Slashdot Mirror
Time-travel Spammer Strikes Back
HopToit writes "Robby Todino is apparently upset about being outed a couple months ago as the source of all those wacked messages about 'Dimenstional Warp Generator Needed.' According to Wired, someone has pulled a major joe-job spam attack (forged 'From:' lines) on three popular sites in retaliation for making fun of Todino's goofy search for alien technology. Robby, if you're out there, you have ceased to be amusing."
(off topic, but you'd think it obvious that any time machine breakthrough would be all over the news right! ; i guess basic rationality doesn't come into this though. scary.)
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
Sure. The honest ISPs will have to bear the burden of administering this tax (for which, they will have administration costs - passed on to users). But what about these Hong Kong spamming sources? Or anything outside the jurisdiction of the 'email tax law'? An email tax is both unworkable and ineffective
What is needed, and has been pointed out in many other places, is a reform of the SMTP method. SMTP was designed many, MANY years ago when the only people on networks were technicians, academics, etc. These people created a system for THEM to use. They didn't really anticipate spam, because for spam to become effective, email needs to be wide-spread to the point near ubiquity. When email services are as common, you are going to get a lot of simple-minded gullible people out there. And these are the people who click on those ads, and bring in the spam revenue.
So, I guess we either need to reform and properly lock-down email sending to show only accurate information, or require a simple I.Q. test before logging into email! ;) Of course, the latter opetion would surely bring about the swift demise of AOL...
In the article, the reporter states that Todino's father says his son has mental problems. OK, fair enough. Then his father needs to step up to the plate and get the guy some help.
Barring that, the people being joe'd really need to follow up on this. Either this guy is an unrepentant spammer, in which case he needs to be made to pay the price, or he's mentally unstable, in which case he needs professional help. The latter possibility is really more serious, since Todino could conceivably go off the deep end and do something more serious. Possibly, the best approach would be for them to contact Todino's father and tell him that if he doesn't get his son some help immediately, they're going to pursue the case with law enforcement. Assuming the father's statements are true and that he gives a damn, this should at least get the ball rolling.
Not going to work. I don't use my ISP to send mail, at least not in a way they can detect. I use my own server, instead.
Are you going to tax me to send email between the users on my machine? If so, how are you going to monitor the logs? Are you going to give government authorities permission to audit my machine whenever they see fit to? Looking kind of authoritarian, now, isn't it?
How about cron jobs sending me email? Do I get taxed for them, too?
Instant messaging? Tax for that? What about when people get fed up with your email tax and implement an email system over an IM service instead? Or just implement some other of email over any other protocol to bypass your tax system?
Filters are an effective way of combatting spam. Much better - and less oppressive - than a tax. SpamAssassin catches 99% of the spam I receive. It, and other filters, are so effective that spammers are now changing the content of their text to attempt to bypass it. And when they do this, it reduces the effectiveness of their advertising, so in the end, they lose.
-- Even if a god did exist, why the fsck should I worship it?
If you really want to use the car analogy, I'd say it's more like this:
Cars have locks that are just fine when used properly. However, many people are very gullible, and if you go up and ask them, they'll let you borrow their car. You can steal their car after asking to borrow it, and most of them will be too embarrassed that they lent you their car in the first place to ever file a police report. The success ratio is high enough that every day multiple people will walk up to you and ask to borrow your car. To date, we've come up with no useful way of keeping these would-be thieves from taking up your time or your brainspace.
____ _______
Duty now for the future!
Space travelers would probably be unimpressed by an eclipse. I'll tell you the real draw: supermarkets. Don't believe me? Take a trip to Japan, then wander through a supermarket - you will be amazed at how fascinating it truly is.
Aliens would probably find most things here interesting because it would be so foreign - and that's all it takes to grab a "person's" attention, something he/she/it hasn't seen before.
What changed under Obama? Nothing Good
Shrug, if you want to stop people sending forged email then use PKI. Don't accept mail from people unless it is signed by someone you trust. It's easy to implement, it's reasonably secure. It doesn't change any of the protocols on the internet today, all you need to do is set up a key and start signing email.
Sure spammers can get a key but if nobody signs their key, then they can't spam. So every time they want to spam they need to get a key signed. People who sign spammers keys regularly are going to get their signatures revoked.
This increases the "cost" of spamming by making it hard for spammers to get legitimate keys, but making it relatively cheap for joe bloggs who just has to create a key and perhaps get it signed by his ISP and a couple of friends.
ISP's signatures wouldn't mean much, but it would be enough to get you started on the web of trust, after a few people have signed your key your key will start becoming more important to more people.
So, step up and use GPG today!
What strikes me is that the major problem is not the spammers doing direct DoS attacks on the targets, but that they're using brain-dead behavior of mail servers to pull off DDoS attacks. If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message instead of accepting it and then bouncing to what you almost certainly know is an innocent party. A party who is not the sender of the message, by the way, which means you anal types who say "RFC says I must bounce" have to note that it also says you must not lose a message, which is what a bad bounce does. Please be a friendly network neighbor and stop bouncing spam.
I'm using an ASCII terminal. Or a PDA with a small screen. Or VoiceXML over a telephone. Or I'm sight-impared. Or my ISP bounces your ISP's coded-number-in-a-distorted-image with request that they respond first with a coded-number-in-a-distorted-image, rinse, repeat. Or I have my filters set to autotrash any graphics in email because 99% of the time it's for penis pills. Or it was a Joe-job and your ISP sent me 20,000 coded-number-in-a-distorted-image challenge emails.
Now what?
One line blog. I hear that they're called Twitters now.