Slashdot Mirror
Time-travel Spammer Strikes Back
HopToit writes "Robby Todino is apparently upset about being outed a couple months ago as the source of all those wacked messages about 'Dimenstional Warp Generator Needed.' According to Wired, someone has pulled a major joe-job spam attack (forged 'From:' lines) on three popular sites in retaliation for making fun of Todino's goofy search for alien technology. Robby, if you're out there, you have ceased to be amusing."
Someone needs to get that guy on Coast to Coast AM, with Art Bell/George Noory stat.
Knowing that show, there's someone else in the audience that actually does have all that equipment he's searching for. =)
My Webcomic: Asylum on 5th Street
The very fact that we received spam proves that time travel is impossible: If it was possible, someone would invent it, travel back in time and beat up all the spammers so that they would never have sent any in the first place.
when i was in school i took some pr course where it was presented that a direct mail campaign (snail mail, addressed directly to the recipient) with a response rate of 3% was considered a "roaring success".
spam can survive even with miniscule response rates (one hundredths of a per cent) because the actual transmission is free. direct mail has postage and printing costs. telemarketing needs actual wage-earning callers and phone connections. but spam once you find that open relay, spam is free.
with costs like that, revenue can afford to be low.
2 1337 4 u!
we need to send Van Damme after this guy.
Manipulate the moderator system! Mod someone as "overrated" today.
(off topic, but you'd think it obvious that any time machine breakthrough would be all over the news right! ; i guess basic rationality doesn't come into this though. scary.)
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
A joe-job is a spam run forged to appear as though it came from an innocent party, who is then generally flooded by the bounces or complaints.
Sure. The honest ISPs will have to bear the burden of administering this tax (for which, they will have administration costs - passed on to users). But what about these Hong Kong spamming sources? Or anything outside the jurisdiction of the 'email tax law'? An email tax is both unworkable and ineffective
What is needed, and has been pointed out in many other places, is a reform of the SMTP method. SMTP was designed many, MANY years ago when the only people on networks were technicians, academics, etc. These people created a system for THEM to use. They didn't really anticipate spam, because for spam to become effective, email needs to be wide-spread to the point near ubiquity. When email services are as common, you are going to get a lot of simple-minded gullible people out there. And these are the people who click on those ads, and bring in the spam revenue.
So, I guess we either need to reform and properly lock-down email sending to show only accurate information, or require a simple I.Q. test before logging into email! ;) Of course, the latter opetion would surely bring about the swift demise of AOL...
In the article, the reporter states that Todino's father says his son has mental problems. OK, fair enough. Then his father needs to step up to the plate and get the guy some help.
Barring that, the people being joe'd really need to follow up on this. Either this guy is an unrepentant spammer, in which case he needs to be made to pay the price, or he's mentally unstable, in which case he needs professional help. The latter possibility is really more serious, since Todino could conceivably go off the deep end and do something more serious. Possibly, the best approach would be for them to contact Todino's father and tell him that if he doesn't get his son some help immediately, they're going to pursue the case with law enforcement. Assuming the father's statements are true and that he gives a damn, this should at least get the ball rolling.
Not going to work. I don't use my ISP to send mail, at least not in a way they can detect. I use my own server, instead.
Are you going to tax me to send email between the users on my machine? If so, how are you going to monitor the logs? Are you going to give government authorities permission to audit my machine whenever they see fit to? Looking kind of authoritarian, now, isn't it?
How about cron jobs sending me email? Do I get taxed for them, too?
Instant messaging? Tax for that? What about when people get fed up with your email tax and implement an email system over an IM service instead? Or just implement some other of email over any other protocol to bypass your tax system?
Filters are an effective way of combatting spam. Much better - and less oppressive - than a tax. SpamAssassin catches 99% of the spam I receive. It, and other filters, are so effective that spammers are now changing the content of their text to attempt to bypass it. And when they do this, it reduces the effectiveness of their advertising, so in the end, they lose.
-- Even if a god did exist, why the fsck should I worship it?
If you really want to use the car analogy, I'd say it's more like this:
Cars have locks that are just fine when used properly. However, many people are very gullible, and if you go up and ask them, they'll let you borrow their car. You can steal their car after asking to borrow it, and most of them will be too embarrassed that they lent you their car in the first place to ever file a police report. The success ratio is high enough that every day multiple people will walk up to you and ask to borrow your car. To date, we've come up with no useful way of keeping these would-be thieves from taking up your time or your brainspace.
____ _______
Duty now for the future!
Space travelers would probably be unimpressed by an eclipse. I'll tell you the real draw: supermarkets. Don't believe me? Take a trip to Japan, then wander through a supermarket - you will be amazed at how fascinating it truly is.
Aliens would probably find most things here interesting because it would be so foreign - and that's all it takes to grab a "person's" attention, something he/she/it hasn't seen before.
What changed under Obama? Nothing Good
Its referred to in the article
Joe Job [joa~juhb]
A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source. A Joe job is sometimes conducted as an act of revenge on someone who reports a spammer to their Internet service provider (ISP) or publicly advocates anti-spam legislation. The perpetrator is said to be Joeing the legitimate owner of the e-mail address they use. The Joe job is one of the oldest spamming operations in existence, and one of the simplest ones to carry out: the spammer may not have to do anything more than change the "Reply To" address in their e-mail program.
Shrug, if you want to stop people sending forged email then use PKI. Don't accept mail from people unless it is signed by someone you trust. It's easy to implement, it's reasonably secure. It doesn't change any of the protocols on the internet today, all you need to do is set up a key and start signing email.
Sure spammers can get a key but if nobody signs their key, then they can't spam. So every time they want to spam they need to get a key signed. People who sign spammers keys regularly are going to get their signatures revoked.
This increases the "cost" of spamming by making it hard for spammers to get legitimate keys, but making it relatively cheap for joe bloggs who just has to create a key and perhaps get it signed by his ISP and a couple of friends.
ISP's signatures wouldn't mean much, but it would be enough to get you started on the web of trust, after a few people have signed your key your key will start becoming more important to more people.
So, step up and use GPG today!
What strikes me is that the major problem is not the spammers doing direct DoS attacks on the targets, but that they're using brain-dead behavior of mail servers to pull off DDoS attacks. If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message instead of accepting it and then bouncing to what you almost certainly know is an innocent party. A party who is not the sender of the message, by the way, which means you anal types who say "RFC says I must bounce" have to note that it also says you must not lose a message, which is what a bad bounce does. Please be a friendly network neighbor and stop bouncing spam.
Murder is the senseless waste of a human life.
Spam is the senseless waste of millions upon millions of tiny fractions of a human life.
There comes a point where the few seconds that each of us without spam filters spend deleting this crap adds up to the average lifespan of a human being.
If someone has sent that much spam, why should they not be treated in the same way as a murderer?
A pizza of radius z and thickness a has a volume of pi z z a
Instead of a tax (why do some people always look to government for everything), why not use a micropayment system in which the sender must pay the recipient for delivery. If the sender is a friend or the e-mail is truly worth it, then the recipient rebates the sender's money. The recipient would set the payment level and publish it to the public.
For example, I would probably set my payment level at about 0.50 or $1.00, but if I stil get too many spams, then I would boost the charge to $2. I would also create a whitelist of people (friends, clients, mailing lists, and a few select businesses) who are automatically exempted. When somebody tries to send me an email, the MicroPayment Mail Transfer Protocol (MPMTP) would automatically inform the sender of the charge when they hit the send button. People not on the system would get automated return e-mail requesting that they join the system to complete the sending of their e-mail.
The point is that each person can decide how valuable their time is. Spammers (including those in Hong Kong) would be forced to target e-mails to only those people who would appreciate them.
Two wrongs don't make a right, but three lefts do.
a hundred million years or so and will continue only for a few hundred million more - quite a small window in the history
Statements like this are why I never lend money to anybody in Astronomy or Geology.
Eve Fairbanks says I drive a hybrid!LOL
I'm using an ASCII terminal. Or a PDA with a small screen. Or VoiceXML over a telephone. Or I'm sight-impared. Or my ISP bounces your ISP's coded-number-in-a-distorted-image with request that they respond first with a coded-number-in-a-distorted-image, rinse, repeat. Or I have my filters set to autotrash any graphics in email because 99% of the time it's for penis pills. Or it was a Joe-job and your ISP sent me 20,000 coded-number-in-a-distorted-image challenge emails.
Now what?
One line blog. I hear that they're called Twitters now.
I think it really depends on how you spin it. It goes without saying that someone has to be making money from spam, and also that there are gullable fools who buy the stuff on offer. The problem is that many of the gullable fools are not the same ones that actually buy the porn and pills being peddled, but those that by the spamming services too.
The spam "business" seems to be constructed in several levels. At the top you have the metaspammers (see the ROKSO for a list) who don't really sell anything other than spamming tools and services. These guys are the ones raking in the bulk of the cash, and are probably the only ones with the werewithal and resources to run the global spamnets without getting nailed (so far). Underneath those is a mesh of "affliate programs" and small fry who do spam their own products and finally, at the bottom, are the dregs of humanity that actually buy the physical products.
The problem is, that everytime something like this comes up on Slashdot, Kuroshin, or even the "mainstream" TV and press media, there is a chance that someone has the following chain of "reasoning":
- There is money to be made in spam.
- Why shouldn't that be me?
- How do I spam?
And all this does is send another gullable fool off to the metaspammers that peddle the "guaranteed" opt-in address lists, bulk mailers and similar services. The money floats up to the top of the tree and the cycle perpetuates. Occasionally, I'm sure, one of these guys gets lucky and makes a decent amount of cash in exchange for thier soul, but I'll bet that the majority do not, and soon pull out of the game with a somewhat lighter bank balance. The spam business seems to be a pyramid scheme in all but name, if you ask me.UNIX? They're not even circumcised! Savages!