Slashdot Mirror
FBI Plans Spammer Smackdown
An anonymous reader writes "ZDNet News reports: '...the FBI told Congress on Thursday that it has 'identified over 100 significant spammers' so far and is targeting 50 of the most noxious for potential prosecution later this year.' and that '...an 'initiative is being projected for later this year in which it is anticipated that criminal and civil actions under the Can-Spam Act of 2003 will be included.'"
I'll believe that this stupid law is having a positive effect when I start getting less spam. Hasn't happened yet.
I wish this would have an inpact on spam. And I hope these spammers get the max sentence the law allows for, but I don't think this will even put a dent in the amount of spam that is slowing the net down.
How will I get my p3n1s enlarged?
"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
Good! My penis never got any larger. Horny wives never had sex with me. My prescriptions for Xanax never arrived. My cheap version of Windows XP wouldn't activate. My home loans never came through. Michelle's page made just for me had 900,000 visits and I'm beginning to think she is cheating on me...
They're all scammers - a bunch of spamming scammers they are!!
--- We need more Ron Paul!
Spam has made email so rediculus it's amazing.
The FBI went crazy when someone crashed eTrade, Yahoo, etc. with a DoS attack...
But the world's email has been under a DoS attack for some time, while they stand idle.
Strange isn't it? Yahoo's website goes under heavy load, and it's criminal. Yahoo's mail goes under heavy load... and it's not.
the FBI told Congress on Thursday that it has 'identified over 100 significant spammers
That's very nice, but the fact remains that 90% of all spam originates from countries that are out of the FBI's jurisdiction. What are they going to do about it?
It nothing else, American spammers will just move their operations abroad. The FBI knows this very well, so I reckon they're just making noise and spewing hot air in an effort to look like they're on top of the problem, when really they're not.
Before CANSPAM some states like California were actually making some (little) progess with their own state laws. Now that we have the Federally sponsered CANSPAM act these most of these previous laws have been rendered useless/void and a lot of them were tougher on spammers then CANSPAM is. The Feds have enough to deal with already and, it would be in their best interests to let the states handle it themselves.
Please do not let scientific accuracy interfere with the intended humourous/interesting/insightful value of this comment
...this will be the kind where they round up a little ring of spammers/fraudsters, get big headlines and call this "a devastating blow to spammers everywhere" and that they've "destroyed the backbone of the spam community".
You certainly see it happen when it comes to warez, kiddie porn, drugs, organized crime etc. (without comparison otherwise). Strangely enough, a year later they have to make another "devastating blow" that'll once again "break them".
So I wouldn't turn off the spam filters just yet, I'm sure there's dozens of idiots willing and waiting to take their place. Of course it's doubleplusgood that they're trying, just don't expect them to "end" this any more than they end any other problem...
Kjella
Live today, because you never know what tomorrow brings
Scott Richter suddenly becomes unavailable to debate SpamCop's Julian Haight.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
The FBI should follow the money:
- Who profits from sale?
- Who sells products (=pills) to spam outlets?
- Is the spam send via own mailserver or hijacked proxies, worm infected PCs...
My Server = my Rules!
Grundgesetz * 23. Mai 1949 - 30. November 2007 - http://www.vorratsdatenspeicherung.de/
A lot of the spam I get is "We detected a virus in your mail" when in fact the sender of the infected mail just spoofed my address.
It would probably be better if the AntiVirus companies didn't send such "warnings" at all, but if they want to, they should standardize on including a header such as X-virus-warning-bounce. Then the rest of us could just filter them out. It would save some of my precious mental bandwidth.
Any sufficiently advanced libertarian utopia is indistinguishable from government.
Remember the title of the article you linked to?
71% of Spam Servers are Located in China
Just because the servers are there doesn't mean the are being used by locals.
It is very likely that a good % of those Viagra spams we all so love may be sent from a Chinese server, but it is nearly as likely that they are being initially sent from the US in the first place.
Help Brendan pay off his student loans
Here are simple, uncomplicated techniques to stop a lot of spam and keep the existing system intact.
Actually, soldiers who abuse prisoners can receive a lot more than a year in prison. The first guy got one year because he wasn't directly involved; he just took the pictures. Look for stiffer sentences in the future.
"When we mail under the new law, the major ISPs focus on our From: addresses, Subject: lines, our company information, and our disclaimers on the bottom of the e-mail as well as our IP address. They use this information to block our e-mails," Scelson said.
That's the whole point - many customers pay for that service.
> Consider this - if a spammer purchases a CD with
> 1,000,000 email addresses (they're out there,
> probably more like 10,000,000 emails though), he
> would have to pay $10,000 or $1,000 to send those.
Wouldn't the spammer then just claim that $10k back as a business expense?
Personally, it's not a big problem for me, I filter out most of my spam. Or delete the ones that don't get filtered.
But as for my internet services business, it makes it hard because all the customers are getting slammed with spam and I'm always trying to do things to rememdy that, instead of working on better stuff like a nicer user control panel, better backup features, adding virtual IMAP accounts, etc.
We had the same problem at the ISP I used to work at. 50% of the sysadmins jobs where to deal with spam related problems.
So there is a measurable loss of money and productivity as a result of spam.
By shooting down everything that looks like a beginning to a solution, you are defending the spammers and postponing the date when our inboxes will once again be _ours_.
Some comments on the items you selected:
> (*) No one will be able to find the guy or collect the money
You won't know until you try, do you?
> (*) It is defenseless against brute force attacks
Maybe, but we still get to see the 50 most obnoxious spammers go through a courtcase and hopefully jail time or major fines. That is good enough for me.
> (*) Requires too much cooperation from spammers
Eh? Once the FBI figures out where they live, all they need to do is be home when they knock on his door. And then hopefully resist arrest in some extreme manner.
> (*) Open relays in foreign countries
Any spammer based in the US is vulnerable, though. Start with those, then think about how to get the rest. I'm sure some method will make itself apparent.
> (*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
That's because people like you shoot them down before they are ever tried.
You're all silly. Over 55% of the world's spam originates in the US with the closest 2nd being Canada at 6.8%. See Sophos Dirty Dozen at: http://www.sophos.com/spaminfo/articles/dirtydozen .html
Additionally, over 90% of the world's spam comes from just 200 well known spammers (w/ Alan Ralsky being #1). See ROKSO (Registry of Known Spam Operations):
http://www.spamhaus.org/rokso/index.lasso
Anyway, it's good the US is finally going after some of these people since individuals are no longer allowed to sue spammers under the Can Spam Act (aka "You Can Spam Act")
That's because that particular soldier was in a special court martial, because he agreed to testify against the others (just like a plea bargain in regular courts).
The other soldiers are in regular courts martial, which do not have the 1-year limitation.
Not everyone who posts on /. is however a geek/nerd. A fairly large amount is just angsty teen boys who think they are leet because they changed the color theme of the windows on their dell.
You can tell the parent post is not a nerd or a geek. Nerd/geeks don't get endless amounts of SPAM. We use disposable email addresses to limit the number of spam lists we are on, don't give out our email address to just every "free porn" site out there and use filters to stop the rest. That does not make us spam free but if you spend more then 1 minute deleting spam you are doing something wrong. Computers work FOR you, not you for the computer.
Please do not make everyone who uses a computer into a nerd/geek. Only those WHO understand our computers and can operate them correctly can possibly qualify.
All those who are diluged under spam fall into the luser group.
This may sound harsh but frankly I am fed up with the whining about spam. It is like virusses. Get some bloody protection and learn how to deal with it. You are the first line of defence. If you are unwilling to act then why do expect anyone else to?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
FBI should go after those who advertise in the spam. not only spammers.
Most of them are scam artists anyway. no one would pay Allan Ralsky to send all this $hit.
Wake me when it's the U.S. Army handling the spammer smackdown.
And as an upside, Bush's (flawed) policies would help "solve" the whole international jurisdiction problem that spam has.
- Neil Wehneman
My legal education, in nifty podcast format
and that is a large, non commercial email system. All the members sign up, pay a fee of some sort of adequate folding money for an email account, something high enough to make it practical to have an account, and impractical enough for spammers to use it. It's like a built from scratch giant whitelist. Any infractions, you are out. Something like the proposed google email system, that big I mean, but zero commercial traffic, none, not for any reason. The fees go to pay for the servers and bandwith, etc of the org that runs it. It would be viral in the sense that you as joe emailer tell your friends/whomever you normally conduct non commercial email with "here's my new address, it's restricted. The company doesn't allow commercial email at all, in fact, zero mail gets inside the system from outside the system. the email must orginate and terminate totally inside the system of registered users.. You can email me at this addy,after you register yourself, but don't CC to people outside, no spam or ads are allowed,you have to do your best on keeping your own computer clean, you assume responsbility for that, and this is how you can contact me now if you want to, your choice".
Then stick with it.
The main problem with email is it's so easy to have unlimited emails, so easy to create them. If an email addy was actually worth as much as say your snail mail addy or your phone number, it wouldn't be quite as bad. I don't think it would ever get perfect, but I bet it could eliminate the bulk of the bad stuff. What would an email addy that good be worth per year? I guess that's a variable, perhaps a downpayment, then a bandwith charge over a certain amount of traffic in and out of your box.
And no, I really don't have any technical details of how to go about it, outside my area of expertise. Maybe it's impossible, I don't know, but it seems like it *should* be possible. And there's nothing stopping anyone from keeping their "old" style email in addition, but at least it would be one account you know was mostly rid of spam and viruses and whatnot right from the git-go..
I say arrest them as soon as the prosecuting attorney is happy with the case.a judge will sign a warrant. Why wait?
Am I part of the core demographic for Swedish Fish?
Good grief. No law suddenly causes all violators to stop their behavior. Laws against monopolies didn't make businesses suddenly see the error of their ways and break up. Laws against racism and segregation haven't ended prejudice. The laws are merely tools allowing some authoritative body to take action against the worst offenders (and sometimes the lesser offenders).
Take laws against racism and segregation. Until the military came along and forced some schools to accept non-white students, they would have gone right on ignoring the law. It took 1) someone reporting the violation, 2) someone investigating the violation, 3) someone enforcing the punishment for the violation, and 4) someone making it know through action that violations would not be acceptable.
The FBI is investigating and getting ready to go after spammers. They have not yet enforced the punishments, but they have the authority to confiscate possessions bought with the proceeds or used in spamming (much as the IRS does for tax evaders), so losing homes and cars and computers should begin to make it less profitable to spam. Until enough spammers lose a lot, the word won't spread that spamming doesn't pay. That doesn't make the law useless - it just means it hasn't had time to make much impact yet. The degree of the impact will depend on the continued enforcement (though I believe the ratio of FBI agents to spammers is a lot better than speeders to cops).
Of course, this won't stop all spammers. There will be the diehard group (likely with mafia-style connections) who go so deep underground that they are hard to find.
BTW, spammers by their very business, want to have someone able to find them -- their "customers". (Hey, perhaps we should go after the users instead of the dealers -- slap a $250 fine on any person who buys from spam. Soon, with no one responding to their offers, spammers would go out of business. Yeah, I know this wouldn't really work.)
I was taking one day at a time, but then several days got together and ambushed me. (from a Rhymes with Orange comic)
The "Notable early accomplishments" read very strangely. They seem to have been drafted for maximum deniability. "Developed ten primary subject packets developed and for referral to Law Enforcement" "We are already planning meetings to ensure that this initiative is on track, and to further define the scope and packaging of this activity are being planned." Doesn't sound like a major roundup of criminals is in the works.
The FBI doesn't actually produce many arrests per hour expended. The FBI's Baltimore-based child porno operation produces about 1.6 arrests per agent year. They have 200 agents on that operation, or about 2% of their agent staff. (The FBI isn't that big. There are only about 12,000 agents. The NYPD is four times as large.) So to shut down 100 spammers per year, they'd probably have to devote about 75 agents to the operation, which is a big bite for them.
The DMA involvement is part of the problem. The DMA carefully crafted the CAN-SPAM act to make it expensive to enforce. The California law (which CAN-SPAM invalidated) was nice and simple - advertise using spam, go to jail. It's easy to find and arrest the advertisers, who collect the money. CAN-SPAM requires finding the actual spammers, which is much harder. With the DMA working closely with the FBI, they can direct the FBI away from "responsible e-mail marketers", as the DMA puts it. They may also receive FBI cooperation in lobbying against stronger anti-spam legislation in future.
Because the top -5- spammers are responsible for probably 90% of the spam. By nailing the top 50, we'll be left not only a tiny fraction of the spam that used to be flowing, but just the tiny operators who don't have a) vast amounts of cash to mount legal defenses, or b) the technical resources to keep changing their tactics to get around filters. And hopefully, once the littler fish see what's happening to the big operators like Ralsky and Richter, they'll get out of the game entirely and go back to dealing meth and whoring out their daughters for nickels.