Slashdot Mirror
BlackFrog to Take up BlueFrog's Flag
Runefox writes "ZDNet UK has a story about a new SPAM defense mechanism called BlackFrog, a response to the demise of Blue Security's BlueFrog. According to the article, the new service is based on a P2P network of clients, called the 'Frognet', which allows the opt-out service to continue functioning even after a server has gone down, making a DDoS attack like that which crippled BlueFrog ineffective against the new service."
Link to the project website.
How long until some hacker poisons the peer system into spamming a legitimate site?
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
Just as a correction folks, it's not called "Black Frog" this is a mix up. There was two projects. Black Frog and Okopipi aiming for the same goal. Black Frog stopped and the people joined Okopipi.
BlueFrog was open sourced and under the mozilla license, and yes they have the source code.
I can imagine the slew of whiners who will complain about such a vigilante approach to this problem.
Well, remember Firefox, "We're taking back the web"? That's exactly what we're doing here. It's the only strategy that's going to work. Bitching and moaning won't get you a clean mailbox. Taking spammers down will.
If you disagree with fighting fire with fire, I suggest you also criticize any and all law enforcement activities. They're simply state-sponsored vigilantes.
Global warming is a cube.
Ok folks, let get a few things straight.
Blue Frog was NOT effective not as a denial of service attack or distributed denial of service attack. It was never meant or designed to be. The Russian spammer said it himself - they never brought down our servers, they only served as "a daily nuisance". The nuisance was this: for every spam that the spammer sent to the some 500,000 Blue Frog members, an automated script (bot) visited the website advertised and filled out the form for snakeoil, home refinancing -- whatever was being hawked. But instead of filling it in with valid input from someone interested in what the website was hawking, it filled it in with a legitimate plea from a single person to Opt-out of being spammed further. With me so far?
The spammer -- or worse, the spammer's client -- in turn, goes to check on their database of people or leads to which they can hawk their snakeoil and generic viagra and low and behold, instead of being filled with legitimate contacts of people they can do business with -- it's filled with hundreds upon thousands of opt-out requests.
Undoubtedly there are real requests from potential business contacts in there. But first they have to filter out all the opt-out requests that Blue Frog has submitted.
Sound familiar? It sure does. It's what we've been putting up with for years. We open our Inbox and instead of seeing email from friends and business associates, we first have to sift through and filter a few gazillion pieces of spam -- each with "Hi How are you?" and "Important Account Information" fake titles. Only then can we get down to the email that's actually sent to us. It's a nuisance.
Blue Frog forced spammers to deal with the SAME NUISANCE they cause us. And the spammers didn't care for it too much. They don't care about opt-out requests, the Internet, what people think of them, possible prosecution --- all they care about is making money and they're making it by the truckload. The fact that Blue Frog actually bothered them enough to use their botnets to attack is VERY encouraging. It means we've found a way to kick them in the ass and make it hurt.
Please don't compare Blue Frog or Black Frog to a DDOS or DOS. As the Russian Spammer demonstrated with his attack, what little network disturbance Blue or Black Frog causes for the spammer or spammer client server pales in comparison to a real attack. Mainly because it isn't meant to be an attack in the first place.
If Black Frog ends up with 1,000,000 subscribers, then lets talk DDOS.
More like Autobots vs Decepticons, but in the end it's the same thing. The "good" forces won't be a botnet per se, but a loosely aligned group of people doing the same thing, taking on a group with coordinated resources capable of wreaking terrible havok. It's vigilantism to be sure, but until the government of the world actually get their heads out of their butts and come up with a unified and mutually beneficial set of laws to deal with spammers wherever they live, this is the only tool anyone has to even try and slow the spammers down.
GetOuttaMySpace - The Anti-Social Network
Okopipi is a poisonous blue frog. Quite appropriate I think.
As to the fact that it isn't "marketable", who cares. Would anyone have thought google was marketable before they started? If the product is good enough, the market doesn't care about the name.
We're (yes, I'm part of the team - hello slashdot!) currently discussing using the main servers thru various proxys to anonymize the IP address. On a DDOS attack, the servers would just disconnect and then reconnect to another proxy and voila.
Also, the servers are the ones with the Central PGP authority. The network can still operate without servers, they're just needed for login (for now).
Disclaimer: This is my personal opinion and does not reflect the viewpoints of other members of the Okopipi project.
--
Sheesh people! I hate to have to respond to 1,000 comments made by kneejerks who don't even RTFA, saying how terrible it's to DDOS and how the system could be abused.
Do you think we're idiots to let something like this happen?
1. The "attacks" on websites will be moderated. We want to make sure that the force is non-lethal to websites. We haven't discussed the implementations, but the decision has been taken: We will use throttling to PREVENT denial-of-service attacks.
2. The P2P network does *NOT* control the clients, it'll only distribute opt-out scripts for websites. Also, the customer can log out ANY TIME they want. So, NO, it's NOT a botnet.
3. Spammers Don't need P2P networks to initiate an attack. They already have their effective botnets in infected WinXP machines.
4. There will be a reputation system AND a hierarchy system (so not everyone can mod someone down), people will have to earn their trust to classify scripts, those who report wrong sites will be modded down, and the usernames and reputations are permanent. The hierarchy system we're studying requires at least two people acting as an individual before taking any action, to prevent infiltrations.
5. We're already considering infiltration of spammers in our model, we're researching papers written by experts in graph theory and computer science for this. A spammer could at most try to disable the network, but with the currently planned infrastructure, i doubt they can do it.
6. We haven't started to code. We're still discussing (and will continue to discuss) the possible consequences, abuses, attacks and how to prevent them or at least minimize them. We cannot afford to have ANY point of failure.
7. If any wants to cooperate, the google group is open to ideas.
8. And I repeat: we will *NOT* DDOS websites. It's a decision the commitee has taken, and it's a final decision. There have been people who have proposed to DDOS the spammers to death, and we're already shutting them up.
Due to TradeMark conflict, I have closed the Black Frog project. Actually the project was just a nameholder, since Okopipi was a separate project which I joined later.
So the official name of the P2P antispam software is now "Okopipi". Please stop naming it "Black Frog" or we could get sued for Trademark Infringement.
Thank you.
(More info on my journal)