Slashdot Mirror
Another Worm Targets Anti-Spam Sites
kevinvee writes "Yahoo! is reporting about the next battle of Spam Houses versus Spamhauses. This time, its W32/Mimail-L receiving the attention. "It's the third Mimail variation to come after us, except this one is trying to do more," said Steve Linford, founder of The Spamhaus Project. Apparently this reincarnation comes as an attachment offering naked photographs. Once infected, a follow-up e-mail is sent to the user stating that a CD containing child pornography will be delivered to their postal address. "These guys write trojan (viruses), they carry out DDOS attacks and they get their money through selling stolen credit cards and spamming," Linford said."
I didn't think that it was possible for me to hate spammers more than I already do.
Turns out I was wrong.
In case you don't know what I am talking about, Go see the movie before you mode me down.
for the last time people, I am "frodo from middle eaRTH", not "middle eaST".
What we need to do is find out the physical addresses of these nice individuals and try to reason with them using advanced negotiation tools, such as baseball bats and tire irons.
Viral software licensing is not freedom, it is in fact GNU/Socialism.
Apparently this reincarnation comes as an attachment offering naked photographs.
Yeah... apparently, people are still STUPID enough to open these things. Does ANYONE out there still beleive you can get "100% free porn, just click here!" from some sleezy, unsolicited email that just redirects you to a credit card entry, despite the "free"?
I guess so...
WHAT? Who? Where? These viruses don't use some security exploit. They get the user to run the attachment..plain and simple. If the user runs a file that is no ones fault but the user.
The fact that when opened this software is allowed to execute code, crawl through the address book, copy itself and send itself out to others is a fault with the system.
I've never had a problem when opening an attachment with Mutt.
Trolling is a art,
The virus installs a DDOS zombie that attacks Spamhaus. It's not that Spamhaus got infected.
I think this is actually a good thing because it links spammers with viruses and therefor reinforces the association "spammer = evil". Perhaps sooner or later more people (and gov. agencies and companies) see spam not just as annoyance but as attack.
Seriously, I dislike spammers as much as the next guy, but immediately saying this is the work of a spammer is stretching it just a bit. For all we know the person behind the worm has nothing to do with spam.
sorry to respond to meslef. just realized that it was the users running attachments not the company. my bad for jumping the gun.
Isn't there some way to distribute the anti-spam sites/lists so that a DDOS attack can't take it out? All that's needed is a simple neural net-style system - redundancy and distributed content (which the internet makes simple) could solve this sort of problem, at least for now.
GL
They should know better than to use such an insecure e-mail application as outlook.
Fight Spammers!
Beyond all the normal inferences of why you can't target spammers... there is one fundamental thing to note. There has yet to be a proven case, directly or indirectly, of email spam causing death. :)
Yeah, it costs people time, lots of money, and probably some hair; meanwhile someone profits from the exploits good and bad. Hell, that happens all over the place, not just here.
-woog
If law enforcements agencies cannot handle the problem it's time for the Wild West solutions. And it seems we have to be the sheriffs. Let's fight those bastards with their own methods. They claiumed OUR network, they use it for their own dirty purposes. And they try to 'kill' those who fight with them. We're the majority. Law & order people! DDoS DDoSers. Kill spammers!
Ok. This is bad idea. But what else we can do?
I think you misunderstood. The virus sends an email about the shipment of the porn CDs with a spoofed return address that's actually the address of an anti-spam organization, so they get bombarded with emails from users who think they're sending them child porn.
These guys are directly opposed the "They" in "They say ...",
who are not to be confused with "The man",
which is a common misconception
You are in a maze of twisted little posts, all alike.
Yes, but when those virii are targetting one machine instead of the internet as a whole, it makes something of a difference, Graham...
Simon
Physicists get Hadrons!
I've just received a fake "mailer daemon" rejection message with a viral attachment; although my a/v program caught it, I can see this tactic catching even the most suspicious of us...
For a while I had netblocks from all of Asia, Africa, and South America in my access.db. This was pretty effective at blocking spam.
When I finally decided to start resubscribing to some high traffic and international lists, this draconian technique proved problematic.
So just hang a sign on your door that says, "Assholes are not welcome." I am all for whitelisting select mail servers who would be willing to subscribe to some good housekeeping standards.
Balkanize the internet to save it!
Later,
JC the AC
If it's an executable and the user runs it, then it can do anything the user can do. If I emailed you "hot_nekkid_chicks.sh", you saved it using mutt, ran it without thinking and it did rm -rf ~/ , you wouldn't blame Mutt.
The fact that MS software makes it so easy to run an attachment and to hide its executable nature is the problem.
Mastercard, wait, even better AmEx issues a card with the same idea. The card is used once in response to a single spam. The card is then cut up but not cancelled. Hand the card numbers and the billing address over on a platter.
When the card is used again, set your phasers to sue. The beneficiary of the card's usage can either be charged with fraud, etc. or roll on their superior. Pass the buck up the ladder until you can jail a spammer not on the basis of spam but of felony(ies).
Of course, this assumes that you can find a "member magnifier" offer that isn't even looking to send you Sucrosa. Still, it might be worth a shot as a low-cost investment with a good potential for a high yield.
The same idea could be used for eBay and PayPal scams. It's not as if none of us have gotten those "Please enter your password in this email and click submit button" spams. I wonder if this is already done. I'm a smart guy, but I'm still just another geek on /.. It seems some well-compensated theft prevention exec would have started doing this a long time ago if it would work. Though honestly, I don't see any problems with it myself.
The only thing more dangerous than a file named -rf is renaming it -rf\ /
Um...maybe you and I read a different article, but the article linked here talks about a DDoS from external sources.
I mean, imagine a few busloads of geeks bumrushing and stomping the crap out of a few spammers? Wear masks and run like hell...few will be ID'ed and caught.
Blar.
So if I email you an ELF binary as an email attachment, and you save it and run it, that executable will not be allowed to crawl through your address book and send itself out to others?
Linux prevents it from doing that, eh? Really? Which distro might that be?
Like woodworking? Build your own picture frames.
Another nasty virus. Of course I personally am not worried one bit, since I don't run any MS software on any of my computers, but my mother's business depends on Windows. She uses Word and Finale for her music ventures. However she also uses Outlook for her mail.
Is now a good time to upgrade to OS X? I would like this, since it would allow for better remote administration for when her system goes "loopy". Or should I just make her use Mozilla for mail?
"If anyone needs me, I'm in the angry dome."
If I just look at "hot_nekkid_chicks.sh" in Mutt I would only see the script. Just looking at these things in Outlook lets them run. With mutt I would have to save the script, chmod it +x, then run it.
Which is safer?
Trolling is a art,
If I misslead you and get you to hand over your life's savings, then it's your fault, right? I won't have to worry about being hunted down by the long arm of the law and prosecuted for being a con man?
These viruses prey on the ignorant. It's easy to make comments like yours when computers are a key part of your life. Perhaps we should have a minimum competence level before letting people on the internet, a so-called computer driving licence. That way we can hold the users responsible.
Or perhaps you're responsible. You know what the problems are, but you haven't done enough to educate others.
As much as I hate spam and worms and such, that is too funny. Some dumb bastard tries to get the free pr0n from the email, gets infected, then gets scared to death because they lock you up for a LONG time for possessing kiddy pr0n.
Maybe this is vigilante spam, using the scared straight theory. Next time Joe Sixpack tries to look at the free pr0n, a little voice will pop up and remind him of what happened LAST time.
This would scare the living daylights out of my mother if she were infected by this trojan/worm.
I think part of the problem with computer security nowadays is that home users believe that anything is possible. Computers are still far too mysterious to the average user; I'll bet you dimes to dollars many users will think this CD mailing scare is real. Unless email and antivirus vendors do something to educate homes users, what's to stop the next virus from saying "open this attachment or we'll send illegal merchandise to your door?"
Spammers, even benign ones, thrive on the naivety of home users. I still haven't received my cheque from Bill Gates and Walt Disney Jr...
What they're doing amounts to terrorism (at least, under today's NewSpeak definition of "Terrorism"). Why are the authorities not trying to track these guys down? How hard can it be? It is extremely difficult to completely cover your tracks on the net. You find out where an email came from. Track it back to the ISP. Find out where it came from. Track it back to the next ISP. Check their logs. Continue until you get to a modem pool/DSL connection. There's your guy.
Are they all outside the country? Will those foreign ISPs not cooperate? Why is this so common?
Like woodworking? Build your own picture frames.
Actually, there was a 419 spam victim that killed. The ironic part is that is was a Nigerian diplomat.
Fight Spammers!
This is getting ridiculous. All of these worms/viruses of late have their own SMTP engine built in, and connect directly to external SMTP servers to spread their payload. ISP's (and businesses that provide access to internal workstations) need to block access to external SMTP servers! In particular, block egress port 25 from the network.
So you will ask, "But then how will I use my company's or other SMTP servers from home?" Easy, the port used for initial mail submission (IMS) should be set to a different port altogether. IMS and mail transport are different activities and should be treated as such. Use SMTP+AUTH+SSL, run it on port 465, and everybody is happy (except spammers and virus authors).
"But I want to run my own server on my dial-up or other consumer level account!" Contact your ISP and see if you can get a static IP address. SMTP servers should be on static IPs, that way bounces and other system messages can be routed properly. Check the AUP of your ISP, you might be prohibited from running a server on your account (find another ISP, or use the tip above to use a different SMTP server).
To do otherwise is to continue to be part of the problem, not part of the solution.
Am I the only one who finds this constant "cyber battle" between good and evil absolutely entertaining?
I mean, first you get the good hackers doing things like hacking Madonna's website because she thought she'd be all slick and release those "What the fuck do you think you're doing?" Mp3s. You also have the wonderful folks who are so good at defacing the RIAA's site because they're such ridiculous pricks.
Then you have the "bad" guys: people who target the so-called "good" sites like these Anti-Spam deals, or the people who make these worms that cause millions of dollars worth of damage because the folks at MS are too lazy to fix their stuff.
The fact that Anti-Spam sites are now being targetted makes it that much better because those sites have actually caused me a lot of personal headache by labeling me as a spammer even though I've never touched the stuff in my life!! I've sent countless emails explaining to them that they have no proof or reason to even remotely believe I was ever a spammer, they don't listen. I guess this is what they get, hehe.
Man, I love it. I personally can't wait for the next "Code Red" to hit so I can laugh at the damage it's caused.
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
That's what I said - the ease of execution is the problem, not the fact that code can crawl your address book as the grandparent post states.
I never really understood why someone didn't just contact the CC companies and get a really low limit on their credit cards. Hell, even TELL them that you're going to use it for "verification purposes" online, so that you'd want to know who tried to charge money to it. I don't know if you can, but ask them to keep track of where it was rejected.
Enter the number once, and watch the traceable info for spammers / people that buy this information just ROLL in.
It may be time-consuming, but so is this battle with attempting to blacklist spammers.
As others have pointed out, this attack vector isn't persea the software that user is running. The attack vector is the user, the old PEBKAC (Problem Exists Between Keyboard and Chair), which has been showing up as the resolution to many tickets in our troubleticket system.
.com, .pif, .bat, tell them to keep their anti-virus software up to date, don't run strange attachments, and still we get this. At least we have started running all our outbound mail through AV scanning, and that cuts down on a bunch of the crap, but we still can't keep them from going "ooh shiny...." Click!. Until our users figure out that the computer is a little more dificult to use than their VCR (I don't want to get started on ease of use/convience vs security etc.. but when was the last time you played a movie, and you DDOS'd M$), and they actually need to be mindful of what they use/do on it, "bad people" will always be able to do bad things.
The problem is no matter what we do, we can't prevent our users from shooting themselves in the foot. We rename attachments (.exe becomes _exe). We deny
Then again these users are the same people that would call up the phone company complaining of $600+ phone bills to the Caribbean, etc... When you ask them if they have downloaded any programs that offer free "porn" they get all defensive, etc... A quick look at their computer shows tons of those dialer type apps that are making the equiv of 900 (in the US) type calls over seas, and they don't realize it.
For the record, my users would be the users of the ISP that I admin for...
To E-mail me, replace the first period in my domain with an @
...would appear to be a great place to uncover a broad array of illicit activities. The mentality that these people have is consistent with people who lead the field in all kinds of fraudulent activities. If you're involved in one of these operations, my vote is that your profile just got a huge red flag.
I used to fear clowns...but I'm discovering that chimps are far, far, worse.
These guys
I wonder how far this will go? What about the free disposable email services? Mailinator or jetable next?
I'd have to save the attachment, chmod it then run it. Most unix people are smarter than that
Exactly my point! It's not the system, it's the users.
Like woodworking? Build your own picture frames.
Sad but true: People in general don't care until the disaster is there, not just predicted.
I've been trying to get my company to do something about spam (we're an ISP). The more serious, offensive, and aggressive spammers become, the higher my chances that someone up in management will get off his lazy ass and decide that it just might be worth it to do something.
Assorted stuff I do sometimes: Lemuria.org
You fucking idiot. Seriously, why are you people so GOD DAMN STUPID?
The Internet Worm
Please at least have some rudimentary knowledge of computer history - this was 1988 so unless you're less than 15 years old you have NO excuse for this idiocy. This slashdot article is about vicious attacks by VIRUS WRITERS. You are using it as a platform to espouse your obviously ridiculous opinion about security holes in an e-mail program.
In case you don't get my point, let me hammer it home for you - the link I provided is similar in that some smart guy exploited a security flaw to propagate a virus which copied itself all over the god damn internet and shut large sections of it down. The fact that this wasn't his specific intent is irrelevant. Would you like to sue UNIX for allowing a virus to propagate?
You edgy fuckers think shoving your tired, irritating Microsoft bashes into every god damn article on Slashdot is so clever. Examine the facts, genius - if someone wants to fuck with software, they will find a way.
If you're using renattach on your server to filter attachments, just use the following in your renattach.conf to bitbucket this virus:
banned_files = wendy.zip/k
No matter which way you look at it, there's absolutely no comparison between tobacco and spam. Tobacco kills people, spam is a minor inconvenience. This isn't life or death, and it's sad to see geeks with nothing else in their lives acting as if spam is as bad as say, Hitler. Yes, it's a PITA. Now, get on with your life.
The interesting thing is that for Spam to make any sense, it has to get people to pay real money. Thus any profit making Spam will give away a payment trail. So, if I may ask why in the world no authority goes after whoever sells through SPAM ?
Standard answers:
1) They will move offshore
(my reply, yes, but how will they get a payment if not through Visa/Amex/MC or other major intl institution)
2) There will be "false positives"
(I am not so sure about this one. One line of thought is that punishment may be directed to the profit coming from an Spam event, so if innocent sites make money w/out Spam they won't be very hurt. For instance, say spammers send Spam in the name of Amazon.com -- amazon might need to forfeit extra sales attributed to unusual traffic/sales in that period, attributable to the action of Spammers, if they bighugeenlargement.com doesn't have any traffic normally, they should be blown out of the water )
3) Costs of enforcement will be too high
Perhaps. But what are governments for ? If OKOKRIM can worry about persecuting 15 year old computer wizards, and the DoD can worry about persecuting a 66 year old dictator, why can't someone go after Mr. Joe Spammer and his clients ?
Quem a paca cara compra, paca cara pagará.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
The difference here is that to execute a bit of mail in a regular mail client, you have to go through some work (and it's somewhat technical, many computer illiterate users would have a difficult time doing it). In fact, it is those very users that cause the most problems with these email distributed viruses. By the time someone is literate enough to know how to excute an attachment, they should be (hopefully) savvy enough to realize why it is not a good idea. This is one of those cases where ease of use is actually detrimental (you don't see that very often).
I read the internet for the articles.
As promised, there's a new tool in town. Project Web Form Flooder is still in beta, but it's functional in flooding spammer's websites with plausible data. Java source code only right now, but I'd imagine the ./ crowd can deal with that.
If we flood spammer's websites with garbage data, maybe, just maybe we'll do a little to remove the profit motive in spamming, and once there's no money in it it'll end.
Isn't it time we stopped crying and started doing something?
Hey guys,
Just something to think about: This article talks about spammers along with references to not only spam, but destruction of anti-spam, virii, pornography, theft, identity theft, and child pornography. The only way they could really make spammers look any worse is if they labeled them as baby rapists.
While it could be true, it's beginning to sound like propaganda, intending to make these guys look more Evil than life. Think about the article's motivation, author, and target audience. Be careful, there may be something more going on than what we see on the surface.
~D http://www.dracosoftware.com
This sig has been enciphered with a one-time pad. It could say almost anything.
- Popular spam fighting group publishes PGP keys
- Make big blacklists, sign them
- P2P
Furthermore,-- I was raised on the command line, bitch
Apparently, not one of those guys, as none on the Spamhaus page are French (scroll down the page to find the hidden text within the worm)
Probably the most impressive, presumably malicious attachment I've seen so far has been one I've had a few copies of recently. When I first saw it, it looked surprisingly plausible:
n sfer-Encoding: binary"
"Hello there,
I would like to inform you about important information regarding your email address. This email address will be expiring.
Please read attachment for details."
It claimed to be from 'admin' at my email provider, an address which actually exists and I have had mail from them in the past, so even I had a second look...
It had an attached Zipfile, message.zip, containing a message.html, which began...
"MIME-Version: 1.0
Content-Location:File://foo.exe
Content-Tra
Then a binary which definitely looked like a Windows executable. The whole attachment was about 35kB in size, so fairly plausible for a reasonably complex HTML document.
Anyone know what it might be? The apparent HTML payload in a Zipfile seems pretty innocuous at first glance, so you have to be even more careful. I'm using an up-to-date Pine on a remote FreeBSD machine, so I was perfectly safe, but I can really imagine others being caught
True. Maybe the product initially being offered isn't real, but if you follow up they know they've got a live address. After that, the spammers can sell your addy for more money to other spammers, and to companies that want a more 'targeted' audience.
m l?tid=111&tid=1261
;)
http://slashdot.org/articles/03/08/08/1833213.sht
http://www.msnbc.com/news/940490.asp?0ql=c9p&cp1=
Oh, wait. You were being sarcastic, weren't you?
"Common sense will be the death of us all"
It's easy to say "don't open obvious spam at all" and "never open an attachment" and "never click on a URL in an email."
Personally, my middle-aged brain only functions at about a four-nines reliability level, meaning that if I deal with thirty pieces of email a day, about once a year I'll accidentally do something STUPID.
Like pressing "reply" before I've finished composing my mail. Or replying to all when I only meant to reply to one. Or replying to a list when I only meant to reply to one person on a list. Or thinking that PayPal might really have sent me an email. Or opening a foreign attachment. Typically I realize that I've goofed approximately five hundred milliseconds after performing the mouse click that commits me to the imprudent action.
(It doesn't help that I actually have real human friends who do send me email message with subject lines that are blank, or consist of the single word "Hi!" or "Meeting.")
I am sure that you never ever do anything STUPID, and I fully agree with you that someone as STUPID as I deserves to have my computer infected with viruses.
"How to Do Nothing," kids activities, back in print!
Perhaps Microsoft should stick by the rules that if the damned file ends in .bat, it should be plain text, not say that the user screwed up and we'll just execute the code anyways.
It is Microsoft's fault for how they decided to deal with executable code. They have gone too far in their ease-of-use campaign, and should be admonished for it, not lauded for it. It is time to stop coddling the end user. If they want a computer, they should have to learn to use it. I don't buy a jet because I don't fly and do not want to learn. I don't expect Boeing to make a jet that I could fly because I don't want to put the effort into using it properly. That would be stupid. And that's what the computer industry has become.
For Chrissakes, my grandmother can learn to use a computer properly, which is more than just connecting to the Internet and checking e-mail. If she couldn't, she wouldn't have a computer.
You misread. I didn't say the bomber was not at fault. The original poster is blaming some security hole when there isn't one. This isn't a security problem, it's a people problem.
Somebody else's bad for modding your original post "+1 Insightful" :-)
Using HTML in email is like putting sound effects on your phone calls. Just say <strong>no</strong>.
Agreed. How the heck do people in an anti-spamming organization get caught up on this? They should really know better. If this article is true then I wouldn't be surprised to find out that the anti-spamming organization is staffed by tech-ignorant do-gooders who, meaning well, only further pave the road to hell.
If there really is child pornography being sent on CD through the mail then the FBI should really be involved in tracking this down. Using the postal service to commit a crime is a federal offense in itself. Certainly the attackers can be fudging their return addresses on the packages but there are so many other ways of approaching the problem. ISPs already track users that visit such websites. CDs are imprinted with media identifiers. Are there lot numbers which can be tracked to distributors and regions? What about imprints left behind by the burning hardware and software? What about identifiers embedded in the pictures themselves?
Why aren't existing security admins cooperating on this? A few years ago I spent a couple months making a concerted effort to track down the spam that made its way to my inboxes. I would look at the e-mail trail, run WHOIS and DNS lookups on the servers, find the last known good smtp portal, and try mailing the admin to ask him to help stop the spam. Typically I received no response leading me to believe that the operator was an absentee sysadmin who collects his paycheck but doesn't care about his job. Additionally, so many of the smtp servers were running Windows that it isn't unthinkable that the admin can really do nothing about it--his box is backdoored and the executive board would fire him if he took it down to reinstall. That same executive board probably insists, for contract skim purposes, that he continue to use a Windows platform.
On the issue of funding I don't believe that these people really and truly make the majority of their money from stolen credit cards. I feel that has got to be nothing more than scare tactics and hype to direct attention away from the real source of funding. I believe the majority of their money comes from taxpayer subsidized small business loans and tech-ignorant investors. I've traced a large amount of my spam back to addresses associated with "desktop advertising agencies". "We sent out one million e-mails today. It's technically not spam--don't ask questions. There's a loophole in the definition which makes this not spam. This will look great on the quarterly report and on the small business report to the bank. It will also bump us up into the 'productive' category so that we can qualify for an additional $X million in taxpayer subsidized small business loans."
If we want competent sysadmins we need to hire people who really have a passion for the systems that they work on. Companies are free to hire me but I'm always given the critical eye of scrutiny because I didn't spend the $15k to get night-school certifications.
+++ATHZ 99:5:80
Yes, but you can't sue packaging material producers or fedex because they allowed that package with hazardous materials to be labeled as 'books', delivered and allowed itself to be opened.
Cannot resist this one...
OK kids, sit down and let uncle bubba explain this one for you. One, if you see something once, it might be a coincidence. Twice means that maybe lighting is hitting the outhouse twice. This is the third one of these, and with each successive version, the methods and operations of the virus are getting more effective and efficient. That means at least two developers were able to reverse engineer and increase the efficiency of the payload of the virus, OR someone is monitoring what is going on and making improvements. Tell you what, I will let you think about that one for a sec...
We also have the comments from the spammers themselves. Many have come out into the open and said that anti-spam orgs declared war on them, and that they would fight back. Do you honestly think that this is just a chance happening?
I guess it could be, I mean, you could have some slashdotter waging a disinformation campaign targeting anti-spammers to piss everyone off...
Oh, and too the nuts want to sue Microsoft under the same pretenses as suing gun manufactures...dude, spammers are equal opportunity abusers...they are abusing open protocols as much as they are using OS holes to propagate this crap. So unless you want to sue Berkley or something like that...
Spammers evil...viruses evil...censorship evil...censoring spam ev...WAIT!...good...
"We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns -- the ones we don't know we don't know."
You misread. The original poster is blaming some security hole when there isn't one. This isn't a security problem, it's a people problem. Someone has to take the blame. It's the person sending the virus. But the person receiving it needs to pay a bit of attention.
Re-reading the article won't help, as the article isn't correct on that point. If you check a technical write-up, e.g. Symantec's, you can see that this worm actually arrives as a .zip file.
So, users need to do something like click on the attachment, wait for Winzip to appear, and then double-click on the executable file (the type will be displayed) in the Winzip interface to run it (and if they're using a version of Winzip that's not ancient, they'll get a Winzip pop-up pointing out that the file is executable and asking for confirmation that they want to run it).
The problem isn't the software, it's the users.
Project Web Form Flooder may be of some interest to you.
What I want to know is why our schools aren't putting more funding into reading comprehension. You could certainly use an in depth course.
Don't blame me; I'm never given mod points.
I think you are missing the point regarding the cd's being sent. Nobody is sending out cd's - it is just the threat of sending them that scares the end user.
Stay tuned for new sig...
i have yet to see anyone point out WHY spam is actually as effective as it is -- people buy into it!
if spam wasn't a money-maker, spammers wouldn't exist, it's as simple as that. just like if diets weren't such a huge industry, you wouldn't be seeing posters on how you could lose 30lbs in 30 days plastered all over your city (the birth of spam, might i add).
if all these men just stopped caring about the size of their weenies, spam would take a huge hit. if we'd all be a bit smarter and not even consider clicking on insurance / any financial links in spam, that market would also take a huge hit. and if we were all more passionate with our partners then that takes care of goat / bestiality porn. the 'barely legal' crap, you have to deal with on your own. that's just wrong.
honeypots, bayesian filters, spam blockers, LAWS... so much time, effort and money is being put into something that will only be solved once we start dealing with our own insecurities / needs.
### http://www.gunfinger.com ### greed / tec
If spammers are attacking national assets (the internet, e-mail, communications in general) isn't this a form of terrorism? Perhaps the EFF or ACLU should team up with the Poindexter types and declare spam attacks, worms, viruses, ddos attacks, etc to be terrorism. Once a few of these people are held at Gitbay awhile maybe the attacks would decline.
spamhaus spam'hows n. Pejorative term for an internet service provider
that permits or even encourages spam mailings from its systems. The
plural is `spamhausen'. There is a web page devoted to tracking
spamhausen (http://www.spamhaus.org).
The most notorious of the spamhausen was Sanford Wallace's Cyber
Promotions Inc., shut down by a lawsuit on 16 October 1997. The
anniversary of the shutdown is celebrated on Usenet as Spam Freedom Day,
but lesser imitators of the Spamford still infest various murky corners
of the net. Since prosecution of spammers became routine under the
junk-fax laws and statues specifically targeting spam, spamhausen have
declined in relative importance; today, hit-and-run attacks by spammers
using relay rape and throwaway accounts on reputable ISPs seem to
account for most of the flow.
Using the same little scenario, say some terrorist groups were sending bombs all over the world via the postal system. The return address was always from someone you know, or a friend of a friend, but the handwriting was off. The package looked kinda suspicious, things were spelled wrong, and you weren't expecting it.
But you open it anyway, knowing full well that there are madmen running around shipping bombs in the mail. You open it and it explodes in your face.
I say that you got what you deserved, it's just a shame that it levelled your whole fucking apartment building.
They should simply be shoot. It will stop the spamming.
-----
"So many Internet users are flooding us with complaints about these child porn CDs that we supposedly ordered for them," said Linford, adding that he was cooperating with police
-----
You're right. I was reading in pan and scan mode and didn't see the paragraph about this one in it's entirety.
Please turn your flame mode off.
+++ATHZ 99:5:80
Reading Symantec's Advisory, they list disney.go.com as one of the 8 random targets for the DDoS attacks. I'm sorry, but have the spammers lost their marbles here?! I mean, if you're going to attack someone at least do something you can accomplish; attacking Disney is going to be like trying to attack a tank with a butterknife, it's just not going to work. I swear, these spammers are getting sleezier and stupider at the same time.
Ah, then the article was wrong. Thanks for clarifying that. I was basing my "click and run" theme on what the linked-to article said, thanks.
Trolling is a art,
man 8 syslogd
under the heading:
SECURITY THREATS
5. Use step 4 and if the problem persists and is not secondary to a rogue program/daemon get a 3.5 ft (approx. 1 meter) length of sucker rod* and have a chat with the user in question.
Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel rod, male threaded on each end. Primary use in the oil industry in Western North Dakota and other locations to pump 'suck' oil from oil wells. Secondary uses are for the construction of cattle feed lots and for dealing with the occasional recalcitrant or belligerent individual.
This is precisely why I don't buy into the whole idea of malicious hacker spam. I really think that spam is sent out simply to feed the industry of generating lists (like the Nazis did) or to boost numbers for desktop advertising agencies who receive funding from taxpayer subsidized small business loans. Billions of dollars have been allocated for technology development, the only requirement for which is involvement in an internet business. Desktop advertising agencies could easily spin their purpose as helping to accelerate the economy by connecting consumers with products that they need. No one really double-checks to see that their productivity numbers are laced to the hilt with spam.
Perhaps people will start advocating smaller government once they realize that their tax dollars are being used to destroy e-mail and fund spammers.
+++ATHZ 99:5:80
I can reasonably believe that it's possible to gain untracable net access, especially if it involves hacked servers, fraudulently obtained 'net access or spam zombies. Logs only are kept so long and there are legitimate dead ends one can run into, especially when it involves hacked systems and zombies.
What I don't get is why no one is bothering to follow the money trail here, at the very least the commerce department or the FBI. I know that the credit card companies and their associated banks have a bad reputation when it comes to soaking card accepters (ie, businesses) for the losses one might more logically assign to the credit issuers or the banks.
If the crux of the problem really is transnational criminals and credit fraud, another possible solution might be "region coding" credit cards. A card issued in region A cannot be used to purchase goods or services from another region or shipped outside region A, unless the card holder specifically designates their card to be "region free". This would be of near zero inconvenience for most people unless they were heavily involved in transregional travel or purchasing.
But it might be a huge obstacle for people using stolen credit cards internationally, since they would have to come up with much more complicated means of using the cards. And if spam itself is truly an international phenomenon, this could also put a limit on spammers ability to rip off customers or traffic in stolen credit information.
Was the viral attachement a shellscript that could somehow execute and crack root and then go on to messing with my system?
;)
No, I don't think so. The mildy suspicious of us won't run Windows. The most suspicious of us are busy running QNX on iPaqs because nothing will ever, ever infect it or mess with it! Nothing that can infect most people, anyways
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Nonsense.
Thats like saying that I should sue the phone company as they make it possible for me to receive telesales calls (and I pay a monthly fee to have a phone line, much akin to a broadband monthly charge)
I have no sig yet I must scream.
Let's EAT the children of the managers of companies that advertise using spam!
Any distro that mounts the /home partition as noexec, and since you aren't running as root you won't be able to save the file into a partition that does allow executables to run.
but some of these "Blacklist" organizations are not trying to help eliminate spam, or even block it, they are trying to _make money_.
<rant>
MAPS is one of them, and unfortunately I've been dealing with this problem first hand. I just installed a new server and out of the box Apache2 was setup to be an open proxy. It didn't take more then an hour or two before the IP was listed on MAPS-OPS. This is fine. However I promptly closed the proxy and notified them. What did they tell me, they sent me some canned email that told me to close the proxy.
Alright, so I double check again, I search google for open proxy testers, run them, they all return negative, I look at the MAPS "test report", all it says is:
IP: closed
IP: test finished.
Looks to me like the proxy is closed. I email them again, to say the proxy is closed, unless you can give me other details, your own test results seem to confirm this, whats going on?! They reply back saying their open proxy test is robust, advanced, and proprietary, therefore they can not give me any information regarding the test. Not only that, they want me to show what I did to close the proxy, and prove to them that I am the server administrator! Oh, and the best part, they want the email to come from abuse@<blocked_IP> or postmaster@<blocked_IP>.
Well, for one I can't email them from those addresses because THEY BLOCKED ME! For two, how can I prove I'm the server administrator? The email address I'am using to contact them is listed in the whois record for the domain as the "admin contact". Thats not good enough though apparently. What do they want, a digital photo of me standing beside the server with a big "anti-spam" sticker on it?
Thats the last I heard from them, they blocked me from filling out there "remove me from the list" form. Nice.
If every open relay and proxy in the world was closed at this minute, MAPS would go out of business, therefore they have absolutely no interest in removing people from their list.
</rant>
Email is next. How many IDs have you discarded because of SPAM?
Instant messaging has for the mostpart replaced email for informal conversation. I can't have a decent email discussion with anyone anymore because of the sheer volume of SPAM. IM hasn't been swamped yet. But when email is dead, IM will be next.
I've lost contact with friends and I've missed real "urgent notifications" for payments because of SPAM.
It's idiocy. Legislation and vengence are not the answer though. I think the problem can be solved via a technical solution, everyone just needs to adopt it.
There's a niche here for somebody to make a killing wiht some slick spamproof email solution.
I think the people who want to charge for e-mail are right, to a point. We could take the rate of e-mails sent and multiply by the "tax". A normal e-mail user pays $.0001 per e-mail, any fee less than a penny would not be billed.
If (X) e-mails are sent in an hour, the rate increases to ($.0001 x (X) charge per e-mail sent.
Would this end spam?
Show me where the holes are in this idea.
It cannot be this simple or someone would have done this.
I am the unwilling control for my Origin.
What the fuck do you think you know about anything? There was an apache worm about two years ago, you drooling moron. It was a flaw in one of apache's add on modules, mod_ssl. This "microsoft apologist" found this very worm on my apache server which was running on a fucking cable modem in my apartment.
APACHE WORM FOR ILLITERATE MS BASHERS
Is it your assertion, by the way, that I am a "microsoft apologist" because I think that you're a moron and your opinions are misguided and ill thought-out? I've been running Linux since 1997, you jackass, so I'll finish this post the same way I started it - what the fuck do you think you know about anything?
P.S. there was a more recent Apache worm that affected some BSD variant or another. TRY READING ONCE IN A WHILE.
I get so much spam with .biz domains that I've seriously considered blocking anything .biz. The only thing that's stopping me from doing it is that I could conceivably get a prospective customer with a .biz domain via email (I do translations). Has anyone actually received anything legitimate from a .biz domain?
I'm curious.
I have Cox and they block port 25 going out which makes sense. However, I run an on-line business and need to use my own e-mail addresses for my domains. That server is colocated at another ISP. The solution? Port fowarding on the server side. RinetD makes it really simple to forward port X to port 25. So now on my side e-mail goes out on port 28 and in on port 25. Server side recieves mail on ports 28 and 25 and sends mail out on port 25.
So the problem is solved with my mail server but what about other e-mail servers that people subscribe to?
It boils down simply to responsibility. Cox and other port 25 blocking ISPs don't want to be responsible for your mail server. Not *all* ISPs should block port 25. *All* ISPs should have guidelines for when to block port 25. Homeusers, fine. They can deal with having to use their ISP given e-mail address. If they need to send mail through another mail server they should contact that mail server and ask them to do a port forward.
If they want to take responsibility for what you e-mail through their system they can open up a secondary port.
The ISP has made their decision and the answer is "no." The only people inconvienenced by this are people who intended to run an e-mail server on a residential line (ISPs always have non/less restricted account types for businesses) and I'm not feeling a pity party comming on for those people. If you want to run a business, you pay the price or find someone else. Qwest DSL doesn't block any ports and using a business line with them I used to run the entire business out of house. Their limitation is speed which is why I moved to colo and got a cheap residential connection for my own use and handling the business remotely.
And if you don't want to pay the price (I'm not about to spend hundreds a month to two ISPs just so that one of them lets me send e-mails to the other without a port forwarder) find an e-mail hosting company (like me) that has an additional port to get your e-mails out through.
The port 25 block is to prevent e-mail servers from being run on a residential line. Port forwarding on the server side doesn't break that rule. I'm not running a server on my residential line.
Maybe someone else has an argument why blocking port 25 is wrong and evil in any and all cases but I can't come up with it.
All ISPs should block port 25 in at least some circumstances. The first circumstance to consider should be residential. It's very trivial to allow port blocked customers to use a 3rd party e-mail server running under circumstances that allow port 25 to be open.
Ben
Work Safe Porn
There are other operating systems that run shell scripts and use chmod +x that aren't called Linux you know...
.. try and sell their pirated copies of Norton Systemworks through spam, harping on about the evils of viruses, all the while paying some script kiddy to write their anti-anti-spammer worms.
When I can host for $5 a month, why would I even bother spamming from home? This 'block traffic so people won't do bad things' is the first step on the slippery slope of 'Internet=WWW' and Belkin router HTTP redirects.
When your kids ask 'Were you there when they sold the Internet?' what will you say?
I want to delete my account but Slashdot doesn't allow it.
It sucks, but, now I get zero spam.
Surprisingly, most people were smart enough to update their address books.
For buying stuff online, I use a hotmail account. I go in and toggle the exclusive spam filter on and off when the product is on order or shipping. Works great!
I, and the vast majority of 'Net users, shouldn't have to spend extra money or time to deal with spam flooding our mailboxes and overall bandwidth because a small percentage of 'Net users are idiots, being fed on by a few human shitpiles.
Slap the idiots, shoot the shitpiles.
Maybe what we need is software to track outbound traffic responding to spam (and capture it to prove it isn't automated)... Maybe the spam is sent from other countries, but most of the respondents are in the USA or Europe where you can get at them. Pass a law, fine the lawbreakers, or at least publicise their attempt to get a bigger penis!
1) Kiss SMTP Goodbye: Get rid of all pervious forms of Mail transfer and replace it with something that is secure, true to source with some sort of secure level tracking, Open to all, and trustworthy. Compatability be dammed. Users still using SMTP be dammed. they either switch or they don't get E-mail anymore.
2) Ban Dynamic Mail: if you make E-mail less Dynamic and only handle a few things, such as Bold, Italics, Underline, and font sizes, (Like it used to be before Microsoft followed Netscape's mistake and screwed it up) then the virus writers have a smaller footprint to infect you (although stupid people will still click virus.exe because Bob sent it to me and Bob would NEVER send ME a virus.) and spammers cant track you with their 1x1 jpg file pointing to sleezebagspammer.com. If you must use HTML for mail for some reason, at least limit what you can do to it, like how slashot does it to protect their comment system by allowing just a few HTML Tags.
3) Ban the address book, or secure the hell out of it: It's 2003 Microsoft. Viruses have been expliting your address book for over 5 years now. either get rid of it or do something to make other programs impossible to access it.
4) Start suing and prosicuiting: It gets really hard to justify spam if you can now get sued by ISP's for filling up their systems or making it illegal to do. Of course finding them is the hard thing to do but not as hard once you do #1
In Soviet Russia, Trojan exploits YOU!
Though i of course have no way to know if it was from this virus or just someone fishing for CC numbers.
The jist of it was that if you DIDN'T want to recive it you had to verify your CC number...
---- Booth was a patriot ----
What's your point in regard to security flaws being exploitable in all software and their bearing on the discussion of whether software authors should be held responsible for attacks that occur because of them? (Remember that discussion from 10 MINUTES ago? Think back - I know it's hard)
Oh that's right, you never were making a point in the first place. And you couldn't even be BOTHERED to respond to the BSD Apache exploit which WAS in fact a core Apache issue.
Not that it matters - do you think OpenSSL wrote itself or magically appeared out of the sky one day, or did someone AUTHOR that?
Oh, I'm so afraid - not. I'll see the "root_me" virus pretending to be text as an attachemet in my mail client, Balsa. When I click on it, it will open up in a text reader. This will get me if the virus author knows about a Basa text display exploit, but that's silly because they don't need to have me click on anything if they have a text exploit! If such a thing does exist, they will have to pull a privalidge escalation exploit in another program they can't be sure I have or what name it runs as. In fact, they can't be sure I've got Balsa instead of Mutt, Pine, Kmail, Mozilla Mail of dozens of others. So, even if free software adoption was 100%, the odds of a virus finding an exploit path are a small fraction of 10% for any free software machine. You just know that Bill Gates has legions of programers in India and China trying to break free software this way, but it's not happening.
Free software is better than comercial crap. Rooting free software machines will continue to be a difficult manual process that can't be automated. There are too many alternatives which are fixed too quickly. The variety alone would make a free software worm huge and this limits infection rates as it slows down tansfer, makes the worm easy to identify and less sucessful in finding what it needs. The quick repair time stomps the nasties out. We will never see the internet destabilizing worms in free software that we have repeatedly seen in the Microsoft Monoculture.
Friends don't help friends install M$ junk.
Although command confirmation will not prevent the truely clueless from doing who-knows-what, it would prevent the more savvy amoung us from making such mistakes.
Advantage - Less accidents. In an email program, training yourself to not click on a suspicious link/attachment is helpful. However, that link occupies a given area of your desktop and has the opportunity to be clicked. Adding a step to confirm such a click would give you a second chance.
Disadvantage - You have one more step in performing a given procedure.
I'm going even more off-topic here, but this is also benefitial to code writing as well. Buffer overflows are the main exploit used by viruses. One more step to confirm a string length would eliminate this type of threat. Of course, that one step may need to be repeated a lot, which would 'waste' processing time and slow things down. Although I've never used it, OpenBSD is running with this idea.
This is not my sig.
The conclusion is based on a flawed statistical model. If you look closely at the link, you will note that only IP addresses that were listed on the various RBLs were counted as "dynamic". What about dynamic IPs that have not (yet) bmade it onto one of those lists? The lists are by no means a comprehensive compilation of each and every range of dynamic IPs that exist. My guess would be that a significant number of the remaining IPs are, indeed, dynamic;y assigned.
E-mail sent through my mail server will be tracked to my mail server. If there's a problem I have logs (and invoices for payment) to track down the person responsible. I can also just cut them off.
The same as would happen at the ISP level. They have your records if they need to find you. And they can cut you off. ISPs are now just cutting everyone off who isn't paying for the ability to have an unrestricted connection.
Sending spam from your IP will get you in trouble but it also has the potential to make the ISP look like it's spam friendly, get it on blacklists and all kinds of other nasty things. No one will mistake Cox or any other port 25 blocking ISP for being spam friendly.
It's not about getting the spammer. It's about PREVENTING spam in the first place.
You can't spoof an IP connection for anything more than one way communication. SMTP requires two way communication. Spoofing the IP for that purpose results in no mail sent. The word you're looking for is "proxy."
And how does not blocking port 25 prevent using proxies to spam anonymously?
If you don't want the ISP monitoring your e-mail usage use a third party e-mail server that accepts connections on an alternate port or find a new ISP or pay for the ability to have port 25 open.
"To me this has sounded good but never adds up if you spend a moment thinking about it."
Next time, try 5 minutes.
Ben
Work Safe Porn
Bullshit, that's exactly how the internet is supposed to work. What's the difference between your computer and a MX? There does not have to be any and it's not hard to run one. Exim practically configures itself.
what if the recipient's workstation is off? What if the recipient uses several different computers (devices) to access their mail?
Ieeee! Why use your "workstation" when there's a perfectly good, dependable 486 lying around? Mine never goes down, except for power failure and it did great as a mail server until Cox forbade such things and blocked ports. I did not bother to set it up as a smart host to send out mail from all my workstations because it was much easier to set them up to send directly. I keep and read all of my mail on one machine that I get to through ssh with X forwarding internally. I use fetchmail to get mail to it and I can get my mail securely anywhere in the world via ssh. It's not hard, I'm not a wizard and that's the way the internet is spposed to work - a network of peer computers all equal.
If you would accept anything less for yourself than you expect for others, you are a slave.
Friends don't help friends install M$ junk.
I thought you were going to say "US Politician".
Oh, that is what the first poster said. Sorry.
My beliefs do not require that you agree with them.
As others have pointed out, this attack vector isn't persea the software that user is running. The attack vector is the user, the old PEBKAC (Problem Exists Between Keyboard and Chair), which has been showing up as the resolution to many tickets in our troubleticket system.
I'd hate to be resolved by your company.
The problem is no matter what we do, we can't prevent our users from shooting themselves in the foot.
Do you have exploits available for mutt, kmail, mozilla mail or pine? Bill Gates would pay you good money for that. No? Oh well. A small amount of user education, the variety of free software and free software's far superior security models would stop the wholesale abuse of the internet that M$ crap enables. Users have to go therough lots of trouble to set up the kinds of junk that M$ enables without ANY user intervention.
Of course a big admin like you would never have to wipe an reload a machine, now would you? Ha, blame the user for having abused the poor little box. Give me a break. Clicking widgets on the world wide web should not be able to destroy a users machine.
Friends don't help friends install M$ junk.
Don't throw concepts you don't know just because the seem to fit the space. What you just said amounts to saying "use a bayesian filter to distribute software".
Neural nets share absolutely no common features with P2P networks. Neural nets are an AI technique that takes inputs and learns what are the correct outputs like natural neurons do. Thus, you can use a neural net to filter your mail, but not to distribute knowledge, or data, or software.
Aside from that conceptual mistake, using geographically distributed clusters of servers to keep sites working is a good idea, esp. if you expect a slashdotting(or DDOS).
You're not old until regret takes the place of your dreams.
I'll get modded down, but I'm really curious here. From your sig:
What part of "shall not be infringed" is so hard to understand?
Do you ACLU?
I assume the first part is referring to the Second Amendment ("...the right of the people to keep and bear arms shall not be infringed"). The second part, interestingly enough, refers to the ACLU, whose mission is to tirelessly and unfailingly defend every single Constitutional Amendment... except the Second.
I'm not trying to be a pain in the ass here, I'm honestly interested because as much as I want to, I can't support the ACLU due to their selective Amendment defense. You seem to have no problem with it. Is there something I'm missing here? I hope you respond, I'm sincerely curious.
I was planning on doing just that when California's new anti-spam law turned on in January. But Congress legalized spamming last week (S.877), and now it's hopeless.
Spamhaus didn't open an attachment and get infected. Idiots like you opened the attachment and got infected. And that attachment launches DDoS attacks (amoung other things) which are directed at Spamhaus.
Can your tiny little brain comprehend that?
Note: this document is available here.
I believe it's possible to defeat spam on the Internet. It will take some bitter medicine, but I think it would help a lot more than it would hurt.
Anti-spam efforts historically have focused on alleviating symptoms. We've mostly used a "greedy algorithm", trying to limit spam's effects on the local environment, hoping that this will change the global situation. It obviously has not.
Spam is an error condition, and should be treated as such. It should not be ignored, but ruthlessly searched out and debugged. We should not distinguish between hardcore professional criminal spammers, 'legitimate email marketers', unwitting ISPs, or unfortunate virus victims who send spam. All are generating errors, and the problem should be debugged and eradicated.
The optimistic nature of SMTP allows the spam error to occur. Spammers send thousands of messages at a time. No response to a message means to the spammer that the address is viable. A bounce message means the address should be culled from the spammer's list. The protocol design thus assists the spammer in his work.
The method I propose should cause spam to reflect back as close as possible to the sender, while removing the ability to improve his list from response data.
RFC on Spam Reduction
Compliant MTAs must honor an email header "X-Spam-Alert".
The format of the header is
where yourhostname is the SMTP server's name and message-id-you-sent is the message ID as it appears in the headers that server sent.Spam alerts must be addressed to 'abuse@servername'
On receipt of a message containing a valid "X-Spam-Alert" header, the spam alert may be delivered to 'abuse'. The MTA must then remove all references to the previous alerting site and forward a new spam alert to the next server listed in the headers. If the alert indicates that a spam message originated from this server, the spam alert must be delivered to 'abuse', and the site may also choose to notify the user who apparently sent the original spam message.
On receipt of a message containing an invalid "X-Spam-Alert" header, the MTA can do any of
How Spam Alerts are Generated
Sites have considerable latitude as to their definition of incoming spam. Spam detection must be done by the MTA, and should also be done by individual users (with the help of anti-spam filters). Some mandatory spam indicators are DNS errors (No DNS entry, PTR/A mismatch, etc.). Other techniques for spam detection (e.g., use of blacklists, content pattern matching, invalid sender or recipient address) may be used.
The spam alert must not indicate whether or not a recipient address is valid.
Users with anti-spam filters may generate spam alerts. A user-generated spam alert may arm the spammer with more information, by letting him see which messages are returned with spam alerts and how.
Sites may set limits on the number of spam alerts they will send.
sigs, as if you care.
(Inevitably, in every thread about spam, someone proposes a solution with one or more flaws. This is a handy form that passes the lameness filter and that can be reused for all such posts to save time! It does not specifically address all possible flaws and may be expanded in future versions.)
Your post advocates a
( ) technical ( ) legislative (x) market-based (x) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from state to state.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(x) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires cooperation from too many of your friends and is counterintuitive
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
( ) Ideas similar to yours are easy to come up with, yet none have ever worked
( ) Other:
Specifically, your plan fails to account for
(x) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
( ) Other:
and the following philosophical objections may also apply:
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
(x) Countermeasures cannot involve wire fraud or credit card fraud
( ) Countermeasures cannot involve sabotage of public networks
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
( ) Other:
Furthermore, this is what I think about you:
(x) Nice try, dude, but I don't think it will work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
We all want the web to be above national legislation & if that's the case we should stop sulking & adapt to the realities this implies.
Meaning taking personal responsability & modifying our computers with code that protects our computer from undesirable code we openly chose to expose our computer to by chosing to go on-line
It really is so simple.
Actually AFAIC even computer viruses shouldn't be banned - IMAO by chosing to go online with a windows computer one is by default chosing to expose one's computer to viruses. One should accept that fact & adapt. Why the business of zeros & ones going up & down cables is the business of govt is beyond me.
I thought you were going to say "US Politician".
Oh, that is what the first poster said. Sorry.
I thought you were going to say something insightful or funny.
Oh, I was wrong. Sorry.
Invaribly these scams rip off those who are so greedy that they put their greed before commonsense.
Anyone sticking their life savings into a get rich quick scheme deserves to be ripped off.
It's called karma
This goes a bit beyond annoyance, wouldn't you say? This is actually organized crime. Is this the first public example of someone using a virus/trojan to commit a crime?
Fred
"A fool and his freedom are soon parted"
-RMS
I wonder if this might be grounds for spamhaus to file a civil suit against microsoft for producing products that are allowing their competitors easy access to illigally take them out of business.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
I get god-knows-how-many pieces of spam shit per day. However, it's obvious that people ARE buying penis pills and the like. So, how do I get in on this gig and cash in?
PS: I hope all these spammers and their families get anal cancer and die horrible deaths in a car fire or picked apart by vultures.
That would be the spammers and the people who are making money from hosting spammers.
And funny how only one of the blacklists (SPEWS, I think) is really heavy-handed, while the others are very reasonable...yet all get attacked.
I don't buy your premise.
"America has done some terrible things. But I know that Americans don't cheer when innocents die." -Dave Barry
Just stop sending emails like this:
"Dear Sir or Madam, I am not a spammer, you've got to believe me. For the [100234]th time, please take me off your blacklist. Do you have any idea who I am? I am, in fact, the nephew of deposed Nigerian minister Nbuko Mdebele, and
Microsoft, AOL and the Federal Government.
Why did the Feds decide on such lighthanded legislation against spam?
The legislature obviously feel that SPAM is provided by the people for the people....
Just like our founders intended.
Because it overrides, stricter, state laws.
that may cause problems for MS and AOL etc.
Why was there no public review?
There was...you were represented by MS and AOl.
The majority of people are reading their email on desktop systems with high resolution colour graphics, so why shouldn't emails be able to take advantage of these capabailities?
Because minorities have rights as well. Not everybody reads e-mail on a desktop system; many read e-mail on handheld devices. In addition, not everybody can get broadband.
there shouldn't really be any difference between an email body and a document.
Problem with your reasoning is that less clued people hear "document" and think .doc, the extension of Microsoft Word's secret format. Ecch.
surely it is better to have one single database of contact information that any compatible application can share.
What prevents a worm or other spam trojan from registering as such a "compatible application"?
Any distro that mounts the /home partition as noexec
Then how would users of such a system develop and test programs?
How do you get anything done with all that added effort?
This is precisely why we're losing the battle to clean our Inboxes. We shouldn't have to go through so much effort (and I do have SOME effort in verifying junk safely) just to see if a piece of mail is safe. This is almost akin to getting mail bombs in your physical mailbox each day. Is it a real package? Is it a bomb? I don't know, but this FedEx box does look authentic...ka-boom.
Fortunately, the consequences aren't as dire as that, but the lost money mentioned in another post is still pretty dire. My time is $50 an hour (and that's cheap!) and I would certainly like to be billed for all of the hassle of having to 'deal' with spam.
fs
p.s. And what REALLY chaps my hide is that all of my effort is reactive instead of proactive.
It is much harder to do this on a Unix type system. Most reasonable mail clients won't load html off the net and those that do typically only run Java, nice and sandboxed. A shell script would have to have it's mode changed before it is run. Neither could be disguised as a text file and there is no brain dead "name.exe, pif, com, bat, etc" that will automatically run as root on Unix type systems. These differences are Microsoft's work and they are to blame for user and internet community suffering. They are traps for the type of user that is Microsoft's stated reason to exist, but they can not be avoided by anyone. There is nothing you can do for your users who use Microsoft junk regardless of their skill level. Microsoft's own networks get blown out by their own software. Do you think anyone can do better? Should we blame the users on Microsoft's own campus? Why is it that we don't hear similar stories at Apple, Sun or any large free software deployment? It's the software, not the users.
Friends don't help friends install M$ junk.
That's exactly what I do.
MBNA have a system called "shopsafe" (www.mbnanetaccess.com) which permits generation of one-time or multi-use cc# with preset limit and expiry date.
Every on-line retailer I use gets a different card #. Any weird charges - it can be traced to which retailer it was used for.
Also I can kill a single card individually while keeping my main account active.
For those sites that want a cc# for verification purposes (not porn - free email addresses etc), I generate one with a $1 limit with a 1 month expiry date (and disable it the next day).
Spammers do indeed have a weak point. They are dependent on procesing their payments via credit card companies.
I once tried to set up an online business that would accept payment via credit card. To set up a trading account, you have to jump through all sorts of hoops and rules. It's not cheap or easy. The credit card comapnies cheak who you are quite rigourously before they will give you a business trading account.
Part of their rules is that the trader must clearly identify theirself/the business when making a sale.
There are only a very few credit card companies - amex, visa, mastercard, mbna, that covers about 80% of the market.
I'm not quite sure how to go about informing the credit card comanies that you have received an illegal credit card payment request. Perhaps you could send the spam to them, or the url of the actual webpage where it asks to fill in your credit card numbers.
For the desperate, you could actually pay something, maybe using a spare card that you never use, then at once inform the credit card company of the situation, requesting a refund, and giving them relevant details, e.g. the website with the unlawful request on it, so that they will place a black mark against the trading account of the spammer.
Too many of them and they will close his trading account. With the resources that credit card companies have for checking on background, its gonna be bloody hard for the spammer to reopen new acocunt, especially as lying for the purposes of getting a trading account is something that the police take REALLY seriously...
(close your card or keep an eye out for any further withdrawals from your account and instantly notify the credit card company - they will then know the spammer's been passing around your details and have his address on file - more charges for the police to use)
What do you think of this method?
-tomato
a few things I reccomend to anyone who ever has any contact with the internet:
1. Dont open unsolicited e-mail at any official e-mail address (work/family/etc.. e-mails).
2. Stay away from spam-friendly sites like Yahoo
3. READ EULA's TO SEE WHAT YOU ARE INSTALLING (AND ASSUME THAT WHATS IN THE EULA IS A BEST CASE SCENARIO)
4. Pretend the internet and computers are like anything else in life. i.e. dont attempt to fix your car brakes unless you know what you are doing OR are prepared for the possible eventualities.
5. Protect those "uneducated" people you know from themselves!!! (after all, if you help others avoid proliferating spam/viruses/etc.. you are helping yourself as well)
6. Vote in favor of the punishment "drawn and quartered" for offenses of Identity theft, Credit card fraud, Spam, and any association with child porn.
7. Work voodoo magic against anyone who associates with or likes "Gator".!!!!!!!!
And is there anyone around here who will return any vote other than "innocent" if he/she is a jury member in a trial of someone who did physical harm or damaged the property of a major spammer because he is a major spammer?
Tech Public Policy stuff
Viagra, hydrocordone (Vicadin), Valium, etc. are easy to get from spam pharmacies, they charge a credit card and ship FedEx, so its consumer-friendly. (If the deal fails, you file a complaint with your credit card company and get a refund, and FedEx is a good escrow agency).
They just change a huge markup 10mg/500 of generic Vicadin for about $200. Profit: about $180. Its also stronger than Morphine and just as addictive. Just the thing for a doctor to do for a few months before retiring or having his license pulled.
-- Jamie
Do you really want insurance companies to get your money in one more way or snoop on your computer? You must really love your car and health insurance bills. Given only two choices, I would rather tolerate some spam. My company's and yahoo filters are doing an excellent job recently.
There is a computer driving-licence. well, at least in europe. the ECDL. it's a joke. the premise is "can you open a document in word, can you paste in excel"...
it's so pathetic that it's almost become a blackmark against you on your resume/CV
And anybody i know who's actually got the damn thing would be the people i'd most likely peg to get hit by these worms... they know enough to open and download attachments, they just don't know what to look out for.
and if you see me strut, remind me of what left this outlaw torn...
Hijacking computers, destroying data, disrupting communications, intentionally inflicting mayhem - making people FEAR mail attachments, etc.
The legal way to do this is with something like FormFucker, but it will probably not take long for spammers to get lists of legitimate CC card blocks to mechanically verify card numbers (to use one example). Re-using real information is immune to that workaround.
Time is Nature's way of keeping everything from happening at once... the bitch.
Whats up with you moderators? You guys bone....
http://loudcity.net - Keeping Internet Radio Legal, Afford
You sound rather elitist. My mother has been studying for that computer driving licence. It's vastly improved her confidence with computers, which for most people is their biggest stumbling block. Don't under-estimate that.
I live 5,000km away, and so helping my mother with computer problems can be a pain. Now she is able to understand the basics of what I'm telling her and she is able to follow my instructions with less hassle, and notices when things don't seem right. I think this thing is a very good idea and the start in the right direction.
You might think it is a blackmark on somebody's CV, but I'm guessing you're not involved in hiring for the same positions that my mother would apply for - in her circles it's a huge bonus for her employment chances. By dismissing the qualification, you show you either work in a niche of society (yes: that includes people like me who are software engineers), or that you're an arrogant elitist prick who I wouldn't want to hire for my team in case you turn out to be another pain-in-the-arse prima donna with no real understand of most business requirements, and too much arrogance to get along with non-technical people.