Slashdot Mirror
Spam War Takes Out Blog Services
munchola writes "Following on from the story about spammers attacking Blue Security's anti-spam system, CBR is reporting that Six Apart, which runs the popular LiveJournal and TypePad blogging services, has become a collateral victim. Six Apart told its millions of bloggers it had experienced 'intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com', before resolving the issue in the early hours of Wednesday. '[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack."
Is Blue Security going public with who's behind it?
He should, so we can put on the pressure.
.
Swamping a spammer is not a good idea, because he can either redirect the attacks to an innocent third party, or simply pointless because they use stolen ressources, like trojaned computers that host illegal sites.
The best way to eradicate spammers would simply be to go after their clients.
fta:
The spammer also launched a conventional bandwidth-consumption DDoS attack against bluesecurity.com. It was around this time that the company opened its new blog, which meant TypePad got whacked.
This blue security article has been running for a few days now and the site hasn't been responding any time I've tried recently.
Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?
A total slashdotting/digging/farking and general newsing all at once.
It was the same when word spread about google going down.
"OMG have you heard, google is dead?"
*CLICK* "Yer, its not working here either" *CLICK* *CLICK* *CLICK*
*CLICK* "Hey, its loaded here." *CLICK* "Oh crap, its broken again now.."
We are all guilty of assisting this DDOS attack. shame on us.
It will ease up once something else comes and takes our attention away from it.
liqbase
"'[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack.""
Too bad dueling is dead.
Quote from Anil Dash, VP of Six Apart
Hulk SMASH Celiac Disease
I don't think spam will stop, or even slow down, until a spammer is seriously hurt or killed. Right now, they know there is no consequence to their actions. I'm not saying I personally advocate killing spammers, but it certainly wouldn't make me feel bad to hear about it being done. Spamming would be a lot riskier if there were an element of harm attached for the spammer.
Techdirt has a different story on what caused the outages. The info they have came from here.
bork bork bork!
I once went onto a support wiki for a company's website, all the articles had been cleared and multiple new ones had been added, something to the effect of: Free sample! Prescription drugs... Its sad, they took over a support wiki and filled it with spam.
Obligatory blog plug: http://www.caseybanner.ca/
Taking out spammers and bloggers?
I can't see any down side to this, honestly.
He tried to kill me with a forklift!
Ah, it's so nice to be self-hosted. Back when I was on Blogger.com, myself and many other users who received links from Slashdot stories or news sites became the target of a spammer who's sole purpose was to screw up the service for everyone. He had a script that would bomb a blog with hundreds of racist messages, overloading the system in the process. (Sorry, blogger.com's software isn't that good.) I was forced to disable the comments, delete the entry, and recreate it. Thankfully, there were only a few anonymous comments on the current entry which were easy to recreate.
While Blogger eventually added a captcha to solve the problem (after being non-responsive to support requests), it left a bad taste in my mouth. It was at that point that I decided to go self-hosted. I've never looked back. For the cost of a cheap hosting provider, you can setup a Wordpress installation that looks better, is more feature-rich, and automatically queues suspcious messages rather than allowing them to pass through. So while my site could be DDOSed if it was specifically targetted, it can't be overloaded with spam or used to take down other bloggers.
Javascript + Nintendo DSi = DSiCade
"He's trying to rip apart the internet just to make our community stop fighting back against spam," Blue Security's chief executive Eran Reshef said of the spammer he believes launched the attack.
LiveJournal and TypePad found themselves suffering the brunt of the attack when Blue, which says it has been targeted by a "top four" Russian spammer, redirected the front page of its website to a blog hosted at TypePad's data center.
Reshef said Blue replaced the front page of its site with the TypePad blog to keep its users up to date with events, and disagreed with commentary that said Blue acted irresponsibly by passing the DDoS burden to Six Apart.
"We didn't offload any DDoS," he said. "That's like blaming the victim of a crime."
Since they were apparently in contact with this dirtbag, didn't they see this coming? Perhaps they were just being well-intentioned by shifting their front page to a blog with information for their users, but since they don't host the blog, that seems like dirty pool. Spammers are not known for being the most easy-going people in the world and sure he made threats about a DDoS. Seems a bit iffy. It could all be above board but without more info, who knows?
I find it interesting that they supply spammers with the addresses of their clients, so the spammers can avoid emailing them. Wouldn't a spammer get that info when they get bombarded by unsubscribe requests? Seems like handing the fox the keys to the henhouse while you slip off for a brewski.
GetOuttaMySpace - The Anti-Social Network
I think SixApart is being far too generous in not laying the blame for this fully at the feet of Blue Security. Basically Blue Security decided that their web site couldn't stand the DDOS, so they pointed the URL for their company to their blog.com blog. Thus DDOS'ing all of SixApart.
If I were SixApart, I'd sue the fuck out of Blue Security for deliberately DDOSing them.
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
So, they fucked up SixApart and now are trying to divert the attention from the real problem?
But have they got any better suggestions. The federal government is a *Joke* about bringing any kind of justice down on this filth, and so the masses remained *outraged* and *victimized*. To me a (A computer tech) I see people's computers every day that have been turned into Zombies. Some so bad that they have to be reformated. They are bringing in their computers to me, and paying hard cash for me to fix it and prevent it from happening again. That's real money, real damages everyone is having to pay every day. I guess you could spin it in a positive light and say it's good for the tech industry, but not if people start becoming afraid to even get on the internet because of what might happen to their computer. This is theft, this is vandilism and the governements of the world are practically standing by and watching it happen.
So, do you have any better suggestions, if not then I kindly ask you to ommit your views until you can add something to the cause.
Go ahead and call me unreliable; reliable is just a synonym for predictable.
All blue frog does is requesting to be opted out. One form send per spam received. No more, no less.
4 of the 10 major spammers had already excluded the blue security list from their mass mailings, and their problem was solved. But this particular spammer, instead of complying, shut down Blue Security.
Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault. (It is our LEGAL RIGHT to request for opt-out, and to keep requesting it UNTIL IT IS FULFILLED).
To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.
If a kneecap or two happens to get broken, well, so be it...
There exists no way of exchanging information without making judgments. --Bene Gesserit Axiom
I've devised a method to keep opting out while Blue Security's down. I posted it on my journal.
The next step is automating the process, perhaps making a new version of Blue Frog that doesn't rely on a centralized server. Do that, and we'll regain our mailboxes.
No, there's a much better way.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
Actually, that's exactly what I understood Blue Frog to be doing--going to the Web sites offering the products advertised in the spam, then filling out the order forms with words to the effect of "stop spamming Blue Frog users."
*Puts on asbesto suit*
That most DDOS attacks right now are done using botnets. If we should blame someone (besides our mediocre congress), it's Microsoft for having such a weak security in their desktop OS. And for not updating pirated copies, which are used as botnets too!
Does anyone know if there's a connection between this and the attack on Tucows managed DNS service? The timing seems too close for this to be a coincidence...
Cheers,
Graham
Agreed! I've got my pitchfork and torch right here... I dunno about you but I'm up for some mob rule and a lynching to take care of this mess.
Help Brendan pay off his student loans
What we really need are incentives for advertisers to focus on permission marketting rather than broad spectrum annoyance. I can't think of anything offhand, but I am certain that easing costs in some way to channel behavior will be more effective than penalties on the whole profession. I am not likely to click on your link for a free ipod or ringtones. But if you send adds for discount printer toner because I am subscribed your premade business forms site, then yeah, I might just click on that. Maybe we could focus on making overhead on advertising expenses a part of the tax deductible business development column provided that the company doing the advertising itself produced some kind of commodity besides advertisement. Maybe not foolproof, but it rewards advertisers that are on the level and encourages clients to seek out providers in the formal economy.
I guess we'll just have to figure out Blue's clues.
(Because we're really smart)
Speaking as one of the people who helped start the last bluesecurity article, I think we've all had enough time to reflect and debate on the 'fight fire with fire' technique that blusecurity has enacted. What this new DDOS attack has brought to the table is something a little different. Before the attack, Bluesecurity would send an equal amount of opt out requests as spam. THIS DDOS attack on bluesecurity, which is clearly illegal, is the breaking point. I'm not sure WHAT going to break, (of than someones ISP) but it has shed light on spammers intentions. Spam artists have always relied on the fact that their activities arent spefically illegal. With this attack they have really crossed the line- This event could be the event that got some sort of anti spam- legislation rolling, (or it might have the opposite effect). Something should come out of this though, if only to be remembered the 'bluesecurity incident'. Personally I was pretty pissed having some jackass hold my gmail account for ransom, especially since bluesec. was so ridiculously effective. FYI, despite the threats, I have recieved no greater amount of spam than when I was first threatened on monday (sunday). I dont think their database was compromised despite what joe spammer tells us.
Wordpress is an excellent open source blogging tool. Couple that with Bad behavior and Spam Karma 2 and you've got yourself a near impenetrable blog to spam in your comments. The new version of Wordpress has tools to migrate from some popular blogging systems, so.. go check it out.
I make these: http://beatseqr.com
The spammer is in Russia. Let's hire the mafia nd take him out. Blue security has 500,000 members. If we all put in $1.00 each, we should manage to hire someone to take the spammer out. He won't be a problem after that, and he won't send any more spam.
They need more people so that it becomes non-viable to attack the community.
I've not heard of BlueSecurity before, but after those stories, I'm signing up with them. I urge anyone who wants to help fight against spam and vandalism on the Internet do the same.
After all, when noone can take care of a problem for you, it's time to step up and solve it yourself.
Stop being cute about this and just tell us who. Information in power, and you're only facilitating this person's ability to continue to hide until you unmask him/them.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
If they really do know who's behind the attack, don't they have the ethical duty to report them if not to prevent it from happening to other companies, but for themselves? The fact they know who and won't tell makes them no better than the spammers themselves.
That's like hearing a domestic abuse fight in your apt building, but don't call the cops.
That which does not kill me only postpones the inevitable.
We best keep an eye on Blue's News then! :)
Need an analogy to understand why SixApart should sue? It'd be like a corrupt police unit grabbing a school bus full of kids to use as human shields in the middle of a gun battle with a gang while the cops try to fall back and call for backup.
First, these idiots set up an "anti-spam" service whose response to abuse is...abuse.
Second, they use a fraudulent corporate name. (Use Google and search Usenet.)
Third, they locate themselves on a network also happens to house one of the scummiest spammers on the planet.
Fourth, they decide to redirect an incoming attack at an innocent third party.
The only surprising thing is how many morons have actually DEFENDED these idiots.
Recommendations:
1. Permanently blacklist their domain(s).
2. Firewall off their network.
Ha! All of Tucows services, including the managed dns and email defense services were completely down most of yesterday. The managed DNS service is still impaired until the new IPs of ns1.mdnsservice.com and ns2.mdnsservice.com propagate (they just this morning changed the TTL to 1200 secs %-).
status.tucows.com
Managed DNS Service Degraded Performance - restore time is currently unknown Beginning at approximately noon Wednesday May 3rd the Tucows network was under a severe DDOS attack. To stop the attack, we have changed the IP addresses of the servers. If you are using IP addresses in order to connect to MDNS, you will have to update your records. Also, any nameserver with a long TTL should be updated in order to use the new info. Next Update Time:15:20 UTC, 04 May 2006",/i>
nobody commented yet that Blue Security have now mapped all their domains to "localhost" (127.0.0.1) ?
/// evilloop.com
As always needs mentioned, Spam would not exist if it didn't have a market. The base problem is, as it has always been, that people respond to this.
People could stop clicking, but that is unlikely to happen. Especially in America, people are always looking for the easier path: be it cheaper medication, promises of enhanced "performance," tales of rapid weight loss while sitting on your couch, or the constant get-rich-quick scheme.
If people actually thought... yes, used higher brain functions... they may realize that it is virtually all just BS.
It could also be that the general masses don't realize that everytime they click on a link or reply to an email, someone is making money. And that is a problem with awareness of how the internet works. Most seem happy to just know that it works.
ELOI, ELOI, LAMA SABACHTHANI!?
A riot is an ugly thing.... And I think it's about time we had one!
http://imdb.com/title/tt0072431/
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
I don't know about you, but I take comfort in that. The dude abides.
I'm really disappointed in this mysterious top 4 spammer. I've been a member of blue security for somewhere around 4 months and I haven't recieved a single threatening email from him/her/it. I mean come on. I must have forwarded thousands and thousands of pieces spam to blue securtiy and yet he hasn't tried to black mail me once. Whats wrong with me? Maybe I'm just not trying hard enough, I only have 3 email addresses registered with the frog. OK mysterious spammer you've made your point. Only the best anti spammers get your attention so I will redouble my efforts and add add 6 new addressess to the protected registry. That will learn you to ignore me.
I wouldn't necessarily say you are wrong that it's Blue Security's fault, either through negligence or intentional thought... but to say they are the ones causin the DDoS is ridiculous.
They are not sending out the offending packets, the spammer is.
Is it unethical to redirect the DDoS you are getting hit with? Yep, I'd say so if you do it intentionally.
Is it illegal? Nope, not in any sense of the word. The people perpetrating the crime are the spammers, and they are the ones performing the illegal act.
It's no different than someone calling you up on the phone and telling you that you're going to be robbed tonight while you're out on the town. Before you leave, you switch the address on your house to your neighbors, and when you leave, the robbers break into your neighbors house. You sure are a dick, but you didn't do anything illegal. Your neighbors probably won't be happy with you, but they have no legal recourse, except to perhaps fling dog poo in your yard.
Blue Security didn't DDoS them, the spammer did.
I suffer from attention surplus disorder.
Which is incomprehensible and irresponsibly lenient for the law, given that spam is so obviously annoying (and costing so much of everyone else's time and money) that the burden of proof for using only a legitimate opt-in list, as well as for providing full and true contact details of the spamvertised entity (to bear the brunt of complaints to the extent that it misbehaves!) should be on the offender deciding to employ such a parasitic way of "marketing" in the first place. And, no, the myth that there was any First Amendment issue about it has been debunked for more than a decade already.
We cannot have to wait for the authorities to painstakingly have to prove further mischief by the spammer, in every single case, such as harassment, sabotage, identity theft, not honoring opt-out requests, failing to deliver paid p***s pills ;-), or making bogus claims in general: Spam itself should suffice to land the perpetrators in jail right away (and forfeit their fortunes - equipment and earnings).
You'll have to talk to your congresscritter about it (in most nations actually).
Just pull the plug on the web server... or
redirct the domain name to 127.0.0.1(taking up to 24-48 hours to update) as one of the other posters posted...
Why I ask is because where I work we had a similar problem and sence I maintain our web server we had no choice but to unpluge the network cable. Waited 5 minutes and pluged it back in and vwala! no more DOS.
My best guess was that as soon as the DOS'er saw that our site was "down" they/it thought that there task was completed.
It is almost( but not quite the same) as if some one took a ethernet cable and created a loop on the same pair of switchs. (i.e. two switches are connected to each other. Then some random idiot looks at them and plugs in a spare cable in to both, creating a network loop.)
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation. Social exper
This is a 24/7 business. A serious online service vendor can't have company holidays. Least of all in the security business.
Don't be fucking pedantic. It's an analogy, buy a clue.
Redirecting a URL is not vandalism.
It's a crap analogy though. A better one would be that you tell the guy who phones you that you actually live next door now, and he believes you. I'm not sure what legal recourse your neighbours would have, if any, but I'd be very surprised indeed if the police didn't want a few words with you. You may even find yourself facing charges for conspiracy or aiding and abetting, although that's probably a stretch.
On the other hand, your neighbour could almost certainly sue you for damages - look at OJ, acquitted by a criminal court then sued in a civil one for the same crime.
Back on topic, here in the UK intentionally redirecting a DDoS to someone else's servers is almost certainly covered by the Computer Misuse Act, so if you were to do it, you may well find yourself in court explaining your actions just as the original idiot does. I'd be surpried if a simmilar law didn't exist in the US.
It's official. Most of you are morons.
Another Spammer posing as an anonymous coward?
Claiming that Six Apart should take legal action against Blue Security because criminals were attacking Blue Security is absurd. It's like blaming the rape victim for getting raped.
All us Frog users have been desperate for news about our pals at Blue Sec. I appreciate the effort they took to get word out to us. The fact that the spammers then directed their attack towards SixApart shows just how desperate and belligerent they are. They are greedy godless bastards. And their actions shall undo themselves.
Blue Security Blog
Netcraft Article on DDoS
My original article on the attack 4/1/06
The DDoS started with invalid PHP requests. I think the spammer is using a combination of methods to disable Blue Security now, but that's just an assumption. The question is, how long are spammers going to focus their efforts on the counter attack? Using their resources to attack Blue Security means less resources to send profitable spam. The spammer wants me to unregister from Blue Security's site, but at the same time, disabled it. Don't get me wrong, I'm not about to cave in to extortion. Right now I'm happy to have Gmail intercepting spam so others don't have to deal with it. I guess you can say I and the rest of the Blue Security community are drawing fire for the rest of ya'll.
Your analogy is also crap.
The best I've got is running a business out of your home that does tit for tat retaliation on organized crime businesses. They rough up one of your boys you rough up one of theirs. They get upset so they burn your house to teh ground. You escape and leave a note on the burnt out ashes that you'll be staying at the Middlebury Hotel in case your clients need to get a hold of you. The mobsters see the note and procede to burn the hotel to the ground as well.
No, ethical would be getting the proof before going public. Knowing who is behind the attack is not the same as being able to prove who is behind the attack.
"But this one goes to 11!"
Since you're a blogger, the best thing to do is to start with taking out yourself. Seriously though, nobody has to read blogs—spam is forced on people.
Sounds like you're one of the spammers attacking them... trying to redirect blame. BlueSecurity had EVERY RIGHT in the world to redirect their web site to their Blog when their servers went down to keep their members informed of what was happening, DDoS attack or not. the SPAMMERS are responsible, not BlueSecurity.
Actuall, the moment I saw the DDOS I would have downed their BLOG and been downe with it.
Armaments, 2-9-21 And Saint Attila raised the hand grenade up on high, saying, 'O Lord, bless this Thy hand grenade' N
Hey, thanks. I use TUCOWS has my host provider (via DomainDirect) and I had no idea why they were down. All their page said was "Intermittent issues with the loading of any and all services through DomainDirect.com. This is affecting all services including domain registration, management and navigation. There is no ETA to a resolution time. We apologize for the inconvenience. "
Thanks for letting me know what's up, guys.
I'm not a Troll, it's reverse psychology.
Come to slashdot and mod you down, obviously.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
"Instapundit" Glenn Reynolds had a sketchy report that one of those attacks originated in Saudi Arabia - http://instabackup.blogspot.com/. That of course doesn't necessarily mean anything, but the nature of the defacements involved are consistent with the theory: http://www.google.com/search?q=neEeO_hack
Related or not, it'll be interesting to see if & who Blue Security names.
Pi Ran Out
Had BlueSecurity chosen to temporarily route their domain name to empty IP space, or to localhost, they could have mitigated the attack on their servers without offloading the problem onto someone else's network. Yes, they would still have been offline, but at least their servers wouldn't be melting, and Six Apart wouldn't have been taken down with them.
./ has ever been DDoSed?) Maybe they figured the attack wouldn't follow the DNS change. While Blue Security is not responsible for launching the attack, they are arguably responsible for where the attack ended up. And that's something that could be the target of a civil lawsuit, even though it's (probably) not a criminal offense.
Now, I've read several articles on this, and it's not clear whether (a) Blue knew that the DDoS was targeting them by domain name (rather than by IP), or (b) whether they redirected their website before or after that phase of the DDoS started.
The way I see it -- assuming Blue did this with thir eyes open -- it's like deflecting a punch. You can deflect a punch so that it doesn't hit you, and deal with where it does hit later. Or, if you're in a kung fu movie, you can deflect the punch specifically so that it hits someone else instead. Pointing the domain name at Six Apart's network was deflecting the attack with the intention that someone else would get it.
Maybe they figured 6A had enough resources to handle it. (Hmm, anyone remember whether
Would Six Apart would want to sue? Would a judge accept the case? Would a jury would actually award them anything? Who knows.
-=[ place
Blue Security IS partially guilty of causing the DDOS, because they KNOWINGLY redirected DDOS traffic to a third party. It's the same as if I owed you money, but when we're being both robbed, I give the money owed back to you, knowing full-well that we're just about to be robbed. Under the law, I will still owe you this money.
eTrade SUCKS
More logical would be that they directed the url to have a internet page hoping the ddos was using ip addresses or something. They could have just pulled the plug as nobody can find your server if are not in the dns so it did not help them. Maybe it was very stupid but not the deliberate kind of guilty like the spammers.
"Is it unethical to redirect the DDoS you are getting hit with? Yep, I'd say so if you do it intentionally.
....
Is it illegal? Nope, not in any sense of the word."
Well, I *could* call it "aiding and abedding". Someone does not need to be a robber to be tried as one (think of the guy driving the getaway car).
And I can surely see a case where the provider of the packets causing a DDos would be convicted, and another conviction for someone who directed the flow of those packets to a known party
Maybe you could look at it like this : You might get hit by a large quantity of water, which threatens to damage your property. You are surely permitted to try to get rid of that water. But to transfer the water to a known other person, resulting in his property getting damaged like you where afraid it would do yours is premeditation.
The second, damaged person is then surely within his rights to claim damages. And if the judge is willing, he won't permit the redirector of that water to re-claim those damages from the person who send it in the first place.
What they did was wrong. Period.
So which of you scumbags is responsible for this.
Which law is that? Statute and section numbers please.
*contented sigh*
There ain't no justice like angry mob justice...
110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
C'mon, would you want to send the guy into hiding before you could get the authorities to string him up, tar and feather him?
110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
"The best way to eradicate spammers would simply be to go after their clients."
That's exactly how it works. Most spam comes with a link to a website that is used to sell their "products." It might be cheap drugs, watches or snake oil. The Blue Frog software analyzes the website for the input form and fills the text boxes with requests to be removed. Further ALL PCs using the Blue Frog software and are on the Internet at the time send the spammer's website opt out requests. So it IS the clients i.e. people using the spammer's service who get hit. Spammer's must pay for the bandwidth that they use and so this makes their spamming activities less profitable. That's why they're so pissed off.
The race isn't always to the swift... but that's the way to bet!
Oh, get real... you're asumption is FOS
-=[ place
You buy a clue. Your analogy was incorrect. You made it sound as if it was perfectly OK to swap house addresses so the other house had (insert bad thing happen here). What BS did was wrong and I'm sure the US has laws that will cover such an act. To "fix" a DDoS, you don't point your address to someone elses server. At the very least, I (and I'm sure "the law") consider that THEFT OF SERVICES.
So no, redirecting a URL isn't vandalism technically (though I consider it to be so), but it is illegal (as far as I can tell).
Move along, you are obviously too young to be here with the rest of us.
bork bork bork!
It loads, but the forums are missing.
-=[ place
Seems to me that when people try to shut down the spammers, the spammers strike back, ala the Mafia
SPF would have put a serious dent in this problem. Too bad MS singelhandedly killed it by refusing to implement it and pushing their proprietary framework instead.
I say we go back to SPF, and start refusing email from anybody who does not have an SPF record. It won't solve the problem but it will reduce it greatly.
evil is as evil does
My analogy was spot on. You are a clueless noob who can't fathom that an analogy is to illustrate the faliciousness of the arguement in question, it is not meant to be a 1:1 comparison.
You also appear to have a reading comprehension problem in so far as I said nothing about it being OK to swap house addresses, that's a product of your own limited ability to understand written English. I said the person swapping house numbers is not committing the crime; the person robbing the house is. Regardless of whether or not the act of switching addresses is illegal in the physical world, the act of redirecting your URL to another IP is not illegal anywhere in the world. Thus, the analogy is spot on and your limited mental facilities are unable to comprehend the difference between an analogy and a direct comparison.
I'm sorry that you are unable to understand simple concepts like this, but the failure is in yourself (or education) not in the analogy.
Lets see who the young one is here... your UserID is 468134, mine is 72977. Yeahhh... I'm gonna have to go with you being the one that's too young to be here with adults. In fact, I'm gonna go so far as to say I've been working in the computing industry longer than you've been alive. So scat, noob, you aren't allowed at the adult table anymore.
In some cases I *do* personally advocate the death penalty for spammers. I don't even care if it's vigilante justice so long as it's proven they got the right guys. Spam costs billions of dollars in wasted time and money. It's already wasted several months of my life between work (I work in IT) and home (I've had the same email address for years, since before spam was a big problem, and I get *at least* 1K spams a day hitting my mailserver). That's like killing me before I would have died. The money and effort wasted on spam last year in the USA alone would probably have taken care of all the hurricane victims in the USA, if not world-wide.
Spammers suck. The worst ones should be made examples of. Put their heads on the fence posts of the Whitehouse or main building of the government of whatever country they're caught in.
If not the death penalty, they should at the very least spend the rest of their lives in public stocks, where passersby can mock and whack them. Send 'em on an international tour (semi trailer, slowboat, etc) and charge people to see 'em. Use the revenue to round up the others.
We're waaaay to "civilised" for our own good.
The bloody thieves at bluesecurity.com stole my webpage! ;) seems the splash page is redirecting to localhost; at least their not letting a blog site get hammered anymore.
Apocalypse Cancelled, Sorry, No Ticket Refunds
I'm not a Troll, it's reverse psychology.
How surprising, a pro-war conservative blogger jumps all over a "sketchy" report that perhaps one of the DDoS attacks originated in an Islamic country. Could it perhaps be that some zombied computers were there? Or is this the towelheads "hating our Freedom" again? You be the judge!
Golly, colour me shocked that such a thing would happen.
BF needs two servers to function: members.bluesecurity.com and wd.bluesecurity.com. It appears that sixapart.com is hosting a dummy members.bluesecurity.com for the moment @ 204.9.178.12
-=[ place
You don't have to make it public who it is, just notify the authorities. If I see a person on the most wanted list, I'm gonna call the authorities, not broadcast to everyone that he's on the most wanted so he goes running.
That which does not kill me only postpones the inevitable.
Jesus H. Christ on a crutch... are you fucking dense or what? I didn't think anyone could possibly be as obtuse as you seem to be and still be capable of operating a computer.
How on earth do you possibly equate the statement that "Redirecting a URL is not vandalism" with "It's ok to be a dick to your neighbor." Are you just pretending to be stupid to troll, or are you really that incapable of critical thinking?
There are two statements made here, that you seem to have tried to graft together to support your ludicrous point.
The first statement is "Redirecting a URL is not vandalism." It's not. Please tell me how you think it's vandalism. Once you have that thought in your head, try to keep it there while you go look up what exactly vandalism is. Now compare what it IS and what you THINK it is. Are they the same thing? Go ahead, give it a shot, I'll wait.
Now that you've done that, I could have saved you some time, the correct answer is 'No, they are not.'
Good, now that we've got that fact out of the way, lets see the other statement you are using in conjunction with the above, "So redirecting a DDOS attack from Blue Security to communityhosting.net seems to be consistent with your statement that it is not harmful or wrong."
Where did I say that it is not harmful or wrong? Oh... that's right, I didn't. I said it wasn't illegal. I said "your neighbors will probably think you are a dick." I also said that it is unethical (read: NOT OK, duh) to do so.
oh so great one, of which I am not worthy to dwell in your cyberspace.
You're goddamned right you aren't worthy to dwell in my cyberspace. Fucktards like you should not be allowed anywhere near a computer, much less on the internet.
Your disapproval haunts me and leaves me flaccid, I fear I will not be able to perform my carnal duties to your wife. That saddens me because I so dearly wanted to be your friend.
Ahh, a wife joke. That's almost as good as a "Yo mama" joke! Wow... dude, do you write your own material, or does someone from the 3rd grade write it for you?
I know you wanted to be my friend, but I am far, far too manly for you. My balls are so huge they dwarf the largest ball of twine in Minnesota like the earth dwarfs the moon. They are so large, they have their own gravitational pull. There is simply no way a mere mortal like yourself could ever comprehend the entire granduer of my sac in one lifetime; it would take you at least ten. I don't have that kind of time... so no, you can never be my friend, nor can you ever know me. You are simply not evolved enough; you are not on the same plane of existence. You can not comprehend even a fraction of my awesomeness. I am sorry. I truely am... but you should probably just go kill yourself now... the crushing depression you will feel after reading my words that I have deigned to bestow up on you will eat at you for the rest of your short and pitiful life.
Bow before me, and I may allow you to gaze upon a small portion of my granduer for a moment longer.
The Bluesecurity concept is one approach, but I was thinking that going after companies like Bank of America, SBC Communications and Sprint who actually sponsor the sending of spam may be more productive.
You know how many people like you I've run into that are all talk and no brains?
I very much doubt you've been working in the computer industry longer than I've been alive. What you have experienced that far back, IF it is true (still HIGHLY unlikely) has little to no bearing on what is going on in the industry today, anyway. The fact you had to resort to name calling proves me correct.
To touch on your point about redirecting a url not being a crime: If your redirection causes the target to loose communication (as was the case here), it is theft of services. VERY MUCH illegal. The ends do NOT justify the means.
Your UID being lower than mine also means nothing. Small slahsdot UID's have appeared on ebay in the past. How am I to be sure you haven't purchased it?
This is the end of the conversation. You are worth no more of my time.
bork bork bork!
You know how many people like you I've run into that are all talk and no brains?
I very much doubt you've been working in the computer industry longer than I've been alive. What you have experienced that far back, IF it is true (still HIGHLY unlikely) has little to no bearing on what is going on in the industry today, anyway. The fact you had to resort to name calling proves me correct.
Judging by your comments, I'm betting the chances are increasing dramatically that my first statement is true. Go back to school, Junior!
To touch on your point about redirecting a url not being a crime: If your redirection causes the target to loose communication (as was the case here), it is theft of services. VERY MUCH illegal. The ends do NOT justify the means.
This is what you are clearly incapable of understanding. Redirecting a URL is simply that... redirecting a URL. They are not generating any traffic to the target site... someone else is. THOSE people are responsible for theft of service, not Blue Security. Why can't you get the fact of root cause through your thick skull? As I said, if Blue Security did it intentionally, they are guilty of being dicks, nothing more. The criminals are the ones orchestrating the DDoS.
So no, it's not "VERY MUCH illegal," no matter how much you want it to be, the law states otherwise. Sorry to burst your bubble.
Your UID being lower than mine also means nothing. Small slahsdot UID's have appeared on ebay in the past. How am I to be sure you haven't purchased it?
Because you can read back through my post history and see that my posting style has remained pretty much the same since the beginning. Duh.
This is the end of the conversation. You are worth no more of my time.
Ahh yes, the tired old response to someone who's been pwned. GG sir! Plzdrivethru thx.
Get help.
I'm not a Troll, it's reverse psychology.
Tim?
Rage Disorder? Ahh... you meant to say "I am incapable of coherent thought and thus can not come up with anything suitably witty to retort with."
I understand, sir. It's ok... there's always the Special Olympics for you!
I'm not a Troll, it's reverse psychology.
You've provided me with all the help I need... knowing that there are people out there more stupid than a boiled banana warms my heart.
At least I know that no matter what happens to me in life, even if I become a vegetable in a hospital bed, drooling all over myself and unable to comprehend even basic shapes... you'll still be out there, making me look like Stephen Hawking when compared to you.
I can now rest, knowing that there will always be a bigger idiot out there, somehwere, on the internet.
Thank you for that, sir. Thank you for that!
462 First Avenue
New York, New York 10016
(212) 562-1000
Get help - n00b.
I'm not a Troll, it's reverse psychology.