Slashdot Mirror
Spam Flood Unabated After Bust
AcidAUS writes "Last week's bust of the largest spam operation in the world has had no measurable impact on global spam volumes. The spam gang, known by authorities and security experts as HerbalKing, was responsible for one-third of all spam, the non-profit antispam research group Spamhaus said." The article speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat.
speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat
If they sent the keys to that botnet via email. If it got eaten up by the other ends spam filters, that would be irony indeed.
Moved to http://soylentnews.org/. You are invited to join us too!
"The article speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat."
Whatever. I've seen way too many scifi films to believe that. Obviously, skynet is now self-aware.
I for one... (etc.)
Since they did that bust in that other endless, fruitless war.
They anticipated they might someday be busted.
They could have designed the botnet with a dead man's switch... if they were busted, start feeding their partners' spam at double vigor, and have the bots create as much noise and general chaos as possible.
My inbox now seems to be filling up with lobster thermidor aux crevettes instead.
"I bless every day that I continue to live, for every day is pure profit."
Consider the economic benefits of spam! MessageLabs reports that Egham, Surrey, on the suburban outskirts of London, is the town that receives the most spam in Britain.
"It's not like there's much else to do," says Boris Busybody, 77 (IQ), of Egham Hythe, idly whirling his four-foot penis around his head in a desultory fashion. "Expanding your manhood, growing your breasts, increasing your sperm ... the Lib Dem phone calls get a bit much. That's Doctor Busybody, by the way. My Ph.D arrived last week."
Spam has revitalised the local economy. Busybody has given up cab driving and is now working a lucrative job processing payments from home after he sent them his bank details in response to an urgent security message. "I had that King Otumfuo Opoku Ware II in the back of my cab once. Very generous and helpful fellow."
The Egham Tourist Board has seized the day, with plans for a 50 foot tall penis sculpture at Junction 13 of the M25 on the exit ramp to the town. The sculpture will be encircled by a genuine imitation Rolex and spray a fountain of Spermamax, obtained at a very reasonable rate from a Canadian pharmacy. "You will search an hour for your underwear in the ocean of our spam!" is to become the new town motto.
"I did get a good one the other day," says Busybody. "Barrister Matthew Sergeant Busybody of MessageLabs said we could promote our town to millions of people just by sending them an advance fee to process our incoming email. The stuff they try! â(TM)Scuse me, V!k@grk@ kicking in, got to go have sex again. Sorry."
http://rocknerd.co.uk
Exactly when the original story broke, I went from about two hundred spams a day to over a thousand, almost all of which were new topics, and it hasn't let up since. So the keys may have been passed on to several parties who are making more extensive use of the botnet than the HerbalKing group did.
I wonder how many it will take before Yahoo finally decides to start blacklisting spam hosts rather than sticking to the woefully inadequate filters.
-- Insert witty one-liner here. --
"...the automated, 35,000-strong botnet..."
Doesn't mean that the 'machines' will stop doing what they have been 'told' to do.
FCOL, 99% of the spam is rejected because of bad addresses, rules, and so forth.
It's just possible that these bots will continue to spam until they are physically shutoff by their owners.
Sig this!
Now, personally I run Linux, so for right now, I don't have to worry. Of course, if Linux ever gets popular enough to put a real bite in Microsoft's monopoly that will change, but it's not vulnerable in the same way. Not only is it (more) secure by design, the firewall goes up before, not after the network interface, so there's no time that it's exposed to the network without protection.
Like it or not, most of the world's private computers are going to be running one form or another of Windows for the foreseeable future, and unless and until Redmond sets things so that there's a built-in firewall up and running while the box is still isolated, MS boxen are going to get pw0ned, and Joe The Plumber won't know that there's anything wrong except that his computer isn't as fast as it used to be, but he's accustomed to that by now anyway, and won't realize that it's a problem.
Good, inexpensive web hosting
Your post advocates a
( ) technical (X) legislative ( ) market-based (X) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(X) Anyone could anonymously destroy anyone else's life
Specifically, your plan fails to account for
(X) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
(X) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
(X) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
(X) We should be able to talk about Viagra without being murdered
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
Might I suggest doing business with spammers a crime instead?
When you arrest certain people, it doesn't remove the profitability of the activity, it doesn't remove the tools or knowledge used to perpetrate the activity, and it doesn't remove the infected computers already carrying out payloads. Maybe for a few who are deeply involved individuals with a lot to risk, they will reconsider what they're involved in, but there must be a large population who still consider it profitable and worth the risk.
Twinstiq, game news
Scary, isn't it?
Your post dosen't scare me as much as it's insightful mod does.
I'm thinking something more direct... an anonymous-looking execution of a hooded spammer won't get quite as much attention and effect as, say, the severed heads of spammers jammed onto a pike and set in front of a datacenter.
That, or we could show some mercy and at the same time have a living, breathing object lesson by castrating viagra spammers, etc...
Quo usque tandem abutere, Nimbus, patientia nostra?
"Make big time spamming a hanging offense. That will stop it fast."
Just make sure you get the executioners ragingly intoxicated before they do the deed. I would hate for a spammer, of all people, to be remembered as being particularly well hung.
We need Arnold to get to the choppa!!!!
The dangers of knowledge trigger emotional distress in human beings.
But you can't stop all of us; after all, we're all alike.
Support my political activism on Patreon.
That Spamhaus doesn't know what they are talking about with the numbers they spewed.
Just goes to show, you can pull numbers out of your ass, and it all depends on who WANTS to believe them.
Spamhaus, MPAA, RIAA, et al, they all incredibly inflate numbers to their own benefit.
Guess the Spam Kings wheren't as big as they where reported, huh?
Would be nice to see something legally happen to them, as well. Seriously, if one pulls a number out of their ass, no matter what side of the fence they are on, they should be held accountable for lying at the least (publicly shunned on their "stats" in the future), libel, to out and out fraud.
This is the kind of things that pisses me off. Statistics are supposed to be credible, not a number you pull out of our ass to make your side look better.
--Toll_Free
The way draconian sentences have stopped drug dealing?
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
gmail. nuff said.
While (mostly) joking, we should simply say that we're going to treat spammers as some of the most vile people in society and punish them accordingly. No 3-5 years in jail or a fine. You spam, you go to jail for life. If somehow you get out and do it (again), then second offense is a capital punishment. Either that, or treat them as 'terrorists' against the Interwebs, and allow police/military to shoot them on sight as combatants.
Yes, I am mostly joking, but we need to let these people know that having any involvement in spam will have the most dire of conseqences. I'm more effected daily by spammers than terrorists.
Tibbon
tibbon.com
.. I thought it was because this spam ring was too big to fail and the congress bailed it out
Dear F-Secure,
Please note the implications of this story, then promptly stick your request for Internetpol up your collective asses.
Thank you
The Internet
Support NYCountryLawyer RIAA vs People
You missed:
Specifically, your plan fails to account for
(X) Open relays in foreign countries
(X) Joe jobs and/or identity theft
and the following philosophical objections may also apply:
(X) Feel-good measures do nothing to solve the problem
Cum with me if you want to live
Buh-bye karma!
Like every thing else that gets a death penalty, it'll only stop the same people from repeating the crime, once they're caught.
It won't stop new spammers from popping up before the first one's body is even cold.
---
"I can't complain, but sometimes still do..." Joe Walsh
It doesn't feel pity or remorse, and it will absolutely will not stop, ever...until our disks are full.
No sig today...
Maybe most of my spam originated on their bot net. My dSPAM fourteen day analysis shows my incoming spam rate has dropped to less than half the level of a week ago.
Note, I'm not complaining.
Cheers,
Dave
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
I wonder if some sort of Internet business license might be a way to do this. The fee would need to be something fairly nominal and just enough to fund the process. The idea would be to implement something such that payment processors would not be allowed to and/or would be under no obligation to complete transactions for anyone without said business license. If someone wants to conduct business outside of this scheme using cash, checks, etc., they do so at their own risk. A little publicity and honest merchants showing that they have said license should be sufficient to make the scheme known.
A few more details... Licenses get revoked for proved spamming. Licenses are tied to an originating domain with a DNS tie in to allow mismatches between license number and originator to be filtered. Trying to sell something using e-mail but without including the Internet business license becomes illegal and ISPs are free to trash such e-mails.
Obviously, this only would affect spam that is attempting to sell something. 419 scams, various phishing scams, etc. would still be a problem. The idea is that legitimate commercial e-mail becomes non-anonymous which doesn't hurt legitimate vendors or non-commercial e-mail. People attempting to sell stuff using spam become "visible" and subject to countermeasures.
Cheers,
Dave
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
If they sent the keys to that botnet via email.
That is an interesting idea, but what would be the incentive for spammers to cooperate?
I suspect it is more likely that the systems in their botnet - of which many are compromised windows PCs - were re-compromised by someone else's worm and is now doing someone else's botnet work.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
They could have designed the botnet with a dead man's switch
Isn't it more likely that the PCs in their botnet were just swiftly taken over by somebody else's worm and are now pumping out spam on a different botnet?
Sure, there may be no incentive for spammers to cooperate with each other (and each others' botnets) but why would they want to poison the well?
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
...that's not got much spam in it.
It must have been something you assimilated. . . .
If anyone is surprised by this news, they need to think about what they think they know about spam.
Sure not many people like to see the unsolicited ads for herbal viagra and pirated copies of photoshop. But why do the spammers send them out in the first place? It isn't because they hate us, and it isn't just because they can send out billions of them at next-to-no cost to themselves.
They send them out because they make money doing it. Which means that someone, somewhere, is paying for spam as a service. Which means that even if 100 spammers were instantaneously taken offline and thrown into pound-me-in-the-ass prison, 100 new spammers would emerge to fill there places and likely send out even more spam.
If we want to stop spam, we need to remove the economic incentive. And throwing spammers in jail does not accomplish that. So naturally the spam epidemic was largely unchanged by these arrests.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
If HerbalKing was able to pass on the keys to the botnet, then shouldn't that be documented somewhere? Can anything be done with the list of botnets?
The way draconian sentences have stopped drug dealing?
Something like that. You cannot legislate away trade in something that people want to buy and other people are willing to sell.
Email spam is profitable due to the economics of the situation, it used to be nearly free to send out spam, now with botnets it's much, much worse than that.
Consider it from another angle. How much electricity world wide is consumed by the generation of spam and the receipt and deletion of spam? What's the carbon footprint of all this mostly useless activity? Save the Planet! Stop Spamming Now!
I wonder if some sort of Internet business license might be a way to do this. The fee would need to be something fairly nominal and just enough to fund the process. The idea would be to implement something such that payment processors would not be allowed to and/or would be under no obligation to complete transactions for anyone without said business license. If someone wants to conduct business outside of this scheme using cash, checks, etc., they do so at their own risk. A little publicity and honest merchants showing that they have said license should be sufficient to make the scheme known.
A few more details... Licenses get revoked for proved spamming. Licenses are tied to an originating domain with a DNS tie in to allow mismatches between license number and originator to be filtered. Trying to sell something using e-mail but without including the Internet business license becomes illegal and ISPs are free to trash such e-mails.
Obviously, this only would affect spam that is attempting to sell something. 419 scams, various phishing scams, etc. would still be a problem. The idea is that legitimate commercial e-mail becomes non-anonymous which doesn't hurt legitimate vendors or non-commercial e-mail. People attempting to sell stuff using spam become "visible" and subject to countermeasures.
Cheers, Dave
This might not be a bad idea except for the idea that government would probably have to handle the licensing, and if it turns out anything like licensing has turned out for automobiles, then they won't give a damn how incompetent the licensed people are so long as fees and fines related to licensing and any violations provide a steady revenue source. Other than this one drawback, your idea is sound IMHO.
I had another idea that would help, either separately or perhaps in conjunction with yours. One is that the law should be changed to make it perfectly legal to construct a virus/worm that exploits already-patched vulnerabilities, infects a machine, resides on that machine for a couple of weeks to spread itself, and then promptly formats all writable media on that machine (preferably a secure wipe and not just a regular format). This would put a huge dent on the amount of spam because almost all of the spam is coming from compromised machines that are members of various botnets. Let it be understood that your right to use the network ends the moment you make that network a worse place for anyone else, either deliberately or through incompetence. If the owner of the machine refuses to either secure it (due digilience, the real "big scary" for most people, or so you would think from their actions) or take it offline, then it will be taken offline for them. Spammers understand that a good virus/worm/etc does not kill its host; therefore making sure that there is a virus/worm that does "kill" its host computer would not only impede spammers but would also provide incentive to users to care about security.
Incompetence and stupidity (that is, incompetence that any literate adult could rememdy except that they choose not to) is the root cause of spam. So long as there are millions of incompetent and stupid users who don't think that informing themselves is important, there will be spammers to take advantage of them. The way I see it, any other solution amounts to escalating an arms race.
For some reason, computers are just about the only field where people honestly seem to think that they can use what they do not remotely understand and achieve a good result. That they get a good result as often as they do is something of a miracle and is never appreciated as such. A strong incentive to learn that not only is understanding important, but that you do not (nearly) need to be an expert to become a much harder target can only be a good thing. I really believe that at some point it's going to come to that anyway bec
It is a miracle that curiosity survives formal education. - Einstein
Of course in the same sentence in which I mention literate adults, I make a typo on the word "remedy". Yay!
It is a miracle that curiosity survives formal education. - Einstein
Let's see:
1) intelligent by virtue of conglomeration of simple parts
2) made of the same stuff as us
3) capable of consuming us to build more of itself
4) reproduces up to the limits of the available resources.
We have a huge advantage over any newcomers, though, by virtue of our having already sussed out some passable specialty organs, which do wonders for our efficiency.
Can you be Even More Awesome?!
Seriously, they shut down a spam king with a 35,000 computer botnet, and expected the spam to take a nose-dive? That's not gonna happen.
First of all, has the botnet been shut down? Does the botnet still have jobs/mail to send out? Is it self-propagating, so even if you shut down part of it, it can keep growing?
Seriously, I just don't think this would even put a dent in the amount of spam sent daily.
Perhaps if we made heavy spamming an offense worthy of the death penalty, then it would most likely stop. But today, with 99.9% (pulled this statistic out of my ass) chance of not getting caught, spam will continue to be a thriving business.
Proudly posting without RTFA.
Did you come up with this on your own or did you find it somewhere? I think it's:
(X) Funny (X) Unfortunately true
Correctness matters. Mercy matters more.
You should have flushed that joke before it ever saw the light of...
Oh, wait, this is Slashdot...
NOTHING ever sees the light of DAY around here.
=)P
I doubt it. In old England it was a hanging offense to pickpocket. So what happened? In the crowd gathered to see the hanging of a pickpocket, pickpockets were plying their trade!
Excellent idea, that is, until it's your grandma or grandpa being hauled off to jail after being duped by a spammer.
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
...force them to take an "I am no longer an idiot." internet class..."
There are natural herbal remedies that allow you to skip the class. Give me your email address and I'll send you some info.
Nuclear engineers build weapons. Civil engineers build targets.
This is certainly false, at least in the United States. Do you have a credible reference?
It may be that the average judgement in a wrongful death civil case might be in the mid six figues, but that is a very different thing than a legal precedent which says "one life = $X". There are cases where $x is tens of millions, and others where $x is near zero. It depends on the merits of the case, the skill of the lawyers involved, and the mood of the jury and judge. Which is as it should be.
How come we never go after the companies who make money off of spam? The spammers are just the middle men sending advertisements out for clients no? They don't stock viagra .. ? do they? maybe that's how they pass along the great deals
*DrugCheese rants*
The problem, me thinks, it's not really the sentences, but who and when they are applied. That's called judiciary guarantee. Meaning that, it doesn't matter what the punishment is, it's not gonna be of any use if there's no one to apply it reliably. I'm used to it down here in Mexico, where we have a 70 year sentence for kidnappers...and guess how many of them actually serve that much time?
There are so many legal loopholes, corruption, etc, that there's no point in making harsher punishments if none of them are ever applied.
I'm guessing in the US, although corruption is different that here, must be suffering from the same phenomenon. What good is it to hang every spammer, if they have lots of money to buy their freedom, or to buy out super lawyers that can get you out on a technicality?
Slashdot. Unreadable news to annoy nerds. - wonkey_monkey
I'm not completely against the idea but I've always been stumped with how to implement it technically. ie. How do you do this without either:
ISPs could probably help by collecting and making payments on behalf of their subscribers, but it still increases the barriers of entry to email for people who have legitimate uses.
You need micropayments and particularly the Chaumian patents on Sender/Receiver anonymous payment methods. David Chaum's patents went into a kind of limbo when Digicash went bankrupt in the late 1990s.
I was a Digicash beta tester and it was a most fascinating system.
(Update: I googled Digicash and it appears they have come back to life. I will investigate this further and I pray to the Lord and Lady pair that it is not like the resurrection of SCO as Caldera)
Same here (N Europe), I spent yesterday checking my mail server because I had not received any spam for 5 days. Usually, one or 2 will get through the filters but it had been quiet since before the weekend. NO SPAM at all is even arriving at my server. I am reluctant to attribute it to the bust, but I have nothing else to offer that will account for it.
Have a look at soylentnews.org for a different view
It is not only e-mail spam. I, for instance, stopped answering mobile phone calls, if a caller is not in my address book, or if he/she did not sent first an SMS explaining the reason of the intended telephone conversation.
I avoid meetings without first knowing exactly the reason behind, because sometimes people just try to sell me an idea or a product, which does not interest me at all.
A waste of time on spam is enormous. It is not only the wasted working time on deleting, setting spam filters, lost messages, etc. It is above all the broken work flow. And it's for everyone in the world.
The loss of productivity due to spam is about 30 - 40% by my calculations.
At least now they try to do something. There is a difference between a freedom of speech and sending out billions of commercial messages about body parts enlargement products. And this difference is not subtle, so that it cannot be distinguished by law.
Spam should be treated for what it is: stealing, stealing the working time from companies, from individuals. And should be punished accordingly. Life in prison should be an appropriate punishment for e-mail and phone spam kings, as the damage to the world economy is in trillions.
Our life is digitized and computerized more and more. And it is only the beginning. Networks of computerized devices will be playing all the more significant part.
The laws protecting this digital infrastructure should be changed. Individuals who spam, who distribute malware, viruses, etc. should be locked up for many years. The recidivists should be locked up for good.
Anti virus software, secure OS, etc. are not the answer. It is like a bulletproof vest and a helmet. They are useful things in a dangerous area, but they are not a security panacea. Or it's like a reinforced entrance door. Such a door still can be broken with a sledgehammer in minutes. It is not the door it is the law which protects.
The door just shows the border, after which the moral and written laws begin to function. We should as a global society change our mind set, and look at spam and malware distribution not as at pranks, but as an brutal and effective attack on our infrastructure, on our way of life.
And there should be an appropriate answer.
Maybe the reason the spam flow didnt flinch was because the "large spam ring" wasnt that large after all?
The only way to get at spam is to target the ones using it for sales. Track who it is that pays for spam and drag them to court.
HTTP/1.1 400
None that I can pull up. Typically, a death, to a corporate defendant, costs less than a significant but not life threatening injury. I recall something from a decade ago or so about the cost of a death, on average, being somewhere between $100k and $200k in general litigation. Larger numbers of deaths tend to be purchased by corporations "in bulk" and receive a discount.
My GP post was, indeed, hyperbole, but I am somewhat concerned that if they really did catch the perpertator of 1/3 of the worlds spam, and that he may have turned over that network to someone else, then "advanced interrogation techniques," if not torture by name, would be in the realm of consideration. If it were several hundred children held hostage, would it be reasonable?
Besides, I'd be okay if the torture were simply to make him read and respond to spam emails. One email with a single line of "please remove me from your mailing list," hand typed, for each spam he has ever sent should be sufficient. Naturally, we'd be humane and offer 20 minute breaks every 4 hours for meals, and 7 hours for sleep each night.
Is it just my observation, or are there way too many stupid people in the world?
Actually if hung for about 3 weeks, and then marinaded in white wine, salt, garlic and tabasco sauce, spammers can make a tasty dish. But then wine and garlic can improve many meat dishes. The tabasco adds taste lacking in the primary ingredient.
--
E
The naive (but sometimes well-meaning) fools who continue to persist in their delusional belief that legislative or executive action will have any meaningful impact on spam always seem surprised that their latest "triumph" is nothing of the kind. These well-publicized busts are all about positive PR for the entity making them, and career advancement for the politicians who trumpet them. They have nothing to do with actually stopping spammers, so it's no surprise that spammers merely laugh at these feeble charades and carry right on doing what they've always done.
Might not have anything to do with that bust, or the FBI sting operation that recently closed down ...
But over the past several weeks I've noticed a HUGE drop in my personal spam (down from 85 a day to 1 or 2). Same account, same name, same everything. No filters at the mail host (it's ours), no filters at the ISP (those useless cowardly lazy pukes). It just ... quit.
Which is a pity really, because sending off the spam to Spamcop was a daily routine from which I got great pleasure.
Sigh ...
Riiight... this is similar to the Prohibition (alcohol) and the steep punishments for drugs. Except instead of lessening the problem, it will simply lessen the number of people sending the stuff.
Since there will eventually be fewer willing to send SPAM, those willing to tempt fate will get paid many times more than previously, and will employ even more technology to make tracing them to their real location even more infeasible. Instead of allowing mail to be sent from their own mail servers, it will be based purely off botnets--meaning the price of botnets will skyrocket. In turn, this means the price of black market exploits will also skyrocket... this will increase the number of infected PC's on the Internet.
Now "small" botnets will number in the hundreds of thousands. Most Windows PCs will have been exploited, with each system potentially in multiple nets. More people will bitch that their systems are slow.
Here's where the geeks step in. "Hey, it'll run way faster if you just put Linux on there. Then you don't have to worry about being a part of their botnet."
Thus ushers in the year of Linux on the desktop. Let's do it.
Sanity is like a condom: rather have it and not need it, than need it and not have it.
Someone let me know if this has any relevant logic.
The motivation to spam is money.The spam consists of advertisments from sponsors.Sponsors pay spammers to spam.Bust the sponsors and fine them to the point of collapse.Spam disappears.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
Maybe make a spammer eat a whole case of his Canadian Xanex?
I'm using all of my mod points to mod ancient memes down. Please join me.
Because the first time... the VERY FIRST TIME... someone is charged with doing business with a spammer, the media will turn that person into an innocent victim who's being railroaded by an overzealous legal system. There is absolutely no way in this universe that attacking those who patronize spammers will do anything but unleash a cavalcade of tearful support for the "victims." It happens all the time in the Nigerian scams... despite having thrown $200,000 down the toilet out of pure stupidity and greed, the gullible morons are still presented as being kind, typical people who are taken for a ride by an evil scammer, and the conclusion tends to be... it could happen to anyone. Anyone with an IQ of about 75, that is.
Punishing the "victims" will absolutely not work in this world where personal accountability is head-first down a well.
-
Inventor of the term 'pardon my French'.
That won't work. Look up "botnet" and see if you can figure out why.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Dupe. And no, it wasn't funny the first time either.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I feel that many of the conclusions this article comes to are erroneous.
One must remember at all times that spammers do not organize into "gangs." They are individuals, and they are only looking out for themselves as an individual.
When SanCash was shut down and had their assets frozen, the mailers were possibly the last to know. SanCash is believed to have had anywhere from several dozen to several hundred affiliate mailers, all invitation only. They were spamming just as much volume as usual the day of the shutdown. Spam messages arrived featuring URLs which were usually for domains which had already been shut down (SanCash provided the URLs to the individual mailers to keep track of who generated distinct sales. This is common for most spam sponsor operations.
Not every spammer in the SanCash program used the same botnet. Most people assume that all spammers use the exact same techniques or tools. They do not.
A day later, all the spam that used to be for Canadian Pharmacy, Direct Pharmacy or Worldwide Wholesale Pharmacy (all SanCash properties prior to the shutdown) immediately swung to domains for Canadian Pharmacy, a website property promoted on behalf of Glavmed and Spamit. The copy and overall template of the messages remained identical to ones sent in the previous month promoting Canadian Healthcare, Direct Pharmacy and Worldwide Wholesale Pharmacy, only now they all pointed to one or another Canadian Pharmacy domain. Any spam which used to be sent promoting King Replica, Prestige Replica, or Diamond Replica are now exclusively promoting domains redirecting to websites for Swiss Watches Direct. (Sponsor as yet unknown.)
These same individual mailers never stopped mailing, they just switched their efforts from promoting anything from SanCash to sites sponsored by other competing sponsors. Several people have noticed that spam volume is in fact generally higher than pre-SanCash-shutdown, indicating that the mailers may have taken a financial hit in the shutdown (they probably still had commissions for sales for which they were owed money from SanCash which they will no longer be able to recover.)
Nobody "handed over" a botnet to anyone. Whichever botnet they were already using they continue to use, only to promote a different set of properties. SanCash was only one of several spam-friendly sponsors. It's still a good thing that they've been taken out of the picture. It only means that the mailers (spammers) who do the sending on their behalf have now moved on to other sponsors instead.
My hope (and that of many spam investigators) is that law enforcement will now also focus their attention on Spamit / Glavmed, who have ties to the storm worm, the kraken botnet, numerous public website hijacks used to promote either storm worm or Canadian Pharmacy, and numerous other rampant abuses of public web services and domains. Spamit / Glavmed are also alleged to be closely linked to the Russian Business Network (RBN.) They continue to brashly hijack any website they come across and immediately use it in very large spam campaigns promoting these properties and have done so since at least 2006. There are also of course ties to Russian organized crime, and there were hints within the past year or so that the RBN has links to either Russian or Ukranian government officials.
Of course the volume of spam never went down. It's just the content of the spam, and the properties being promoted, which have changed.
Do not purchase from websites promoted via spam. Please. Inform your friends and relatives.
SiL / IKS / concerned citizen
-- SiL / IKS / concerned citizen
I have got an idea on how to fight a spam. It is often difficult to prove in court that an individual controls a bot-net of thousand computers. Because to lock up a person for years one needs strong evidence, or because of absence of laws in a particular country.
The FBI or the likes could create an international task force. When they track down the culprit and are sure that he/she does harm by sending spam and spreading malware around the globe, but when for some reason there is no way to prosecute him/her due to, say, local laws of the country. What if a special agent just enters the apartment or house clandestinely, when the spam king is absent, and spray a special liquid in his/her computers. It could be just a salted water, or something more sophisticated could be developed.
A spam king still must own the computers to control bot-nets. He could be knocked off the business for weeks, trying first in vain to repair the hardware, then to buy and set up new.
If an agent does not forget to emerge in a salted water his back-up HDs and flash-sticks, he may even lose control of bot-net irrevocably.
This special agent could spray different liquids in different spammer's computers. So that they go offline not simultaneously but one by one. This could be possible if a layer of dried spray gains ability to work via the electrical isolation and become conductive gradually. It seems to be possible from chemistry point of view.
What we have now is that a mentally unstable spammer & malware king sends trillions of messages from some exotic corner of the Earth and nobody can do anything. But if they can fire a guided missile into a suspected terrorist house, why not to send a trained agent to knock off computers which cause a harm to the world economy in billions?
Nah. There are many premade lists like that, I only made some slight alterations and filled it in.