Slashdot Mirror
Gates' Resolve in Bringing Spammers to Justice
An anonymous reader writes "It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us. Unless that company is Microsoft. Since the beginning of 2003, Microsoft has filed 96 lawsuits against spammers, and 119 lawsuits against phishers. By any measure, 215 lawsuits constitutes a legal juggernaut. "
The Pope is dead.
Microsoft is considered good?
What the hell is going on?
It's just SO like Microsoft to go with lawsuits rather than, you know, improving their software.
OT: God damn bank withheld $0.97 last year.
Hooray for Microsoft!
What?...
What?!
Wow - Microsoft/Gates usually gets a bad rap on /., but
kudos to them for going after the
scumbags
of the Internet. Another group I find annoying is the folks
who do
referrer
log spamming. Even though I don't publish those log stats (so their
efforts are to naught), they continue to send their stupid traffic
and it's a bit annoying to see in the web log analysis.
Hulk SMASH Celiac Disease
...I don't know about the rest of you, but considering that plenty of Windows-IE-only sites still plague the internet, I would say that "the scum that are ruining the Net for the rest of us" includes Microsoft.
Don't you realize that every time you say something nice about Microsoft, Bill and Melinda dine on one of those Indian babies they've "saved" from HIV? How to serve man, indeed!
In all seriousness, the spam epidemic is actually caused by a relatively tiny number of people, so it would seem that this is a workable strategy - but the cause will just be taken up by people outside of our jurisdiction (Russians, mostly.)
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
...how long until they use this legal and financial power against their "patent infringments"?
And the Korn wil blum in the face of those who lak pity...
Indeed.
Read your own site, you illiterate moron! You get PAID to run this site, run it with a modicum of professional pride of craft!
All the big ISPs have been after spammers for quite a while now. I believe that AOL is owed a few million by that bankrupt spammer who featured in another /. story quite recently.
Strange: If any one company out there has the install base to actually do something technical about spam, it's Microsoft, yet they'd rather sue than improve their product.
I'm surprised ISP's aren't filing hundreds of lawsuits. They claim their servers are so overworked by all the spam, but they aren't doing anything effective about it (legally or technically).
Reducing Spam makes people use MS computers (and Exchange) more (as opposed to the alternatives).
:)
- Investing in spam filter technology reduces spam.
- Sueing spammers also reduces spam.
The optimal strategy will be to persue both strategies till they yield the same rate of spam reduction.
And that rate should be determined by whatever they think they earn on spam reduction.
My bet is that someone at MS has done the math.
And it keeps their lawyers sharp, who knows how and when that will come in handy
...probably just got tired of getting spam and 419ers in his Hotmail inbox / Outlook Express. So instead of developing better filters, he decided to take them out.
Someone might as well invite BillG to Gmail already.
Sure, there will be spammers who think they can evade folks like Kornblum, Spitzer, and Abbott. But for every one of them, there will be others who--when they see what happened to Scott Richter as a result of Gates' resolve--hopefully will realize that spamming and phishing are bad career choices.
So the 'script kiddie spammers' drop out and the smart spammers take over, making even more money. It's supply and demand, and apparently there is demand for SPAM from this small-penised, high-mortgage, porn-searching world.
The next step is improving their software and improving the security on their platform. Just keeping regular security updates is good. Hopefully they will continue with their Anti-Spyware tool which isn't bad.
If there's one place Microsoft should feel right at home, it's in court. . .
The only acceptable defense of scientific results is to say that they were the product of the Scientific Method.
I know it's very hard for some of you people to get over your silly fanboy-ish attitude, but when MS does something good, why not praise them. Yes, they have bad business practices. Doesn't mean you have have crap on their image every single time.
This is somewhat like P2P. They might not be able to get whomever is joining these spamming companies for work, but it would certainly discourage people from getting jobs in these places. I think just that would prove a significant blow to these places.
My two cents.
"It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us. Unless that company is Microsoft."
For your information, the scum that is ruining the Net for the rest of us is... Microsoft!
I'd rather see twice as much spam in my inbox as I'd see Microsoft to continue abusing it's monopolistic powers to break every computer related standard known to man...
Didn't Bill Gates vow to rid the world of spam entirely within 2 years at some stage? I am sure I read that somewhere. Can anyone find a link to such a quote?
http://www.sandstorming.com
Why does no one (big company or university) sue the ISPs that let own3d boxez and zombies connect and stay connected? if the ISPs looked for the zombis and told those users how to be good "netizens", and offered a CD of EASY TO USE removal software, the spam problem would disappear over night, without bots, no one could send 100,000,000 emails per day.
Referer log spam is a scourge, but as best as I can tell, it doesn't violate any laws.
Just to piss off Billyboy.
---- Booth was a patriot ----
"It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us."
I don't know about the rest of you, but spam doesn't trouble me in the slightest. It's been a number of years since I've actually seen spam getting through to my inbox more than every 6 months. Hotmail was blocking it fine, and gmail does an admirable job. Sure, it's illegal, but I don't really give a shit as to how companies are going to stop it, it really doesn't affect me.
People have been extorting idiots for centuries, this is just another form of it. A fool and is money are easily parted, they say. This proves it true, and I have no qualms with all this trash floating around the 'net, the idiots who click on things like this would be losing their money regardless.
if they are not served.
While it may be de rigueur here on /. to bash Microsoft, sometimes one has to put the tinfoil hat away and commend them for doing something good.
Sure, you can pull out some commercial motive behind this act, but hey, so what? When they annouce their fantastic new anti spam OS, we can bash them here, but if these lawsuits do help in reducing Spam, then hooray for MS!
Apropos, I remember reading that billg@microsoft.com gets one million messages every day, 98% of which is Spam. I suppose he just got plain old PISSED OFF!!
If they become the unofficial police of the internet, they will be first in line to be the official ones, when government (with a little help from microsoft) decides that such a body should exist.
I think it's meant to be a form of irony.
This makes me so sad that I've been running FreeBSD, Linux, and various Solaris versions instead of paying Microsoft outrageous sums of money all these years so they can us it to go after SPAMMERS. Of the shame of it all........
Open Source servers don't implement crypto-signed email headers, so spammers continue to use those servers to send spam.
/. culture was that anti-MS.
And you manage to blame this Open Source failure on Microsoft?
I didn't know the
It is good that those annoying spammers and immoral phishers are getting some negative consequences for their misbehaviour. However, it would be in the same spirit for Micro$oft to stop annoying me with their "There is a new MSN update available" spam. When I click on the popup spam, I get an option "to not receive this update message for a week." But there is no option to turn it off permanently. Very annoying.
taking enough literature classes years ago when I was in College!
What evil purpose is behind the M$-scene?
http://slashdot.su/
They sue spammer, they win, they get awarded money.
Yea Bills in this to improve the net like he sent money to the AIDs victims because he wanted to help. It's called PR people, I suggest you think about it.
I like muppets.
It looks like a way of benefitting customers with some of the money they gain thanks to their unlegal OS monopoly.
It's probably the first good thing they did since they started the company and sincerely wish them to succeed. However I bet that it will require a years-long legal campaign.
Where are the supposed "good guys"?
I realize the OSS community is doing things with their software to try and defeat spammers and phishers, but let's face it, legal action is the only real course of action to stop these guys (or at least whittle down their numbers).
Phishers and spammers will always find ways around filters, no matter what intelligence is brought to bear with new algorithms. New mail protocols would help, but we are hopelessly mired in a standard that will take a miracle to topple at this point (perhaps some new multi-media e-mail standard?). People won't buy into an e-mail system other than SMTP/POP unless it brings something significant to the table, and is as simple and easy to use.
The OSS community has for-profit companies out there... why aren't they flexing their muscle to help stop these scammers? Microsoft is at least doing something... and it demonstrates exactly what a big corporation like that can do when that lkind of capital is directed at doing something worthwhile.
I think in the fervor to attack the supposed "evil monolith" people here tag as "Micro$oft", they forget exactly how much Gates, his company, and his employees donate to good causes around the world.
1. Change your email address.
2. Never give it away except to established websites (Amazon, etc) that require it and to friends/family.
I abandoned my old college 20-spam-a-day email address after graduating. Since switching and then following these two policies, I have received only 1 spam message in the past 7 months.
My guess is the he is Chinese and, knowing the history of John Paul II, it would make a lot of sense to have a Chinese cardinal elected as the Pope.
John Paul II brought down the Communism in Europe, this guy will bring down Communism in Asia.
At least we could say that Microsoft is doing what they do best for the good of all :)
Funny how what we'd normally consider bad suddenly turns for the good.
... as long as spammers believe that there is money to be made by spamming. And that means that spamming will continue as long as email is so cheap to send and as long as there are sufficiently many dimwits who respond to spam. And there doesn't have to be very many such dimwits. You can sue as many spammers as you like; as long as there is money to be made, new spammers will appear in their place. The only irreplaceable part of the equation is the low cost of email compared to the money to be made even from a very low response rate.
I don't know what the typical response rates for spam are, but even if one in a thousand or ten thousand recipients is an idiot who answers the spam and sends money, or even one in a million, then it's worth it to spam, because the cost of sending a thousand or ten thousand or even a million emails is nearly nothing. At any rate, it can easily be much less than what spammers charge for their product.
One conceivable alternative is to make it more expensive to send email. If there were some way to establish "postage" for email, then even infintesimal costs for sending email, say 1/100th of a cent per email, would probably be effective, because then spammers would lose money by sending a million spams. But I can't see how such a system could be enforced, and I doubt that most people would go along with it, even if the costs for normal email use is very low.
I also doubt that any amount of education or cajoling could reduce that rate of idiots in the general public to less than one in a thousand, certainly not less than one in a million. Putting all these thoughts together, I come to the depressing conclusion that we will never, ever be able to make spam go away, no matter what we do.
Always keep a sapphire in your mind
The music industry files another 1,000,000 lawsuits today to stay in competition with Microsoft on filling the most lawsuits.
By any measure, 215 lawsuits constitutes a legal juggernaut.
I guess you've never heard of a little group known as the RIAA.
Or are you brown nosing again?
Simple logic, spammers use zombied machines to hide their tracks and spew millions of copies of garbage on the internet.
Thus, if Windows wasn't so exploitable and innocents duped, the spammers could be tracked and those ISP's responsible shut off from contacting the internet.
Make sense moron?
Oh the irony.
- First they ignore you, then they laugh at you, then ???, then profit.
I'm glad to see that somebody is going after these theives. Now, if only law enforcement agencies would press criminal charges against them, and help ordinary people out the way they do for corporations, we'd be all set.
"Do I dare disturb the universe?"
There's a large Utah-based law firm that is about to be very underemployed. Perhaps Microsoft should just hire them directly instead of using SCO as a proxy? 8-)
Surely Microsoft has the resources to enlist the (admittedly unscrupulous) help of the Russia mafia in the solution of this problem.
Mr. Irving R. POINTYSTICK!!!
N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
so i would like to nominate microsoft for most litigious organisation. along with sco and church of scientology.
So unless the ISP's start filtering, nothing will stop the spam from getting to the people who will buy from it.
Suing spammers is just a way to hopefully get hotmail back to a point where you can actually use it.
More like, they'll jump at the chance to appear to be a champion of the people (you know... users), and to offload the evil factor somewhat onto another entity.
1. To the general public it looks as if they are solving the issue, where we know here that most spam is send by proxy on Wintendo machines.
2. By solving it this way they do not have to solve the technical unsafety.
3. If they win they make money out of the spammers.
Now if I were Microsoft, I would just start suing everybody. As long as you see that the case will be more expensive then what they can afford, people will settle out of court. Where you took Joe "the bonecracker" Seipacchetti to meetings to 'convince' people of the advantages of insurence, you now just take a lawer with you, take their money and don't even bother about delivering anything.
As long as 'suing till they are broke' is possible, I fail to see justice. Sorry. No matter how much I hate spam, I hate justice by money even more.
Don't fight for your country, if your country does not fight for you.
I don't know for you but for some reason
MS suing the spammers reminds me of
that MS vs. the Borg skit.
Difference it that I don't know if I should cheer for either side. (both are still evil)
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
Why do you ask?
Okkkaaaaayyyyyy.... Do you have ANY evidence that such has resulted in ANY reduction of spam?
From what I've seen, spam levels haven't dropped at all.
So why do you believe that this approach is effective?How many cracked Linux boxes do you think the spammers use? None? Well, it would seem that the OSS community is dealing with the problem at the technological root.Again you go with your ASSUMPTION that lawsuits will result in less spam.
That's the THIRD time you've hit that ASSUMPTION yet you have not provided any EVIDENCE that supports it.Why do you Microsofties hang out here?
If the best you can do is, "Bill does some good things with the money he made from illegally leveraging his monopoly", then you've lost from the beginning.
When you're worth $50Billion, it's easy to put a few million on some pet causes. And the gullible hero-worshipers will eat it up.
Yay! Bill is taking some spammers to COURT!
But Bill is NOT working with the Open Source community to implement PATENT-FREE systems to improve email.
And THAT is the deciding factor. Bill makes a LOT of money from illegally leveraging the desktop monopoly.
Bill sells a LOT of crap software that is completely insecure by default (and makes a LOT of money from it).
But you think that other people don't understand because they still dislike him even though he is willing to take a tiny percentage of his money to do some nice things (as long as those nice things in no way, shape or form could ever harm his illegally leveraged monopoly).
So, would YOU feel sorry for those spammers if THEY were giving hundreds of thousands of dollars to fight hunger or disease?
Would you support their continued spamming efforts?
If you say "no", then you're a hypocrite.
I can't bring myself to cheer wildly for Microsoft but I can do a muted golf-clap.
*clap**clap*
*clap*
--
Robbing banks is VERY lucrative.
Yet your corner bank isn't robbed every day (or week or month or year).
There might be strong incentive to send spam and make lots of money, but the spam still has to go out on technological avenues. All you have to do is to identify those and limit their effectiveness.
#1. Zombies.
#2. Open Relays.
#3. Individual email accounts (30 day AOL free!)
#4. Sites owned by the spammer.
If you look at it that way, you'll see why MULTIPLE measures are needed. What will work against zombies will NOT work against Individual email accounts.
If you deal with the tech, then the incentive won't matter because there won't be any way to implement it.
Since this is about Microsoft's involvment, I'll focus on what they could do.
#1. Zombies. Microsoft announces a partnership with the ISP's and those ISP's block outgoing port 25 on their home connections. Microsoft offsets the cost of this with a couple $$Million$$ to each ISP for hardware upgrades and support calls. Anyone who needs port 25 access (people who work from home and don't have systems setup to handle it) can call and have enabled for their address.
#2. Open Relays. Microsoft forms a partnership with spamhaus, spamcop, etc to mirror the open relay databases of those people. Since Microsoft also has Hotmail and MSN, Microsoft is in a great position to identify new open relays and add them to the list as they are abused.
#3. Individual email accounts. Not much that Microsoft needs to do here. All the ISP's need to do is to limit the outgoing email to 10 unique connections per minute.
#4. Spammer sites. Again, Microsoft helps by hosting a mirror of the blacklists.
There, the spam problem is down to a tiny fraction of what it was. The spammers might still WANT to send spam, but HOW are they going to do it?
#5. The chance of getting caught. Just try this little experiment. Call you local police station (not via 911 or any emergency number) and do the following test:
1. Tell them you are a bank and are being robbed
2. Tell them you are an individual and are being robbed
3. tell them you are a person and are being scammed
4. Tell them you are a person and are being spammed
I am sure that with the last one most of the time you are asked to get lost. When number 3 and 4 come together, it mostly ends with "Sorry, they are in another city/state/country/mindset.
It should be governement who should be going after the spammers, not companies or individuals, Now in the worst case what can happen is that they say: OK, we will not spam hotmail/msn anymore. Settle out of count and go on with business.
Don't fight for your country, if your country does not fight for you.
The more they howl about spammers, the less attention will be paid to the fundamentally broken qualities of Microsoft email clients. Security holes in Outlook? LOOK OVER THERE, IT'S A DIRTY SPAMMER.
When I was a kid, we only had one Darth.
Microsoft NEVER does anything without a motive to line their pockets and force their monopolistic practices on everyone. Microsoft has proven this time after time, so don't be so quick to applaud their actions.
They key to solving spam is to move away from it. Email has been out quite a long time, and has greatly helped to increase communication in the world. But as many, including Don Knuth, have stated, it's time for email to die its timely death. There are many more capable tools out there, which serve for faster and more reliable communication, without being subject to the extreme abuse of email. I realize that the odds of people quitting email is low, but all legacy systems fade eventually.
Microsoft Sucks, F/OSS Rocks. I get mod points now right?
Go after the farkheads making the spyware!
MadOgre.com
You know, if Firefox had 95% of the browser market, those folks would prbably add some goodies and people would start writing Firefox-only sites.
In general, the only people who care about standards are the people who watch while almost everyone else goes off and does what they want to do.
-- Slashdot: When Public Access TV Says "No"
Is Gates going after spammers per se, or going after competition They still sell out their Hotmail and MSN mailing lists to interested advertisers, don't they?
What did I say in my original post?
Yet your corner bank isn't robbed every day (or week or month or year). Gee, do you suppose that SECURITY can counter INCENTIVE?
Which was the ENTIRE point of my original post.So TECHNOLOGICAL solutions (the machine that dispenses the cash) are implemented to counteract the INCENTIVE.
Again, that was the entire point of my original post.It doesn't matter WHERE it is stored.
What matters is the SECURITY.
If a jewelery thief has to rob the storage site instead of the store, so what? The INCENTIVE is still there.
But the SECURITY measures mean that almost every attempt will fail, no matter what the INCENTIVE is.
Now, to bring this back around to the ORIGINAL article, filing LAWSUITS will NOT stop spammers the same way jail time does NOT stop robbers.
Lawsuits and jail time are not enough to counter the incentive of lots of easy money.
It takes well-designed and well-implemented SECURITY measures.
I think you stopped at the first line of my original post.
90% of security problems on the net today are due to Microsoft's inability to produce systems that don't have massive security holes.
This is just another PR move by MS. It makes them look good to non-geeks while all of us techies know what's really going on. A bunch of lawsuits aren't going to stop the spread of spam of virii. Sure they may punish the big-bad-wolves of the industry, which is a good thing. But the money won from the defendants (if any) of a lawsuit should go to something like the w3c or the ieee for research and implementation of standards that will serve to prevent spam and the like from being the norm anymore.
I would only agree with MS taking the money if it meant that they were going to put it DIRECTLY into security R&D to patch up their holes.
That being said...DAMN THE MAN!!!!
Microsoft's legal juggernaut vs. spambot Windows installs and Hotmail accounts. Either way, Microsoft wins, with Gates looking like our benevolent protector! That guy really is a genius.
--
make install -not war
"barely literate in English"
--
make install -not war
Everybody knows they wear white hats, not red ones.
[UID-HeinzIntel]
i.e. all the owned Windows machines that are used to send the spam?
No. We remain as vulnerable as before, MS is going to pass the bill of their lawyers to the people foolish enough to buy stuff from them for the "favour" (ok, wake me up when we see the dent in their profits due to litigation costs).
So instead of providing a technical solution to the problem (like sitting down in a comitee to create a new, secure, email standard) they fo in SCO mode (i.e. legal battling).
Give all the kudos you wish. The problem is still there, MS is wasting its money, the bill will be duly passed to MS customers.
IANAL but write like a drunk one.
I think ISPs should share more of the blame. A computer that doesn't connect to a network, and only one user doesn't really need that security. M$ started and grew in the personal computer industry with MSDOS- not networked, multiuser computers. AOL (which is getting better at security awareness) Earthlink and other ISP should be more involved
http://en.wikipedia.org/wiki/Signature_bloc
If you write the complaint properly, you can avoid the money from the case being discharged in bankruptcy.
Fight Spammers!
Those types of battles are usually short lived, especially in the corporate world but in the meantime; "The enemy of my enemy is my friend."
I still can't get the screen shots of Castle Wolfenstein for the Apple IIe out of my head.
will a post stating that security can defeat an attacker be mod'ed as "flamebait".
Where are the news? We already knew that Microsoft doesn't like competition.
(i'm just kidding, not trolling. laugh.)
42.
It mentions Microsoft, and then mentions "the scum that are ruining the Net for the rest of us", as if those were two separate entities. Huh?
(In analyzing their motivations, please keep in mind that Gates does not have a warm feeling for your inbox. He has a big ol' stiff one for your WALLET. This War On Spam shit wouldn't even come up if it weren't part of the larger World Domination program.)
There are two different mechanisms that this approach uses. One is that many of the scammers run on free or cheap web pages with monthly traffic quotas, so if you burn their quota they're out of business. Another is that many sites charge for bandwidth based on 95th percentile usage, so if everybody gangs up on them for 5% of a month (about a day and a half) you can jack up their bill and then move on to the next target. It's especially effective for the few scammers who are actually running their websites in Nigeria, since that's mostly expensive satellite bandwidth, but they're more likely to be in some random European or Chinese web hosting farm.
Obviously it's only useful to run if you've got a network connection that doesn't have monthly bandwidth quotas of your own, because you don't want to slashdot yourself, but most US cable modem and DSL services don't. (Now if we could only get the Koreans to run this stuff :-)
A technical comment on AA419 - it's not very efficient, because it's simply using a browser to display the illustrations. That's fun to watch, but burns a lot of CPU, so if you're running the various SETI@Home types of CPU sinks, they won't get any work done. It would be really simple to build a shell script that loops wget>/dev/null requests (with caching turned off) which doesn't waste time displaying the targets. On the other hand, using the current site is a no-brainer for times that you're not busy.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
All you need is a few lawyers to file these lawsuits and one or two supervise them all. It's anyone's guess how large Microsoft's legal department is, but between in-house counsel/staff and the all attorneys working for law firms hired by Microsoft to represent them in their never ending litigation, I doubt anyone is working overtime.
As for the cost, most likely it's a drop in the bucket when compared to what's already been spent or is being spent on antitrust cases. Whatever the cost, the bankers are used to it, the shareholders are used to it, as so is everyone else. And when one considers the PR value of these lawsuits, I doubt anyone would raise an eyebrow if real money was at stake.
Also, do the spammers pound a site with multiple requests from the same referrer, or do they do requests for lots of sites (e.g. Search Engine Optimizer scammers doing this as a business?
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I tried to contact Spamhaus about one of their ROKSO listings. I've been trying to give them *correct* and *up to date* information that they do not have on file, but I cannot seem to get anyone to respond to me.
If people are going to use SPEWS/Spamhaus/etc to dunk spammers, shouldn't the RBL maintainers take some responsibility to make sure that the information is accurate?
Lawsuits are one thing, but making sure you're nailing the *right* people is another thing.
Reports show that Gates began his all-out assault after receiving 10,000 emails advertising enlargement of certain organs found in male humans. This reportedly outraged Gates, who believes that his organs are already the maximum size allowed under Washington law.
In other words, how do you intend to stop me from installing something (a porn dialer, screensaver, shareware app, or whatever) that, as well as its legitimate function, makes my PC part of a botnet, without preventing me from installing software at all?
True, 100% prevention is probably impossible, but ISPs do monitor their customer's net usage. It shouldn't be too difficult to detect zombie machines. They should then cut the machine off the net, call the owner, tell them that starting N hours ago their machine became a zombie, and help them fix it. Do that often enough, and publicize it, and perhaps the average user will be more careful in the future.
Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
Filters and Lawsuits hit different ends of the spammer market. Lawsuits aren't very useful against the little spammers - it's a whack-a-mole game, where any spammer you bankrupt has two or three more following in his footsteps. They're much more effective against the big spammers - Spamhaus estimates that 200 spammers put out 80% of the spam, and putting any of them out of business can make a big dent - and most of them are based in the US, where you can sue them, even if their infrastructure is mostly in China or Zombieland. The nice thing about whack-a-mole lawsuits is that they're usually easy to win - you don't make any money off of it, because most of them aren't making much money compared to the amount they're costing the Internet as a whole, but if you've got a collection of 200 heads nailed up on your office's front gate, it starts to get their attention.
Exchange, Outlook, and Outlook Express do get spam filter technology added to them - it makes the users happy, and if it implements spam-reporting capabilities well, it can help the ISP side of MS improve their filters. But the main filtering happens at the ISP level, because that's what most customers want.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
They'd take care of the retards over at http://www.cryptic.net/.
What does he do? Just curious.
Phishers, on the other hand, can operate from anywhere; they're popularly blamed on Russian Mafia, but I haven't seen any real statistics. But until banks start running SPF or similar protocols that make it easy to filter out forgeries, phishing won't go away that fast. Banks and credit card companies also need to start running stings on phishers - things like setting up dummy accounts that instantly flag anyone who accesses them, sending this information to the phisher's traps, and then nailing them when they try to get them money.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us.
I thought it was Microsoft that is ruining the net for the rest of is. Isn't it Microsoft that created the spam industry?
Have you got your LWN subscription yet?
Back in 2002 I decided to change my email address to [insert real username]@microsoft.com and then post to usenet so that Microsoft employees got spammed. Microsoft gets annoyed and spammers get sued - It's a win-win situation.
That doesn't mean that most ISPs shouldn't try to detect and reduce most of their zombie and spammer problems - one reason I don't use cable modems is that they're mostly cluelessly fascist about not letting you run arbitrary servers. There are cable and DSL ISPs that have a policy that by default you can't run Port 25 and maybe a couple of popular MS Windows ports unless you fill out a form saying that you want to enable it (with a Turing-Test Captcha on the form so zombies can't enable it for you), and that's really just fine, because you've got a choice if you want it, but you're less of a security risk if you don't.
Got any spare CDs of Easy To Use Removal Software you'd recommend? (Knoppix doesn't count :-) Once a machine gets infected, if it doesn't have a Decent Operating System on it, the malware can infect almost everything, in ways that are often hard to detect. McAfee and Symantec anti-virus software are a good start, and reinstalling your OS and any applications from scratch from CD-ROM helps, but sometimes you just can't tell what's infected. A lot of people could do just fine running Knoppix instead of Windows, which is a lot more secure not only because it's Unix but because the executables are on a read-only medium, but that doesn't support kids who want to run the latest games, and obviously Microsoft doesn't want most people doing that so they'll keep coming out with new Office features or whatever.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Just want to hear Gates standing over some spammer and ask "You've got to ask yourself one question: 'Do I feel lucky?' Well, do ya spammer?"
"You don't assign him to spammer cases, You just turn him loose." "William Henry Gates the Third. He doesn't break spammer cases. He smashes them."
"I know what you're thinking. Did he assign six lawyers or only five? Well, to tell you the truth, in all this excitement, I've kinda lost track myself. But being as this is Microsoft's legal department, the most powerful legal entity in the world, and would sue your head clean off, you've got to ask yourself one question: 'Do I feel lucky?' Well, do ya spammer?"
And just how many spammers are there out there right now?
What do you have to fear more? Being sued by Bill Gates for spamming, or the **AA for file sharing?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Ever since Microsoft started this campaign against spammers, we haven't seen a reduction in the 100,000+ spam messages we get on our mail server.
This is like the lawsuits they launch against people who pirate Windows. Horribly, horribly ineffective.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Can you say 'PR fun'? That's exactly why they're doing this. SO that they can say 'we help keep your inbox clean!'
Show this to your friends and family that don't know what a real hacker is
But your college's system still gets hit by 20+ spam messages to your mailbox a day. Not to mention the 20+ per the majority of other addresses on that system, and the 2000+ that the computing center filtered out before it hit your mailboxes, and the 200000+ dictionary attacks, ...
Just because you're not at that address anymore doesn't mean the spammers will stop pounding at the door.
If it was Apple or Red Hat going after the scammers, they would be receiving praise. But when it's Microsoft, they still get bashed.
Microsoft could create world peace and solve world hunger and you guys would still hate them. Faggots.
I did this and :
While it helps alot, it doesnt work.
I now get 5 spam messages a day (and increasingly more) on an account that was strictly "Friends only". I do have this account for over 7 years now, so 5 messages a day is not that bad, but still, and whats really worrying me it that's slowly increasing. (Up from 2 messages/day a year ago.)
Reason : Some non-geek friends that fall for some social network scam (sms.ac, hi5.com, etc) and people who forward every stupid chainmail of the net.
So I guess, whatever I do, eventually the adress will fall into spammers hands.
Having said that, my university's account is still spam-free since 6 years, but I think that they run a spam-filter, so I dont know if it's really spam-free or not. (AND I use my university's account only for university related friends, most of whom are in CS.)
I have discovered a truly remarkable proof for my post which this sig is too small to contain.
Of course, they could just be giving their IP lawyers warm-up practice for when they sue the leaders of the Linux community for sudo, and all of their other random patents.
It's kinda hard to know with Mr. G.
OS Software is like love: The best way to make it grow is to give it away.
Referrer log spammers should be obvious from my ability to move, and does not want to do.
Because i decided to have a child, and here you are a part of the internet. Referrer log spammers should be sued too. Cosmology is the long bone in the web log analysis.
the real answer is for people not to respond to spam...if there was no profit, it would not attract so many folks...outlawing drugs hasn't stopped drug use...prosecuting spammers will just make the remaining few more powerful...folks need to be edumacated :-)
You know who really deserves the thanks for this. Yep, its you. All you guys who signed up for all kinds of spam and dubious web based offers using every possible permutation of bill, william, gates, msn, hotmail, and microsoft.com. I heard that he had to hire a staff full time to sift through tens of thousands of emails to try to pick out the actual business communications. And then out of sheer desperation he signed up for an AOL account.
Liberals call everyone Nazis yet they are the closest thing to it.
Yes this is horribly pedantic, but can't the editors at least abide by this one page from Strunk & White?
i.e. Gates's, not Gates'
Democracy is two wolves and a sheep voting on lunch.
Brandioch, actually, I've got the spams and the admin replies to demonstrate, that Linux (and BSD) systems aren't immune. The big culprit since about November has been PHP mailform scripts, and I've seen quite a few of these sites acknowledged and wiped off systems by their administrators. Many at hosting sites.
Yes, it's apparently proxies or dedicated "bulletproof" hosting systems that are the primary sources. but Linux isn't a silver bullet. Oh, and PHP has its share of problems. awstats p0wned, anywone?
What part of "gestalt" don't you understand?
or is it just a smokescreen... has actually fixing the vulnerabilities in windows become so difficult that gates/m$ have to go out and make examples of people who harass users...
Get your torrents...
Linux isn't perfect. And in your example, a stupid admin can install a service such as PHP mailforms without securing it correctly.
But, by default, those aren't installed/enabled.
He Schutze, He Scores!
Well, considering that Microsoft's CEO is in fact, the most spammed person on the internet , it would be pertinent to say that eliminating spammers would be in the company's best interest.
"Those who think they know everything are of great annoyance to those of us who do." - Isaac Asimov
Yes (as I was explaining to the school LAN admin yesterday afternoon), I can deliver a perfectly insecure GNU/Linux box. Yes, GNU/Linux is inherently much more securable than legacy MS Windows.
That wasn't the point. You made an unsubstantiated claim that no spam is being sent from GNU/Linux boxes. I've seen plenty that was. I've seen boxes run by generally paranoid admins hacked. You're far more credible when you stick to the truth, Brandioch. Temper your enthusiasm. It sells better.
The OS alone doesn't guarantee security. GNU/Linux boxes are used in various attacks. Easy-to-find and widely deployed (on fat pipes no less) PHP holes all the moreso. Keep up on your security bulletins and site updates, monitor your logs, run an IDS, scan your perimiter, check your traffic, read your abuse mail. You'll be ahead of the game.
(aptitude|urpmi|yum|yast) install security isn't sufficient by itself. Stop selling that myth.
What part of "gestalt" don't you understand?
If someone sets up a Linux box and installs software that allows an open relay, that box has not been cracked.I think I'll just stick to the facts, if that's all right with you.
So, dispute my claim with a fact. Show me a cracked Linux box spewing spam.
Not one configured by the admin to be an open relay. Not one where the admin installed software that was configured as an open relay. No open relays need be mentioned.
If you handle the mail yourself, that shouldn't be too hard to do. All you have to do is check the spam that didn't come through a relay and find a Linux box that isn't legitimately owned by a spammer.
I'll give you a week.
If you can exploit a box without gaining root, why bother gaining root. Matters little to me how a box is being utilized, rather more that it is. The distinction is a red herring. If someone's using your system in an unauthorized manner, it's effectively exploited, root or no root (yes, there are different implications, you and I both know that, stick to the point).
That said, I've seen Linux boxes cracked, and I've seen 'em spamming. I'm generally not tracking which is what, but reporting on spam. If you're so keen on finding 'sploited Linux boxes, you can search news.admin.net-abuse.email on my email address, find my reports, and query the IPs yourself to find out what they're running and whether you think they're cracked. That's your question, I'm not your consulting department. Fresh crop of ~250 hosts posted daily.
And that said, http://www.123stereo.com/ turned up serving a PayPal phish Aprl 6. It's already been cleaned. But that would be a PHP site which was conned into loading and serving pages. Couldn't tell you it was cracked for certain, but it smells like it. No, not spamming, but that's just what I saw. Satisfied?
Anyway, turnabout's fair play: prove to me that no compromised Linux boxes are spewing spam. You've got a week.
What part of "gestalt" don't you understand?
Therefore, you lose.
Too bad. All you would have had to have done to show that you were right is to reference a Linux box that was cracked and spewing spam.
Bullox, Brandy.
A single counterexampe will suffice. I gave you my datasource. You've got nmap -O. Start tracking. Or pay me for my time.
What part of "gestalt" don't you understand?