Slashdot Mirror
Spam War Takes Out Blog Services
munchola writes "Following on from the story about spammers attacking Blue Security's anti-spam system, CBR is reporting that Six Apart, which runs the popular LiveJournal and TypePad blogging services, has become a collateral victim. Six Apart told its millions of bloggers it had experienced 'intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com', before resolving the issue in the early hours of Wednesday. '[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack."
Swamping a spammer is not a good idea, because he can either redirect the attacks to an innocent third party, or simply pointless because they use stolen ressources, like trojaned computers that host illegal sites.
The best way to eradicate spammers would simply be to go after their clients.
fta:
The spammer also launched a conventional bandwidth-consumption DDoS attack against bluesecurity.com. It was around this time that the company opened its new blog, which meant TypePad got whacked.
This blue security article has been running for a few days now and the site hasn't been responding any time I've tried recently.
Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?
A total slashdotting/digging/farking and general newsing all at once.
It was the same when word spread about google going down.
"OMG have you heard, google is dead?"
*CLICK* "Yer, its not working here either" *CLICK* *CLICK* *CLICK*
*CLICK* "Hey, its loaded here." *CLICK* "Oh crap, its broken again now.."
We are all guilty of assisting this DDOS attack. shame on us.
It will ease up once something else comes and takes our attention away from it.
liqbase
I don't think spam will stop, or even slow down, until a spammer is seriously hurt or killed. Right now, they know there is no consequence to their actions. I'm not saying I personally advocate killing spammers, but it certainly wouldn't make me feel bad to hear about it being done. Spamming would be a lot riskier if there were an element of harm attached for the spammer.
Taking out spammers and bloggers?
I can't see any down side to this, honestly.
He tried to kill me with a forklift!
Ah, it's so nice to be self-hosted. Back when I was on Blogger.com, myself and many other users who received links from Slashdot stories or news sites became the target of a spammer who's sole purpose was to screw up the service for everyone. He had a script that would bomb a blog with hundreds of racist messages, overloading the system in the process. (Sorry, blogger.com's software isn't that good.) I was forced to disable the comments, delete the entry, and recreate it. Thankfully, there were only a few anonymous comments on the current entry which were easy to recreate.
While Blogger eventually added a captcha to solve the problem (after being non-responsive to support requests), it left a bad taste in my mouth. It was at that point that I decided to go self-hosted. I've never looked back. For the cost of a cheap hosting provider, you can setup a Wordpress installation that looks better, is more feature-rich, and automatically queues suspcious messages rather than allowing them to pass through. So while my site could be DDOSed if it was specifically targetted, it can't be overloaded with spam or used to take down other bloggers.
Javascript + Nintendo DSi = DSiCade
I think SixApart is being far too generous in not laying the blame for this fully at the feet of Blue Security. Basically Blue Security decided that their web site couldn't stand the DDOS, so they pointed the URL for their company to their blog.com blog. Thus DDOS'ing all of SixApart.
If I were SixApart, I'd sue the fuck out of Blue Security for deliberately DDOSing them.
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
But have they got any better suggestions. The federal government is a *Joke* about bringing any kind of justice down on this filth, and so the masses remained *outraged* and *victimized*. To me a (A computer tech) I see people's computers every day that have been turned into Zombies. Some so bad that they have to be reformated. They are bringing in their computers to me, and paying hard cash for me to fix it and prevent it from happening again. That's real money, real damages everyone is having to pay every day. I guess you could spin it in a positive light and say it's good for the tech industry, but not if people start becoming afraid to even get on the internet because of what might happen to their computer. This is theft, this is vandilism and the governements of the world are practically standing by and watching it happen.
So, do you have any better suggestions, if not then I kindly ask you to ommit your views until you can add something to the cause.
Go ahead and call me unreliable; reliable is just a synonym for predictable.
All blue frog does is requesting to be opted out. One form send per spam received. No more, no less.
4 of the 10 major spammers had already excluded the blue security list from their mass mailings, and their problem was solved. But this particular spammer, instead of complying, shut down Blue Security.
Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault. (It is our LEGAL RIGHT to request for opt-out, and to keep requesting it UNTIL IT IS FULFILLED).
To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.
I've devised a method to keep opting out while Blue Security's down. I posted it on my journal.
The next step is automating the process, perhaps making a new version of Blue Frog that doesn't rely on a centralized server. Do that, and we'll regain our mailboxes.
Also, the spam reports that are sent out are sent from a proxy type email address. My normal address wouldn't show up, but username@reports.bluesecurity.com is where it would come from.
Personally, I see nothing wrong with sending 1 unsubscribe request per piece of spam I get. BlueSecurity has just automated this method so I don't have to take the time, and they also handle escalation to the proper authorities if the situation isn't resolved.
If the spammer perceives getting 1 unsubscribe request per spam he sends a DDOS attack then I would think the best course of action would be not to send to those people. Heck, we are the ones who wouldn't buy anything from them anyway.
Also, based on what I have read in the blog itself (when it was still accessible) it was a user in the comments that suggested redirecting the site and error pages to the blog so users would at least have some clue what was going on. It's likely they took the advice without contemplating the potential outcome.
I am Homer of Borg. Resistance is Fut.. Mmmmmmmm, Donuts!
Agreed! I've got my pitchfork and torch right here... I dunno about you but I'm up for some mob rule and a lynching to take care of this mess.
Help Brendan pay off his student loans
I guess we'll just have to figure out Blue's clues.
(Because we're really smart)
Speaking as one of the people who helped start the last bluesecurity article, I think we've all had enough time to reflect and debate on the 'fight fire with fire' technique that blusecurity has enacted. What this new DDOS attack has brought to the table is something a little different. Before the attack, Bluesecurity would send an equal amount of opt out requests as spam. THIS DDOS attack on bluesecurity, which is clearly illegal, is the breaking point. I'm not sure WHAT going to break, (of than someones ISP) but it has shed light on spammers intentions. Spam artists have always relied on the fact that their activities arent spefically illegal. With this attack they have really crossed the line- This event could be the event that got some sort of anti spam- legislation rolling, (or it might have the opposite effect). Something should come out of this though, if only to be remembered the 'bluesecurity incident'. Personally I was pretty pissed having some jackass hold my gmail account for ransom, especially since bluesec. was so ridiculously effective. FYI, despite the threats, I have recieved no greater amount of spam than when I was first threatened on monday (sunday). I dont think their database was compromised despite what joe spammer tells us.
Wordpress is an excellent open source blogging tool. Couple that with Bad behavior and Spam Karma 2 and you've got yourself a near impenetrable blog to spam in your comments. The new version of Wordpress has tools to migrate from some popular blogging systems, so.. go check it out.
I make these: http://beatseqr.com
The spammer is in Russia. Let's hire the mafia nd take him out. Blue security has 500,000 members. If we all put in $1.00 each, we should manage to hire someone to take the spammer out. He won't be a problem after that, and he won't send any more spam.
Need an analogy to understand why SixApart should sue? It'd be like a corrupt police unit grabbing a school bus full of kids to use as human shields in the middle of a gun battle with a gang while the cops try to fall back and call for backup.
First, these idiots set up an "anti-spam" service whose response to abuse is...abuse.
Second, they use a fraudulent corporate name. (Use Google and search Usenet.)
Third, they locate themselves on a network also happens to house one of the scummiest spammers on the planet.
Fourth, they decide to redirect an incoming attack at an innocent third party.
The only surprising thing is how many morons have actually DEFENDED these idiots.
Recommendations:
1. Permanently blacklist their domain(s).
2. Firewall off their network.
"Of course, if SPAM had been declared illegal in the first place... we wouldn't have to deal with this mess."
You don't honestly believe that do you?!?!
Most spam (in the true sense of the word) IS ALREADY ILLEGAL in that it is fraud.
Spam doesn't operate in a vacuum. There is profit to the ISP hosting spam sites as well as the email accounts of known spammers. Add to that the security exploited machines and it makes email unusable.
To put it in the words of spamhaus.org:
"Although all networks claim to be anti-spam, some network executives factor revenue made from hosting known spam gangs into corporate policy decisions to continue to sell services to spam operations. Others simply decide that closing the holes in their end-user broadband systems that allow spammers access would be too costly to their bottom lines."
In short, if the ISPs were forced to be held accountable for what is on their network, THEN maybe they would take it seriously.
B.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
Ha! All of Tucows services, including the managed dns and email defense services were completely down most of yesterday. The managed DNS service is still impaired until the new IPs of ns1.mdnsservice.com and ns2.mdnsservice.com propagate (they just this morning changed the TTL to 1200 secs %-).
status.tucows.com
Managed DNS Service Degraded Performance - restore time is currently unknown Beginning at approximately noon Wednesday May 3rd the Tucows network was under a severe DDOS attack. To stop the attack, we have changed the IP addresses of the servers. If you are using IP addresses in order to connect to MDNS, you will have to update your records. Also, any nameserver with a long TTL should be updated in order to use the new info. Next Update Time:15:20 UTC, 04 May 2006",/i>
As always needs mentioned, Spam would not exist if it didn't have a market. The base problem is, as it has always been, that people respond to this.
People could stop clicking, but that is unlikely to happen. Especially in America, people are always looking for the easier path: be it cheaper medication, promises of enhanced "performance," tales of rapid weight loss while sitting on your couch, or the constant get-rich-quick scheme.
If people actually thought... yes, used higher brain functions... they may realize that it is virtually all just BS.
It could also be that the general masses don't realize that everytime they click on a link or reply to an email, someone is making money. And that is a problem with awareness of how the internet works. Most seem happy to just know that it works.
Why, a better implementation of "backbone CVS" of course!
Oolite: Elite-like game. For Mac, Linux and Windows
I'm really disappointed in this mysterious top 4 spammer. I've been a member of blue security for somewhere around 4 months and I haven't recieved a single threatening email from him/her/it. I mean come on. I must have forwarded thousands and thousands of pieces spam to blue securtiy and yet he hasn't tried to black mail me once. Whats wrong with me? Maybe I'm just not trying hard enough, I only have 3 email addresses registered with the frog. OK mysterious spammer you've made your point. Only the best anti spammers get your attention so I will redouble my efforts and add add 6 new addressess to the protected registry. That will learn you to ignore me.
Just pull the plug on the web server... or
redirct the domain name to 127.0.0.1(taking up to 24-48 hours to update) as one of the other posters posted...
Why I ask is because where I work we had a similar problem and sence I maintain our web server we had no choice but to unpluge the network cable. Waited 5 minutes and pluged it back in and vwala! no more DOS.
My best guess was that as soon as the DOS'er saw that our site was "down" they/it thought that there task was completed.
It is almost( but not quite the same) as if some one took a ethernet cable and created a loop on the same pair of switchs. (i.e. two switches are connected to each other. Then some random idiot looks at them and plugs in a spare cable in to both, creating a network loop.)
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation. Social exper
This is a 24/7 business. A serious online service vendor can't have company holidays. Least of all in the security business.
Don't be fucking pedantic. It's an analogy, buy a clue.
Redirecting a URL is not vandalism.
Does Bluesecurity have a linux or mac client yet? Spammer is an idiot. 1) he raises awareness of what bluesecurity does. 2) he makes it look like BS works -- why else would he waste resources he could be using to spam or extort people, it must be hurting him. Effectively, this is great for PR Bluesecurity -- how much would a worldwide advertising campaign have cost?
What changed under Obama? Nothing Good
Your analogy is also crap.
The best I've got is running a business out of your home that does tit for tat retaliation on organized crime businesses. They rough up one of your boys you rough up one of theirs. They get upset so they burn your house to teh ground. You escape and leave a note on the burnt out ashes that you'll be staying at the Middlebury Hotel in case your clients need to get a hold of you. The mobsters see the note and procede to burn the hotel to the ground as well.
I'm not a Troll, it's reverse psychology.
I know they have a linux client because I use it. I don't know about Mac, but I know that they provide source code to compile your own. It's not FOSS, but the source is there for compilation purposes.
I signed onto this about five days before the war began. I just hope they get it back up and running again soon. I think critical mass could be reached with all the publicity they've gotten.
Let's play video games with mailmanZERO
So which of you scumbags is responsible for this.