Slashdot Mirror
NY Times On Spam Zombies
A discreetly valorous slashdotter writes "The NY Times is featuring a story about the growing armies of spam zombies. It focuses on New Jersey teen spammer Jasmine Singh. Choice quote: 'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'"
"A discreetly valorous slashdotter writes"
From dictionary.com: valorous - Marked by or possessing great personal bravery; valiant
From the same: discreetly - Marked by, exercising, or showing prudence and wise self-restraint in speech and behavior; circumspect.
Meaning an anonymous coward?
Don't you love sales/marketing speak?
May be we should call this section It is what Indian Technology is.
Hey, you forgot the obligatory, "first born child required for access" - this is the NYT we're talking about, so the link goes to a sign-up screen if you haven't registered.
How disappointing. One of the few things I look forward to on slashdot are how creative the posters can be with maligning the NYT's registration process. Don't let me down!
"Hacking in its pure form is to show what you can do.'"
;-)
Alright then, given enough time, you can do anything, so there is no need to try.
ISP's should be held accountable if their users are using windows and using no firewalls.
If ISP's were to be fined then you would see change.
But they aren't so who cares, right .
Hacking in its purest form is showing how you can go to jail. :-)
Woohoo right on I agree
Today, a pure form of hacking would be to read the article without actually being a registered user.
Crunch!
Username: loser1234
Password: loser123
Yup...Sure do...
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
bugmenot.com will give you passwords to use to get around lame registration requirements
In one recent case, a small British online payment processing company, Protx, was shut down after being bombarded in a zombie attack and warned that problems would continue unless a $10,000 payment was made, the company said. It is not known whether the authorities ever arrested anyone in that case.
Where would they send the money? This is like a kidnapping scheme. There is far too much involved when you actually want something back from the person you commit the crime against. You would think they would be easier to catch.
"Scientists don't change their minds, they just die." -- Max Planck
'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'
Oh, good. So she'll be delighted when law enforcement shows her what they can do.....
--
As a matter of fact, I am a lawyer. But I play an actor on TV.
Get your own machines and challenge your friends to break in and hope they reciprocate.
For a summer's worth of lawnmowing money, you should be able to buy a decent system, load it up with virtual machines courtesy of the latest Linux kernel, and "let the games begin."
Mess with my box and if I'm feeling generous you'll just have the FBI breathing down your neck for computer trespass. If I'm not in a good mood, well, let's just say my lawyers have advised me not to make threats in a public forum.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
click here
was how much money there is to be made in selling sports jerseys
the rest of the article, technology-wise, is boilerplate: it should be obvious to any typical slashdotter what zombie computers are, how they are made, and how they are used
perhaps what this article should mean to the average slashdotter then is that awareness of zombie computers has moved into popular culture
that, and that there's a lot of money to be made in sports jerseys
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Would Slashdot please quit posting stories
that you have to register for to read.
Thank You.
And to think, all they wanted was a little J-lo booty.
George A. Romero's Internet of the Dead
Cracking is about breaking into a system. It might require some hacking, but it can also be done by script kiddies.
http://www.nytimes.com.nyud.net:8090/auth/login?US ERID=loser1234&PASSWORD=loser123&URI=http://www.ny times.com/2005/06/24/technology/24zombie.html
Uncheck "remember me", press login.
but I don't think they really got to the real news here. The article doesn't mention how users can protect themselves at all. And it only focuses on the one case, when I think there could have been bigger name cases that would display the same message better. Is this article going to make the average user care at all, not in my opinion. The underlying theme I got from the article is that hackers are these crafty people who are sneaking onto your system, not something you can stop *coughfirewallscough*. Ok, maybe not ever totally stop, but slow down. My windows machine (only for games, I swear) has been clean (cept for Windows) for a month now, behind a hardware firewall (linux Fedora core 3) and a software (Zone Alarm). Just my two cents.
--Snarky
Want to find other gamers to play board and role playing game
Okay, so this teen treats crackery like it was a sport. To show his or her proverbial "balls", as it were. This would be a prefect opportunity for some older, social-concious geeks to get together and set up a crackery league for these youth. Let them perform their crackery against each other. Each youth could set up a system, and then they would go head-to-head to crack the other youth's system. Indeed, it would be an intellectual junior soccer- or baseball-style league.
Cyric Zndovzny at your service.
Sonofabitch! I didn't know that this Jasmine was actually a boy. Shit! It's no wonder he has to resort to crackery in order to get his shits and giggles. The real boys playing baseball and football would kick his lily ass just because he has such a pansy name.
Cyric Zndovzny at your service.
Slashdot forgot to add their regular hyperbole, which them seem to love to do the past few months.
I'll second that. For a minute there I thought I missed something. WTF does spamming have to do with cracking? He/she thins that spamming is impressive?
A new term is needed, that is somewhat between hacking and cracking.
Crackery is about putting your skills and knowledge to the test by breaking into a system.
Cyric Zndovzny at your service.
It would in a way be like Scouts for geeks. Instead of learning how to start fires and whittle wood, the older geeks would mentor their scout group in acts of benevolent computer use. They would suggest to the youth the use of programming achievement, rather than crackery, to obtain a sense of self worth. That's more beneficial than locking these youth up in prison.
Cyric Zndovzny at your service.
http://www.nytimes.com/2005/06/24/technology/24zom bie.html?ex=1277265600&en=c0038edb3d1a97cf&ei=5088 &partner=rssnyt&emc=rss
:D
Courtesy of Technology Review (did you know ALL NYTimes stories can be read from tech review for free?
Could this open some eyes and increase interest in alternative (Linux, Mac) offerings?
Kindly shut the fuck up. You're being just as retarded as the shitbag poof of a script kiddie in the article.
'crackery' again.
The Kruger Dunning explains most post on
Indeed. I am very interested, I've heard a lot about Linux and I want to run it as an alternative to Windows to stop me becoming a zombie.
/mount and then it tells me "Permission denied" ? Why is only half my memory being recognized ?
I'll just toddle off and download a distro. doodadoodadoo..
Oh my. What is this ? I have to fiddle around with a bootloader ? Compile the Kernel ? Configure X ? Download and install 20000 different extra files that are needed to install the thing I actually want? And what is this KDE thing ? Why isn't it part of the OS ? What is this slow Gnome thing and why is it so ugly ? Why does the background dissapear when I drag a window around ? Why have I got no hard disk space left...oh no I just found a giant log file that is 98 GB. Help what can I do ? Why doesn't my sound work ? Why can't I play CDs/DVD and have to go to
Oh blow this, I'd rather be a zombie and go back to Windows than waste my time with this. On the other hand that Mac thing looks quite cool.
bye bye
mod parent up (IMHO).
I couldn't agree more...
our new zombie overlords
...but "Jasmine" is a dude? Really?
I'm sure it's a cultural thing, but seriously, when I was in school (cue old-timey phonograph and creaky rocking chair sound) he'd have been hating life if he had the balls to show up to school with a name like Jasmine!
The times they are a changin'. (That's a good thing, I think)
-Tom
This is more like a gun dealer who continues to sell bullets to someone when he knows the previous bullets he sold the guy were used for a robbery.
That's beyond being a service provider and closer to being an accessory.
The link was intended as a demo. Register and you become the spam zombie's next victim.
I'm a sci-fi vegan: I don't want the aliens to think we have as much right to live as the fried chickens we eat.
Probably it's not the spamming they are talking about. Probably it's the fact the spammers are cracking into other computers in order to spam.
It's a lawyer that is being quoted (though he is quoting the high school kid). And yes, Jasmine is an unfortunate name for the lad. Especially if he spends a lot of time at the correctional facility.
I've been saying that for years!
Nice to see that somebody else feels the same way...
my sig could kick your sig's arse...
"Hacking in its pure form is to show what you can do."
May I please have a spammer and an axe? I'd like to show what I can do.
"I may be synthetic, but I'm not stupid." -- Bishop 341-B
I'm afraid you're kinda screwed on this point. Slashdot is a news aggregator. This story is effectively a dupe of one that came before, but the "news" is that it's the New York Times publishing it, which has a far more important readership than PC World.
In other words, the news isn't that there are zombies, but that a very important mainstream newspaper is telling people that there are zombies, and lots of 'em. You can't get this story from any other source, because the source is the story.
And because the New York Times is so important, they get to charge for content. In this case the charge is cheap: you just let them know who you are, so that they can better sell ad space. That's not free, but it's pretty cheap.
So basically I doubt Slashdot is ever going to "quit posting stories taht you have to register for to read", because that's where the good news is. If you'd like to establish an open source news gathering organization and make it available for free without registration, feel free.
That's news "gathering" like the Times, not "aggregating", like Slashdot. News gathering is usually considered pretty expensive. You have to have a lot of reporters, and editors. And it takes time to establish the reputation that the Times has. And like software, news depends on trust.
But hey, news, like software, is free to distribute once it's created, so maybe the open source model will apply. Go for it.
Alternatively, stop bitching about what people are giving you for free (Slashdot summaries) or cheap (New York Times articles for the price of some trivial and easily lied about demographics). Your choice.
well they taste better than Soylent green!...
the downside though is some times after you go to the bathroom what you left comes back from the dead...
SS
I dunno why people make a big deal out of what you say anyway. Using words the "right" way doesn't make you any smarter. Like when I want to download my pictures to gmail, and someone says "you mean upload." Who cares?
And when I email people and say ur instead of "you are" or cul8r instead of "see you later" and they give me shit about it.
Every time a NY Times article is posted, it should be standard practice to include a no reg link.
It's not like it's hard...
New York Times Link Generator
Sorry, nobody is going to bend over backwards to make sure you don't have to log in to view an article.
You can always search on the subject in Google News and get alternate stories that may or may not be about the same subject.
You can wait for somebody to copy/paste the text as a comment, or find the workaround for the log-in system for that particular site.
You can choose not to read the story if you want. If you really want to, ignore the stories that link to reg-required sites.
Slashdot, please continue posting stories I might be interested in, and I'll decide for myself if I feel like registering or not. Thanks.
Translation: Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to compensate for being such an empty shell of a person that one must scrape around for any sort of recognition and attention.
Sorry, kid. Despite your delusions, you just ain't that cool.
Sometimes it's best to just let stupid people be stupid.
Since a coward is the opposite of one exhibiting valor.
Next: NYTimes advises that zombie-spammers can be dealt with by "removing the head or destroying the brain".
I wrote a little bridge code that checks on the connection behavior of servers trying to connect and filters out all the bots or spam mail servers, since they have a very distinct behavior on ip level. No spam for 2 weeks now, nil nada nothing. Why letting it even on your network when you can identify and eliminate it before one byte reaches you. I can shut down my spamassassin, no need for it anymore and my bandwidth belongs to me again.
BTW, I'm not a hacker. I just know how to program and just a liittle bit about networking and what you can really do with it.
An Army of Soulless 1's and 0's
WASHINGTON, June 23 - For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse.
But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.
On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.
And all for the sake of selling a few more sports jerseys.
The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.
Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.
The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.
Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.
While the use of zombie computers to launch attacks is not new, such episodes are on the rise, and investigators say they are devoting more resources to such cases. Many investigations remain confidential, they say, because companies are hesitant to acknowledge they have been targets, fearful of undermining their customers' confidence.
In one recent case, a small British online payment processing company, Protx, was shut down after being bombarded in a zombie attack and warned that problems would continue unless a $10,000 payment was made, the company said. It is not known whether the authorities ever arrested anyone in that case.
Zombie attacks have tried to block access to Web sites including those of Microsoft, Al Jazeera and the White House. In October 2002, a huge but ultimately unsuccessful attack was mounted against the domain-name servers that manage Internet traffic. The attackers were never caught.
Federal officials say the case involving the athletic jerseys was solved after some college computers in Massachusetts and Pennsylvania were found to be infected with software code traced to a user whose Internet name was pherk. That hacker, a high school student in New Jersey, told investigators that he was acting at the behest of a merchant - the owner of www.jerseydomain.com.
The merchant, an 18-year-old Michigan college student, could face trial later this year in a federal court in Newark. The case offers a rare glimpse both into the use of zombie computers and into the way that law enforcement officials are trying to combat the problem.
More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.
That deserves a bonus.
Wouldn't you?
something like that anyway... oh, never mind.
SIGSEGV caught, terminating
wait... not that kind of sig.
'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'" ...much like the art of breaking an entering a home residence and rifling though the owners belongings. Just to show you can do it.
Please, stop trying to justify hacking in this manner. It displays mental bankruptsy and severe denial unbecoming of anybody claiming to have half a brain in their skull.
You need a FREE iPod Nano
Those wondering why this is extra funny, need to watch Shaun of the Dead, a horror comedy flick from the UK, and on DVD in North America.
Would that be the brain of the computer user, or a head of the hard drive?
Saskboy's blog is good. 9 out of 10 dentists agree.
I'd have something to prove too.
Jail is cool, though. It gets you respect, with everybody on the outside. After. During, you're just a sad little baby-boy named Jasmine. Okay, not bad enough? You're in there for Computer crime. Here's the kicker, it's a juvinile detention centre, meaning you're in there with testy, immature, and big teens who are twice as likely to lynch you than an adult set would be.
Rough, huh?
Hi,
:)
. ) To: spam@ms1.hinet.net. ) To: spam@anet.net.tw
I just woke up, my usual morning with Spamcop at my entertaintment bookmarks.
(lets hope it pastes right)
369] pbbrrh@ms18.hinet.net (WÅWÁúê¼Ò©©àSõ;Å?±zÃP@ÓôüuÃÏâ....¥t¦ä¥L£~¥Ø?Ñ¦Ò VTDMVDJDGX VTDMVDJDGX Preview )
Sat, 25 Jun 2005 11:30:32 +0800 (Blocked xbl.spamhaus.org)
___
Zombies became excuse easily. If you go mad enough and send these spams to embassy of them in your country and they really care, you get reply as "Oh, sorry, those damn windows viruses" from ISP.
Yep, I made it.
What kind of a virus is that I really don't know since I report same IP for 2 weeks now
Some clever guys playing "open proxy" trick out there and guess what? They leech slashdot even, I post with open mail on purpose. I tried this spamcop mail with only slashdot for 2 weeks, given nowhere else. I got 3 spams manually sent to spamcop, 2 spams with robots. I even remember mailing to CmdrTaco about it as if slashdot got some "anti harvesting" code, its basically not working.
Lets paste a usual report of mine:
1453095243 ( http://www.email104.com/cgi-bin/formmail/formem..
1453095241 ( 219.81.150.41 ) To: spamcop@imaphost.com
1453095234 ( http://home.anet.net.tw/luckluck/homepage/pic/p..
1453095231 ( 219.81.150.41 ) To: spam@anet.net.tw
That "luckluck" moron page? Its still up. I wonder how much dollars guy pays to ISP to keep page up. Zombie my ass.
I can understand (try to) China spam being "not seen" by their government, sort of political crap. Mainframe level country filter can't stop spam? heh
What about Taiwan?
ISPs are not meant to police the web. they shouldn't be responsible for their users' security flaws; for content that users post on unmoderated servers; for blocking spam; or for preventing malicious application from working. what they should be doing is providing internet services; like bandwidth, hosting, and email.
copyright © 2005 Flamsmsmark the ravings of a melancholly i
I think it's about time ISP's started with some port blocking. If they blocked all the ports that were vulnerable (e.g. uPNP ports, ports opened by SUB7, network share ports, etc) lots of these problems could be prevented.
Unlike the great wall of china, the great firewall of china is one-way: it stops only incoming traffic...
China doesn't want spam. So it lets the spam go out...
I don't think so. I'm not sending my kids to any touchy-feely school that doesn't beat the shit out of any boys named, for instance, Jasmine or Sue.
"Hacking is about showing what you can do." Yeah, sure it is. That's just whitecollar arrogance; a self-justification of a crime. At least the guys that rob the liquor stores don't come back with, "Man, I just wanted to see how fast I could run!"