Slashdot Mirror
On The Trail Of Super-Zonda
Dynamoo writes "BBC Radio 4 has been on the trail of the notorious Super-Zonda spammers and crackers, according to this article. Super-Zonda's trick is to find insecure hosts and pressgang them into webservers for mail order brides, viagra and other spam favorites. In this case a server is traced back to a hacked machine at a major international airline.
The BBC investigate some of the people allegedly behind the spam in an investigation starting on the Spamhaus houseboat in London and ending in the Netherlands via Moscow. The BBC point the finger at Martijn Bevelander of MegaProvider as being not the innocent party he seems. The BBC provide some evidence to back this up, and are not known for rash accusations."
Finally, investigative reporting that is actually helpful and interesting. Go the Beeb : )
Vino, gyno, and techno -Bruce Sterling
But it is a crime that is very difficult to police, and a crime that is growing daily, as spammers find ever more inventive ways of staying ahead.
Well, now Microsoft is on the case. So they'd just better watch out.
The coolest voice ever.
Wasn't that one of the characters in the original Street-Fighter 2 arcade?
Ñ'
A special investigation by the BBC has revealed that British Airways was used without its knowledge to host a website advertising Russian mail order brides.
As if the BBC would ever admit its nation's premier airline was desperate for some hot Siberian lovin'.
The coolest voice ever.
Damn, here I was hoping there would be a chance of prosicuting in a country that still has the death penalty. Preferably something slow.
--I don't want the world, I just want your half.
Sorry - that's dumb. They send 1 million emails per sale. They would send 1 billion if it were an order of magnitude cheaper. There must only be 1 idiot to make it worth annoying 1 million people. The problem is not resolvable with market solutions.
vigilantism, yeah.
kill.
KILL!!
KIILLLL!!!!
Rid the world of the filthy disgusting spammonger! Use his vile machines to broadcast a message to the world that spam shall not go unpunished! The land shall be purified!*
*This rant curtesy of having just watched Boondock Saints and Dune.
Mod me down and I will become more powerful than you can possibly imagine!
Many have tried but its proven very difficult to get really up close to the viagra spammers.
Look idiot. How easy to you think it is to convince everyone to stop paying for stuff they get in spam. It's not even possible to get everyone to stop murdering people and molesting children. (I'm not saying that buying something from a spam is as bad as that, of course)
.001% in order to make money.
But seriously, these spammers only need to get
autopr0n is like, down and stuff.
I thought the mail order bride email were jokes, not SPAM.
...."
<russian accent>
"Hello, My name is Tania and I have executed 18 years of age. I love
</russian accent>
How about people just stop buying the junk the spammers are selling? I guarantee you it will all disappear overnight if everyone does. Thats the beauty of the free market- its only around if it remains desirable.
I doubt that will work out all that well... according to the article, spammers rely on 1 sale per million spam emails. I personally know that the "stupid" or "has-a-clue" ratio is WAY lower than that.
My personal observations are that it's closer to being 1 in a hundred people are "stupid" or "clueless".
Not that there's anything wrong with that...
$0.02 (CDN)
I assume that's air freight.
This is computer cracking/fraud at its seedy worst.
Are these the jokers responsible for the Pornographic spam and Mail-order brides dreck that fills up my inbox? And they are using hacked commercial webservers as relay points for this cruft?
Anyone who assists these guys is guilty of multiple computer crimes, at least as an accessory if nothing else (unless they are in a country that HAS no such laws, or doesn't honor extradition requests from foreign nations). Nobody can claim this is innocent "hacking" for education, curiousity, or "helping out" the victim by showing them what holes they have... this is outright exploitation of someone else's property, equipment, bandwidth, etc for your own financial gain, via spam, no less.
This is fraud, any way you slice it... somebody needs to go to jail.
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
Spam is another form of Speech. Yes, it is grossly abused and outright annoying, but it is still protected here in the U.S. (except for pending anti-spam legislation).
But the actions of the spammers (Super-Zonda in this case) are reprehensible. They are clearly breaking the law in hacking into people's computers in the manner that they are, and they should be punished appropriately for that.
Here is one aspect of the DMCA that is very important to retain even if the rest is done away with. If you have a system with some sort of "protection" and someone deliberately circumvents that protection to use your system for illegal activities, that someone should be punished for not just the illegal activities but also for the circumvention of the protections you set up. While I don't advocate the creation of laws for it's own sake (like many gun laws), I think that having a law in place that punishes criminals not just for the crime itself but also for the method of the crime is important in cases like this.
I have been pwned because my
People that run open SMTP relays are part of the problem. Just as pawn shops that accept goods of dubious origin serve as fences and bear some responsibility for the problem of burglary, so do administrators that run open SMTP relays, either maliciously or out of stupidity, bear some responsibility for the spam problem.
I'd like to see owners of open SMTP relays be liable.
I know it may not be accurate in this particular case, but would overhauling SMTP help reduce spam and other UCE? STMP was built for a more, erm, polite era and seems like its failing in this day and age with regards to spam.
C - A language that combines the speed of assembly with the ease of use of assembly.
Paypal donations to hi-tech hit squads, a la Tom Clancy and his Mr. Clark, to track down and eliminate, with EXTREME prejudice, any and all spammers, anywhere in the world. I'd give them $5/month, easy. Hell, film it and broadcast it like COPS. It's not like the embedded media have any real use for those handy portable vidcams they were sporting recently. Now _THAT'S_ a pay per view!
These guys don't care about laws, and any and all fines they MAY receive are just a cost of doing business and a lesson learned on how NOT to do it next time. Mind you, I think they'd start caring if they starting being hurt and/or killed.
And I'm only half kidding...
Anyone wishing to apply for such a squad, please email to...
$0.02 (CDN)
If reporters can find these spammers who break the law why can't law enforcement do the same?
Who owns your data?
Yeah, and likewise with con artists. If all 7 billion people on the planet agreed that they would no longer be conned, there would be no scammers left.
.001% represents something like 5,000 internet users, which can be enough to make the whole thing profitable (since sending the spam is free, using stolen resources).
The problem with spam is that it exploits statistics: Even if 99.99% of people just delete it, that
Cheers
-b
The trick they use, as I understand it, is to rig their DNS servers to respond differently based on the IP address querying the spammed domains. The DNS responds with the address of an open HTTP proxy normally, and when the open HTTP proxy does the lookup, it gets a different address - the spammer's webserver. That webserver then only responds to those open proxies. The moral of the story is to be more careful when you put any proxy on the internet.
Beer wants to be free
And we'll finally find a good use for the (offline version) Slashdot effect.
Exactly. The other day I was watching the Beeb's news channel on cable in Australia and they carried a report that suggested that America DIDN'T use the power of lollipops and sunshine to expel the demonic Saddam Hussein from Iraq. Imagine!
When applied to crises, legislation rarely affects changes as intended. Please, people, do not let the politicians get into this. Do not give them another issue to gain face time, tack non-germane amendments to another bill, and complicate a problem with a simpler technical solution. Please, those of you with bigger programming wits than I, develop an alternative to SMTP.
Time to open up a can of spa^H^H^H whoop-ass on him!!
Why do commercial spammers spam? Well, for the ones who try it more than once, it's because somebody pays them to do it. Who pays them to spam you? The suckers who buy from them pay them to do it. Without that money the spammers would have little reason to spam.
So what you need to do is punish the spammer's customers, find them, out them and make them afraid.
The way to do this is simple. Just send out some really attractive spams. Offer legit products at irresistable prices. Have legit sites to back up that the offer is real and not too good to be true. Anybody who responds, however, is an evil spam funder, and they will give you all their ID information, which you can use to punish them for funding spammers!
That will stop 'em.
(For the satire impaired, that's what this is.)
It is a fairly trivial matter for most regular /. readers to back trace a spam mail to the source server. In nearly all cases the server is an open relay or has been owned - either way the plug should be pulled.
I would like to see a semi-automated tools to assist in this. It would allow people to respond to the majority of spam they receive with little effort.
The tools would require a minimum of:
* Extract IP from header.
* Reverse DNS lookup of host computer (to get domain).
* Extract primary contact from DNS registration or email the postmaster advising them of situation.
* And finally a temporary blacklist site could be an option as well (We don't want to permanently blacklist British Airways do we?).
Does anyone else have any thoughts on desirable functionality or incorrect assumptions I have made?
Q.
Insert Signature Here
That wouldn't really solve the problem, unless the replacement was effectively to not have worldwide email. It really comes down to a problem of authenticating the source of the mail, and even then you need some way to know if that source is acceptable. Both of those are really tough problems when applied to a worldwide scale.
Think about secure TLS/SSL websites. The authenticity check is dependent upon the trustworthyness of the root CAs. The respectable CAs must do a lot of manual checking of the registrant's identity before signing a certificate. And that costs a lot of time and money and infrastructure. And even then the certificate-based system we have for webpages is not all that great, it's still relatively easy to hijack websites or even run it yourself (who besides me actually bothers to look at the certificate details when they go to a secure site, or even removes some of the root CAs from their browser's builtin list?).
Now, there certainly should be a way to get the domain name registration information as verifyable as certificate registrations; because the whois databases right now are laughably corrupt, not even the most fundamental checks are performed to insure that the data is correct. But even then, that doesn't stop spam, although it may help you track them down better.
And asuming you have perfect authentication, knowing the source is authentic still doesn't determine whether you consider the source to be a spammer or not. A certificate only proves identity, it doesn't say anything about the type of content being sent. You certainly wouldn't be able to know the millions of different potential email sources, nor keep up with the minute-to-minute changes. And if you're a business you can't use a known sender whitelist; or you may never get job resumes, sales inquires, and so forth. So someone would have to build a list of all "good" non-spammer certificates.
But then you're back to the same situation we have now. You'd just be using certificates or something like that instead of IP addresses as the "identity" you'd be matching against some database, like the many blackhole lists. And given how easy it is to hijack insecure computers, there would certainly be holes around that type of system too.
Now true, the insecurity of vanilla SMTP is an issue for confidentiality purposes, but you can't really blame spam on that. And if you use the already standardized SMTP extensions, such as STARTLS or S/MIME, then SMTP can be pretty secure. Spam is a social problem, not a technology problem.
I wonder how many of these spammers are using open relays.
Whenever I read of proposed spam legislation and law enforcement attempts, I can't help but think that this somehow encourages companies and individuals to not take the neccessary care in configuring thier hosts, suscribing to blackhole lists, or running proper filters on thier hosts/servers.
When I see the disparity between email providers in the amount of spam I recieve, I realise that the admins are at least partially to blame. (My mail account at mail.com recieves approximately 7 to 12 spam emails a day, while my account at gmx has recieved only about 5 during the past year.)
Are there still any reliable blackhole lists?
Can/should email providers filter outgoing mail to regulate thier customers?
Can administrators control the spam problem?
I really don't like the idea of leaving this up to legislation, as it's likely that the DMA can buy themselves a few loopholes.
Read, L
yeah, but some Israelis think that anybody who doesn't proclaim that shooting kids for throwing rocks is OK (er, sorry -- shooting Palestinian kids for throwing rocks) is a nazi.
As far as I'm concerned, there is a big difference between being critical when Israel does something stupid/nasty and being anti-semitic -- especially if you're just as critical of Palestinian stupidity.
Free Software: Like love, it grows best when given away.
These spammers would get caught, go to jail, and share a cell with many men who have enlarged thier penises, taken viagra, and are looking for a new relationship. Now that would be poetic justice.
Second, it appears that Super-Zonda just recently moved the actual host (well, it too was a proxy) to CyberAngels (they had been on servepath.com for a long time, then ev1 [I think it was] for a weekend, then
The spammer uses network scanning tools to find an open web proxy. A system where, with the proxy located at {PROXY_IP} as its IP address,
telnet {PROXY_IP} 80
GET / HTTP/1.1
Host: www.nytimes.com
gets the front page of the NY Times.
He then does the following.
He uses something like the following:
telnet {PROXY_IP} 80
GET / HTTP/1.1
Host: [a_hostname_of_his_own]
and looks at his nameserver's records to see whence came a request to resolve his hostname. Now he knows the location of the nameserver/resolver used by the open proxy. He does this a few times (the proxy may use several nameservers - just as in configuring your windows system for the 'net, you enter two nameservers in the settings). He also checks at his web server to see whence comes the connection (the proxy may or may not make its outgoing connections using the same IP address).
Now he sets his nameserver to do the following:
1: It responds to requests to resolve his spam site which come from the nameserver(s) used by the proxy with the correct IP address (of his spam site).
2: It responds to ANYONE else with the IP address of the open web proxy.
He then sets up his web server itself to drop all packets to port 80 (maybe to all other ports as well) EXCEPT packets to his port 80 *which come from the abused proxy*.
The result? Everyone resolves his spamvertized host to the abused, hacked, illegally accessed web proxy and sends HTTP packets thither. That server/proxy attempts to get and serve up the pages by getting the IP address from its resolver which then gets the IP address of the hacker/spammer's actual site and accesses it and gets the page to return to the victim. Even if one happens to guess at the location of the actual spammer's machine, one cannot verify it since it appears dead to anyone except the proxy.
The trick to locating him is to find out what resolver the proxy is using and have your resolver, nslookup or dig in Linux, say, do a lookup, but not via your ISP's nameserver - instead use the proxy's nameserver/resolver. Then you find whence the proxy got what it served up.
[By the way, this is a pro-spam operation and the spammer's site may host some clients' stuff and in some cases, at least, it actually proxies the pages from another site.]
It is not a matter of the spammer "hacking" anything. It is simply his hijacking web servers which serve as proxies but which allow anyone to use them as proxies.
Why "super-zonda"? The names he used for his nameservers were ns1.super-zonda.com, etc. For other spamertized domains he registered different names for the nameservers, but they were located at the same IP addresses/locations.
One of the web servers/open proxies he hijacked was a British Airways travel shop server. He also hijacked a mideast bank web server. A K12 server in Colorado, I think it was. Several in Korea. He would spam for many clients at once, hijacking several web servers (one for every one or two of the hostnames).
The article on the BBC says:
"When Paul and Matt looked up which computer the website was using to host its service, the IP address belonged to British Airways."
Wrong. That was what it appeared to be. The pages were not there.
That site was proxying them.
I'm serious.
a 2k /fraud.html
Today, I was working on a problem with our spamassassin server running out of memory, and saw something scary in the log file - email from <one of our biggest customers> to <executive who reports directly to the CEO>, subject "Legal action started", marked as spam.
Very bad to get false positives like this!
However, on tracking it down, it was....
You guessed it....
An ad for an herbal product to "Enlarge your P3n1s!!"
Can we start hunting them down and shooting them yet? Please, pretty please?
http://scs.northwestern.edu/nuilr/peer-net/medi
Yeah, it's a real bummer when you get caught bulldozing down the homes of women and children without any prior notice whilst the occupants are in there sleeping.
Israel's guilty of just as many human rights violations as Saddam Hussein's regime was in Iraq. But whereas Hussein used chemical weapons supplied by the US and others to kill Kurds, Israel uses to tanks, planes and gunships supplied by the US to kill Palistineans. Big difference.
This isn't flamebait, this is fact. But, as ever, some people with mod points will mod this down as it doesn't fit in with their personal cosy, rose-tinted view of the world.
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
I'm sorry that the BBC being a truly independent news organisation ruins your enjoyment of the suffering of the Iraqi people.
Perhaps you prefer getting all your news from "patriotic" broadcasters, like FOX News, who won't bring you anything that doesn't paint the US/UK/other invasion in anything apart from a positive light. Good for you - if you want your news censored by a broadcaster who's more interested in keeping you watching at any cost that it is in the truth then that's your perogative. But some of us prefer getting the raw facts and making our minds up for ourselves.
Yes, the BBC's coverage of the war hasn't been a flag-waving exercise. But why should it be? Because you say so? Because a government official says so? Sometimes the truth isn't as pretty as we would like but that doesn't make that truth any less valid or worthy of our attention.
Perhaps you like watching the news brought to you by people who would probably have their war coverage sponsored by a handgun manufacturer if they thought that they could get away with it. But I and many others don't.
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
That is worth sending someone to jail for. Given that we've got these sledgehammer anti-hacking laws on the books, we might as well put them to a good use.
Which reminds me: is hacking for profit considere an extraditable offence??
Free Software: Like love, it grows best when given away.
The last one year a number of "Free" SPAM relay tools has start to scan Ip's, the one I seen most is the "send safe" Software that uses a "Free" proxy to send out SPAM, and then relay the IP's found to other users of the software One way to stop misuse of proxy's open or not is to use server based tools http://kabel.netvisit.nl/~nieuwe03/squidefender.ht ml
In a country like Cambodia that I work in, it cost 0.1Usd pr. Mb in/out so not only do every one pay to get the dame thing, but the open systems owners pay 2 times, get it and proxy it out
Not all users in 3rd world country's know how to setup and run servers or even home computers. Often updates are not made as the software comes from the local, 2usd pr. CD market.
Send the guy his SPAM back
http://www.bevelander.nl/
Algemene vragen en/of opmerkingen info@megaprovider.nl
Technische vragen support@megaprovider.nl
Vragen over tarieven en wederverkoop sales@megaprovider.nl
Vragen over administratie administratie@megaprovider.nl
Klachten over open relay's, spam, hackpogingen etc. abuse@megaprovider.nl
Vragen/opmerkingen over deze site webmaster@megaprovider.nl
Or just subscribe him (Martijn Bevelander ) to some good useful catalogs
Mega Provider B.V.
Postbus 6356
2001 HJ Haarlem
Mega Provider B.V.
Pascalstraat 17
2014 KZ Haarlem
Good hunting
I just hate bit SPAM, (www.netnoise.com.kh)
Surely you can find a use for the lovely credit card information they used to purchase these irresistable products from you.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
Repeat after me: your life, just like mine and most everyone else's, is inherently meaningless.
Hi! Philosophers know this as the naturalistic fallacy. The way the world is implies nothing about the way we should choose to make it. You are welcome to choose a zero value for human life. I pick bigger ones, as do most people.
Spam is annoying. Spam is nothing more than that -- it does not deserve "hard jail time".
No, Britney Spears is annoying. Spam is a major societal problem.
From the estimates I've seen, the worldwide cost of spam is$10-$50 billion/year, and it's still growing unchecked. As this article suggests, it seems to be moving from the control of low-lifes to outright criminals. I guess that's not surprising, given how much of the stuff advertised via spam is either fraudulent or illegal.
When you compare the costs of spam to some of the recent large business bankruptcies, it's clear that spam in in the same league. People are clamoring for jail time for the recent set of CEOs/con-men; why shouldn't spammers, who cause a similarly big problem, face similarly big sentences?
I think they also got dropped from another provider as well. There was some speculation that they were using a hijacked IP block.
There's betting on NANAE about where he pops up next.
One line blog. I hear that they're called Twitters now.
I'm really sick of hearing how the way to take the money out of spam is to charge for e-mail.
Instead of attacking the supply side, attack the demand side. Forget the fact that most of these spammers are outside the US. The fact is, most spam *advertisers* are in the US.
If the law allowed companies/people to be sued for using a service that has been convicted of using illegal means to send spam (invalid return address, hijacked systems, forged headers, etc), it would take about one or two high publicity lawsuits against a couple of spam buyers (lower mortgage rates! viagra! enlargement!) to curb the problem.
This legislation to kill spam by going after the senders will work for all of about a day, until all the buyers start buying service from someone offshore.
This would be self-regulating, market driven phenomenon if played out properly. Legitimate mailing companies could advertise their "legitimacy" and real companies could use those services for real, honest-to-goodness marketing. If someone used a shady mailing company, then they expose themselves to damages.
Whatever. Spam will not significantly decrease until the companies that contract out the services of these mailers have the screws put to 'em.
"The BBC ... are not known for rash accusations"
;-)
I'm not sure Alastair Campbell would agree...
IT's no big surprise, this Bevelander was a well known young internet interpreneur, who became famous in the Netherlands because he represented the internet boom. But he didn't do anything special, and he is the kind of guy who would do anything for money.
I'm a network engineer for a medium-sized ISP in The Netherlands. Martijn Bevelander has been operating in de dutch ISP world for years now. Previously most people saw him as a huge clown; his daddy (some chief somewhere) seems to always fund his playing in the internetworld while he manages to get all his companies to go broke.
His staff continues to show their good knowledge on the Internet: see this mail where one of his noc monkeys notifies the operators on the Amsterdam Internet Exchange of a new announcement from Bevelander Internet Services: 192.168.0.0/16. Perhaps this was just a sneak preview into the future?
The dutch media have reported on several occasions on him: check this link from Webwereld.
Insiders still laugh on his ignorance regarding security. He used to have his printers wide open connected to the internet, resulting people to send complete black pages to it. Another great story is how he continued to buy new 3com switches after he failed to change the administrators access to them and someone from the outside shutdown't his uplink port. Yeah Martijn, they were all broken.
So far he was just a joke. The troubles started when his company Bevelander Internet Services got broke and he quickly setup a new company called Megaprovider. After most of the customers were transferred, he sold the empty remains to Concepts ICT. Appearantly Megaprovider is not doing to good as well, seeing his Cyberangels adventure.
One of his well-known associates, Joshua Dodds, is known as a true DDoS-kiddo, DoS'ing everyting and everyone who says a bad thing about him on IRCnet. I guess they will never learn...
The BBC sees its role as providing balance. You have to view its output in the context of the overall media environment in the UK, and indeed globally.
The BBC may appear to only present one side, or to push one perspective at the expense of others in its own coverage, but generally this will be because the side it is presenting is not otherwise represented in the mainstream media. So, for example, its presentation of Israeli issues is meant to add information to the debate within the UK on Israel/palestine that is not found from other sources, particularly TV news sources such as ITN and Sky news. (incidentally, ITN, which is the main provider of news for commercial TV in the UK, walks a very strange line in its news presentation, providing a conservative (small c) perspective on international politics in its news broadcasts on ITV, and a more liberal perspective in its channel 4 coverage)
This often means the BBC takes what can be seen as an 'anti-government' position, simply because most ocmmercial news doesn't tackle the government on issues, and the BBC's remit is to fill in that gap in the national debate.
That said, they're not making a great showing at the moment in this petty fight with downing street over 'dody dossiers' and 'sexing up'... it's all rather embarrassing, and sounds like it was based on somewhat flaky journalism.
"Let us also recall the recent guilt of Great Britian in Northern Ireland using very similar methods as the Israelis"
While it is true that the government of Great Britain did commit some despicable acts in Northern Ireland, they were nothing like the methods that Israel is using against the Palestinians.
At no point did the British Army start blowing down the doors of civillian houses with explosives, or bulldozing houses while the occupants were still inside. They never laid seige to Jerry Adam's house and bombarded it. They never prevented Jerry Adams from travelling abroad. (Although for a while they did band him from speaking on TV...). They never had a policy of assassination against IRA memebers, and they never used helicopter gunships to attack IRA members and their families, blowing up anybody else who happened to be nearby.
During the whole period of the troubles, the British Government probably only killed about 40 people. The Israeli government has killed something like 3000 palestinians.
Now, it is also true while that the IRA did kill a lot of people, (several hundred), The palestinian terrorist organisations have killed considerably more (probably getting near 2000 people now)
Personally I think that if both sides in the Israeli/Palestinian conflict had taken a few leads from the way things are being solved in Northern Ireland, hundreds of people would still be alive today.
Pascalstraat 17
2014KZ Haarlem
Tel.023-5101094
Fax.023-5441982
It is probably an office address, but I'd guess he spends time there as well. International callers should not forget to add the country code for the Netherlands, which is 31.
Martijn Bevelander is a highly controversial figure: he dropped out of school, then started an internet company (at a very young age) during the boom, got into legal trouble with lots of people, and finally went broke. Some people think he is the second coming of Bill Gates (quite a few people think of Bill as a role model...). Others think he is a lier and a thief. He appears to have made a business out of hijacking domain names, but foolishly forgot to register his own name.
There is a very critical article in Dutch here (search for "martijn"). Another list of critical articles, again in Dutch, is here. There is a picture here, although (according to the first link) the equipment in the background is not actually his.
All in all, although he himself thinks he is a genius, in reality he is nothing more than a parasite.
I cannot, of course, condone any course of violence against his person. However, if (for example) the United States were to think of him as an international crack dealer and demand his extradition, I wouldn't shed any tears for this fellow countryman...
The channels aimed at British audiences (ie. for those who pay the licence fee) do not carry adverts. These are BBC1, 2, 3, 4, Children's BBC, CBebbies (for toddlers), News 24 and BBC Parliament. Same goes for audio services Radio 1,2,3,4,5,6,7, Asian Network, BBC Cymru (Welsh language), BBC Local Radio etc. These are almost entirely funded by the licence fee.
In the case of advert-free satellite signals these are quite literally "aimed"; the BBC broadcast advert-free from a satellite with tight coverage of the UK mainland with only very minimal bleed into the rest of Europe.
The channels aimed at international audiences (ie. for those who do not pay the licence fee) are funded by a mixture of foriegn office taxpayer's money, adverts and in some cases subscriptions. These include BBC World, BBC Prime and BBC America and are handled by a slightly seperate commerical company called BBC Worldwide and are broadcast on a number of satellites with coverage for most countries.
The international audio stations such as BBC World Service and BBC English By Radio are funded solely by the foreign office (similar to the funding for the Voice of America).
British viewers can also see BBC programming on non-BBC channels with advertising such as S4C (Welsh language), UK Gold (comedy & soap repeats) and UK History (documentary repeats). Some of these channels are entirely funded by advertising, some also have small injections from various government departments such as the Welsh Office, Scottish Office and European Union, in the case of regional language programming such as Welsh or Scots Gaelic. For instance, the popular Welsh soap opera Pobl Y Cum (Valley People) is made by the BBC but broadcast on independent station S4C supported by both advertising and government funding [PDF, Welsh and English].
Andrew Oakley - www.aoakley.com
What would happen if everyone when spammed actually tried to make an order without actually intending to buy anything? A coordinated mass buyfest? Make it so unprofitable to sell via spam by causing massive losses through non-payment?
Perhaps that might stem the tide?
It's because the BBC is independent from Government that we can get spats like this, where the BBC very publicly say, in effect, that the Prime Minister lied to Parliament about Iraq's alleged Weapons of Mass Destruction, and it's because of the BBC's independence that it can refuse to back down despite the most severe pressure from the government.
So, you know, let's hear it for the BBC and let's hear it for the License Fee. It's because the license fee is hypothecated - a tax paid by the people directly to an independent organisation - that we have at least one high quality media publisher with the utmost journalistic integrity which can call a sleazy and corrupt government to account, as it is doing now over the lies which led us into an illegal and unjustified war, and as it did under the Tories about MPs taking bribes.
A government run broadcaster could not do this, because the government could tell them to shut up, and cut off their funds if they didn't. A commercial broadcaster would find it much harder to do this, because the big commercial interests which pay for advertising don't want the boat to be rocked.
The BBC is, let's face it, one of the most independent, one of the most honest, one of the most fair broadcasters in the world. In a world where most media is in the hands of a very few commercial interests, mostly with fairly noxious political agendas, having one which is answerable only to the public is a very good thing in my opinion.
Long live the license fee!
I'm old enough to remember when discussions on Slashdot were well informed.
Domain spoofing is solveable at least. That can be controlled on the recipient end by changes to the inbound SMTP software. Basically, everyone would be required to list their outbound mail servers in their DNS records. E-mail that purports to be from domain X, that is sent from an IP address that does not appear in the domain's DNS record would be suspect. (Up to the admin whether to accept/reject at that point.) Whether you do that by adding a new record type to the DNS or just use the A records which already exist is open for debate.
That, at least, would make whitelists a bit more reliable. Peer pressure would get companies to add the appropriate records to their DNS. And in order to spoof a domain, the spammer would have to hack the domain's DNS records.
Wolde you bothe eate your cake, and have your cake?