Posted by
CmdrTaco
on from the i've-seen-this-before dept.
Zendar writes "idg has an article about how students at the 151-year-old Tufts University were paid as little as $20/month to relay spam from computers in their dorms. Interestingly enough, the students approached the spammers about this scheme and not vice-versa."
It seems that being medical test subjects would be less likely to get them killed.
Maybe we should re-introduce paddling.
--
I'll see your senator, and I'll raise you two judges.
Crappy Student Jobs
by
ifreakshow
·
· Score: 5, Funny
What happened to the good old days when college students sold blood, sperm or surfed the web to earn beer money!
Re:Crappy Student Jobs
by
Pxtl
·
· Score: 4, Insightful
Or got jobs as telemarketers (hell, most universities even run extensive official telemarketing systems to harass alumni for donations). If you're willing to telemarket, I don't see why you wouldn't be willing to spam. Sure its less money, but its also less work.
Re:Crappy Student Jobs
by
skwirl42
·
· Score: 3, Funny
And I thought my job working for Vector Marketing, selling Cutco knives was unethical (network marketing... ugh)
Re:Crappy Student Jobs
by
Hott+of+the+World
·
· Score: 2, Interesting
yeah, I cant donate or sell my blood!
I think they banned anyone living in the UK from 1980 onward from donating blood
and some HTML http://news.bbc.co.uk/1/hi/health/423344.stm
-- | - | - |
Re:Crappy Student Jobs
by
CharterTerminal
·
· Score: 2, Interesting
Haha! I did that. Twice. First was a year-long stint in Portland, OR for a company that did political stumping thinly disguised as a survey. (My favorite question, still etched in my mind ten years later: "Would you be more likely or less likely to vote in favor of triple trailer trucks if you knew they were three times more likely to roll over and separate?" Three times more likely than WHAT, I always wondered.)
Second was a two-week stint setting appointments for a vacuum cleaner salesman to come over to your house and throw stuff on your carpet, then vacuum it up while gesticulating wildly and loudly declaiming the many virtues of THIS vacuum over the OTHER vacuum you already own.
I sat down in a folding metal chair, my supervisor dropped a copy of the phone book on the card table in front of me, handed me a script, and told me to get to it. I was pretty much the worst appointment-setter EVER. After two weeks I picked up my check and walked out, never to be seen again.
I'm not proud of having been one of those people who pestered people at dinner. But then again, "being one of those people who pestered you at dinner" ranks pretty low on my list of things to be ashamed of.
I can think of better uses for them
by
petronivs
·
· Score: 5, Funny
I thought college students made all the coin they could ever need with those webcams.
-- This is the real signature
(Beats those shadows on the cave wall, don't it?)
Re:I can think of better uses for them
by
scott1853
·
· Score: 4, Funny
I heard they got some VC money a couple years back, but for some reason their website never took off.
Hey, they have bandwidth...
by
Anonymous Coward
·
· Score: 2, Insightful
And time to waste... and fewer inhibitions (amazing how college does that!)... so it's pretty easy to understand and believe. Oh well, most schools would yank your access for the rest of your time there. Not really worth $20/mo to me.
It's cheap, yes, but $20 is about 20 boxes of Mac & Cheese. For some students, this could probably feed them for 3/4 of the month.
Realistically though, profit depends on volume. Some few people probably masterminded the idea, and are taking part-profits somehow. If they skimmed $5 from 20 students with relays - that's $100/month. Still not a lot, but cheap for no work.
You must have failed College Math 101. Dollar amounts are to be clearly be represented in Ramen noodle packets. Therefore, $20 = 160 packets = 160/3 meals per day = 1.8 months of good eatin'.
Tracked using MAC address
by
monkey_tennis
·
· Score: 5, Interesting
Interesting that they tracked the individuals down using MAC addresses for computers in their dorms...
I've never heard of any other Uni having the foresight to record this and it seems like a valid piece of info to have to include in any registration document (as per cable modem setup)
Re:Tracked using MAC address
by
sirwired
·
· Score: 2, Insightful
No, they probably don't keep track of the MAC's students are using, but it is relatively trivial to ask a managed hub or switch which MAC's are one which port, ergo, which room the offender occupies.
Re:Tracked using MAC address
by
Pxtl
·
· Score: 2, Interesting
My university (U of Guelph) attempts to record the MAC adress, but their registration program that you must use when you first log on is buggy as hell and often easier to circumvent then to actually use. So I'm not sure how many MAC adresses they actually record.
Re:Tracked using MAC address
by
Frater+219
·
· Score: 5, Informative
Interesting that they tracked the individuals down using MAC addresses for computers in their dorms...
I've never heard of any other Uni having the foresight to record this and it seems like a valid piece of info to have to include in any registration document (as per cable modem setup)
You don't even need to copy it down at sign-up time... just take it out of the DHCP server logs, or the ARP tables on the building router, then look for the MAC address on a switch port in the hall switch. Provided you know your wiring -- and know what switch port goes to what dorm room -- you just narrowed your problem down to the spammer and his roommate.
(Why yes, I did used to be a sysadmin at a college with a bandwidth hogs problem.)
Re:Tracked using MAC address
by
JackAsh
·
· Score: 3, Informative
Actually, I was a student at Tufts at the time they implemented the student network. At the time, ACS (Acedemic Computing Services) did require students to register MAC addresses, and I think I recall them assigning static IPs via DHCP or BOOTP (This was back in 95, DHCP was not very popular yet). You could let the network take care of everything for you, or you could enter it manually if you knew what you were doing...
I really don't remember if they used managed hubs/switches, but I recall it was a fairly trivial exercise to figure out where people were in a dorm by counting the IPs assigned (they had some pattern).
-Jack Ash (Miguel if anyone else from Tufts is reading)
Re:Tracked using MAC address
by
garcia
·
· Score: 5, Informative
at BGSU they started doing registration for the DHCP server via MAC in 1999 or 2000. When you started up after connecting your computer to the ethernet jack you would get a registration page. You would enter your student ID and your email login/passwd. Your MAC was recorded and a hostname that included your email id was given along w/a static IP. If you logged on from another other port on campus it would show as a "roam" address but it still knew you were authenticated so it still knew your MAC.
If you wanted to register another computer you would either have to use someone else's student ID + login/passwd or call up the people for help.
A side note, they were less than familiar about doing it w/alternative OSs that did not automatically bring up the registration page. You either had to use Windows to do it or have them do it manually. I used Windows;)
Re:Tracked using MAC address
by
garcia
·
· Score: 5, Interesting
I was compromised at one point in time my freshman year and had a smurf attack originate from my machine. They were able to track it down in under 2 hours to my specific port. They shut me down immediately. I had to contact the head of IT directly for reinstatement.
Although it was pretty obvious who was using the most bandwith even w/a tool like iptraf.
Re:Tracked using MAC address
by
_xeno_
·
· Score: 2, Interesting
Or, if you were a sys-admin at the overly-anal college I go to, you would require the MAC address at signup time, which would then be tied to an individual port in an individual room. Using an unregistered MAC would cause the port to immediately deactivate. So once you have the MAC, you wouldn't just have the room - you'd have the individual student and could immediately deactivate just their port.
This is quite annoying to students who find out the "MAC tied to port" bit by accidently misplugging their computers into the wrong side-by-side ports after rearranging their desks. Fortunately, it was a triple, and my desk stayed where it was. Heheh.
-- You are in a maze of twisty little relative jumps, all alike.
Re:Tracked using MAC address
by
Usquebaugh
·
· Score: 4, Funny
Oh another name dropper eh.
A more subtle way is that the college you attend in Cambridge has already implemented this. The only problem with this approach is that all the alumni from Cambridge Universtiy think you're trying to associate yourself with their older and more established college.
Re:Tracked using MAC address
by
TheCarp
·
· Score: 2, Interesting
Youd like to think that wouldn't you.
Nope Tufts a nice database of Mac addresses and who owns them. Its really quite slick. You can't get a DHCP address without registering. Well you CAN but the only thing on all the net that you can get to is the registration server, because unregistereds end up on a private locked down net.
Its all pretty slick and I would like to say that Tufts is unique in it, however, about 7 years ago when I went to WPI they were quite swift about MACs themselves. I remember a fellow student bought a new NIC card and sold his old one...
about 10 mins after both people put their machines back on the net, they got emails from the network admins asking if it was a permanent change.
However your right, they wouldn't have needed such a slick setup to catch this, a simple managed switch (who still uses hubs?) could have done this.
-Steve
-- "I opened my eyes, and everything went dark again"
Re:Tracked using MAC address
by
soulsteal
·
· Score: 2, Funny
I was compromised at one point in time my freshman year and had a smurf attack originate from my machine.
An interesting look at one of the things students will lower themselves to do to pay for their $80 calculus book.
-- "I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
When I was in college...
by
billmaly
·
· Score: 2, Insightful
$20 a month was serious money. That's one week of clean laundry and GOOD pizza on Sunday night (and not the cheap stuff). Back then, $20 a month would have bought a lot of personal ethics. Can't say as I blame them.
Let see, a kid sets up a computer to steal on the college network. If the student hacked in the the dean's computer to get porn, it would be all over the news, the kid would be arrested.
The kid should be charged the same as the person who put the distributed decryption software, that was all over the news, and expelled.
They got bought cheap!
by
FunWithHeadlines
·
· Score: 4, Interesting
It sure doesn't take much to compromise a person's self-respect or integrity. $20/month in exchange for contributing to a problem that everyone hates, and knowing full well that everyone hates it? They sold out cheap.
It's sort of like the trend for journalist majors to wind up in PR jobs for corporations doing nasty things. The lure of extra money covers over any hesitation they might have in moving from a supposedly neutral position to one that shills for money.
But $20/month? Man, that's some cheap principles. How about we pay them $21/month to turn against the spammers?
---------
"Let me guess, you were the arsehole who had the porche parked in the school lot."
Bzzzt! Wrong, try again.
"Did you see the old beat up Ford Escort with a different color fender, no muffler, and a broken windshield?"
Ding! Ding! Ding! We've got a winner! That would have been me.
"The guy that owned the Escort (and I know him well) would have sold his self-respect for a tuna-freakin-fish sandwich. That guy had LESS than $20/mo for food, toiletries, and beer. You wouldn't survive a week in that guys shoes. $20/mo means another case of mac-n-cheese."
No excuse. You find other ways of making money rather than blatantly leeching off society and contributing to a problem that is despised. If you sell out for a price, regardless of circumstances, it means you sold out. Some people hold their integrity in high esteem and will find some other way to make the necessary money.
-------
Let me guess, you were the arsehole who had the porche parked in the school lot. Did you see the old beat up Ford Escort with a different color fender, no muffler, and a broken windshield? The guy that owned the Escort (and I know him well) would have sold his self-respect for a tuna-freakin-fish sandwich. That guy had LESS than $20/mo for food, toiletries, and beer. You wouldn't survive a week in that guys shoes. $20/mo means another case of mac-n-cheese.
Well, gee, that excuses everything! I see the light now! After that guy broke into my friend's apartment last year and stole all his electronics, I should've excused him too because he was jobless and living in government housing! After all, I "wouldn't have survived a week in that guy's shoes," now would I?
You know what I did in college when I needed money? I got a freaking job; that's what I did. I spent my days sitting at a desk in a computer lab checking student IDs for $5/hour. I didn't throw in with parasites to get by.
Those students did sell themselves cheap. They could've gotten a real job, but instead they decided to let the bottom-feeders of the Internet take advantage of university resources so that they could get a small token sum of money without having to do a damn thing. They whored themselves out probably because they were too damn lazy to actually try to hold down a part time job while in school. As someone who worked for my food, I have absolutely no sympathy for them. They should be kicked out of housing and maybe even expelled for abusing the university network at the expense of others.
-- If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
If you sell out for a price, regardless of circumstances, it means you sold out.
H.L. Mencken was at a high society function and speaking with one of the grande dames of society. After some initial witty small talk, he asked her "Madame, would you sleep with me for a million dollars?"
Much laughter later, she agreed.
"Madame, would you sleep with me for one dollar?"
The dame was grievously offended and asked Mencken what she thought she was--some whore?
"Madame, we've already established that you're a whore," he replied. "Now we're just dickering about your price."
Money for using the computer
by
Gortbusters.org
·
· Score: 4, Interesting
has always been a popular fad. Remember those programs you could install and you would get a 10th of a penny for every website you clicked and it had a banner-system (I believe)? Everyone thought they would make hundreds of dollars a month with that. I wish I could remember the name. People love getting money for doing their normal tasks, i.e. using the computer. If relaying spam could be done with little or no active participation by a computer user, who [average computer user] wouldn't turn down 20 bucks?
What does it matter...
by
mjpaci
·
· Score: 4, Interesting
What does it matter that Tufts is 151 years old? Would this be different if it were 310-year-old College of William and Mary in Virginia or 210-year-old Williams College in Williamstown, MA?
Dear Mr. Spammer, I wouldn't mind to relay your spam at all! In fact, I would do it with a full satisfaction of doing a valuable service to the community! Please, pretty please, pick (and pay) me to be your relay!
WBR / lastberserker
. . .
[...of course I won't detail on _where_ I would relay your spam, but what's the matter - noone would miss it anyways...]
-- My other Beowulf cluster is... er...
Students selling information
by
brejc8
·
· Score: 5, Interesting
I have been getting spam addressed to [my_unix_username]@[my_machinename].cs.man.ac.uk My machine passes the mail to me but I have no idea how the people got this address. The only way I can think of is if someone used finger @ on the machines in the department and then stuck the username with the machinename. As far as I am aware the finger@ is blocked to people outside the department so I am starting to suspect that some students are behind this. Especially as the spam is for local companies.
Re:Students selling information
by
pibakic
·
· Score: 2, Interesting
Same happened to me, my.cs.man.ac.uk started receiving spam during last semester. Struck me as very strange because my uni address doesn't get used anywhere (well, nowhere that I don't trust).
The irony of receiving "Get your diploma now..." spam on my university mail account...
-- "NEVER, EVER feed your computer beer" - some/.er
Re:Students selling information
by
igaborf
·
· Score: 3, Insightful
That's one possibility. Another is that someone just built a spam list by Googling the domain man.ac.uk:
http://www.google.com/search?q=cb%40cs.man.ac.uk
Moral: Put your email address ANYWHERE on the 'Net and you'll get spam.
Re:Students selling information
by
Erasmus+Darwin
·
· Score: 2, Informative
"I have been getting spam addressed to [my_unix_username]@[my_machinename].cs.man.ac.uk"
Do you have ident running? Could a website you connected to have used ident to get your username and then prepended it to the reverse lookup of your IP?
Thank Heavens for Diagrams!
by
greenhide
·
· Score: 5, Funny
I didn't understand the article at all. Then I saw the helpful graphic at the bottom of the article. It clearly showed just how the process worked! Without that picture, I would have been in the dark.
-- Karma: Chevy Kavalierma.
Follow the money?
by
mjh
·
· Score: 4, Interesting
The article mentions that they can't track the original spammers, that all the further that they can get is to the students computers. If they really want to track the spammers can't they track the money?
Which makes me wonder, how do the students get paid? Remaining anonymous is critical to spammers being able to continue doing their thing. How does a spammer actually pay someone w/out being trackable? I can't imagine that they send cash.
-- Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
Well , these students must be pretty dumb anyway to do this for a measly $20 with the risk of being banned permanently from the uni network (or even the uni itself) so maybe the spammers ask for bank details (get them because of the amazing credulity of Simon Student), deposit $20 and then sell those details on to some people in Nigeria who always seem to be desperate for somewhere to deposit $20,000,000:) Ahem.
Doesn't the IT Department at any college, university etc enforce their AUP? Doh! They don't have an AUP.....
Seriously, I would imagine that surely the IT Department has an AUP that would prevent this behavior along with appropriate actions for dealing with violators?
Spam is worth something
by
OECD
·
· Score: 3, Insightful
The interesting thing is that the spammers are now paying people to put out their spam. Now each outgoing spam costs something above the overhead costs. Sure, it's something really tiny ($20/??) but it's not zero. I wonder what the price point is that spammers are willing to pay? Would schemes that would charge spammers for their spam really be a deterent? How much would you have to charge?
-- One man's -1 Flamebait is another man's +5 Funny.
The School is very liberal..this isn't surprising
by
Migelikor1
·
· Score: 5, Informative
I'm a current student at tufts, and I'm not that surprised that there is some abuse of the system. The University is overall pretty laid back about student computing. The only things the sysadmins monitor for is virii that may cause systemwide problems (they send a person to your room with virus software if one's detected) and excessive bandwidth usage (over a gig per day for more than 3 days in month.)
While it is troubling to know that some of my fellow students abused the policy, it really isn't that hard. Though it pisses me off a little that they used University bandwidth for their little endeavor, the school has plenty, due to massive infrastructure installation in the late nineties. It hadn't caused any issues for the school (nobody I know has complained about a slowdown) so it's my opinion that the fact it's a university isn't a big deal. The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for. The real question is wether the school will add a clause to the acceptable use policy and start to monitor for spammers. Wouldn't be surprising.
-- My Karma is so good, I'm the Dalai Lama...or something.
Look! the 27th '20 Bucks?!? Outrageous!' Post
by
teamhasnoi
·
· Score: 2, Interesting
Everyone has said how 20 bucks isn't anything, but it's pure profit! I'm assuming these kids don't have to click 'Send' 1.6 million times, and they don't pay for bandwidth.
Another shining example of the 'me first' attitude that permeates society. (Especially in the US) -
Crap! It's free money, with no responsibillity attached, and poor college students would stand in line at the finger-smelling factory if they didn't have to work.
Re:Flashbacks
by
dubiousmike
·
· Score: 2, Informative
you and EVERY SINGLE OTHER PERSON I have ever spoken to that either sold them or made it through thte first day of "oreintation".
Though one could make a little money on it, it still smacked of a scam. What salesperson in their right mond would pay $500 to get started to sell anything door to door AND have to generate you OWN LEADS!!!
However, I didn't have to spend any more than $150 to get started (I must have had a benevolent leader).
It didn't take me long to quit. I still don't care for their marketing practices. However, the products are great (more than I can say about Amway's product line). I still have mine 12 years since I got them. They're still as sharp and shiny as ever. I even have an inherited set that's over 20 years old. They're in great shape also.
I'm going to risk sounding like a hypocrite. I say if you never bought Cutco knives, and someone approaches you to buy them, give them a try. Money worth spending. However, don't jump at the first offer. Make it a hard sell for them and get the maximum discount you can. Even offer a single amount, take it or leave it, just slightly below their final offer. You'll get a good set of knives, but at the same time you'll effectively discourage the wayward soul from continuing on that dastardly path. You'd be doing them a favor. There's plenty of youth around for Vector Marketing to continue the practice, just don't allow someone get stuck in it.
Re:Flashbacks
by
dubiousmike
·
· Score: 2, Interesting
My mom sold them. My mother-in-law gave us a few "extra" ones she had lying around.
They are great knives and I have no complaints what so ever about their quality. If I had the money, I might even buy some myself.
But their tactics, not only for marketing, but especially recruiting is what p1ssed me off to no end. As a teen looking for a job, I called an ad for $15 an hour. They would not tell me what the job was. Perhaps this is a necessary tactic on their part as I NEVER would have bothered to waste my day to go to their seminar.
I likely would buy a couple of knives, but only when one of my friend or realatives corners me into buying them or risk bad feelings between us. Frankly, there are other high-end-ish knives out there that don't rely upon sales and lead generation by guilt.
Nice, thanks for the flashback. I sold Cutco knives for a couple months back in college. Made back what I paid to enter and a bit more but delivering pizzas was better pay (and steadier).
I still have my knives, and they still work great decades later (man I'm old).
Are they the ones who sell the "world's best knives"?
A friend in college asked me if I'd heard of the world's best knives. I told him no, but I owned the world's cheapest knives, so if they ever broke or went dull, it would cost me nothing to replace them.
Blacklists work
by
frankie
·
· Score: 3, Interesting
The university I work for has found itself on various spam blacklists each September for the past 3 years. The reason has been the same each time: underclassmen in the dorms installing old RH distros or whatever that includes an open mail relay.
This spring SMTP will be restricted to only approved departmental servers. Anyone else gets dropped at the firewall. It's a shame (academic freedom and all that) but really necessary.
Re:The School is very liberal..this isn't surprisi
by
ericesposito
·
· Score: 2, Informative
The plural of virus is viruses, not virii. Even if it were the Latin plural, it would be viri, not virii.
only 20 boxes of mac & cheese? I'm a college student and I sure as hell don't buy that kind of extravagant mac & cheese. Kroger regularly puts its "kroger brand" mac & cheese on sale for 25 cents a box!
-- "Question with boldness even the existence of a god." - Thomas Jefferson
At my University.
by
MarvinMouse
·
· Score: 2, Interesting
Where I am at now, they have a very strict rule on that. If you spam, or are caught spamming, or are caught passing on chain mail letters, or a whole list of rules. They'll punish you in one of three ways (likely)
Slap on the wrist. Basically translates into loss of marks for CS majors, or banishement from facilities for a short period, or a whole list of things.
Banishment from computing facilities on campus. Thus, if you are a CS major or basically any major that requires computer systems use. You pretty much just failed yourself out of university.
Expulsion. This has happened with a few people who were really abusing the system and even had warnings.
Personally, I think if anyone even considers sending a spam on the network to bypass the filters, that they should be expelled immediately, or at very least banished from the facilities permanently. It is a priviledge, not a right to use those facilities. If you abuse them, you should lose that priviledge.
This just proves that Tuff's has a better business school than Harvards...
-- Yes Francis, the world has gone crazy.
You know you are old when....
by
gosand
·
· Score: 4, Funny
What happened to the good old days when college students sold blood, sperm or surfed the web to earn beer money!
You know you are old when:
You had to work a real job to get money in college
People refer to the "good old days" and in your mind it was yesterday
There was no World Wide Web when you were in college (unless you count FTP, BBSs, and Gopher sites)
Your final paper in Computer Hardware Design was on the Pentium processor, and you could only find three sources because it wasn't due to be released for another 6 months.
You post on Slashdot recounting how old you are, hoping someone will think you are cool
--
My beliefs do not require that you agree with them.
What I do not understand is why don't they just block all incoming traffic to the dorms and labs? Why is it that they allow for this traffic to even make it to the PC in the first place?
Frank Grewe, manager of Internet services for the University of Minnesota in Minneapolis-St. Paul, also wasn't surprised. He says the university does not let client machines be used as servers, employs static IP addresses and tracks the amount of traffic going to and from those addresses.
Why track... just do not allow it in the first place and it will be a whole lot easier. I just do not see a reason in allowing inbound traffic to a static IP address on a campus unless it is a server owned (no pun intended) and operated by the staff. When you allow anyone and everyone to do as they please, all hell will break lose.
I can see the point of some PCs and not others, but it should always be a special case when a PC needs access to it from the outside. This is how most corporate companies run their network. I just do not understand why in most cases all I have to do is 'host -l -t any uni-net.edu' and get a list of hosts to look at and forward my spam on from.
As for the out-sourcing of CS to someone else, I would have to disagree, because it is incidents like this that usually teach people. And when they go on to the corporate world, hopefully, they will remember that they need to lock their network down . It teaches fundamentals, and in this industry, unlike a lot of others and what a lot of corporate big-heads think, it is experience more than education that counts in the long run.
--
The
biggest security hole sits between the keyboard and chair. -Andrew McAllister
Because blocking incoming connections will not stop the problem. The spammers are using custom written relays to do this - there's nothing stopping them from writing the app so that it actually "phones homes" to get it's workload for the day and then sends the spam.
Blocking incoming connections is good for preventing unintentional use - like when most major MTA's came pre-configured to relay anything. That's not the case now so the use from a stanpoint of preventing intentional unauthorized use by internal users it's really not an effective measure.
A more effective method would be to prevent the workstations from actually sending any mail directly - instead forcing them thru a corporate/university managed relay that can do appropriate anti-spam measures, including throttling excessive senders. This is the tactic that man commercial ISP's are taking the the exact same reasons.
Jeez, what an awful road to go down. The very idea that you cannot be a participant in the internet, and provide your own services, is abhorrent. There should be no problem with a student having his own webserver, mail server (as long as it's not an open relay), finger server, or whatever. Solve problems with specific solutions, not these broad, sweeping, castrating ones.
The way of thinking that you suggest, that only "powers that be" may provide services, promotes consumerism, and prohibits the freedom of individuals.
Your suggestions are antithetical to the very principles that the net was built on, end-to-end.
Message to Spammers:
by
cybermace5
·
· Score: 3, Funny
To the Man in the Can:
I am willing in the utmost confidence and secret to help your with some certain relaying needs. My server does waits idle at my residence in an yet to be disclosed location, ready to relay your messages to the considerate masses. In exchange for your sum of $20 per month, my server will confidentiality flood the Internet with your excellent offerings.
I can personally and utmost attest to guarantee that you messages will pass through entire unaltered, and not be redirected to/dev/null, or replaced with the text "I AM RESPONSIBLE FOR X PERCENT OF ALL YOUR SPAM" and your home address & phone number. I would most certainly not monitor every spam you attempted to send at your discretion, and report each and every instance to the immediately authorities.
I trust you to and maintain the highest level of integrity & confidence in this matter.
--- Ham Nbu Jahir, Supreme Commander of Nigerian National Space Fleet
-- ...
Re:Little bastards..
by
Anonymous Coward
·
· Score: 2, Funny
Back in my day, we finished the jokes we started. None of this giving up in a huff, no sir. We took that joke out into the snow behind our shoddily constructed log cabins and we just kept beating on it till it was good and dead.
Kids these days. You don't know how easy you have it.
Re:The School is very liberal..this isn't surprisi
by
rhizome
·
· Score: 3, Insightful
The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for.
Are we supposed to believe that university network resources are completely supported by tuition? I would venture (though in typical Slashdot fashion I have no numbers) that there's a certain amount of taxpayer money involved. Furthermore, it's very common for end-user bandwidth agreements to include a clause prohibiting the resale of any portion of a connection.
-- When I was a kid, we only had one Darth.
The pictograph at the end of the article?
by
way2trivial
·
· Score: 2, Funny
Thank god for that,
I'm a Windows user, and without that little GUI I wouldn't have understood the article at all!
-- every day http://en.wikipedia.org/wiki/Special:Random
Re:Unrest is born. . .
by
Snork+Asaurus
·
· Score: 4, Funny
Anything can be turned into a buck.
Bucks urgently required. Please post formula.
-- Sigs are bad for your health.
Spamming from Athens (Georgia)
by
Fulton+Green
·
· Score: 2
Back when I tried to manually track down spammers (before it became more effective to simply filter out spams), I looked up the registry info for one of the domains from which I received one of those post-once, submit-everywhere re'sume' services (you know which ones I'm talking about). Turns out the domain was registered to a postal box in Athens, Georgia. While this could have been anyone, I can't help but think that this was a Net-savvy University of Georgia student needing cash for tuition or rent...
Re:Sick of spam?
by
RedWolves2
·
· Score: 2, Funny
almost-maxxed-out Visa
And this same person is using the get out of debt spam mails to fix his visa card. Will the cycle never end?
Re:The School is very liberal..this isn't surprisi
by
schon
·
· Score: 2, Funny
(they send a person to your room with virus software if one's detected)
Yikes!
Wouldn't anti-virus software be a better solution?
Yeah, but don't forget that according to the article this guy sold his Uni access for $20/month - that doesn't add up very many pizzas or beers.
My guess is that guy should have sold his connection for more like $200 - $500 per month, or based on the # of mails or something. $20/month is laughable, considering that he now most likely has been forbidden to connect to the University's network with his personal machine and may have some sort of procedural punishment on his University records.
This just proves these students aren't as resourceful as they could be. I for one, would have placed some sort of trojan on as many people's computers I could find, then sell ALL of their machine's use for spamming. I mean, I'm certainly not condoning spamming and I dislike it myself, but if you are going to do it, do it right....
Re:Unrest is born. . .
by
bradkittenbrink
·
· Score: 2, Funny
hey kids, we should all know this one by now, here's the formula for you:
anything
...
Profit!
Re:Unrest is born. . .
by
dacarr
·
· Score: 2, Funny
For these guys?
1) Open yourself up as a spam relay
2)...
3) Lose network access!
Face it, people, $20/month will get you a shitload of ramen, but is it worth $20/mo to lose your gigabit network access?
-- This sig no verb.
Simple solution
by
sik+puppy
·
· Score: 2, Interesting
This incident has happened once. All new and returning students should be given an updated school policy with the following addendum:
Any use of the schools network for the purposes of aiding or supporting spam will result in immediate expulsion. No exceptions.
Simple, brutal, efficient. No more problem.
-- The first thing we do, let's kill all the lawyers.
Shakespeare, Henry VI, Part 2, Act 4, Scene 2
I have visions of micro payments and kazaa style networks of spam being sent out. If enough people are generating spam then there's little people can do. It won't even look like spam if it's like 20 emails a day per computer.
It could become like a mafia protection racket, either send out spam and not get any on your email - or you will get loads.
Incomplete
by
Paul+E.+Loeb
·
· Score: 2, Informative
Apparently John Fontana only interviewed one witness who was kept quiet until his article was published yesterday. A more complete article can be found on the Tuft's Daily Newspaper, here.
Slashdot Mirror
It seems that being medical test subjects would be less likely to get them killed.
Modular Redundancy--Because 4 out of 5 Nodes agree
What happened to the good old days when college students sold blood, sperm or surfed the web to earn beer money!
I thought college students made all the coin they could ever need with those webcams.
This is the real signature
(Beats those shadows on the cave wall, don't it?)
And time to waste... and fewer inhibitions (amazing how college does that!)... so it's pretty easy to understand and believe. Oh well, most schools would yank your access for the rest of your time there. Not really worth $20/mo to me.
Man, I can imagine doing something like this in a dorm but for only 20 bucks? You'd think that it would at least be worth TWO large pizzas a month...
Interesting that they tracked the individuals down using MAC addresses for computers in their dorms...
I've never heard of any other Uni having the foresight to record this and it seems like a valid piece of info to have to include in any registration document (as per cable modem setup)
An interesting look at one of the things students will lower themselves to do to pay for their $80 calculus book.
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
$20 a month was serious money. That's one week of clean laundry and GOOD pizza on Sunday night (and not the cheap stuff). Back then, $20 a month would have bought a lot of personal ethics. Can't say as I blame them.
This is like the computer nerd equivilent to "College Girls Gone Wild". Anything for a buck.
Except instead of making me want to spank myself, I want to spank them.
"Old man yells at systemd"
The kid should be charged the same as the person who put the distributed decryption software, that was all over the news, and expelled.
Fight Spammers!
It's sort of like the trend for journalist majors to wind up in PR jobs for corporations doing nasty things. The lure of extra money covers over any hesitation they might have in moving from a supposedly neutral position to one that shills for money.
But $20/month? Man, that's some cheap principles. How about we pay them $21/month to turn against the spammers?
---------
has always been a popular fad. Remember those programs you could install and you would get a 10th of a penny for every website you clicked and it had a banner-system (I believe)? Everyone thought they would make hundreds of dollars a month with that. I wish I could remember the name. People love getting money for doing their normal tasks, i.e. using the computer. If relaying spam could be done with little or no active participation by a computer user, who [average computer user] wouldn't turn down 20 bucks?
--------
Free your mind.
What does it matter that Tufts is 151 years old? Would this be different if it were 310-year-old College of William and Mary in Virginia or 210-year-old Williams College in Williamstown, MA?
--Mike
Dear Mr. Spammer, I wouldn't mind to relay your
spam at all! In fact, I would do it with a full
satisfaction of doing a valuable service to the
community! Please, pretty please, pick (and pay)
me to be your relay!
WBR / lastberserker
.
.
.
[...of course I won't detail on _where_ I would
relay your spam, but what's the matter - noone
would miss it anyways...]
My other Beowulf cluster is... er...
I have been getting spam addressed to [my_unix_username]@[my_machinename].cs.man.ac.uk
My machine passes the mail to me but I have no idea how the people got this address.
The only way I can think of is if someone used finger @ on the machines in the department and then stuck the username with the machinename.
As far as I am aware the finger@ is blocked to people outside the department so I am starting to suspect that some students are behind this.
Especially as the spam is for local companies.
Mouse powered Chips, Open source Processors and Lego
!!! MAKE MONEY FAST !!!
Earn as much as $20.00 a month sending out unsolicited email!
Trolling is a art,
Will they be setting up servers to share pirated music and video or something??? Oh, wait...
"I'm not, like, that smart. I, like, forget stuff all the time." -- Paris Hilton
...if they put a video cam in their dorm room. They sold out cheap!
Best Buy can have you arrested
I didn't understand the article at all. Then I saw the helpful graphic at the bottom of the article. It clearly showed just how the process worked! Without that picture, I would have been in the dark.
Karma: Chevy Kavalierma.
The article mentions that they can't track the original spammers, that all the further that they can get is to the students computers. If they really want to track the spammers can't they track the money?
Which makes me wonder, how do the students get paid? Remaining anonymous is critical to spammers being able to continue doing their thing. How does a spammer actually pay someone w/out being trackable? I can't imagine that they send cash.
Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
Doesn't the IT Department at any college, university etc enforce their AUP? Doh! They don't have an AUP.....
Seriously, I would imagine that surely the IT Department has an AUP that would prevent this behavior along with appropriate actions for dealing with violators?
The interesting thing is that the spammers are now paying people to put out their spam. Now each outgoing spam costs something above the overhead costs. Sure, it's something really tiny ($20/??) but it's not zero. I wonder what the price point is that spammers are willing to pay? Would schemes that would charge spammers for their spam really be a deterent? How much would you have to charge?
One man's -1 Flamebait is another man's +5 Funny.
I'm a current student at tufts, and I'm not that surprised that there is some abuse of the system. The University is overall pretty laid back about student computing. The only things the sysadmins monitor for is virii that may cause systemwide problems (they send a person to your room with virus software if one's detected) and excessive bandwidth usage (over a gig per day for more than 3 days in month.)
While it is troubling to know that some of my fellow students abused the policy, it really isn't that hard. Though it pisses me off a little that they used University bandwidth for their little endeavor, the school has plenty, due to massive infrastructure installation in the late nineties. It hadn't caused any issues for the school (nobody I know has complained about a slowdown) so it's my opinion that the fact it's a university isn't a big deal. The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for. The real question is wether the school will add a clause to the acceptable use policy and start to monitor for spammers. Wouldn't be surprising.
My Karma is so good, I'm the Dalai Lama...or something.
Another shining example of the 'me first' attitude that permeates society. (Especially in the US) -
Crap! It's free money, with no responsibillity attached, and poor college students would stand in line at the finger-smelling factory if they didn't have to work.
I'm surprised it took 20 bucks.
Cutco....
Must... sell... knives...
The whole experience still makes me shudder.
This spring SMTP will be restricted to only approved departmental servers. Anyone else gets dropped at the firewall. It's a shame (academic freedom and all that) but really necessary.
The plural of virus is viruses, not virii. Even if it were the Latin plural, it would be viri, not virii.
only 20 boxes of mac & cheese? I'm a college student and I sure as hell don't buy that kind of extravagant mac & cheese. Kroger regularly puts its "kroger brand" mac & cheese on sale for 25 cents a box!
"Question with boldness even the existence of a god." - Thomas Jefferson
Where I am at now, they have a very strict rule on that. If you spam, or are caught spamming, or are caught passing on chain mail letters, or a whole list of rules. They'll punish you in one of three ways (likely)
Slap on the wrist. Basically translates into loss of marks for CS majors, or banishement from facilities for a short period, or a whole list of things.
Banishment from computing facilities on campus. Thus, if you are a CS major or basically any major that requires computer systems use. You pretty much just failed yourself out of university.
Expulsion. This has happened with a few people who were really abusing the system and even had warnings.
Personally, I think if anyone even considers sending a spam on the network to bypass the filters, that they should be expelled immediately, or at very least banished from the facilities permanently. It is a priviledge, not a right to use those facilities. If you abuse them, you should lose that priviledge.
~ kjrose
This just proves that Tuff's has a better business school than Harvards...
Yes Francis, the world has gone crazy.
You know you are old when:
You had to work a real job to get money in college
People refer to the "good old days" and in your mind it was yesterday
There was no World Wide Web when you were in college (unless you count FTP, BBSs, and Gopher sites)
Your final paper in Computer Hardware Design was on the Pentium processor, and you could only find three sources because it wasn't due to be released for another 6 months.
You post on Slashdot recounting how old you are, hoping someone will think you are cool
My beliefs do not require that you agree with them.
Frank Grewe, manager of Internet services for the University of Minnesota in Minneapolis-St. Paul, also wasn't surprised. He says the university does not let client machines be used as servers, employs static IP addresses and tracks the amount of traffic going to and from those addresses.
Why track ... just do not allow it in the first place and it will be a whole lot easier. I just do not see a reason in allowing inbound traffic to a static IP address on a campus unless it is a server owned (no pun intended) and operated by the staff. When you allow anyone and everyone to do as they please, all hell will break lose.
I can see the point of some PCs and not others, but it should always be a special case when a PC needs access to it from the outside. This is how most corporate companies run their network. I just do not understand why in most cases all I have to do is 'host -l -t any uni-net.edu' and get a list of hosts to look at and forward my spam on from.
As for the out-sourcing of CS to someone else, I would have to disagree, because it is incidents like this that usually teach people. And when they go on to the corporate world, hopefully, they will remember that they need to lock their network down . It teaches fundamentals, and in this industry, unlike a lot of others and what a lot of corporate big-heads think, it is experience more than education that counts in the long run.
The biggest security hole sits between the keyboard and chair.
-Andrew McAllister
To the Man in the Can:
/dev/null, or replaced with the text "I AM RESPONSIBLE FOR X PERCENT OF ALL YOUR SPAM" and your home address & phone number. I would most certainly not monitor every spam you attempted to send at your discretion, and report each and every instance to the immediately authorities.
I am willing in the utmost confidence and secret to help your with some certain relaying needs. My server does waits idle at my residence in an yet to be disclosed location, ready to relay your messages to the considerate masses. In exchange for your sum of $20 per month, my server will confidentiality flood the Internet with your excellent offerings.
I can personally and utmost attest to guarantee that you messages will pass through entire unaltered, and not be redirected to
I trust you to and maintain the highest level of integrity & confidence in this matter.
--- Ham Nbu Jahir, Supreme Commander of Nigerian National Space Fleet
...
Kids these days. You don't know how easy you have it.
The kids are entrepreneurs, even if it's in a business I despise, taking advantage of the resources they've paid for.
Are we supposed to believe that university network resources are completely supported by tuition? I would venture (though in typical Slashdot fashion I have no numbers) that there's a certain amount of taxpayer money involved. Furthermore, it's very common for end-user bandwidth agreements to include a clause prohibiting the resale of any portion of a connection.
When I was a kid, we only had one Darth.
Thank god for that,
I'm a Windows user, and without that little GUI
I wouldn't have understood the article at all!
every day http://en.wikipedia.org/wiki/Special:Random
Bucks urgently required. Please post formula.
Sigs are bad for your health.
Back when I tried to manually track down spammers (before it became more effective to simply filter out spams), I looked up the registry info for one of the domains from which I received one of those post-once, submit-everywhere re'sume' services (you know which ones I'm talking about). Turns out the domain was registered to a postal box in Athens, Georgia. While this could have been anyone, I can't help but think that this was a Net-savvy University of Georgia student needing cash for tuition or rent ...
almost-maxxed-out Visa
And this same person is using the get out of debt spam mails to fix his visa card. Will the cycle never end?
(they send a person to your room with virus software if one's detected)
Yikes!
Wouldn't anti-virus software be a better solution?
1. Hire Tufts students to sell Cutco knives to Anti-Spammers.
2. Set up webcam to watch Anti-Spammers carve up Tufts students.
3. ???
4. Cleanup.
FreeSpeech.org
The one guy I know making $30k a year doing spam
Yeah, but don't forget that according to the article this guy sold his Uni access for $20/month - that doesn't add up very many pizzas or beers.
My guess is that guy should have sold his connection for more like $200 - $500 per month, or based on the # of mails or something. $20/month is laughable, considering that he now most likely has been forbidden to connect to the University's network with his personal machine and may have some sort of procedural punishment on his University records.
::.. check out some Cell Phone Reviews
This just proves these students aren't as resourceful as they could be. I for one, would have placed some sort of trojan on as many people's computers I could find, then sell ALL of their machine's use for spamming. I mean, I'm certainly not condoning spamming and I dislike it myself, but if you are going to do it, do it right....
For these guys? 1) Open yourself up as a spam relay 2) ...
3) Lose network access!
Face it, people, $20/month will get you a shitload of ramen, but is it worth $20/mo to lose your gigabit network access?
This sig no verb.
This incident has happened once. All new and returning students should be given an updated school policy with the following addendum:
Any use of the schools network for the purposes of aiding or supporting spam will result in immediate expulsion. No exceptions.
Simple, brutal, efficient. No more problem.
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
I have visions of micro payments and kazaa style networks of spam being sent out. If enough people are generating spam then there's little people can do. It won't even look like spam if it's like 20 emails a day per computer.
It could become like a mafia protection racket, either send out spam and not get any on your email - or you will get loads.
Apparently John Fontana only interviewed one witness who was kept quiet until his article was published yesterday. A more complete article can be found on the Tuft's Daily Newspaper, here.