Paid To Spam

Lathiat writes "It seems that spammers have taken a new distributed approach to sending spam, and you get paid for it. Virtual MDA will pay you $1 per CPU hour their program is running to relay spam around the world. Obviously this is not something you should do, most users are all to familiar with the atrocity of sorting through up to hundreds of spams a day just to find one real email, Although it has been previously reported that some users love spam, I for one don't. Is there any way end users can fight back against people like this?" At $1/hour, this sounds like a low-gain way to infuriate both your friends and perfect strangers.

Fight back!

[YanceyAI]

(1 x 24) x 7 = $168/week.

I say we sentence the people who like/read/send spam to filter through all the email that the filters tosses, just to make sure no legitimate email has been accidentally deleted. Maybe if the know what it's to sift through this crap all day long (like I do when the server filter goes down), they'll get the drift.

Re:Fight back!

[TykeClone]

Is there a minimum CPU level? How much spam can a 486/25 send in the course of an hour's worth of cycles?

$1/hour

[PurdueGraphicsMan]

At $1/hour, this sounds like a low-gain way to infuriate both your friends and perfect strangers.

What happens when other spammers adopt this business model? That $1/hour assumes that you would only work for one spammer at a time. If you were really trying to make a career out of it I'm sure you'd be working for as many spammers as once as you can handle. That being said, it's still a very sleezy way to make a few bucks considering the majority of people hate spam.

I for one would feel like I was selling the rights of everyone else for a living. I'm not sure how people can feel "good" about doing something like this.

Re:$1/hour

[Maestro4k]

• That $1/hour assumes that you would only work for one spammer at a time.

Actually it's $1 per CPU hour, so you can only work for one spammer per CPU hour. Seeings as spammers spam nonstop, I doubt your CPU cycles would ever be free to sign up with another spammer.

Re:$1/hour

[myc_lykaon]

I for one would feel like I was selling the rights of everyone else for a living. I'm not sure how people can feel "good" about doing something like this.

It's the tragedy of the commons I'm afraid. Why do people murder? Why do people steal? Why do people feel the need to break into your house, steal your laptop and your CD collection and then take a shit in your bed? They feel, so long as it is 'them' doing it to 'not them', then it is a null question. They are sociopaths. 2k years ago they would have been left outside the village barricade and been told to fend for themselves and never come back. Now we see them as an tolerated byproduct of freedoms in society and not ostracising them as a mark of our civil advancement.

Re:$1/hour

[Suidae]

What makes you think I'd actually report valid data?

Never trust a client computer, particularly if you are a spammer paying that client.

I'd be willing to report about 500 hours of work per day to as many spammers as I can scam.

Re:$1/hour

[danidude]

I for one would feel like I was selling the rights of everyone else for a living. I'm not sure how people can feel "good" about doing something like this.

Well, It is not a breaking new, but there are people in the world capable of killing, practicing genocide, throwing planes into buildings full of other people. I'm sure that finding people willing to gain a buck/hour when it is the computer that is doing all the work will not be that hard. Unfortunelly. :(

Re:$1/hour

[Eraser_]

Assuming they don't seed the list with their own addresses to insure validity (damn gave them the idea), whats to stop you from just, you know, setting up your {freebsd|openbsd|linux} gateway from re-routing port 25 traffic to your own custom sendmail hack? "Accept" all the mail it sends and pipe it to /dev/null. Check to see if it's the daily report or whatever just in case they use email to send themselves the data. I see this as a great way to STOP spam ;-)

Great

[TheSpoom]

Great. Way to give them free advertising on a very popular website. As much as Slashdot has users that for the most part hate spam, we also have trolls and people who just don't care and see this as a way to make money. I can hear them cheering right now.

On another note, perhaps legislation should be put forward to outlaw distributed (this would have to be defined further... perhaps third party or in a different physical location, obviously wouldn't want it to affect legitimate servers) mail delivery like this. There's not really any point in a widescale distributed email delivery system OTHER than delivering spam that I can think of... Though I'm sure spam companies would try to come up with something. In this case, I think legislation may be a good thing.

Re:Great

[Mr.+Darl+McBride]

Great. Way to give them free advertising on a very popular website. As much as Slashdot has users that for the most part hate spam, we also have trolls and people who just don't care and see this as a way to make money. I can hear them cheering right now.

Oh, tish tosh. They're now very much in the public eye because of articles like this, which means a better chance of a politician spotting them. And, being an election year, they'll be tripping over themselves to be the one to legislate this monkey into the ground.

Believe me -- they would very much have preferred to have the URL passed around by naive high-schoolers on AIM than have had it thrown so far and wide as this.

Re:Great

[Jeagoss]

Well, I wouldn't call it free advertising. I would call it preventitive measures. It appears their website has been slashdotted. The slashdot effect seams to be a very good defence for preventing people from visiting a website. Maybe, we should just run a different story every hour or so with the website address of this software in it.

illegal in many places

[PrvtBurrito]

It also needs to be said that this is also illegal in many places (due to spam laws). Spammers are very good at hiding their identities. Stupid users are not, and would be relatively easy to get caught. Honestly, it sounds like a money saving scheme, get someone else to break the law for you, and you come out clean as a whistle. -Sean

Once again, missing the obvious!

[wowbagger]

Folks, they are paying PER CPU hour, not per wallclock hour.

Since in almost every case you will be I/O bound, while this thing may tie up your entire connection it will not run more than a couple of CPU minutes per wallclock hour.

Thus the spammers screw the people doing this - they think they are going to get 24*7 = $168 a week, but they really are going to get about 24*7*.1 = $16.8 a week. Then they will get nothing because their account was terminated.

HOWEVER, this gives us a GREAT way to screw the spammers - run this sucker on an UNDERCLOCKED machine.

WAYYYYYY underclocked.

Like about 100 kHz.

That way, even with a modem the program will be CPU bound.

Re:Once again, missing the obvious!

[imr]

No, YOU missed the OBVIOUS:
they are SPAMMERS, they won't pay, EVER.

Re:Cool! I'll do it!

[greechneb]

I'm sure they send a test message so they can check that you actually are sending spam.

Spammers may be immorral liars, but they aren't stupid!

No Payday

[Mr.+Darl+McBride]

You can bet that you'll never see a dime. Of course they're going to insist that they only send a check once you reach $100 or some number like that. And how many ISPs will tolerate four days of spam complaints? Hint: None of them are in the USA. And if you're not in the USA, ask around and see who's heard of an "international small claims court."

Re:Thousands per year

[nojomofo]

If I'm going to sell my soul, I'm going to sell it for a lot more than that!

TOS?

[Richardsonke1]

First of all, does this mean that the mail is sent through your own mail server? If so, that's a major TOS violation for most ISPs. If your computer is going to be its own mailserver, that may not work either, because of the number of ISPs now blocking outbout mail servers on their networks.

Secondly, check out their own TOS. For example, this line:

"In the event of technical problems or data loss which causes a loss of account information, your account will be reset at $0.00, and you hereby waive any and all claims for any amount previously accrued but not yet disbursed."

So, not only are you helping spammers, but if they "accidentally" drop that table in their database, they don't have to pay you a thing. Sounds like a really good scam to me. I should go buy a house and put in the contract that if I forget to pay, the house is free for me to keep and the loan is forgiven.

College students

[Sefert]

This is going to be extremely appealing as easy money for college students who often have broadband connections and very little extra cash. This amount of money goes a long way. The smarter ones will even figure out a way to throttle the connection so they don't catch hell from their ISP for bandwidth usage. This is extra appealing to people in countries outside of the U.S. where the U.S. dollar has more buying power. Add 25% alone in value for us Canadians. I expect to see widespread adoption. Most importantly, this will really make the use of blacklists irrelevant as I expect these machines will act as their own SMTP servers.

Re:Thousands per year

These aren't "good Xian soldiers" here (not that that would be any better). Do you REALLY trust them to pay?... I somehow doubt that they're willing to cut you a cheque or M.O. Wouldn't surprise me if they were running a double-scam: "Yeah, umm, your $1723 weasel payment is coming right up. Can we just have your account and routing numbers?"

Not that we would fall for it, but just think about who will.

Not so free...

[blorg]

...when their internet connection gets pulled. Which would probably happen within the first week.

Re:Not so free...

[Chiasmus_]

A few boxen on the party-end of a T1 would be $8k/yr. each

Well, the fact that a company would happily pay you $1 an hour to send spam over an ADSL is strong evidence that, if you were delivering spam from eight machines hooked up to a T1, you could be making far, far more than $8 an hour.

I mean, if you want to be evil, why pay most of your profit to a middleman?

Re:Take the money and run

[semaj]

How can they check that you're actually processing the spam? Sign up, block the outgoing non-meat product and take their money.

Well, it's a pretty outlandish, off the wall type idea, but perhaps maybe add a couple of their own addresses in there and see if they arrive?

The Lighter Side

[MrNonchalant]

There will be plenty of anti-spam tirades and jokes, so I will not bother duplicating that effort. However this is the first instance I've heard of commercial distributed computing (I'm sure there are others). If this trend continues, and I have faith that it will, some very cool sh!te could be in our future. I for one would welcome $1 dollar a processor hour for something not connected to penis enlargement and illegal nigerian money transfers. Though I have to wonder if eventually the computers will unionize and demand a higher hourly wage.

Your check is in the mail.

Riiiiiight! We'll pay you, sure. Your check is in the mail.

Re:ISPs

[Ben+Hutchings]

Practically every AUP says that. That doesn't mean they actually stop people doing it.

Re:IP address fun

[AKnightCowboy]

Now they can spam up all the cable ISP's IP blocks, and once a block gets blacklisted they can just switch to a new set of users. Brilliant.

Yes, very "brilliant" of them. The only thing this will accomplish is getting port 25/tcp blocked all across the Internet completely whether you're an offender or not. Thanks asshole.

Re:ISPs

[Suidae]

Cox blocks all outgong and incoming connections on the standard SMTP port.

As a 'power user', I was a bit annoyed when I noticed this. Then I reconsidered, I'd rather be forced to my ISPs SMTP relay (which really isn't a big deal for non-business accounts) than have spammers free to send email.

Yeah, right.

[Phs2501]

Since

• They're paying by CPU time
• Sending mail is by nature completely I/O bound
• Computers are really really fast these days
• They're not paying anyone until they build up $50

It's almost a certainty that they will never have to pay anyone anything before they are put out of business. It would take months if not years to build up fifty hours of CPU time sending mail over a cable modem. And if they actually manage to hook someone with a rediculously large pipe, they're getting their money's worth in spades.

This is a brilliant scam for people who don't know what CPU time means.

Re:CPU hour, not normal hour

[gl4ss]

so what is a cpu hour?

does a VIRTUAL cpu hour cost?

how about running 100 clients on one computer under virtualisation on one feeble line that, that gets the sent spam filtered later on the line anyways, just to screw these guys up?

And when thay are done sending spam?

[Zocalo]

Virtual MDA will pay you $1 per CPU hour their program is running to relay spam around the world.

And what might "their" program do when, after approximately one CPU hour, the IP that it is running on has been blacklisted and is no longer of use for spamming? Join a DDoS net? Download and host some very dodgy software or porn? The list goes on... Still, at least you'd be able to afford a quartet of two bit lawyers when you get busted for hosting a kiddie porn site or something.

Re:Hungry People.

[gcaseye6677]

Good thing you didn't go for something like this. All it would do is leave you broke and without an internet connection, after it was shut off for spamming. And as other people have pointed out, its unlikely that you would have gotten paid. I'm sure the agreement has enough technicalities in it to let the company use almost any excuse not to pay you. Its unfortunate that sleazy companies do tend to prey on those who don't have a lot, since they tend to be the most desperate for any offer of money, no matter how unlikely it really is.

Re:CPU hour, not normal hour

[DR+SoB]

True although, Windows for example will never let a single application always run at 100% CPU, because if so, the OS wouldn't be running now would it?

Look at it this way, if you let it use 100% CPU usuage, but only give it a 1bps internet connection (use a router to alterate the uprate speed or something), do you still get paid by CPU? Isn't the problem with spam bandwidth not CPU? I'm so confused! Would a person running a 486 with a modem get paid as much for 100% cpu as someone running a zSeries IBM mainframe on bundled T3's??

Re:IP address fun

[micromoog]

I'm a commercial bulk emailer.

Does telling yourself you're not a spammer make your money seem less dirty?

Re:IP address fun

[CritterNYC]

I'm a commercial bulk emailer. We've wanted to do something like this for a while but always got scared off by liability issues.

This is a brilliant solution because the one thing we're always short of (even as legal bulk emailers) is IP blocks that aren't blacklisted **SNIP**

Except for the fact that *legitimate* "commercial bulk email" uses confirmed opt-in (note that I didn't say "double opt-in", a term used by spammers to imply that it's somehow extra work), has a simple and effective unsubscribe process, never purchases or rents lists, never assumes permission to do anything (email, phone, physical mail, etc), provides something of real value (weekly commentary newsletter, real sales specials, etc), and doesn't send it out too often. I have colleagues that support companies with thousands subscribed to weekly newsletters and the like (industry commentary, etc) which they send directly from their own mail server and they've never been on an RBL or had a spam complaint.

Perfect use for Vmware

[Oriumpor]

Dual Processor Xeon Server system w/2gigs of ram: $4000
Single Professional License for Vmware from ebay: $200~
The ability to milk a spammer for 30 bucks an hour: priceless.

Tucows,yahoo,hotmail,ghandi stop supportin 'em

Domains contained within spam messages nearly always have contact information with emails at yahoo or hotmail. Even more often than AOL. Much more often now that I'm thinking about it. Spamcop, and other reporting services, and yahoo and hotmail directly, need an automated mechanism (or they can do it manually) to 1. disable the yahoo or hotmail account in the whois listing, and then they need to inform the registrar that the contact information is not valid. And they need to pressure the registrars (and ICANN if necessary) to disable the domain registration (let the registrar keep the registration fee if necessary) of the domains contained inside the spam mail.

The next step is to go after the domains directly. The domains inside the spam messages are using name servers. Those nameservers need to be checked for correct whois info, and if they are using yahoo or hotmail contact info, yahoo and MS/hotmail need to 1. disable the accounts, and 2. pressure the registrars to drop the registrations of the domains used by the name servers. This also needs to be automated. I need to be able to go to SpamCop, paste and submit, and then the service needs to be able to send spam reports to not just the open relay owner or isp of the open relay, but also to the domain owner's isp, and the isp of the name servers. And at the same time, the registrars need to be pressured to drop the registrations of not just the domain in the spam, but the nameservers as well.

Tucows, you fuckers, stop providing a safe haven for spammers. Tucows keeps popping up when I'm checking the whois info on the domains contained in spam messages, and in the registrations of the name servers. Stop providing a safe haven for spammers Tucows. And /.ers should make sure to vote with their feet when it comes to sending money to registrars that provide cover for spammers. Ghandi, same story.

Anyone using DomainPeople for domain registration? How's this for their attitude on spam? (I received this after getting spammed repeatedly by one of their customers, and complained to them, this is the response I received):

As a Registrar, DomainPeople is not responsible for the content or marketting ethics of the Registrant and will not act on abuse complaints unless the request comes from a valid dipsute organization or is accompanied by a court order.

I hope no /.er ever uses DomainPeople (or Ghandi (Ghandi.net?) or Tucows) for anything.

Re:Just out of curiosity

[shachart]

I'm working on it. No, seriously, I am.

I'm starting a distributed computing start-up that pays internet users for their cycles. And yes, there is a business model.

Interested in joining? Unmangle my slashdot-mangled email address to drop me a line.

Oh my goodness

[Allen+Zadr]

Since your post - it seems like this place is suffering under slashdot load. I'm afraid that some people have actually figured out number 2 in the 1, 2, 3: Profit! Scenario.

Bottom line though, good luck finding an ISP that will sell you a T1 without SPAM restrictions. Perhaps more importantly, you would be 1/2 or 1/3 responsible for any CAN-SPAM violation law-suits. That would put a hamper on your day. The lawyer fees alone would swallow your profits whole.

Re:validation

[hpavc]

yes they send special messages through you and test that they got them.

simular to mass snailmail mailing where you rent a list from someone and then if you continue to use it after the period you paid they know because they planted fake people in the list.

Re:Hungry People.

[schon]

all I had to my name was my PC, and a free internet connection.[...] if I was ever in the same situation again, I would sign up for this in a heartbeat

And you'd deserve everything you got - like having your internet account terminated, and not getting any money.

Remember rule #1: SPAMMERS LIE.

These are people who have no problem with stealing from people. You really think that they'd pay you?

Spammers are con men who prey on stupid people. I'm guessing they're counting on people like you.

I value my principles more than material goods

Didn't you just finish saying the exact opposite?

Re:First thought....

[Violet+Null]

Though spammers have, as a rule, shown themselves to be pretty dumb in general, they are not, as a rule, dumb technically.

Trivial to have every nth (perhaps with some random deviation) email address be one of a number that the spammer itself monitors. If the mail does not get to those monitor accounts, you don't get paid.

Re:Thousands per year

[ForteTuba]

I dunno, if I were writing a program like this, I'd insert mail addresses I monitor into the stream of addresses I sent out. If I send one of those addresses to you, and I don't get my mail back, no soup for you.

Don't forget the spyware!

[nf0s3c]

From their license agreement: Examples of information that we collect, other than through the registration form, include URL of visited pages, registration for offerings and IP addresses. Examples of data gathering activities include web page retrieval, domain tld discovery, and internet port/proxy discovery. Upon termination of the online session, closing of the browser and/or termination of your membership, this information will no longer be collected. We gather this information to improve the administration of the services and to increase the earning potential of our members. What a deal - lose your ISP, get sued, give them free marketing data, then have them lose the info to pay you. They even charge YOU a $3 check processing fee just to pay you.

Re:Not that much

There's another thing here as well. There's very little likelyhood that ANY computer can dedicate more than 95% CPU to a single task (unless you are running this program on DOS). It also assumes that they give you enough addresses to process to actually make this type of money (very doubtful).

The other corollary here is that it really doesn't take that much CPU to saturate a T1 with spam. Figure an ordinary computer can pretty easily fill 100 Mb/s, and your T1 line limits you to maybe 0.02 cpu-hr/hr. That makes your 24/7 top line not $840/week but only $16.80/week.

This is one of those too-good-to-be-true offers.