Slashdot Mirror
Interview with a Spampire
Bunch2 writes "In this article at OReillynet, a 'hacker' explains why he put his superior coding skills to use by writing a spam mailer called Fahrenheit. (Hint: $$$) Turns out his little creation is also being used by criminals to 'phish' bank account information from gullible folks. The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'"
The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.
Surely this has been the case for millenia? Only the specifics have changed.
The tool is legal, its what you do with it that counts. Exactly the same as P2P.
Is today the day we're supposed to gripe about the people who write tools? I thought that we're supposed to be backing the people who write programs like p2p clients that people use to do illegal things until Friday.
If I have been able to see further than others, it is because I bought a pair of binoculars.
Works every time if you use a pile driver ...
Prontab.net - Porn for geeks. (nsfw)
If you read the article, it's clear this kid has crossed the line.
Let him share a cell with Martha for a while.
Maybe we can't catch and prosecute the phishers overseas, but we can catch and prosecute the punks helping them out from the U.S.
Lose Weight and Feel Great with Isagenix
But with computer programming jobs scarce, the eighteen-year-old Florida software whiz has joined the spam trade.
Aww.. the poor kid can't make any money any other way, so he has to resort to underhanded methods... hang on:
Kittridge said he created Fahrenheit, which runs on Unix-based computers, in early 2003. At the time, he was working as a system administrator for Evoclix
So he already had a job.
I might be going to extremes but he is basically saying:
"Ok so I can't find a girlfriend so I decided to rape one!"
If he is a so called "whiz kid" why can't he get a job? I thought brilliant people would actually find original ways to prove they are better when it comes to joining the workforce.
No, you suck. No, you suck. No, you suck.
My penguin ate my sig
When you see people in places like Venezuela registering "secure-usbank.com," it sorta makes you wonder whether there should be stricter controls over domain registration. People would probably be less likely to trust a domain if it didn't contain the name of their bank in it.
Of course, too much control would hurt people who have legitimate reasons for using a name, such as, perhaps, "usbank-sucks.com" or some other sort of personal-opinion type of thing.
And on the flip side, it sometimes feels like maybe there's already too much control from corporations in particular, who take things like mikerowesoft way too seriously.Still, there's a nagging thought in the back of my head that spammers in Venezuela should have a slightly more difficult time getting secure-usbank.com. Maybe US Bank should've taken a cue from Microsoft and more vigorously defended the use of their name online.
picpix image polls. create - share - vote. fun!
"Because of outsourcing [of software and system administration jobs], it's one of the only ways a hacker can make money," says Kittridge.
Really? Sounds like the same false argument shop lifters make when trying to say there isn't work for them. No, it is just easier to steal/write malicious code then get a real job. They can say his code is a work of art, but it is still easier than trying to work at a corporation or starting a legitimate business. This criminal needs to get off his ass and get a real job.
The Army reading list
If your passion revolves around software and the jobs have dried up, and you have to make a living somehow... you're going to do what you have to.Ah, a person of questionable ethics.
Let's make this real clear for you: You are NOT entitled to work in your chosen field. Most of us do, because we fought hard to, but you are not guaranteed shit. If I had a passion for working with animals, but I couldn't get a job as a vet, do you think it'd be ok for me to go kill kittens and make money off of it? We do have an over population problem, after all.
Sure, selling spamware is unethical. But if it's that or starving to death...1. There are jobs to be had. Maybe not in your field, but there are jobs to be had.
2. When was the last time you heard of ANYBODY starving to death in the US?
Mod me down with all of your hatred and your journey towards the dark side will be complete!
You've got to remember that when a journalist / CEO / marketroid / your mom tells you that someone is a "computer whiz" that just means that they know more about computers than the speaker. It's a matter of any knowledge being greater that no knowledge.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
come on... is it a fair argument you asses there, and thru out your whole pice.
I mean, his no 'Robbin Hood' stealing from 'those bad companies' and giving to the 'poor' (like himself...) ... but rather makes life hard for the 'poor' and doesn't do anything about the 'bad companies' at all.
I don't claim I know more than I know, and if you know you know more than I know, then by all means, let me know.
Starving to death? Right-o. Perhaps if he's got the intelligence to write nice code, perhaps he may have the intelligence to think of a genuinely useful service/piece of software to sell. It might take more thought than being unethical.
Or perhaps in the meantime he can work for Ronnie's burger bar, or on a building site, or as a motorcycle courier - there are plenty of jobs around to take while you look for something better.
Oolite: Elite-like game. For Mac, Linux and Windows
I know nearly every place looking for programmers round here never advertise their pay until perhaps at the very end of interviews (or at the end of the whole interview process).
Their favourite practise seems to be asking what salary you are on know and giving a little extra (whatever they can get away with).
I can understand the attraction of the darkside, where they give you a goal and a large sum for acheiving it - prob what most coders want. Usually I get asked to work a fraction of my ability, and spend most of the time bored out of my head.
What a load of bollox.
We are up against shady corporations who lack the motivation to really give us our fair due
Get a grip. No one owes you a living. You are due nothing.
Coders who lack the necessary financial or social rewards in their lives sometimes choose the dark side of the force.
You mean social misfits or those who are not able/willing to build up a solid portfolio of work history?
This attitude a lot of developers have that they are 'elite' or somehow deserving of greater renumeration or social pathos gives me a pain. Its a job, thats it. Its not a vocation, or a mission from God. Some are better than others just as some doctors are better than others. At the end of day its just a job you can either perform well in a professional environment or not. Millions of people work shit jobs for even shittier pay without a fration of the whining the IT community can manange at the drop of a hat. As my uncle often told me 'Hard work was never meant to be easy'. If a bit of effort is too much for you then go win the lottery.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
From The Ten Commandments of Computer Ethics:
9. Thou shalt think about the social consequences of the program you are writing or the system you are designing.
Sometimes, it can be more about the gun than the person pulling the trigger.
> get tea
No Tea: dropped.
.. it prevents further "infection".
Luck really is the only thing that determines whether programmers/designers get to work for a gem.
Luck has nothing to do with it -- your own ability to position yourself and to stay aware of opportunities (and risks) determines whether or not you get stuck maintaining MFC code until 2010(*). In other words, it's just like everything else! Surely your own story suggests that.
(*) This was the worst thing I could imagine offhand. Maintaining MFC code until 2011 or later might be possible but I cannot imagine it.
Whence? Hence. Whither? Thither.
Subject lines and to avoid sending the "phish" to any addresses containing the words admin, FBI, or abuse.
I wonder if you had an address like admin-fbi-abuse@somemailservice.com, how much less spam you'd get.
Worse than the comment's author are the moderators... Why do you folks want to blame everybody else except yourselves??? Get a grip! No, coders don't go bad because somebody pushed them into it. Some coders are just on the "evil" side because coders are people and some people are just "evil".
And all your tirade about hiring processes etc. That's just because "coders" let themselves be played. Most IT folks get no education about hiring practices and laws and rarely share information with each other. Example: You don't mention the company name, is it EA? Why the secrecy? Example: post an article here about NDAs and non-competes and read all the contradictory comments. Why do we IT folks have so many different views of legal documents? Did we all all our information from an "IANAL" friend instead of a formal course at college? Example: how many zillion comments do you see here complaining about managers not playing the programmer's way? Why not try to play the manager's game? Why not try to listen to the users, have meaningful dialogs with them?
But no matter what, "far fewer coders" would not "choose the dark side" (sheesh, how old are you moderators, 12?). "Coders" will do bad things just as often, whether or not they're trained properly and treated properly. That's just human nature!
So, since we are not holding anyone accountable for their actions, you won't mind if I hire myself out to run a hit on this guy, right? I mean I have to making a living somehow.
Sure, selling spamware is unethical. But if it's that or starving to death...
On to the serious side, no one needs to starve to death in this country. Between food shelters, welfare, and temporary jobs, it is easy to get enough food to stay alive. Furthermore, I have never been in a situation where I could not find a job. It may be a shitty job that pays crap but you can almost always find a job if you want to.
The problem with poverty in this country is not unemployment, but underemployment, and the large number of people that have not been able to advance themselves out of the subsistance level of employment. I do think that we need to do something about this, but I don't buy for one second that this kid had no other choice.
If you RTFA, you will see that long before he started selling spamware, he was under investigation by the feds for DOS attacks and other blackhat crap that had nothing to do with making money - he was just being an asshole. He was intelligent, and could have found a decent job, if he had bothered investing the time to build up some good experience. If he really loved programming/security he could have eventually found a job in it. And if is only concern was money, then there are plenty of other way to do that. It's not like has years and years in college wasted by moving to another sector. He choose to be a scum and make his living by harming others.
It's hard to say what you will or won't do until you're faced with the tough decission. I know I would work for a spammer - because I almost did.
Like many, I got hit by the dot-boom. I didn't bounce too badly on the initial hit. But eventually savings, unemployment, and consulting gigs ran out. I couldn't get a crap job because I was over-qualified (apparently I lack the ability to undersell myself). I was down to the wire financially. And I have a family.
A contact of mine offered me a gig. The pay wasn't great - but it looked like some steady work. And at first I was elated that my consulting work was seeing an extension. Until I found out it was with a spammer. And while I hated to do it - I agreed to meet with the client.
Luckily for me, two days later, I ran in to an old friend who had another offer. A legitimate one for a real company with real pay doing real work. I cancelled the meeting with the spammer and never looked back.
It's important to stress that I hate spam. I have problems with the morality of spammers. And I definately didn't like what I was about to do. But I was prepared to do it, none the less. Because as wrong as it was, I was prepared to be a spammer if it meant supporting my family.
Somebody is reading this and has "hypocrit" ready to go in their paste buffer. And while I deserve the criticism, that individual would be missing the point. Spamming is wrong. And just because I was willing to do it in an act of desparation doesn't make it any more right. After all, I could turn to spamming at any given time now or in the past. But unlike most spammers, I both recognize it as wrong and will not do it if given any other choice. Hopefully I'll never be looking at that choice again. I'm not keen to be a spammer.
But I know that I would.
IT's a free market and the program isn't illegal, so what's the beef? That this kid has different morals than you or I? Stop whining and get over it: this guy isn't you, doesn't have the same needs, skills, motivations, and it's damned unreasonable for all you hypocritical smug whiners to judge him when he hasn't broken any laws.
In my book he's demonstrating the strength of the free-market, capitalistic system: there's demand for a legal product and he has the skills to meet that demand. He's an entrepreneur. If the market doesn't agree, his product won't sell and he'll have to try something else. That's the way the system works. Would you prefer that he starve to death demonstrating the 'moral superiority' of whatever belief system those of you who disagree with him subscribe to? How disgusting!
And don't say that you wouldn't do it. Have you ever been homeless? Walked miles back and forth to a minimum wage job that *just* fed you enough to survive to the next paycheck, because that was literally the only job available? How many of you have ever sat in front of a doctor and listened to her tell you that your spouse/child isn't ever going to get better, ever, but that with expensive treatment that your insurance isn't about to pay for, they can learn to 'manage the pain'? You'd be amazed what you'll do for money, when the need is more important that whether you can afford to buy the newest game system. You haven't walked in his shoes and you ought to consider that when you're passing judgement on him.
I've always tried to do what I needed to do to meet my family's needs. Sometimes we got by and sometimes we didn't. I haven't been desperate enough to do anything illegal and I hope that I've got more faith and courage than to go that route -- but I've been close before and there's no guarantee that I won't get closer in the future. I've stared into that face and I didn't like what I saw but I'm damned well not going to condemn someone else who may or may not have made the same choices I have, when all I know about him is a few hundred words from a reporter who hasn't the vaguest comprehension of the subject of his article and the self-rightous bigotry of the over-educated Slashdot elite.
The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'
He was prostituting his skills, and he knew he was doing it and he chose to do so. From the article: Kittridge's impetus to write Fahrenheit was seeing spamware selling for thousands of dollars.
In fact, he's pissed that he didn't get more money from his Johns.
Kittridge says he overlooked one key feature in Fahrenheit: copy protection. That fact, combined with his three-day, money-back guarantee, has resulted in lots of unauthorized copying and lost revenue, he says.
Coders who lack the necessary financial or social rewards in their lives sometimes choose the dark side of the force.
While people with higher morals/ethics would choose to switch professions rather than contribute to the ills of the world. Instead, he chose to add to the spam problem for some quick cash.
So 70+ hours a week of detail-oriented, highly-skilled work is easy?
Your reading skills are so poor its no wonder you have a 70 hour week. I said nothing about it being easy, quite the opposite in fact.
When the IT staff is underpaid and overworked, and they see the company president's idiot nephew get hired out college for twice the IT staffer's salary (the ones with 20+ years of experience), they get mad.
See my IT staff have an amazing capacity to be whiney bitches comment.
Yes I have seen the scandals and newsflash buddy, they apply to everyone. IT staff were not picked out individually as victims in them.
The fact is, if you are working for them then YES - THEY DO OWE YOU
No, they will recompense you with the salary and bonuses you agreed when you took the position. If thats not enough then why are you there? Is there some other company willing to pay you more that you present position is preventing you from obtaining?
If its making you life hell then you choose the wrong profession. Suck up the pain and change career or work a bit harder to improve you current situation.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
selling spamware is unethical. But if it's that or starving to death...
s/spamware/crack to schoolkids/g
I can see you trying that one on a judge.
When was the last time you heard of ANYBODY starving to death in the US?
Do you really think that even the local news covers it when some bum is found dead in an alley in December?
IT's a free market and the program isn't illegal, so what's the beef? That this kid has different morals than you or I?
The "beef" is that he's using his skills to add to the ills of the world.
Stop whining and get over it: this guy isn't you, doesn't have the same needs, skills, motivations, and it's damned unreasonable for all you hypocritical smug whiners to judge him when he hasn't broken any laws.
Ah, the old "if it isn't specifically illegal then it is moral/ethical. Sorry, that doesn't work.
In my book he's demonstrating the strength of the free-market, capitalistic system: there's demand for a legal product and he has the skills to meet that demand.
The same can be said about demand for illegal products such as drugs. They are also sold in a "free-market, capitalistic system". Just one that happens to be illegal under our current laws.
He's an entrepreneur. If the market doesn't agree, his product won't sell and he'll have to try something else.
Again, the same can be said of dealers/pushers. The only difference are the morals/ethics.
Would you prefer that he starve to death demonstrating the 'moral superiority' of whatever belief system those of you who disagree with him subscribe to? How disgusting!
When was the last time you heard about an 18 year old guy in the US starving to death? Really.
And don't say that you wouldn't do it.
Why not? I wouldn't.
Have you ever been homeless? Walked miles back and forth to a minimum wage job that *just* fed you enough to survive to the next paycheck, because that was literally the only job available?
The janitorial job I had was enough to afford a cheap apartment close to the airport. But it sufficed.
How many of you have ever sat in front of a doctor and listened to her tell you that your spouse/child isn't ever going to get better, ever, but that with expensive treatment that your insurance isn't about to pay for, they can learn to 'manage the pain'?
Okay....... where do you see that in the article?
You'd be amazed what you'll do for money, when the need is more important that whether you can afford to buy the newest game system. You haven't walked in his shoes and you ought to consider that when you're passing judgement on him.
No, but we did read the article and the only thing that he's complaining about is rent money.
I've always tried to do what I needed to do to meet my family's needs. Sometimes we got by and sometimes we didn't.
If you didn't get by then you or your family are dead.
I haven't been desperate enough to do anything illegal and I hope that I've got more faith and courage than to go that route -- but I've been close before and there's no guarantee that I won't get closer in the future.
So your family didn't "get by" it legally, but you never resorted to anything illegal. So, mathematically, your family died.
Sorry to hear that, dude.
His software was written specifically for spammers.
It has the capability to bounce messages through an open proxy.
It has the capability to take in a list of names and sort out the ones with "admin" "abuse" or "fbi" in them.
And, last of all, his program can be used by one person to annoy millions of innocent people.
A p2p program needs to be used by 2 consenting people. They might both be breaking the law, but that's something they have to both decide to do.
He wrote a program designed to send and conceal spam, knowing that it would be used to send and conceal spam and then he sold it to spammers who he knew would be using it to send and conceal spam.
The difference seems fairly obvious to me.
I've used bit torrent to download Knoppix images. Yet I don't believe that any of the people he sold his software to would be bouncing mail off of open relays for legitimate purposes.
I see nothing wrong with writing a bulk mailer.
I hate spam just like anyone else, however there is a clear need for bulk mailing apps in order to send requested notification.
Do you think online publications and retailers use Outlook or PINE to tell you about the latest article that has been released or their newest products to subscribers on a legitimate opt in list?
Spammers require tools for their trade, like it or not. And those who are in a position to provide said tools to spammers are in a great position and can make large amounts of money, regardless of how they feel their customers will use their products.
A poster to my previous post commented on his developing a porn site for a client and the issues he had with it. I don't want to speak for him, but it would seem that he weighed the benefit of such a gig (ie having an income) against the negatives of such a gig (not liking the type industry the site is a part of) and not taking the gig (ie no income).
And yes, legally, spamming is alright and phishing is not.
Help Brendan pay off his student loans
Bank tellers who feel they are being underpaid embezzle from Wells Fargo.
Athletes who know they'll get huge endorsement deals if they win will take performence-enhancing drugs to win.
Junior executives who want to advance up the corporate ladder will look the other way when their bosses employ crooked accounting methods.
IT people are no differen than anyone else. We all face difficulties in the workplace - boredom, underpayment, stress, extensive overtime, ignorant bosses, ignorant subordinates - you name it, most of us have experienced it whether we're techies or not. Moral challenges abound for us all.
The trend I've seen over the last two or three years is that techies are increasingly thinking of themselves as victims. Perhaps this is because the IT industry is maturing, and the jobs that were once seen as the exclusive domain of Big Brains are now seen as just another part of the Information Economy.
It's not an easy thing to confront, particularly if your ego is wrapped up in your job. But market forces, technical innovation, and other forces are making IT jobs in the United States less attractive for those individuals who for whatever reason are not in a position to start their own company or work as consultants.
Those IT folks who are willing to accept that getting ahead in this industry no longer is risk-free will be fine. But the days of wine and roses are over. IT is becoming a commodity. We hammer on the RIAA for failing to alter its business model in the face of technical and social changes, but what are we doing if we keep looking back to the glory days of the late 1990s, rather than preparing for the future?
Read the EFF's Fair Use FAQ
Some nerve.
semiquote: "All the jobs are outsourced to India so I have to to this to live."
I really don't care who I hurt as long as i can pay my rent.
Nice morals.
Where is my Metal Bat of Don't Do That Or I Will Beat You Again?
- Zav - Imagine a Beowulf cluster of insensitive clods...
I thought that people like you were only on TV? You had to discuss this with your wife and "*children*"? Why would you want to ever discuss this with your kids?
I doubt you did, I believe you're full of shit. Building a porn site and spamming are completely different things. You don't *have* to go to a porn site.
- It's not the Macs I hate. It's Digg users. -
Of course, the catch to publishing the full code is that spammers can then use it for free, which isn't really a good thing, but at least publishing the bugs would be a good start.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks