Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lycos Anti-Spam Screensaver Brings Down Spam Sites

Posted by CowboyNeal on from the online-vigilantes dept.

ChairmanMeow writes "According to BBC News, the screensaver released by Lycos Europe that targets spam websites has been a bit too successful at targeting spam sites, bringing down two sites, with a third responding intermittently, and raising concerns that the screensaver amounts to a DDoS attack against spam sites. Of course, spammers deserve to be punished, but will DDoS attacks against spam websites help to curb the problem of spam?" While the screensaver allegedly throttles back when a site slows, it would seem it's being a bit overzealous.

23 of 715 comments (clear)

  1. Anyone Thinking about a Mozilla Plugin? by stecoop · · Score: 2, Interesting

    Instead of using Adblock we need Ad-Double-Block. With Ad-Double-Block you wouldn't not only block the image but use spare bandwidth to repeatedly click on add banners behind the scenes. If I understand the article correctly, the software reads your email and sends clicks through to the web sites listed that are in a spam box(?) while the screen saver is on throttling back when the site slows. Of course you should be able to configure the pain threshold for the sites.

  2. DDOS? Or manual takedown? by dtfinch · · Score: 3, Interesting

    How do we know that the spammers didn't just take their servers offline in response to the attack?

  3. Re:Is It Right? by networkBoy · · Score: 2, Interesting

    TFA says that the program attacks sited advertised in the spam, thus the source machine of the UCE is not the target.
    -nB

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  4. What I think will happen by xgamer04 · · Score: 2, Interesting

    Spammers will hire scumware authors to write apps that packet sites who target spammers, making the circle complete. Then, the masses (tm) will get infected with the scumware. It isn't that hard to figure out.

    --
    When you look at the state of the world, how can you not become a radical, liberal anarchist?
  5. Not a DDOS by renehollan · · Score: 4, Interesting
    People voluntarily chose to run this, no? It isn't like there's one person using a bunch of machines (with or without their owner's permission) to launch a coordinated attack.

    Rather, it's a bunch of people coordinating their requests for information. At worst, it's civil disobedience (though not directed at government) or an organized, peaceful protest.

    I had a similar idea a while back, where people supportive of a cause could voluntarily elect to permit their computers to engage in simultaneous activity coordinated from a single point. It's cool to see this.

    --
    You could've hired me.
  6. Re:Hmm. by k98sven · · Score: 3, Interesting

    Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer...

    Yes, but you'd have to make that mass-murderer. Which means all the difference, I'd say.

    A spammer targets millions of people who have to put up with their junk in their mailboxes and on their networks.

    A DDOS attack is thousands of people targeting a single individual.

    Besides, if thousands of people are independently of each other voluntarily accessing these particular sites, then there's no crime in that. (AFAIK, you can't be convicted of 'conspiracy to disable an internet server through requests')

    I don't generally condone vigilante justice, but this is no more criminal behaviour than what thousands of Slashdotters engage in every day. Only with a different aim.

  7. Re:Bad? No way. by Jaysyn · · Score: 4, Interesting

    I think my screensaver has quit attacking, it just fades to gray with the text "stay tuned" at the top.

    Jaysyn

    --
    There is a war going on for your mind.
  8. A new DDOS attack by Random+Hacker · · Score: 2, Interesting

    Say you don't like Nabisco (pick company of your choice). Pay a spammer to send out millions of spams advertising Nabisco. Now Lycos adds Nabisco to its list, and all those guys running its web server do a DDOS attack on Nabisco.

  9. Who died and made Lycos vigilante of the Net? by discord5 · · Score: 4, Interesting

    Hey, I like the idea of punishing spammers, but Lycos is playing a game that's very dangerous. They're doing DOS-attacks (by proxy) on servers, and where I live that's actually a crime. While sending lots of unwanted e-mail will get you a slap on the wrist, DOS'ing a machine without written consent actually gets you jailtime. Where is the liability here when someone installs this screensaver? Is the end-user responsible for the DOS, or is Lycos responsible?

    Another point on this is that this only brings more traffic to the Internet. I know, what's a few measily packets when people are leeching torrents like mad, but still. While this effectively disables spammers for a while, remember that you can't fight fire with fire (or SYN with SYN in this case).

    And what about machines that accidentally get on the list of machines to be abused? Hey, I know that in theory only bad guys get on the list, but I've had enough customers actually get on an RBL while they don't spam.

    This is dangerous ground we're walking here, and sooner or later someone is going to call their lawyer. The ISP that provides internet access for the spammer perhaps, or perhaps even the spammer who knows that where he lives sending spam is nothing compared to DOS.

  10. Re:I honestly don't care by jaeson · · Score: 2, Interesting

    How do you know that someone hasn't spamvertised a competitors website?

    What Lycos is doing is at best stupid, and at worst illegal. There are better ways to fight spam.

  11. Re:Worrying by ookabooka · · Score: 3, Interesting

    You are absolutely right. Drawing a line will become a problem. I personally hope that Lycos continues this program, and that someone eventually sues. The government needs to step in and solve the spam issue. With lycos going all vigilante, it forces the government to address what it has long ignored. In my opinion, if the government sees a certain site protected under the law such as freedom of speech, then you cannot spam it. If it finds a site's business practices unethical and/or tries to shut it down, let the populus help. My main concern is for overseas spammers, where our government has no control. In the end, you could have the user select what they wanted to "attack", afterall, it is their bandwidth they are "legitimately" using.

    --
    If you are about to mod me down, keep in mind that this post was most likely sarcastic.
  12. They are being blackholed... by Anonymous Coward · · Score: 1, Interesting

    This: "Lycos Screensaver Site Blocked by Internet Backbones" is true. Some service provider only lists have been full of people disecting the client traffic and the update servers have been blackholed, moved, blackholed again. Lycos will be giving up. Plus it was a poorly designed client.

  13. Re:Quick! by Jaysyn · · Score: 3, Interesting

    Art of Sense is the only one of those that still loads. Text from the front page.

    "Welcome to Art Of Sense Studio by Alvi Siren.

    Special note: We are an innocent victim of Lycos anti-spam program and our lawyers preparing a lawsuit against it."

    Does anyone have any SPAM from these guys to debunk that claim?

    Jaysyn

    --
    There is a war going on for your mind.
  14. A few bits of info.. by BawbBitchen · · Score: 5, Interesting

    Lycos is not auto-grabing the urls from the spam. It is having someone open the spam, verify it is spam, verify the end link url for the Viagra or such. Only then is the site added to the target list. Lycos has said that they are not trying to take down the site but cost it money. Seems that they did not write their software right to take into account that everyone and their grandmother hates the spammers and would install it. So a few spam sites went down. I am of the opinion that this is a good thing. They should change their software so it does DoS the site. Having been/worked on large networks I can say that a DoS will 99% of the time only affect the hosting company and the people that sell them the pipe and most likely only at that pipes termination. (Also it is not a true DoS in the sense that the software request the page and completes the transaction!) And I say so the fuck what!?! The hosting company should get screwed for hosting the spammer.

    It is about time we (the collective geeks) do something real about spam. Sure I have SA and all that installed but it is a pain, cost us money (time and hardware). Spammers should be shot. Spammers website should be hacked and cracked and trashed. The companys that knowingly host them should get the same. Their are no laws or police that can fix this chaos we call the Internet. It is up the the users to handle the shitheads.

    It is time to declare ALL OUT WAR SPAMMERS. Let our motto be "Victory or....NO CARRIER!!!"

    1. Re:A few bits of info.. by jmorris42 · · Score: 2, Interesting

      > It is about time we (the collective geeks) do something real about spam.

      The only people who can 'do' something about spam are the ones who run the backbone. When they decide doing the "wink wink nudge nudge" game of loudly proclaiming their hatred of spam and signing pink contracts with the spammers isn't profitable anymore spam will end. If all of the major providers started enforcing their published AUP/TOS against their downstream customers spam would vanish in short order. Yes a few examples would have to be made, China and Korea would probably be booted off the network for a week or two, but it would end. Windows zombies would start getting detected and shutdown in hours instead of the current weeks to never. In short, spam is condoned at the highest levels of the network and will continue until that changes.

      > Spammers should be shot.

      Ok, I can't officially endorse that unless their country of residence passes a death penalty on spammers or something. But as in my original post, I certainly dream of seeing spammers with holes in their heads and lots of gibs flying through the air.

      > Spammers website should be hacked and cracked and trashed.

      So long as it doesn't involve an attack against the network in general, I can't find an ethical problem with that.

      > The companys that knowingly host them should get the same.

      So long as it were organized, sorta like the old Usenet Death Penalty, no problem. Just so long as there is protection of the innocent and not a general smash and burn of any provider who gets a spammer loose on their system.

      --
      Democrat delenda est
  15. Comment removed by account_deleted · · Score: 4, Interesting

    Comment removed based on user account deletion

  16. Re:Bad? No way. by oexeo · · Score: 2, Interesting

    > Err ... I think you're wrong.

    No you are wrong. If you alter the Location directive to point to a page other than the page requested, *most* clients will follow it.

  17. Re:Hmm. by HybridJeff · · Score: 3, Interesting

    No, its like telling evreyone on your street to take their own ads and drop them in the mailslot of the advertising company. If I drop off off one add it isnt my probalem that 200 other people did the same thing too. Or 2000, or 200,000 other people.

  18. Re:Bad? No way. by Geminus · · Score: 4, Interesting

    The really bad people are the ISPs. I know some folks at MCI and AT&T... they know their customers are spammers, but as one MCI rep said, "They pay." Some ISPs would be shut down due to a lack of revenue if it weren't for these little providers harboring these SMDs (Spams of Mass Dissemination) I say we should call nato and organize a fact finding investigation. Now let's liberate some servers!

  19. Re:Bad? No way. by Anonymous Coward · · Score: 1, Interesting

    Wow! You are setting a new standard in uninformed stupidity!

    If you had bothered to read any of the many articles that were posted about what Lycos were doing, you would know how the spammers are being identified.

    All you have done is shown us all that you shouldn't be allowed near anything more complicated than a stick.

    I just hope you are unemployed and not fucking up some poor companies systems with your complete lack of conscious thought and cognitive skills. What a fucking tard!

  20. Re:Why stop with spammers? by swordgeek · · Score: 2, Interesting

    While I generally agree with you, there are a few counterarguments that need be considered:

    "If DDOSing a site you don't like becomes generally acceptable behavior, the net is in some serious trouble."

    Keep in mind that this isn't about sites that we don't like, or sites that offend us--it attacks the sites that CRIMINALS use to perpetrate their CRIMES. Theft of service and fraud are pretty obvious, but I can't believe that most spamming isn't tied into organised crime these days.

    As for the 'net being founded on people generally playing nice together (with some minor checks and balances), well that's what has led to spammers having as much power and as big of a market as they do. They have abused that basic premise, to the point that the net we once knew and loved has been destroyed.

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
  21. Internet Lawless ??? by K.Bu · · Score: 2, Interesting

    No, seriously, the 'net was founded on principles of consensual anarchy.

    By signing onto the Internet, the spamming companies agreed to join a transnational network that was effectively above the laws of any one nation.

    My Friend, there is another transnational network that have existed way before Internet. In your country, I think it was AT&T who built it (not sure). This network, even if transnational, was not "lawless". The IP adress is now what was the telephone number, but you are still under the constraints of the law, the law of your country and if you are not american, the law of your country plus the law of the country you communicate with...

    Interresting reading to finally iron this perception that there is a "cyberspace", different from the "meatspace".

    I think most geeks that can't get a girlfriend would love to have a different world, where they can do all those wonderfull things that could finally impress some girls... Sorry my friend, there is no such world.

    I don't get how you could get rated Insightful...
    The Internet might have been wild in his early age, but as he goes mainstream, the legal crowd will order rules, with time passing, until it is fully ruled under national laws...

    Interresting reading for you my friend (In english, I'm not too cruel with you, you see !) :
    HERE

    Note : I'm not against US, like the author, but his point is still valid. Meatspace rules, Cyberspace is an illusion...

    --

    ---
    By the way I apologies my dear US friend, I'm French...
  22. Why I think it is an awesome idea by aws910 · · Score: 2, Interesting

    I agree. I think the screensaver is a great idea. You can say what you want about ethics and all, but the fact is that the spammers are already mounting their own DDoS attacks on anti-spam sites. Did the authorities do anything? Nope. Think about it... if a guy sucker-punches you in a dark deserted alley, would you punch back or ignore him? Spammers have clearly declared war on anti-spam sites(and the general public). I liken the DDoS of SpamCop in November 2003 to Pearl Harbor. The only difference is that after Pearl Harbor, we defended ourselves and vanquished our opponent. What was the outcome of the SpamCop DDoS? "Well, you'll just have to invest in better filtering software and pray it'll work". I'm tired of hiding from spam. We have to fight back.

    I read the reports here and there about a spammer getting jailed/fined/lynched, but my inbox still fills up. I'll bet that for each spammer that is jailed/fined/lynched, you have 5 new spammers filling the void. What is being done to stop this? Not a lot. Spamming is still a HUGE moneymaking opportunity with relatively few barriers to entry, and it is "legal"(as long as you cover your bases).

    IMO, the best thing about this tool is that it will allow the common man to "get back" at spammers. I think people have lost their patience. They don't want to wait months for the next half-baked, loophole-laden piece of legislation that the spammers in other countries will just laugh at.

    Another facet of this discussion is enforcement (at least in the US). Many sites say that it will open you up to legal trouble, which may be true by the letter of the law. But consider this - very few spam that I receive are "can-spam" compliant. This, coupled with the fact that the US is the biggest source of spam, indicates that the US Government is having trouble enforcing a law that it made specifically against spam. IANAL, but I don't think there is a federal law against DDoS'ing. I'm not saying it's OK to DDoS, I'm just saying that I think you'll be struck by lightning 3 times before you get nailed for DDoS'ing a spammer.

    And about the DoS at the user-level... If Lycos only directs a user to DoS spammers in countries outside of the users' own country, does the spammer have any recourse other than to complain to the DOS'ers ISP?