Slashdot Mirror
Copyrighted Haiku Delivers Spam Through Filters
An anonymous reader writes "Remember that antispam company that includes a copyrighted haiku (which I can't quote here due to copyright reasons...) in emails vouching for their nonspaminess and thus bypassing spamfilters?
The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent copyright laws instead of the weaker antispam ones.
Well it seems said haiku has lately been figuring in a large spam run trying to pitch the usual medical remedies for various unfortunate ailments.
What do you think? Is it time to start filtering for haikus or will Habeas succeed in thwarting the spam attack?" We mentioned this brilliant anti-spam scheme last April.
You made the first post
Hey, mother Anonymous!
You proud of your son?
Which would have taken any semi-literate reporter or editor ten second to find on their site. I guess that would have spoiled the illusion of a breaking story though.
If you were blocking sigs, you wouldn't have to read this.
It's an interesting idea, I really hope it'll work too.
:-/
Unfortunately I think they might need to make it so that they couple it with a white-list, ie *all* mail with their signature that is *not* on their whitelist is assumed to be spam... Otherwise there will just be too much spam specifically intended to make their service useless, actually harmful to their customers... There'll even be fake spam designed to be hard to track, just to force people to filter out any mail with their delivery and thus forcing them out of business
Darwinian Selection is the governing rule of spam.. If appending a Haiku makes a message 'fitter' it will survive the slaughter more readily and therefore make it into your inbox more often.. until some realises what's going on and combats it with a new filter.. and then the process starts all over again.. :)
For this reason, I think we're going to be fighting spam for a long time to come :)
Simon.
This is the first i've heard of this company. I've been to their website, googled a bit and I don't think I like them.
Is there a filter for "warranted email" from habeas? It seems to me that any email that needs to be warranted must be spam.
Samsung took back my unlocked bootloader because Google wants me to rent movies. They're both evil.
Unbelievable.
About 5 in the past couple days. I noticed the unusual X-headers and finally remembered what it was. Increased the SA score yesterday and now I get none! woot!
I can see this company being semi-successful in taking spammers to court under copyright lawsuits, however like the article says the latest rash is (not suprisingly) zombied broadband hosts, making their chances of finding someone to sue almost nil.
I just checked through the mail I've received in the last while, and there is only one newsletter I am on using Habeas -- other than that, I have only received Habeas headers in spam.
Guess what my bayesian filter is going to start thinking of those headers soon... this could prove to be a problem for them if they don't get things fixed ASAP.
SSL Certificate
In theory the Habeas scheme is very clever. It's difficult to get spammers under any anti-spam law (where they exist), so change the ballgame so that you can prosecute under copyright law instead.
Unfortunately though, I suspect it's going to be difficult to track these people down, and even when Habeas do, they will need to mount a prosecution in another country - wherever that happens to be. The spammers may even win given that each country enforces copyright laws differently.
According to the statement given, the latest version of SpamAssassin should be able to filter these out. We're running what I think is the latest (2.61) and it still seems to be letting them through - thanks to the Habeas mark. I'm beginning to think I should just disable the Habeas rules completely and let these get scorded normally.
Looking at my spam-box, I find the usual stuff:
From ukKimble@mailthat.net Tue Jan 13 00:43:36 2004
X-Habeas-SWE-1: winter into spring
X-Habeas-SWE-2: brightly anticipated
X-Habeas-SWE-3: like Habeas SWE (tm)
X-Habeas-SWE-4: Copyright 2002 Habeas (tm)
X-Habeas-SWE-5: Sender Warranted Email (SWE)
(tm). The sender of this
X-Habeas-SWE-6: email in exchange for a license for this Habeas
X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant
X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this
X-Habeas-SWE-9: mark in spam to .
Subject: Fwd: V|@gra, Vali(u)m, X(a)n@x. Prescribed Online and Shipped
... and finally, the real information as far as I'm concerned in in the last header:
X-Spambayes-Classification: spam; 1.00
So whether the spam is "legitimate" (is there anything like that?) or not, SpamBayes doesn't seem to have much trouble with it.
Support a Europe-related section on Slashdot!
I keep getting those nonsense-spams, too (as if the other ones made more sense :-)).
From what I understand they are meant to somehow "poison" the bayesian filters out there so they can't do their job any longer. Maybe someone with more insight into the workings of bayesian filtering can tell us if this is feasible?
Joe-Jobs are made to order... Just send a bunch of mail through a rooted proxy, advertising the competition's stuff, and watch Habeas sic the lawyer dogs of war on your competition. You'd laugh all the way to the bank.
Same type of thing if enough spammers use this trick, the lawyers will be too busy.
Did Habeas actually think this was going to work? I mean, spammers are willing to do ANYTHING to make sure Joe Public reads their garbage. Constantly changing tactics to evade filters, to write viruses specifically to generate more open proxies to send their garbage through, to Denial of Service attacks against those who try to filter out this stuff, to garbage lawsuits. This is nothing compared to those..
People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!
Seems they were hacked
Norton Spam Filter 2004, now with haiku filtering! Guaranteed to filter 100% of spam, as long as the Internet doesn't resort to copyright infringement...
You know I really tried, but I just can't weave a SCO comment into this message...
The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent copyright laws instead of the weaker antispam ones.
Which should read:
The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent laws that are difficult to enforce instead of the weaker laws which have proven so hard to enforce.
I'm amused by the idea, but it seems to me that if you couldn't get (find) them under anti-spam laws (especially the newest ones) then how could you get them on copyright laws? Are the new anti-spam laws so lacking in punishment that they pale in comparison to copyright laws?
The Habeas mark is just a way of making money, it has nothing to do with opt-in or responsible e-mailing. I've tried to contact Habeas in the past about a company that used their mark, while they did not correctly verify their opt-in mailadresses. There was no reply (and IIRC, their web form didn't work at all at the time).
my other sig is a 500 page novel
Next time Alan Ralsky will use copyrighted spam to bypass anti-spam filters. He will sue anti-spam companies and blacklists for including his copyrighted fake sender addresses, and also special characteristics and words like 5p4m or V14gr4.
bright-ly an-tic-i-pa-ted
5 syllables in anticipated, for a total of 7 on the line, making it (assuming you pronounce SWE as Swee and ignore the tm) 5-7-5, with a mention of seasons. Seems valid to me...
PenguiNet: the (shareware) Windows SSH client
Ok, so spammers are using haiku. If we only could convince them that harikiri is a spamfilter prevention technique....
This is my sig, show me yours
If they want to up the ante, maybe they should consider using some of the Emperor's Waka Poetry (more syllables == more boring).
...Whether my Maker is prepared for the great ordeal of meeting me is another matter.
Churchill
To disable the Habeas rule, edit file $HOME/.spamassassin/user_prefs
add line
score HABEAS_SWE 0
It's time that we started executing email spammers, and anyone who contracts email spammers.
Spammers are sociopaths. They don't care that their efforts are always, without exception, criminal. They don't care that people don't want their junk. The best thing to do is to kill them and remove them from society.
Hopefully someone will soon snap and put a bullet in Alan Ralsky's head, signaling the start of the true anti-spam revolution and doing a great favour to the world.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
they stole my haiku
my moment of sartori
sold fake viagra
I'm generally "Interesting," "Insightful," and even "Funny" here. What the hell happens to me at parties?
I'm confused by all of this. How is Habeus forcing spammers to use their haiku when sending spam so that they can in turn sue those spammers?!
I mean, if I'm going to use haiku to get past spam filters, I'll just write my own instead of a copyrighted one. They take all of 30 seconds to write a decent haiku. Am I missing something here?
More, uh... why would a spammer say "Hey, I'm going to use this COPYRIGHTED HAIKU THAT SPECIFICALLY IS OWNED BY AN ANTI-SPAMMING OUTFIT TO SUE ME OVER" rather than write their own?!
The only way to stop spam is to "affect" the merchants whom outsource to spammers. This will stop the competition between Western merchants and make spamming unprofitable. Everyone! stop the merchants!!!!!
A blog about stuff.
Any /. geeks with basic poetry 'programming' skills here? I have a question:
:
How exactly does the haiku verse form go?
Like this?:
^_ ^_ _
_ _ _^^_ _
_ ^^_ ^_
Please correct me if I'm wrong.
Additional info
Here the copyrighted Haiku - I believe the (tm) is part of it.
Winter into spring
brightly anticipated
like Habeas SWE (tm)
We suffer more in our imagination than in reality. - Seneca
Hey, and I forgot - What happened to the CAN-SPAM ? How long before we have Attacks of the CAN-SPAM-Resistant Killer Spam.
To see a world in a grain of sand, and then to step back and see the beach where the sand lies
Every work created by you is copyrighted. The act of creating something gives you copyright. For instance, I own the copyright on this post.
--
This sig is inoffensive.
http://pharmacourt.biz/about.htmlo urt.biz/contact.html
http://pharmac
Although I despise spam, clearly the CAN-SPAM bill would indicate that there are some situations in which unsolicited e-mail will be sent in the future that will be commonly accepted.
No, it only indicates that a sufficient number of Congress slime balls were bribed by the criminal outfit known as the Direct Marketers Assocation. Email spam is, and always will be, theft. Spammers deserve death, without exception and regardless of any DMA-crafted "rules" that they claim to be following. Since spammers are always fundamentally dishonest, you can bet that they're not even following those rules.
It's quite likely that we will learn to live with some forms of unsolicited e-mail on the Internet rather than eliminate it entirely, especially given the personality types that always seem to chase the fast buck without regard to other people's expense.
This is why I advocate execution of email spammers. Kill the spammers, and you kill the problem. Header forging becomes irrelevant if any email spam, regardless of how or why its sent, merits death.
Until it is legal to kill spammers, or until I finally snap and give Alan Ralsky, Eddie (or Eddy) Marin and the rest of the group what they truly deserve, I will respond to each and every junk email that I recieve with a nasty slew of complaints to the hosting ISPs for the sending IP address and for any website or email account involved. Should the spam continue, my complaints will only increase in number and frequency. I don't care what laws they claim to follow, spam is unethical, fraudulent and it amounts to stealing.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
Since they will add the offender's on to the blacklist, make sure you report that spam at http://www.habeas.com/report. That way the next unfortunate receiver of that spam would have adjust their score accordingly.
See: http://www.habeas.com/supportBlackList.html
You beat the filter
You have viagra for sale
Now taste the bullet
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
OK, I hate spam as much as the next homicidally enraged Slashdot reading spamee. Habeas' business plan though is legally dubious at least with respect to copyright law. The trademark thing, though, just might fly.
The purpose of copyright law is to protect original works of expression. There are also built in limitations the most notable of which is fair use. There is no bright line definition of fair use but quoting a few lines of Haiku hardly seems unfair. The attempt by a private party to turn copyright law into a de facto anti-spam law is not likely to be upheld. Congress wrote a copyright law. Congress also wrote an anti-spam law. If Congress wanted to use copyright law to stop spam, it presumably could have figured out how to write such a law. It did not.
The trademark angle is more promising. The purpose of trademark law is to identify the source of goods in trade. Insofar as Habeas' goods are emails that it warrants are free of spam, it would be a trademark infringement for another company to identify the source of their spam as Habeas.
Please note that there is not such domain as pharmawharehouse.biz. Habeas has missspelt the name on the web page, the proper domain is pharmawarehouse.biz.
Unselfish actions pay back better
Another way these nonsense spams work is, in my experience, by having two different MIME parts, a plaintext part of random words, and an html part with the actual spam content. Since I don't use html mail, it works rather poorly on me, but I did once take a look at the html part, and it was formated text, not random nonsense like in the plaintext part.
Like autumn harvest,
Writing haikus correctly,
Is very diffic
-- Open Source: It's mad, but you don't have to work here to help.
Now, we've seen spammers use a copyrighted poem in their spam headers. I'd like to know how much they're worried about being taken to court about this. After all, they're not exactly on the right side of the law already...
(1) They subvert other people's computers to relay spam: illegal in most juristictions.
(2) They send out viruses and worms to break into other people's computers: illegal in most juristictions.
So, if they're already doing two illegal things, why should they worry about a third?
Agrajag: "Oh no, not again!"
Has someone of the slashdotters already hacked the pharmacourt.biz site?
This is what I find at their products page: We are some stupid spammers!!
The Habeas plan
Most ineffective effort
Ever to stop spam
(c) 2004 Mabu
ALL RIGHTS RESERVED!
The *proper* way to do it is to delete everything from the server *except* for their customer's credit card and any other personal details. Those you put into the index.html file for the entire world to see and use as they see fit. It kills two birds with one stone you see; the spammer gets bitten, but more importantly a whole bunch of people might think twice before responding to a spam which is likely to be far more effective in the long run.
UNIX? They're not even circumcised! Savages!
Oops.. .forgot my linebreaks
Like a dying wind
Habeas screams to the sky
But they're still worthless
Experience says
The Habeas Haiku means
"This Message is Spam"
Habeas Haiku
To some, touching poetry
Me, I filter it.
The haikus do not have any real creative value. They exist for a purpose I do not believe the legislators in most countries had in mind when they wrote the laws.
People are not interested in the value of the haikus. People are just using it as a key to check for clean mail.
Using copyright law in this context is imho pervertion of the law.
Purpose might or might not be an issue for the law depending on country.
Just give the spammers jailtime for spamming.
Maybe this would help?
The Spammer's Compendium
Main article refers to a spam attack started in 2004, your link refers to a spam attack in 2003, so i find it unlikely that they are referring to the same case unless habeus have a time machine.
Now comes the spam wars... Once again, a specific problem that must be solved: "How do we develop a method of letting legitimate mail get to us while filtering out spam with a minimum of error?" We don't have the government throwing billions at it, but because it affects the general public, there's an inordinate amount of businesses, academics, and hobbyists throwing brainpower at it.
Despite all the talk about keys and legal threats, verifications and warrants, they just provide hurdles to be overcome, not true barriers to spamming.
But you could train a person to screen your mail with a better level of efficiency than any spam filter on the market today. And that person could catch new spam tricks before they ever got through to you.
As we continuously try to develop better and better filtering systems, I believe that the war against spam could well be be our most prolific source of advances in artificial intelligence. Spammers will throw (purchased) brainpower at coming up with ways to defeat filters and filters will have to get smarter in response.
I know, I know... You could say that I'm looking for the silver lining in this hailstorm of unsolicited pitches. But really, am I so far off? We've got a problem, we're throwing resources at solving it... like the space race, like the arms race, technologies will come out of the spam race that will have amazing implications for our lives.
I hate spam. I would love to be left alone in a room with a spammer, a car battery, and some jumper cables. But at the same time, it's sort of neat to be watching this battle progress.
Greg
Start a happiness pandemic
It would be foolish to turn off the habeas checking in spamassassin, or otherwise filter out based on the habeas mark for 2 reasons:
/pharmawharehouse.biz/
/pharmacourt.biz/
/valuepointmeds.biz/
1) Habeas has shown a commitment to actually *EXPEND* The resources to go after spammers. If you dimish the value of the habeas mark by filtering out email with their mark in it, then they have nothing to protect. I personally don't have time to go after spammers. Anyone who has a proven track record of winning against spammers (which habeas has) should be encouraged!
2) There is a large number of users who have added the habeas mark to their e-mail headers based on the assumption that it was a protected mark that would ensure their mail *WASN'T* filtered out. If you start filtering on that mark you *WILL* falsely filter out a lot of legitimate mail.
A previous poster named Mehu, posted an excellent solution to the problem if you're using spamassassin:
"So, rather than just add a score of 0 for HABEAS_SWE, I figured I'd give them a chance & added the following to my ~/.spamassassin/user_prefs, which takes care of the current rash:
body PHARMAWHAREHOUSE
describe PHARMAWHAREHOUSE Link to pharmawharehouse.biz
body PHARMACOURT
describe PHARMACOURT Link to pharmacourt.biz
body VALUEPOINTMEDS
describe VALUEPOINTMEDS Link to valuepointmeds.biz
score PHARMAWHAREHOUSE 10
score PHARMACOURT 10
score VALUEPOINTMEDS 10
Looking through my mail, it turns out some of my valid mail actually does contain those headers (would never have noticed them), and a few spams, even w/ the haiku headers, have been blocked by HABEAS_VIOLATOR (RBL: Has Habeas warrant mark and on Infringer List), so the company does appear to be doing its job.."
-Chuck
*Condense fact from the vapor of nuance*
I decided to actually read a spam yesterday. What I found was amazing: Almost every other word was not spelled correctly. Random characters seemed to be inserted throughout. Now I need to ask myself, why wasn't this picked up by spam filters? How much more obvious can you get?
1) is the subject matter adult? yes
2) is it written like a five year old? yes
This doesn't seem that hard to me.
Proper haiku is defined by the number of Japanese characters involved. The whole 5-7-5 concept is a rough approximation that they give to secondary school teachers who enforce it to teach students discipline. If you're writing in English, you can drop the 5-7-5 nonsense, try to approximate that a bit and write some poetry. More important to haiku is the use of nature imagery used to discuss the human condition. That being rather tough, and difficult to grade, it's not a big focus for most jr. high or high school students.
I'm not sure how serious you are, but since even a stopped clock is right twice a day I'll have to agree at least with the literal interpretation of your posting.
If law enforcement generally were applied to the sellers of spamvertised products, spam would become far less of a menace. Most spamvertised products are prima faciae illegal (ie, you can't get prescription medications without a prescription), false advertising (a sugar pill won't give you a 12" penis) or are actually just fraud schemes to take money and not deliver a product.
Tracking down email senders is extremely difficult due to header forgery and the use of zombies and other kinds of compromised systems. But just about all spam will take a credit card, which should enable tracking of a financial trail to the sellers. If the Feds would make a RICO case out of it, they could ensnare just about anyone with their finger in the pie, including the spammers, who I'm sure would be fingered by sellers caught in the net.
A few RICO cases that put the squeeze on ISPs, banks handling their financial transactions, spammers, and most importantly, sellers and suppliers of these products would have a pretty significant effect on the whole "scam 'n' spam" business environment. I think there's probably some otherwise legitimate players (ISPs, banks) participating in this field behind the scenes, and some negative exposure in a few of these cases could close the door to a lot of "operators" who need access to the legitimate economy in order to operate.
It's pretty clear that nobody likes spam, but the fact that there have been no high-profile FBI/Treasury/Commerce investigations into some of these things really puzzles me. It may be that the investigations have been done but this angle was deemed not fruitful (doubtful), resources aren't available due to the war on terror (more likely, but not entirely credible), or political pressure has been applied by heavy corporate players to keep their shady business segments viable (somewhat conspiratorial, but believable) -- yet even these theories don't explain the lack of credible, visible efforts on the part of Federal law enforcment to crack down on internet fraud.
Argh
Five for the first line
Seven for the second line
Then five for the last
...is not haiku or any other kind of rearrangment of normal speech. What's pouring right through my filters are messages consisting of just a half-dozen lines of random English words. No sentences, no advertisements, no links, nothing but everyday words.
It's a fairly clever attempt to poison the Bayesian filters. Either I associate these words with spam and risk losing legit email, or I loosen things up and let more real spam slide through. It's frustrating because there's absolutely nothing I can do about it.
[insert long ranting call for vigilante bullet-to-the-head-style action here]
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Under the CAN-SPAM act, ISPs can sue. If you read the definition of an "ISP" in the act, it's clear that a mail processing service like SpamCop would qualify. What's needed is a paid service like SpamCop that files at least one high-profile lawsuit a month, increasing to one a week as volume builds up. That would make a dent.
When I checked on net.admin.net-abuse.sightings, there are several hundred of these reported, and NONE of them use our domain. Checking a few at random, it looks like they are using many many many forged domains, so we are just getting the bounces from a tiny fraction of these these.
That passage was related to the Habeas Whitelist and not the Habeas Haiku . It is a License Agreement and has nothing to do with copyright infringment . Furthermore, it only specifically covers situations where people attempt to blacklist sites on Habeas' whitelist ; somthing no sane admin would ever want to do.
Please tell me you just made a mistake, and aren't smoking some really, really, really strong crack.
It doesn't really "poison" the filters, because there are just wayyyyyy too many posible words for this to work. Bayesian filters assign a huge probability of spamminess to every word in a spam email and an exceedingly low prbability of spamminess to every word in a non-spam email during training. If a word appears in both, it just averages out. Over time a given word will appear only once in a spam email with a bunch of random words, and many times in non-spam emails, and therefore after some time (or even pre-emptively) the good words will be recognized as good. The more training, the better; poisoning has little chance of success as long as there's at the number of good and bad emails going in are within an order of magnitude of each other.
That's not to say the technique doesn't help the spammers in the short run; it probably gets past less sophisticated and trained filters.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.