Slashdot Mirror
Gates' Resolve in Bringing Spammers to Justice
An anonymous reader writes "It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us. Unless that company is Microsoft. Since the beginning of 2003, Microsoft has filed 96 lawsuits against spammers, and 119 lawsuits against phishers. By any measure, 215 lawsuits constitutes a legal juggernaut. "
Wow - Microsoft/Gates usually gets a bad rap on /., but
kudos to them for going after the
scumbags
of the Internet. Another group I find annoying is the folks
who do
referrer
log spamming. Even though I don't publish those log stats (so their
efforts are to naught), they continue to send their stupid traffic
and it's a bit annoying to see in the web log analysis.
Hulk SMASH Celiac Disease
Don't you realize that every time you say something nice about Microsoft, Bill and Melinda dine on one of those Indian babies they've "saved" from HIV? How to serve man, indeed!
In all seriousness, the spam epidemic is actually caused by a relatively tiny number of people, so it would seem that this is a workable strategy - but the cause will just be taken up by people outside of our jurisdiction (Russians, mostly.)
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
How exactly would you suggest that they improve their software to prevent spam and phishing?
Sometimes a little stick can be a good thing...
Here's what I do: Bitty Browser & Andromeda
All the big ISPs have been after spammers for quite a while now. I believe that AOL is owed a few million by that bankrupt spammer who featured in another /. story quite recently.
Strange: If any one company out there has the install base to actually do something technical about spam, it's Microsoft, yet they'd rather sue than improve their product.
I'm surprised ISP's aren't filing hundreds of lawsuits. They claim their servers are so overworked by all the spam, but they aren't doing anything effective about it (legally or technically).
Reducing Spam makes people use MS computers (and Exchange) more (as opposed to the alternatives).
:)
- Investing in spam filter technology reduces spam.
- Sueing spammers also reduces spam.
The optimal strategy will be to persue both strategies till they yield the same rate of spam reduction.
And that rate should be determined by whatever they think they earn on spam reduction.
My bet is that someone at MS has done the math.
And it keeps their lawyers sharp, who knows how and when that will come in handy
...probably just got tired of getting spam and 419ers in his Hotmail inbox / Outlook Express. So instead of developing better filters, he decided to take them out.
Someone might as well invite BillG to Gmail already.
In any battle, technology is only a small bit of it. Policy is an area that is far more important than technology in most situations, even when you don't know it. Would you rather they sit on their hands and let the spammers continue to ruin the internet?
I don't see you taking an active step to stop spammers other than maybe a little filtering and deletion here and there.
Help Brendan pay off his student loans
Can Slashdot ever accept the fact that Microsoft can do some good? I'd be willing to bet that 30% of the comments on this article will be "OMG MICRO$OFT IS GOOD?!". Accept the fact that they really can do good things and shut with the Microsoft bashing.
.
Sure, there will be spammers who think they can evade folks like Kornblum, Spitzer, and Abbott. But for every one of them, there will be others who--when they see what happened to Scott Richter as a result of Gates' resolve--hopefully will realize that spamming and phishing are bad career choices.
So the 'script kiddie spammers' drop out and the smart spammers take over, making even more money. It's supply and demand, and apparently there is demand for SPAM from this small-penised, high-mortgage, porn-searching world.
The next step is improving their software and improving the security on their platform. Just keeping regular security updates is good. Hopefully they will continue with their Anti-Spyware tool which isn't bad.
If there's one place Microsoft should feel right at home, it's in court. . .
The only acceptable defense of scientific results is to say that they were the product of the Scientific Method.
I know it's very hard for some of you people to get over your silly fanboy-ish attitude, but when MS does something good, why not praise them. Yes, they have bad business practices. Doesn't mean you have have crap on their image every single time.
This is somewhat like P2P. They might not be able to get whomever is joining these spamming companies for work, but it would certainly discourage people from getting jobs in these places. I think just that would prove a significant blow to these places.
My two cents.
Do notice that MS isn't suing virus writers. In fact, didn't they just forgive a huge amount against a virus writer in exchange of community service??
No boom today. Boom tomorrow. There's always a boom tomorrow. - Cmdr. Susan Ivanova
But.... what will we talk about then?? Star Wars isn't out yet, and Linus can't release a new kernel every few hours. We NEED MS bashing to keep our over-active/over-worked minds finely-tuned.
No boom today. Boom tomorrow. There's always a boom tomorrow. - Cmdr. Susan Ivanova
All joking aside, we have long considered Micro$oft an evil corporation. Sure on the side Bill Gate$ donates a lot of money, mostly to create little Micro$oft $chools that will plaster the logo all over the place and burn it into little growing consumers heads.
With all the evil they have done, is there any way that they could do enough good for the evil to be forgotten, or at least to break even thus making them a "Corporation" not an "Evil Corporation"?
Sure this is a start, but it is done more to protect themselves and their products than it is to better the lives of consumers. Suing spammers is just a way to hopefully get hotmail back to a point where you can actually use it.
This sig has been removed pending an investigation.
Why does no one (big company or university) sue the ISPs that let own3d boxez and zombies connect and stay connected? if the ISPs looked for the zombis and told those users how to be good "netizens", and offered a CD of EASY TO USE removal software, the spam problem would disappear over night, without bots, no one could send 100,000,000 emails per day.
You may be talking about this:
He's still got time, then.
That means that spammers have continued to be able to fake the headers out, and it makes it harder to filter off the spam (particularly on the send side of email- in other words, stopping spam enter the internet in the first place).
So, Microsoft have taken the decision to fund lawyers, rather than fund technology that is likely to massively reduce spam; Microsoft have sided with a bunch of lawyers.
-WolfWithoutAClause
"Gravity is only a theory, not a fact!""Linus can't release a new kernel every few hours"
Sounds like a wager to me.
-Linus.
While it may be de rigueur here on /. to bash Microsoft, sometimes one has to put the tinfoil hat away and commend them for doing something good.
Sure, you can pull out some commercial motive behind this act, but hey, so what? When they annouce their fantastic new anti spam OS, we can bash them here, but if these lawsuits do help in reducing Spam, then hooray for MS!
Apropos, I remember reading that billg@microsoft.com gets one million messages every day, 98% of which is Spam. I suppose he just got plain old PISSED OFF!!
Preventing zombie machines, maybe?
If they become the unofficial police of the internet, they will be first in line to be the official ones, when government (with a little help from microsoft) decides that such a body should exist.
Open Source servers don't implement crypto-signed email headers, so spammers continue to use those servers to send spam.
/. culture was that anti-MS.
And you manage to blame this Open Source failure on Microsoft?
I didn't know the
Where are the supposed "good guys"?
I realize the OSS community is doing things with their software to try and defeat spammers and phishers, but let's face it, legal action is the only real course of action to stop these guys (or at least whittle down their numbers).
Phishers and spammers will always find ways around filters, no matter what intelligence is brought to bear with new algorithms. New mail protocols would help, but we are hopelessly mired in a standard that will take a miracle to topple at this point (perhaps some new multi-media e-mail standard?). People won't buy into an e-mail system other than SMTP/POP unless it brings something significant to the table, and is as simple and easy to use.
The OSS community has for-profit companies out there... why aren't they flexing their muscle to help stop these scammers? Microsoft is at least doing something... and it demonstrates exactly what a big corporation like that can do when that lkind of capital is directed at doing something worthwhile.
I think in the fervor to attack the supposed "evil monolith" people here tag as "Micro$oft", they forget exactly how much Gates, his company, and his employees donate to good causes around the world.
1. Change your email address.
2. Never give it away except to established websites (Amazon, etc) that require it and to friends/family.
I abandoned my old college 20-spam-a-day email address after graduating. Since switching and then following these two policies, I have received only 1 spam message in the past 7 months.
no argument its a good start , however it would be nice if they would
.. .couples this with some basic computer security knowlidge(dont open LOVEYOU.jpg.VIRUS.WORM) and i assure you it would reduce spam far more in one year than 10 years of legal action
1: make sure active X is patched to make it far more secure.(killing it would be nice , but wont hapen for a while due to a hell of alot of websites using controlls)
2: make sure each user knows that they should not be running as an admin all the time and allow them an easy way to become and admin for installs etc
3: a large list of phising techniques and how they spoof browsers is easily avaliable and could be use to create a few fixes (all browser makers should do this).
In my mind the only way to stop spam properly is education , people need to learn to not accept it and not to buy from it
The only things certain in war are Propaganda and Death. You can never be sure which is which though
They're damned if they do, and damned if they don't.
/. where no Microsoft action (good or bad) goes unpunished.
If they sued them, people would yell David and Goliath. If they let them go, people say they're not helping the community.
This is
My Tech Posts on Twitter
... as long as spammers believe that there is money to be made by spamming. And that means that spamming will continue as long as email is so cheap to send and as long as there are sufficiently many dimwits who respond to spam. And there doesn't have to be very many such dimwits. You can sue as many spammers as you like; as long as there is money to be made, new spammers will appear in their place. The only irreplaceable part of the equation is the low cost of email compared to the money to be made even from a very low response rate.
I don't know what the typical response rates for spam are, but even if one in a thousand or ten thousand recipients is an idiot who answers the spam and sends money, or even one in a million, then it's worth it to spam, because the cost of sending a thousand or ten thousand or even a million emails is nearly nothing. At any rate, it can easily be much less than what spammers charge for their product.
One conceivable alternative is to make it more expensive to send email. If there were some way to establish "postage" for email, then even infintesimal costs for sending email, say 1/100th of a cent per email, would probably be effective, because then spammers would lose money by sending a million spams. But I can't see how such a system could be enforced, and I doubt that most people would go along with it, even if the costs for normal email use is very low.
I also doubt that any amount of education or cajoling could reduce that rate of idiots in the general public to less than one in a thousand, certainly not less than one in a million. Putting all these thoughts together, I come to the depressing conclusion that we will never, ever be able to make spam go away, no matter what we do.
Always keep a sapphire in your mind
By any measure, 215 lawsuits constitutes a legal juggernaut.
I guess you've never heard of a little group known as the RIAA.
"3: a large list of phising techniques and how they spoof browsers is easily avaliable and could be use to create a few fixes (all browser makers should do this). .."
A better way would be to turn OFF HTML in email by default. Most of the phishing scams as well as spams I have recieved have goofy lines of trash text to fool the spam checkers. I always thought it was stupid to use HTML email anyway.
B.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
I'm glad to see that somebody is going after these theives. Now, if only law enforcement agencies would press criminal charges against them, and help ordinary people out the way they do for corporations, we'd be all set.
"Do I dare disturb the universe?"
1> Load a _secure_ version of Windows. No RPC, no running services, default firewall with both inbound and outbound traffic blocked, proper ACLs applied to the filesystem.
2> Disable HTML email completely. Remove the ability to send/recieve HTML email from Outlook and Outlook Express.
3> Secure IE and make it standards complaint. Securing IE includes removing ActiveX.
Do this in the next SP for Win2K and XP as well.
That will remove a lot of the holes exploited by spammers to get zombies from which to spam/phish.
I can throw myself at the ground, and miss.
ActiveX is insecure by design. They have done about all they can do, without remaking it in a different language (like Java) with a real security model.
For every expert, there is an equal and opposite expert. - Arthur C. Clarke
Usually the damages awarded are beyond the paying capacity of the spammers and phishers.
Microsoft will never see any money from this Scum bags.
With the legal costs involved Microsoft is losing money.
And leave it to some people to term all good actions as PR moves.
1. To the general public it looks as if they are solving the issue, where we know here that most spam is send by proxy on Wintendo machines.
2. By solving it this way they do not have to solve the technical unsafety.
3. If they win they make money out of the spammers.
Now if I were Microsoft, I would just start suing everybody. As long as you see that the case will be more expensive then what they can afford, people will settle out of court. Where you took Joe "the bonecracker" Seipacchetti to meetings to 'convince' people of the advantages of insurence, you now just take a lawer with you, take their money and don't even bother about delivering anything.
As long as 'suing till they are broke' is possible, I fail to see justice. Sorry. No matter how much I hate spam, I hate justice by money even more.
Don't fight for your country, if your country does not fight for you.
I don't know for you but for some reason
MS suing the spammers reminds me of
that MS vs. the Borg skit.
Difference it that I don't know if I should cheer for either side. (both are still evil)
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
Robbing banks is VERY lucrative.
Yet your corner bank isn't robbed every day (or week or month or year).
There might be strong incentive to send spam and make lots of money, but the spam still has to go out on technological avenues. All you have to do is to identify those and limit their effectiveness.
#1. Zombies.
#2. Open Relays.
#3. Individual email accounts (30 day AOL free!)
#4. Sites owned by the spammer.
If you look at it that way, you'll see why MULTIPLE measures are needed. What will work against zombies will NOT work against Individual email accounts.
If you deal with the tech, then the incentive won't matter because there won't be any way to implement it.
Since this is about Microsoft's involvment, I'll focus on what they could do.
#1. Zombies. Microsoft announces a partnership with the ISP's and those ISP's block outgoing port 25 on their home connections. Microsoft offsets the cost of this with a couple $$Million$$ to each ISP for hardware upgrades and support calls. Anyone who needs port 25 access (people who work from home and don't have systems setup to handle it) can call and have enabled for their address.
#2. Open Relays. Microsoft forms a partnership with spamhaus, spamcop, etc to mirror the open relay databases of those people. Since Microsoft also has Hotmail and MSN, Microsoft is in a great position to identify new open relays and add them to the list as they are abused.
#3. Individual email accounts. Not much that Microsoft needs to do here. All the ISP's need to do is to limit the outgoing email to 10 unique connections per minute.
#4. Spammer sites. Again, Microsoft helps by hosting a mirror of the blacklists.
There, the spam problem is down to a tiny fraction of what it was. The spammers might still WANT to send spam, but HOW are they going to do it?
#5. The chance of getting caught. Just try this little experiment. Call you local police station (not via 911 or any emergency number) and do the following test:
1. Tell them you are a bank and are being robbed
2. Tell them you are an individual and are being robbed
3. tell them you are a person and are being scammed
4. Tell them you are a person and are being spammed
I am sure that with the last one most of the time you are asked to get lost. When number 3 and 4 come together, it mostly ends with "Sorry, they are in another city/state/country/mindset.
It should be governement who should be going after the spammers, not companies or individuals, Now in the worst case what can happen is that they say: OK, we will not spam hotmail/msn anymore. Settle out of count and go on with business.
Don't fight for your country, if your country does not fight for you.
They key to solving spam is to move away from it. Email has been out quite a long time, and has greatly helped to increase communication in the world. But as many, including Don Knuth, have stated, it's time for email to die its timely death. There are many more capable tools out there, which serve for faster and more reliable communication, without being subject to the extreme abuse of email. I realize that the odds of people quitting email is low, but all legacy systems fade eventually.
Microsoft Sucks, F/OSS Rocks. I get mod points now right?
Is Gates going after spammers per se, or going after competition They still sell out their Hotmail and MSN mailing lists to interested advertisers, don't they?
i know right? i love slashdot but people need to stop obessesing about hating microsoft. The whole "create software to stop spam" idea sounds awfully familiar to microsoft's initiative to get Sender ID accepted across major ISP, which could help stop spam at the software level. unfortunately they haven't had the best support with it from other ISPs.
in case you couldn't figure it out its not as simple as writing some software and flipping a switch to start protecting everyone's email inbox. it takes a very long time to convert all the ISPs and millions of email users to a new type of email authentication.
seems to me like microsoft is taking steps on the legal front and the software front to stop spam. no one else is really doing much, or at least not close to what microsoft is doing. stop being so biased and accept the fact that the company you might hate is doing you and the world a big favor by spending a lot of money it doesn't have to.
-mr silver
This is just another PR move by MS. It makes them look good to non-geeks while all of us techies know what's really going on. A bunch of lawsuits aren't going to stop the spread of spam of virii. Sure they may punish the big-bad-wolves of the industry, which is a good thing. But the money won from the defendants (if any) of a lawsuit should go to something like the w3c or the ieee for research and implementation of standards that will serve to prevent spam and the like from being the norm anymore.
I would only agree with MS taking the money if it meant that they were going to put it DIRECTLY into security R&D to patch up their holes.
That being said...DAMN THE MAN!!!!
All you need is a few lawyers to file these lawsuits and one or two supervise them all. It's anyone's guess how large Microsoft's legal department is, but between in-house counsel/staff and the all attorneys working for law firms hired by Microsoft to represent them in their never ending litigation, I doubt anyone is working overtime.
As for the cost, most likely it's a drop in the bucket when compared to what's already been spent or is being spent on antitrust cases. Whatever the cost, the bankers are used to it, the shareholders are used to it, as so is everyone else. And when one considers the PR value of these lawsuits, I doubt anyone would raise an eyebrow if real money was at stake.
Filters and Lawsuits hit different ends of the spammer market. Lawsuits aren't very useful against the little spammers - it's a whack-a-mole game, where any spammer you bankrupt has two or three more following in his footsteps. They're much more effective against the big spammers - Spamhaus estimates that 200 spammers put out 80% of the spam, and putting any of them out of business can make a big dent - and most of them are based in the US, where you can sue them, even if their infrastructure is mostly in China or Zombieland. The nice thing about whack-a-mole lawsuits is that they're usually easy to win - you don't make any money off of it, because most of them aren't making much money compared to the amount they're costing the Internet as a whole, but if you've got a collection of 200 heads nailed up on your office's front gate, it starts to get their attention.
Exchange, Outlook, and Outlook Express do get spam filter technology added to them - it makes the users happy, and if it implements spam-reporting capabilities well, it can help the ISP side of MS improve their filters. But the main filtering happens at the ISP level, because that's what most customers want.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It didn't seem to me like any single company had the stomach to keep after the scum that are ruining the Net for the rest of us.
I thought it was Microsoft that is ruining the net for the rest of is. Isn't it Microsoft that created the spam industry?
Have you got your LWN subscription yet?
Back in 2002 I decided to change my email address to [insert real username]@microsoft.com and then post to usenet so that Microsoft employees got spammed. Microsoft gets annoyed and spammers get sued - It's a win-win situation.
Just want to hear Gates standing over some spammer and ask "You've got to ask yourself one question: 'Do I feel lucky?' Well, do ya spammer?"
"You don't assign him to spammer cases, You just turn him loose." "William Henry Gates the Third. He doesn't break spammer cases. He smashes them."
"I know what you're thinking. Did he assign six lawyers or only five? Well, to tell you the truth, in all this excitement, I've kinda lost track myself. But being as this is Microsoft's legal department, the most powerful legal entity in the world, and would sue your head clean off, you've got to ask yourself one question: 'Do I feel lucky?' Well, do ya spammer?"