy, and virtually guarantee that neither I, nor anyone that looks to me for product recommendations will purchase from them again.

      So before jumping on the spam==bad bandwagon, stop for a minute and think. Is it really bad ? Or are you just being a bit of a whiner...

      You are absolutely right about stopping and thinking. Let's stop for a minute and think:

      • Unsolicited bulk email shifts the costs of advertising from the advertiser to the recipient. The recipient or the recipient's ISP has to pay to receive the unsolicited, unwanted garbage email.
      • Unsolicited bulk email is almost always theft of service. The operators of the mail relays that are hijacked to send the junk almost never give their permission to have their equipment and bandwidth resources stolen. So, spammers are resource thieves.
      • The bandwidth and admin costs of dealing with unsolicited unwanted junk email are high, jacking up the costs of Internet service for people everywhere.
      • Unsolicited bulk email can deluge an email account to the point where it's useless. My email account at my DSL provider is unusable because it gets a fifty to one ratio of spam to legitimate email. I had to filter everything except emails originating from the ISP itself. Fortunately, I run my own sendmail server and can generate as many email addresses as I need. Spammers poke at it and probe it attempting to hijack it as a spam relay several times a day.
      So, after thinking about it, I can conclusively say that yes, spam is bad. Spammers should be prosecuted. Personally, I'd like to see criminal charges be applicable.

      Cheers!

    8. Re:You know, I don't think spam is all bad. by roybadami · · Score: 1
      If a company is advertising [...] in a banner ad on a web page I like [...] they're starting out with an even trade. A little support for my interests in exchange for a little bit of my attention.
      Well said. And shame on those who favour software that blocks banner ads, and expect their favourite web sites to provide them a service without any revenue
    9. Re:You know, I don't think spam is all bad. by Snowfox · · Score: 2
      If a company is advertising [...] in a banner ad on a web page I like [...] they're starting out with an even trade. A little support for my interests in exchange for a little bit of my attention.
      Well said. And shame on those who favour software that blocks banner ads, and expect their favourite web sites to provide them a service without any revenue

      I'll meet you half way. I still block out banner ads from companies that request cookies with the ad. Unfortunately, that's most of them these days. I'll allow unobtrusive ads supporting a site I like, except when they engage in secretive tracking of my browsing behaviors.

      An advertiser keeping tabs on me without first asking me if that's okay steps way over the line of trust.

  4. Looking at some of the IPs involved by DragonPup · · Score: 1

    It's interesting to try ro decipher some info from the IP addressed that mass scanned DSL Reports. For exmaple:
    216.249.93.15 = hsa015.pool022.at101.earthlink.net HSA possibly means High Speed Access, since Earthlink is doing some cable modem stuff now. The pool doesn't give any relavent info. at101 could mean Atlanta, though

    The other IP address also go in the form of hsaXXX.poolXXX.at101.earthlink.net, so it definatly looks like it was the same guy

    I hope DSL Reports sues the spam off this guy, this type of datamining is just low.

    -Henry

    --
    "Useless organic meatbag" -HK-47
  5. Insightful, Relevant, etc by Anonymous Coward · · Score: 0

    read the damn post

  6. if they are going to pay for my time, fine... by Anonymous Coward · · Score: 0

    but as of right now, I'm not getting paid for all the time I spent deleting the fuckers, let alone having the time to read them. I pay to download them, I didn't ask for them, and if I catch any of these bastards, believe me there will be intense physical pain, with some injuries they can pay to have fixed, and that take time to heal

  7. They Should just beat him with his DSL modem by Mysticalfruit · · Score: 1

    My mail servers are always bogged down with SPAM. I really think it should be a beatable offense. Possibley we could clone that sex offender law for spammers. If convicted you'd have to register with the local police.

    --
    Yes Francis, the world has gone crazy.
  8. I'm guessing LA area... by Dr.Dubious+DDQ · · Score: 2
    Doing a tcptraceroute from here, the last few entries are:

    18 EarthlinkLA-gw.customer.ALTER.NET (157.130.224.86) 107.363 ms 107.592 ms 106.501 ms
    19 f5-0-0-cr02-pas.neteng.itd.earthlink.net (207.217.1.44) 106.004 ms 107.202 ms 106.447 ms
    20 207.217.2.27 (207.217.2.27) 107.577 ms 109.698 ms 111.014 ms
    21 216.249.64.35 (216.249.64.35) 107.946 ms 108.521 ms 106.762 ms
    22 hsa015.pool022.at101.earthlink.net (216.249.93.15) [closed] 124.726 ms 123.248 ms 129.078 ms

    Pasadena area, maybe?

    --
    Hacker Public Radio is our Friend
  9. Cause and Effect. by Martin+Spamer · · Score: 2

    >That's a great way to make your site less accessible to people with disabilities.

    Blame the Cause not the Effect.

    1. Re:Cause and Effect. by Anonymous Coward · · Score: 0

      The cause is that the webmaster hadn't realized how blind people surf (usually by having the computer read out loud). The effect is that blind people can't reach her.

    2. Re:Cause and Effect. by Anonymous Coward · · Score: 0
      the cause is the fact that the webmaster is a fucking retard who follows the design school of thought wherein it's acceptable to say 'best viewed on my computer, on my desk'.

      this doesn't just affect visually impaired folk, this also affects people who use graphical browsers at ultra-high resolution or ultra-low resolution, and anybody who uses a non-graphical browsers at all.

  10. we should all fight spam by 4444444 · · Score: 2, Interesting

    if everyone would do what ever they could to fight spam we could really make some progress against spammers
    you could use spamcop.net or read some of these ideas

    --

    http://Lenny.com
    4 great justice!
  11. Re:we should all fight spam (fixed link) by 4444444 · · Score: 2, Informative

    spam fighting ideas

    --

    http://Lenny.com
    4 great justice!