Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lycos Anti-Spam Screensaver Brings Down Spam Sites

Posted by CowboyNeal on from the online-vigilantes dept.

ChairmanMeow writes "According to BBC News, the screensaver released by Lycos Europe that targets spam websites has been a bit too successful at targeting spam sites, bringing down two sites, with a third responding intermittently, and raising concerns that the screensaver amounts to a DDoS attack against spam sites. Of course, spammers deserve to be punished, but will DDoS attacks against spam websites help to curb the problem of spam?" While the screensaver allegedly throttles back when a site slows, it would seem it's being a bit overzealous.

46 of 715 comments (clear)

  1. Bad? No way. by Malevolyn · · Score: 5, Funny

    It's nothing illegal. Just packet spam.

    --
    Your ad here.
    1. Re:Bad? No way. by networkBoy · · Score: 5, Insightful

      Really,
      Is there anything legally wrong with this?
      It's not a "bot" army in that the owners of the PC's opted in to do this.
      -nB

      --
      Damn 2 min between posts BS has got to go. Should be limited to within topics or something :grrr:

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    2. Re:Bad? No way. by name773 · · Score: 5, Funny

      Spam is a bit harsh; the lycos screensaver is a legitimate bulk packet sender.

    3. Re:Bad? No way. by Rei · · Score: 4, Funny

      I can just picture the packets now. They try to send to every destination port on the target machine, the control bits are always set to "Urgent!" (URG), the source IP is deliberately set incorrectly, the data segment is malformed and contains a fake "opt out" message at the end...

      --
      The *special* hell.
    4. Re:Bad? No way. by Jaysyn · · Score: 4, Interesting

      I think my screensaver has quit attacking, it just fades to gray with the text "stay tuned" at the top.

      Jaysyn

      --
      There is a war going on for your mind.
    5. Re:Bad? No way. by neitzsche · · Score: 4, Insightful

      Vigilantism (sp? Is that even a word?) is legally risky at best. I would love to see lawmakers specifically exempt Lycos in the specific anti-spam effort. I'd also like to see lawmakers pass laws that increase spam penalties to death by slow and painful torture. Maybe that's just me.

      But there's a big problem with the concept of legalizing even such specific vigilante acts. Where does the line in the sand get drawn? My USA Lawmakers seem ignorant (at best) when it comes to technology issues. Furthermore, making an exception for spam only would likely open the door to tremendous abuse. Would GWB authorize DDOS against non-Republican affiliated endeavors?

      It's a slippery slope. As much as I like the concept, my doubts are not being assuaged.

      --
      "God is dead." - Frederik Nietzsche
    6. Re:Bad? No way. by pcmanjon · · Score: 5, Informative

      One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos.

      Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

      If it does execute code, (which would be a security hole vuln.) then I suggest they just do a get on www.moretgage.info/fakepage -- which isn't apparently blocked.

    7. Re:Bad? No way. by severoon · · Score: 5, Funny

      Well, wait a minute. It's clearly unethical if the screensaver sends random data to these spammers web sites--that's clearly a DDoS attack. On the other hand, if it's not random data and it's, say, business opportunities and offers of various useful products that the spam sites might want to know about, I'd say this screensaver is providing a valuable service to them!

      --
      but have you considered the following argument: shut up.
    8. Re:Bad? No way. by vacuum_tuber · · Score: 5, Informative
      One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos. Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

      Right. Pretty much all of the recent news stories about this got it 100% wrong. In fact, from a sample HTTP request someone posted in one of these Lycos threads here, the screen saver doesn't even request a valid file. It generates a GET or POST intentionally formulated to generate a web server error response. Very clever. Not so clever are all the whiners and speculators who erroneously presume things like the imagened vulnerability of the Lycos tool to HTTP redirection.

      --
      Look at the bright side: there's always seppuku.
    9. Re:Bad? No way. by Tackhead · · Score: 5, Insightful
      > Spam is a bit harsh; the lycos screensaver is a legitimate bulk packet sender.

      Exactly. If the mortgage guys don't like the packets coming from our screensavers, why haven't they sent us any opt-out requests?

    10. Re:Bad? No way. by Geminus · · Score: 4, Interesting

      The really bad people are the ISPs. I know some folks at MCI and AT&T... they know their customers are spammers, but as one MCI rep said, "They pay." Some ISPs would be shut down due to a lack of revenue if it weren't for these little providers harboring these SMDs (Spams of Mass Dissemination) I say we should call nato and organize a fact finding investigation. Now let's liberate some servers!

    11. Re:Bad? No way. by tomhudson · · Score: 4, Insightful
      It's sad though, because people are getting attacked who are innocent.
      These people were far from innocent
      One reply from a guy who is being attacked:

      "One israeli company that was supposed to sell our paintings spamed the
      internet,
      and loaded pictures from our site to save on their traffic.
      Come on, they deserved what they got. They hired someone to spam people ("sell our paintings on the internet") - they should have checked out just "how" they were going to accomplish this.

      Wilfull ignorance is no defense.

      We have no direct connection to this spam.
      Bullshit. They paid someone to spam people, and now they're trying to say it's not their fault. They should have done their due diligence and asked just how this spammer proposed to market their paintings.
    12. Re:Bad? No way. by ArcticCelt · · Score: 5, Funny

      I think we are on something here! The screen saver should send something through the GET like:
      http://www.spamersite.com/?do_you_want_to_increa se_you_bandwich_by_three_full_gb

      --

      Yahh, hiii haaaaa! -Major Kong, from Dr. Strangelove
  2. Actually... by Anonymous Coward · · Score: 5, Informative

    It's according to Netcraft. Their story is Spam Sites Crippled by Lycos Screensaver DDoS, followed by Lycos Screensaver Site Blocked by Internet Backbones and Lycos Screensaver Site Changed, Now Says "Stay Tuned". F-Secure also says spammers are beginning to fight back by redirecting traffic back to Lycos.

    Come on people, primary sources! This isn't elementary school.

  3. Quick! by powerlinekid · · Score: 4, Funny

    Post the links to the sites it targetted, we can finish them off!

    --

    can't sleep slashdot will eat me
    1. Re:Quick! by shdragon · · Score: 5, Informative
      Ask & ye shall receieve.

      www.bokwhdok.com

      rxmedherbals.info

      blundering.subbvbvf.com

      http://m39.computergearplus.com

      www.artofsense.com

      printmediaprofits.biz

      --
      "...we dont care about the economics; we just want to be able to hack great stuff."
    2. Re:Quick! by oexeo · · Score: 5, Funny

      All those links are down, do you have any mirrors?

    3. Re:Quick! by LiquidCoooled · · Score: 4, Insightful

      To me, it seems their marketing campaign has gone the wrong way.

      I don't see any problem with email offers as such as long as they are above board so to speak, for instance because I have signed up for a company, or expressed an interest in a product.

      Up until recently they had an email signup form on the web, and its not difficult to signup anyone you want, the site is quirky enough to raise a laugh amongst friends (I went through a phase of signing up folks to knitting pattern newsletters!).
      (Archive link: http://web.archive.org/web/20040202064714/www.arto fsense.com/signup.html)

      On the signup page, they do state that they never sell emails or pass to others, which considering the whole look and feel of the site (small family art business) seems like a reasonable line.

      Now, if one of those friends was on Lycos and marked it as spam its quite feasible that the Lycos engine has taken it onboard as spam.

      This could mean Lycos makes no distinction between a reasonable prospective mailing from a small reputable company and the hardened multimillion hidden linkage spyware infested crap.

      But then again, I'm possibly very wide of the mark.

      --
      liqbase :: faster than paper
  4. Hmm. by digitalgiblet · · Score: 4, Insightful

    Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer...

    1. Re:Hmm. by colman77 · · Score: 5, Insightful

      No, it's not- it's fighting back. This should serve as a lesson to those spyware kiddies, too. It's about time these malware losers got a taste of their own medicine.

    2. Re:Hmm. by drinkypoo · · Score: 4, Insightful

      Look, they can send you spam for any kind of tenuous "business relationship". Why can't I send them packets under the same terms? If they send me an email, then we have a business relationship, right? I'm just visiting their website... 20349875029375 times.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Hmm. by legirons · · Score: 5, Funny

      "Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer..."

      except without the fires and dead people...

    4. Re:Hmm. by NetFu · · Score: 4, Insightful

      No, no, no. You're looking at it in the wrong scale.

      What we're talking about here is like everyone in a neighborhood going to the house of their local Jehovah's witness or door-to-door salesman and constantly knocking on their doors to try to sell THEM something.

      Or an even closer equivalent would be a screensaver that would call telemarketers over and over and over again to "inform" THEM that you don't want anything they want to try to sell you.

      It's an disruptive, pre-emptive attack against people who do the same thing to all of us every day. To equate either act to murder or arson is insane!

  5. OMG, you're right! by rackhamh · · Score: 5, Funny

    What a horrible thing to do to those friendly neighborhood spammers. :(

  6. I honestly don't care by nzgeek · · Score: 4, Insightful

    I don't care if the spammers' servers are DDoSed. They can take their fucked-up business model and shove it, as far as I am concerned.

    Good on Lycos for finally having the balls to stand up to these guys. The spammers have been stealing bandwidth off all of us for far too long now.

    --
    gadgetophile.com
  7. Unmoderated system? by rubberband · · Score: 5, Insightful
    As the admin of my mail system's spam filter, I would like to see nothing more than "drag a spammer in to the street and beat them with a keyboard until they repent day" but I worry about this system.

    Who controls the list of "spam sites"? What are the criteria for becomming a victim? I would personally like this process to be transparent before I encourage anyone to participate - I do think they have the best intentions, but the potential for abuse is a bit scary.

    That's what sucks about the spam war.. the good guys have to be careful how they deal with the problem to avoid accidentally screwing someone innocent. The bad guys just double their output.

  8. Worrying by jmorris42 · · Score: 4, Insightful

    Yes, spammers are evil scum who need a standard NATO round square in the forehead. But this sort of rough and ready justice worries me. An attack on the network is an attack on the network, period. If this sort of thing becomes respectable where does it end?

    If it is OK to DDoS spamers, who else is it ok to knock off of the net?

    Kiddie Porn?

    Regular Porn?

    Nazi/Skinhead sites?

    Anything YOU think is a 'hate site'?

    Anything ANYONE things is a 'hate site'?

    Anything anyone objects to for any reason?

    Business competitors?

    Political opponents?

    Anyone applauding Lycos for this had better be ready to draw the line somewhere on that list above and defend why their line is the absolute correct one in language all can agree on or that line will creep down at Internet speed.

    --
    Democrat delenda est
    1. Re:Worrying by raehl · · Score: 5, Funny

      line will creep down at Internet speed.

      African internet speed or European internet speed?

      --
      paintball
  9. Not a DDOS by renehollan · · Score: 4, Interesting
    People voluntarily chose to run this, no? It isn't like there's one person using a bunch of machines (with or without their owner's permission) to launch a coordinated attack.

    Rather, it's a bunch of people coordinating their requests for information. At worst, it's civil disobedience (though not directed at government) or an organized, peaceful protest.

    I had a similar idea a while back, where people supportive of a cause could voluntarily elect to permit their computers to engage in simultaneous activity coordinated from a single point. It's cool to see this.

    --
    You could've hired me.
  10. Re:DDOS? Or manual takedown? by colman77 · · Score: 5, Insightful

    Does it matter? Mission (screw the spammers) accomplished either way.

  11. Which is a very good idea... by raehl · · Score: 4, Insightful

    ... as least until one of your arsonists accidentally burns down the murderer's neighbor's house.

    --
    paintball
  12. I love spam by sparks · · Score: 5, Funny
    I am always interested in novel commercial propositions. There's nothing I love more than seeing what exciting offers are available in the way of bodily enhancement, alternative medicines, and high-return investment opportunities.

    Don't you feel the same? I'm sure you do.

    Wouldn't it be great if someone would create a screensaver that would automatically visit the websites of the vendors of these enticing offers and display them on my screen? I'm a fast reader so it would be great if it could show a few each second.

    That way, I'd be able to read all about their exciting products without having to do anything at all.

    If there was such a screensaver, maybe lots of people would download it. After all, I'm sure we're all interested in the products on offer. And what e-entrepeneur wouldn't want to have thousands of interested potential customers visit his web site every second?

  13. Who died and made Lycos vigilante of the Net? by discord5 · · Score: 4, Interesting

    Hey, I like the idea of punishing spammers, but Lycos is playing a game that's very dangerous. They're doing DOS-attacks (by proxy) on servers, and where I live that's actually a crime. While sending lots of unwanted e-mail will get you a slap on the wrist, DOS'ing a machine without written consent actually gets you jailtime. Where is the liability here when someone installs this screensaver? Is the end-user responsible for the DOS, or is Lycos responsible?

    Another point on this is that this only brings more traffic to the Internet. I know, what's a few measily packets when people are leeching torrents like mad, but still. While this effectively disables spammers for a while, remember that you can't fight fire with fire (or SYN with SYN in this case).

    And what about machines that accidentally get on the list of machines to be abused? Hey, I know that in theory only bad guys get on the list, but I've had enough customers actually get on an RBL while they don't spam.

    This is dangerous ground we're walking here, and sooner or later someone is going to call their lawyer. The ISP that provides internet access for the spammer perhaps, or perhaps even the spammer who knows that where he lives sending spam is nothing compared to DOS.

  14. A few bits of info.. by BawbBitchen · · Score: 5, Interesting

    Lycos is not auto-grabing the urls from the spam. It is having someone open the spam, verify it is spam, verify the end link url for the Viagra or such. Only then is the site added to the target list. Lycos has said that they are not trying to take down the site but cost it money. Seems that they did not write their software right to take into account that everyone and their grandmother hates the spammers and would install it. So a few spam sites went down. I am of the opinion that this is a good thing. They should change their software so it does DoS the site. Having been/worked on large networks I can say that a DoS will 99% of the time only affect the hosting company and the people that sell them the pipe and most likely only at that pipes termination. (Also it is not a true DoS in the sense that the software request the page and completes the transaction!) And I say so the fuck what!?! The hosting company should get screwed for hosting the spammer.

    It is about time we (the collective geeks) do something real about spam. Sure I have SA and all that installed but it is a pain, cost us money (time and hardware). Spammers should be shot. Spammers website should be hacked and cracked and trashed. The companys that knowingly host them should get the same. Their are no laws or police that can fix this chaos we call the Internet. It is up the the users to handle the shitheads.

    It is time to declare ALL OUT WAR SPAMMERS. Let our motto be "Victory or....NO CARRIER!!!"

  15. Berman tried that by www.sorehands.com · · Score: 5, Informative

    Last year, Berman tried to pass a copyright measure which would immunize a copyright holder's efforts to stop someone from violating their copyright -- hacking into their system to remove the material, take it off the network, or shut it down.

    --
    Fight Spammers!
    1. Re:Berman tried that by Anonymous Coward · · Score: 4, Insightful

      *blink* oh, yeah, really clever law.
      RIAA hacks into someone's computer.
      Person has no legal recourse against RIAA
      Person hacks back and knocks the RIAA off the internet / nukes their network / whatever
      The point is that when there's no peaceful resolution (i.e. a court settlement), then everything descends into a non-peaceful solution, i.e. a free for all. And, simply, the RIAA wouldn't have much of a case in the courts against someone for the counter-hack - IANAL but if the person hacked CANNOT defend themselves against it in the courts (particularly if nothing infringing was found) then to hack back to prevent yourself from being attacked is self defence, defence of property not person, but nontheless self defence.

      The other possibility is that with all the hacking and counter hacking going on, firewall and other defensive technology should improve no end, which is good. Eventually the computers will all be locked up so tight that it ends in a stalemate, with a situation identical to that today, except that it'll be because no-one can get into the other's computers, rather than because it's illegal.

      Quite simply, if the law refuses to protect something or someone then the law can't complain when someone or something protects itself. That's got to be written down somewhere.

      Although I'm probably entirely wrong because IANAL at all, in any way, shape, or form.

    2. Re:Berman tried that by dgatwood · · Score: 5, Insightful
      The point is that when there's no peaceful resolution (i.e. a court settlement), then everything descends into a non-peaceful solution, i.e. a free for all.

      Welcome to the Internet. :-)

      No, seriously, the 'net was founded on principles of consensual anarchy. That's the way it has always been, and the way it always should remain. By signing onto the Internet, the spamming companies agreed to join a transnational network that was effectively above the laws of any one nation. If someone wants a protected little world, they should wall themselves off from the 'net behind eight firewalls and never communicate with the rest of the universe. If a whiny, crybaby spam business wants to fight against it, let them try. Next time, the 'net's tendency towards autocorrection will ensure that they get BGP blackholed for all eternity.

      The right solution for solving spam is not one of government. We don't need laws to make DOS attacks on spammers legal because they were never illegal to begin with. They agreed implicitly to accept whatever the Internet threw at them when they signed on. This is the way the Internet has always worked---when polite discourse fails to correct the error of one's ways, the 'net's response is to isolate the problem in the harshest possible manner to serve as an example to others who might choose to also act in ways that are harmful to the best interests of the 'net.

      There's simply no other mechanism for solving this sort of problem other than everyone giving up on unsigned SMTP, and since too many people aren't willing to do that, the only alternative is to simply packet-spam the spammers into oblivion. I say, let their routers burn.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    3. Re:Berman tried that by neitzsche · · Score: 4, Insightful
      The right solution for solving spam is not one of government. We don't need laws to make DOS attacks on spammers legal because they were never illegal to begin with.

      Dude, that is like, what, +500 insightful? I wish I could un-post so that I could mod you up.
      --
      "God is dead." - Frederik Nietzsche
  16. So I guess you really CAN say it this time.... by WebCowboy · · Score: 4, Funny

    ...NETCRAFT CONFIRMS IT
    the Lycos screensaver is dying (but it'll take a few spammers down with it)

  17. Comment removed by account_deleted · · Score: 4, Interesting

    Comment removed based on user account deletion

  18. What's really cool is... by jd · · Score: 4, Insightful
    This is the second time this week that a major news site has cited Slashdot as a major news vendor and partial source for their story. (The Guardian did a few days ago.)


    We could be seeing a dotslashing (a reverse Slashdot) where this site is bombarded by visitors because of all the links to it.


    The really terrifying part is that non-geeks will get to see how geeks communicate...

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re:What's really cool is... by ryanmfw · · Score: 4, Funny
      see how geeks communicate...

      Uh, they probably won't see much communication here...

      Cheers, Ryan

      --
      Hurricane Ivan: A 17th century prison collapsed. All of the inmates escaped.
  19. Re:Why stop with spammers? by TheAwfulTruth · · Score: 4, Insightful

    As long as they can do it to /. as well.

    Why not get every person and every site on the net to DDos the entire farking thing off the planet? Doesn't that sound like fun?

    Think about it, there is not one thing on the net that probably isn't an annoyance to at least one person out there.

    If DDOSing a site you don't like becomes generally acceptable behavior, the net is in some serious trouble.

    It's entire foundation of the internet being based on believing that people will generally "play nice" (as it is) is on the verge of causing it's destruction here.

    Lets keep cool heads. Boycott and stop supporting the use of the lycos screen saver and get back to work on a better email protocol!

    --
    Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
  20. But sir.... by krbvroc1 · · Score: 4, Funny

    Dear Spammer,

    I hope you enjoy the packets we are sending you. This is a not SPAM. Previously you opted-in for these packets. If you would like to be removed from our packet list, please turn off your machine. Thank you.

  21. One question by ScrewMaster · · Score: 4, Insightful

    How does taking down a spammer's Web site stem the flow of spam? The two aren't related, and in fact all that's happening is that a hosting company somewhere is getting blasted (not that that bothers me ... host a spammer's Web site and you can just take your lumps.) However, actual spam is sent using open relays and other bits of misdirection and likely isn't even on the same pipe as the Web site. Sure, this sends the spammers the message that we don't like what they're doing ... but one has to assume that they already know that. I guess I don't see what practical purpose this is serving.

    --
    The higher the technology, the sharper that two-edged sword.
    1. Re:One question by Fjornir · · Score: 5, Insightful
      Simple. Economics! Spam is an attractive massmarketing tool simply because it it so SO cheap. If it becomes common for sites selling through spamvertising to be protested in these virtual sit-ins then two things happen:

      a) Their bandwidth bills go up from all of these bots reloading them, increasing the cost of using spam a LOT.

      b) The people who would want to buy their product are discouraged by long pageloads and sporadic outages, decreasing their revenues.

      --
      I want a new world. I think this one is broken.