Slashdot Mirror
Time-travel Spammer Strikes Back
HopToit writes "Robby Todino is apparently upset about being outed a couple months ago as the source of all those wacked messages about 'Dimenstional Warp Generator Needed.' According to Wired, someone has pulled a major joe-job spam attack (forged 'From:' lines) on three popular sites in retaliation for making fun of Todino's goofy search for alien technology. Robby, if you're out there, you have ceased to be amusing."
Like all good bond adversaries, this one won't die.
- Sherman
It seems that everyone in his right mind despises telemarketing. Spam too. Ask anyone, and they'll tell you that there are few things they hate more in life. It seems as if there are no exceptions to this rule -- everyone, bar none, hates telemarketing and spam.
But it can't be true. Someone must be responding to this stuff by spending their money. Because for some reason, telemarketers and spammers stay in business. Somehow, it must be worth it for them.
If everyone hated the stuff as much as they say they do, if everyone hung up on the unwanted calls and deleted the unwanted mails in nothing flat, like they say they do, then the problem would fizzle out before long. No one could make money doing it, so there would be no reason to keep trying. And yet, the crap just goes on and on and on.
I've read rumors that a certain small percentage of the people called or mailed actually do respond and end up buying something; usually the figure is put about 10%, or something similarly low. Hard to believe that such a business would be worthwhile if the response rate is so low; but whatever it is, it must be high enough that the incentive for telemarketing and spamming is maintained. Otherwise, there'd be no such thing.
A national no-call list is a nice idea, but I can't see the problem going away altogether as long as the telemarketers and spammer still believe there's a chance to make money. Certainly the spammers are not going to let some trivial thing like a Federal law stop them. (They'll just go on spamming from Antarctica, or wherever.) If we really want the problem solved, once and for all, we have to ensure that there is no future for those businesses, and that would require educating the public, right down to the last man, woman and child, to always follow this rule without exception: If someone calls you or emails you to sell you a product, then whatever you do, don't buy that product!
Someone needs to get that guy on Coast to Coast AM, with Art Bell/George Noory stat.
Knowing that show, there's someone else in the audience that actually does have all that equipment he's searching for. =)
My Webcomic: Asylum on 5th Street
The very fact that we received spam proves that time travel is impossible: If it was possible, someone would invent it, travel back in time and beat up all the spammers so that they would never have sent any in the first place.
we need to send Van Damme after this guy.
Manipulate the moderator system! Mod someone as "overrated" today.
DISCLAIMER: I am not trying to be flamebait here, this is my honest opinion:
I'm torn about the idea of an email tax. While in general I don't like the idea too much, it does occur to me that this might be the only way of dramatically reducing spam.
Look at it this way: Even a wicked-busy web maven likely sends less than 1000 emails a day outside of their own company LAN (with a few exceptions I realise. Individuals likely send less than 100 per day in general.
So, say you put a tax, to be administered by your ISP on each email, of say 0.1 cents per email. Big Business guy gets charged $1/day, home user $0.10 per day. By no means big money. Johny McSuperSpammer, however, who sends out 10 million emails every day, gets a handly little bill for $1000. Kind of changes the economics of his penis enlarger ads.
Like I say, I'm not a huge fan of paying more, but it does seem like making emails cost per message sent might be the best/easiet/only way to dramatically reduce spam.
Furthermore (ideally), to make up for the cost, you ISP could take $5 per month off your bill, to make up for the extra you're spending to send email. They still make money, because of the tax, the financial hit for you is minimal, but the spammers get hosed.
Why doesn't he travel back in time and kill all of their grandfathers? They would cease to exist.
Wait. Then he wouldn't need to kill their grandfathers. And then he would.
And...
And...
Excuse me.
[Opens Window]
I can fly!
Todino's father, Robert Todino Sr., previously told Wired News that his son has psychological problems and earnestly believes in the possibility of time travel.
Are spammers going to start pleading "insanity" when they get arrested? "The aliens made me do it!"
When life hands you lemons, grab the salt and pass the tequilla...
(off topic, but you'd think it obvious that any time machine breakthrough would be all over the news right! ; i guess basic rationality doesn't come into this though. scary.)
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
A joe-job is a spam run forged to appear as though it came from an innocent party, who is then generally flooded by the bounces or complaints.
For fun putting aside the 'do they exist?' and 'can they get here easily?' questions I've often thought that if you really want to find visiting Aliens and the like then you have to find something on earth that would be worthwhile coming to see - an alien tourist honeypot if you will.
The only thing that I can think of that potentially fits this bill is a total solar eclipse. Although there's some compelling evidence that life like ours can only evolve in a similar 'double planet' system like the earth-moon, there's really no reason to expect intelligent life to be around at exactly the same time as the apparent moon and sun size matches sufficiently closely to see a total eclipse. Indeed total solar eclipses have only been visible on earth for a hundred million years or so and will continue only for a few hundred million more - quite a small window in the history of our planet and something sufficiently rare that it may be worthwhile diverting a few light years to see.
So if I did want to find an alien or the like I'd look in the middle of a path of totality
In the bizarro world of the internet, we likewise have broken locks. Email, specifically, is like a car with really, really shitty locks on it. However, instead of knowing about this problem for many years now and a few (some equally bad) proposals for fixing it, the main mode of dealing with the problem is:
In the article, the reporter states that Todino's father says his son has mental problems. OK, fair enough. Then his father needs to step up to the plate and get the guy some help.
Barring that, the people being joe'd really need to follow up on this. Either this guy is an unrepentant spammer, in which case he needs to be made to pay the price, or he's mentally unstable, in which case he needs professional help. The latter possibility is really more serious, since Todino could conceivably go off the deep end and do something more serious. Possibly, the best approach would be for them to contact Todino's father and tell him that if he doesn't get his son some help immediately, they're going to pursue the case with law enforcement. Assuming the father's statements are true and that he gives a damn, this should at least get the ball rolling.
i kind of feel slightly better now. knowing there's a name for it.
definition linked to in Wired article: http://searchcio.techtarget.com/sDefinition/0,,sid 19_gci917469,00.html
part of the problem (and i feel like i should be careful what i say eh ain't this silly) is that many ISPs tout an "unlimited addresses" feature allow anything@username.isp.com - and some spammers are realising this. or trying everything to get around filters... :/ a right pain in the behind!
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
earthlink.net seems to have a pretty good way of dealing with spam - when you send an email to an earthlink account for the first time it gets put in the user's "suspect" folder, then you immediately get an automated response with a url, you go to the page and enter the standard coded-number-in-a-distorted-image and can optionally add a short request message and your name, then the recipient can accept you and all further emails go straight through with no problem. You would only need to check the suspect folder if you were expecting something like a password reminder or welcome message. This is the sort of solution that will end up being adopted not some stupid "charge for emails" idea and we dont need laws that add to the complexity of everything and could potentially restrict freedom of speech (a law saying you cant send spam could provide ammo to the courts/legislators for starting other laws which go much further).
This comment does not represent the views or opinions of the user.
Its referred to in the article
Joe Job [joa~juhb]
A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source. A Joe job is sometimes conducted as an act of revenge on someone who reports a spammer to their Internet service provider (ISP) or publicly advocates anti-spam legislation. The perpetrator is said to be Joeing the legitimate owner of the e-mail address they use. The Joe job is one of the oldest spamming operations in existence, and one of the simplest ones to carry out: the spammer may not have to do anything more than change the "Reply To" address in their e-mail program.
What strikes me is that the major problem is not the spammers doing direct DoS attacks on the targets, but that they're using brain-dead behavior of mail servers to pull off DDoS attacks. If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message instead of accepting it and then bouncing to what you almost certainly know is an innocent party. A party who is not the sender of the message, by the way, which means you anal types who say "RFC says I must bounce" have to note that it also says you must not lose a message, which is what a bad bounce does. Please be a friendly network neighbor and stop bouncing spam.
Everyone knows that the *real* time traveler is named JOHN TITOR!
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
Well written, pretty consistent and sufficiently evasive not to get caught with outright lies. Smells like a university project by some political/social sciences students...
The owls are not what they seem
Murder is the senseless waste of a human life.
Spam is the senseless waste of millions upon millions of tiny fractions of a human life.
There comes a point where the few seconds that each of us without spam filters spend deleting this crap adds up to the average lifespan of a human being.
If someone has sent that much spam, why should they not be treated in the same way as a murderer?
A pizza of radius z and thickness a has a volume of pi z z a
Instead of a tax (why do some people always look to government for everything), why not use a micropayment system in which the sender must pay the recipient for delivery. If the sender is a friend or the e-mail is truly worth it, then the recipient rebates the sender's money. The recipient would set the payment level and publish it to the public.
For example, I would probably set my payment level at about 0.50 or $1.00, but if I stil get too many spams, then I would boost the charge to $2. I would also create a whitelist of people (friends, clients, mailing lists, and a few select businesses) who are automatically exempted. When somebody tries to send me an email, the MicroPayment Mail Transfer Protocol (MPMTP) would automatically inform the sender of the charge when they hit the send button. People not on the system would get automated return e-mail requesting that they join the system to complete the sending of their e-mail.
The point is that each person can decide how valuable their time is. Spammers (including those in Hong Kong) would be forced to target e-mails to only those people who would appreciate them.
Two wrongs don't make a right, but three lefts do.
I'm using an ASCII terminal. Or a PDA with a small screen. Or VoiceXML over a telephone. Or I'm sight-impared. Or my ISP bounces your ISP's coded-number-in-a-distorted-image with request that they respond first with a coded-number-in-a-distorted-image, rinse, repeat. Or I have my filters set to autotrash any graphics in email because 99% of the time it's for penis pills. Or it was a Joe-job and your ISP sent me 20,000 coded-number-in-a-distorted-image challenge emails.
Now what?
One line blog. I hear that they're called Twitters now.
And how do you implement such a system without backing it up with government-level machinery such as laws, law enforcement and judicial process?
I agree that government and law form the underpinnings of our economic system. But government did not create eBay or credit cards. Government is moderately good at creating a regulatory context in which rights and responsibilities are balanced for the average and common good. Government is generally bad at creating innovative systems that are customized to the needs of individuals. Finally, government is ill suited to standardizing/regulating international phenomena like spam and e-mail.
No, it's better to make it a government controlled operation from the start so that the standards are set the same for everyone.
The point is that not everyone wants the same standards. Some people may not value their time or not care about spam and thus chose a low hurdle (and a 0.01 tax is a very very low hurdle for spam, IMO). Others might place an extreme value on their time or loath spam so much that they place a high value of their time. So the recipient should set the payment.
Moreover, it is not the government that bears the cost of spam, it is the recipient. The recipient's "labor cost" far exceeds the cost to the internet infrastructure. Therefore the recipient should get the payment.
Since the recipient should set the payment and the recipient should get the payment and the issue is international, I would think an organization like VISA would be better at running the program than any of the Earth's 180-some-odd governments.
Two wrongs don't make a right, but three lefts do.
Did anybody open the HTML attachments with the time travel spam? They were advertisments for penis pills, viagra, and all the usual suspects. The weird-ass messages simply spoofed spamAssassin, et al., into passing this rubbish along...
Vincent "The Chin" Gigante wandered around Greenwich Village in a bathrobe, pretending to be crazy, to escape a murder conviction. Robby "Captain Time" Todino covers his slimy business with feigned nuttiness.
They both deserve the needle.
How long will this "we need a new e-mail system" go on? The discussion about a new protocol to replace SMTP has gone on for ages, but nothing has happened.
I predict that Microsoft will come up with a new, better secured way of transferring mail messages over the Internet. It will be a closed architecture that requires Windows on all client and server systems. It will take over from e-mail overnight. In about a year's time, you will get more and more comments like "Oh, you still have such and old-fashioned mail address, one with a @ in it?" from most of your mail partners, certainly in business uses of mail...
Why? Because the advocates of open standards only talk about the problems of migrating to a new standard, and don't actually start designing and migrating.
I dunno about yours, but my TV has a power switch. Besides, who needs TV when you've got BitTorrent? :)
+++ATH0
Its probably a double joe job - Robby doesn't wanna annoy random website users, he just wants to get out of this time frame!
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message instead of accepting it and then bouncing to what you almost certainly know is an innocent party.
I can tell you that the problem is all but easy to fix.
Not only do our Postfix servers (On the DMZ) have to accept mail to Exchange accounts (Servers on a different inside-DMZ) without knowing what accounts exist, but also for other mail servers we have no control over. For example, we send incoming emails back out over VPN tunnels to Japan, Germany and Washington without having the slightest clue or control over what accounts exist over there.
Before, I used to work for a big ISP that only serviced companies and the setup was similar there, we had this huge Sun Enterprise cluster to accept incoming email for our clients, and then sent the emails to each customer's dedicated server without having any control over them.
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message
Many Internet-accessible MX hosts are not also running delivery services (POP, IMAP, etc.) They often relay the mail to a non-internet-accessible SMTP hub for the domain, which in turn relays the mail to the hosts running the delivery agents. There's usually no way the Internet MX host can know which users are valid.
Don't try to pass this off on mail admins. We're doing what we can, spending way more time setting up ways to filter out this crap than we should have to. Direct your bile at the spammers.
which means you anal types who say "RFC says I must bounce" have to note that it also says you must not lose a message, which is what a bad bounce does.
I do not think "lose a message" means what you think it means. I like the RFCs. I just don't think your little suggestion does much good except for the poor joe-jobbee. I've been joe-jobbed. Yeah, it sucked. But I'd rather delete a couple thousand messages once in a blue moon than ask every admin on the Internet to set up their mail servers so that the spammers can more easily validate their address lists.
include $sig;
1;
There is only one logical solution to this puzzle...
Get a lawyer and sue both these time travelers for patent infringement. With all the money, you won't have to worry about which crappy future you end up with.
For your viewing pleasure:
This one a month earlier:
(Yes, I deleted e-mail addresses to protect the guilty, but hey, it's principles.)
Another interesting note: The first time I tried to submit this: Lameness filter encountered. Post aborted! Reason: Please use fewer 'junk' characters.
So, at least we know he's lame.
"Alcohol, Tobacco, Firearms, and Explosives" should be a convenience store, not a government agency.