Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Eccentric Sven Olaf Kamphius To Blame For Spamhaus DDoS?

Posted by timothy on from the well-be-does-have-sort-of-a-guilty-look dept.

RougeFemme writes "Sven Olaf Kamphius, self-described 'Internet freedom fighter,' is reportedly at the center of the investigation into this week's alleged cyber-attack against Spamhaus, a group that fights Internet spam. Mr. Kamphius became incensed when Spamhaus blacklisted two companies that he runs, including Cyberbunker, a company that, earlier this week, claimed be under attack from Dutch swat teams. Though he initially solicited support for a DDoS against Spamhaus, he now disavows any direct role in the cyberattack, which threatened to slow some web traffic to a crawl."

21 of 133 comments (clear)

  1. s/iu/ui/ by OttoM · · Score: 2, Informative

    Yeah, I know, dutch double vowels are confusing...

  2. We blaclist him too... by Delgul · · Score: 5, Insightful

    I heard an interview with this guy on the dutch radio and he is obviously a moron. He managed to contradict himself three times in as many sentences and obviously has no idea about how SH works. His servers are on our blacklists too and with good reason...

    1. Re:We blaclist him too... by Zan+Zu+from+Eridu · · Score: 5, Interesting

      He's not a moron (in spite of his eyebrows), he just plays one. This guy earns a ton by providing services to well known spammers and other criminal organisations, but every time he makes the headlines and gets interviewed he either plays the naïve internet activist or the village idiot, depending on his public.

    2. Re:We blaclist him too... by Anonymous Coward · · Score: 4, Insightful

      The moment he's prosecuted, he'll become a hero around here.

      What is it with Slashdot's (and other geek sites) support for criminals when they are geeks? Much of the vocal community supported Reiser very strongly when he was accused of killing his wife, interpreting and analyzing 'evidence' making the 'solid' case he was obviously set up - until he capitulated and showed the police where he had buried her. Same with Assange. Suddenly everybody here are experts in Swedish law, and know with certainty what did and did not happen, based on their expert analysis of select tidbits of information through secondary sources. At first a lot of people here claimed (with 'evidence') the women didn't even exist, while they were being interviewed by local media. As a Scandinavian following the US geek discussion of that case was part scary part funny. Our Kim Dotcom 'hero' has a long history of criminal activity (not the alleged copyright infringement, but real criminal credit card fraud, theft of calling cards, stock fraud, embezzlement, insider trading). Regardless of whether Kamphuis is behind the DDoS attack or not, his company has been proven repeatedly to host spammers. And still I can see the pattern repeating, just as you predict.

    3. Re:We blaclist him too... by alexgieg · · Score: 4, Interesting

      What is it with Slashdot's (and other geek sites) support for criminals when they are geeks?

      Partly a bias the name of which I forgot, in which you require extraordinary amounts of proof against a member from your own group compared to what you'd require against someone from another group; partly the fact we like their tech and are worried further developments will be disrupted; and partly because technologists are usually on the anarchic side of things and don't see much (but not all) of what these people are accused of as morally wrong even if it's illegal (the "law isn't justice" dichotomy).

      That said, there are certain technologies that are themselves disruptive to other technologies, spam being the prime example, and thus those who defend it are seen as doing something morally wrong, precisely the case here. But there's a nuance in there. Technologists, although mostly anarchic, are also meritocratic, valuing technological prowess. Thus, if a highly skilled hackers manages to invade a system managed by a low skilled system administrator, that isn't seen as a simple invasion, but as a master teaching an apprentice a hard lesson so that he can figure out his deficiencies and improve (that the apprentice's boss doesn't see things this way is of no consequence). In any case, brute force techniques such as spammer delivery systems, DDoS via botnets and the like aren't themselves displays of skill, they're just displays of brute force. Developing such a system sure, is a clear display of skill. Using it, not so much.

      --
      Conservatism: (n.) love of the existing evils. Liberalism: (n.) desire to substitute new evils for the existing ones.
    4. Re:We blaclist him too... by Viol8 · · Score: 3, Insightful

      "What is it with Slashdot's (and other geek sites) support for criminals when they are geeks?"

      A large proportion of Slashdotters are still at the Stick-it-to-the-man age - anything up to 21-22yo, (maybe 25 if they're particularly immature). Rebelling against, parents, teachers etc. So in their eyes anyone who does have a go at The Man (even if The Man is you and I) is automatically a cyber warrior hero in their eyes.

      Luckily a lot of kids, most probably, don't suffer from this self important self righteous bollocks and even the ones who do eventually grow up and see that their actions are immature and counter productive. Unfortunately in the meantime we have to put up with a small subsection of the same age group doing the same old rebellious shit thinking they're changing the world and making life difficult for everyone else in the process. Plus ca change.

    5. Re:We blaclist him too... by Viol8 · · Score: 4, Insightful

      "The Man is not me"

      The Man is you if your internet access or activities have ever suffered because stupid little fuckwits on yet another cyber crusade for [insert cause of the week here] have screwed it up.

      "and looting my pockets."

      No one is looting your pockets. Learn some basic economics.

    6. Re:We blaclist him too... by Opportunist · · Score: 2

      I used to believe in laws. Back in the good ol' days when laws were put into place to create a balance, to protect those that could not protect themselves from those that wanted to abuse their position of power.

      It's kinda hard to remain on the side of the law when it abandoned this function and sided with power against the ones it should defend.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    7. Re:We blaclist him too... by alexgieg · · Score: 2

      The Man is not me. The Man is the 1% who are turning the world into a giant Panopticon and looting my pockets.

      It depends. Globally, if you own about $500k in stuff you're in the top 1%. A house counts, a car, a TV etc. all count. Do you? If not, about $60k will put you on the top 10%. And even if you aren't there yet, if you're in a first world country, absent a catastrophe there's a very high probability at some point you will.

      I assure you, I'll hate them every bit as much no matter how old I get, and pity those who don't for suffering from a severe case of Stockholm Syndrome.

      Every single older person out there will tell you they thought so at the same point in their lives. You're human. You're a typical human at that. You follow the exact same psychobiological patterns of human development the other 7 billion people currently living and the 40+ billion who lived before went, are going and their descendants will go through. Just wait and see.

      --
      Conservatism: (n.) love of the existing evils. Liberalism: (n.) desire to substitute new evils for the existing ones.
  3. Cyberbunker lied about location by mwvdlee · · Score: 5, Informative

    For those who can't read Dutch, and thus rely on second hand sources:

    http://www.automatiseringgids.nl/nieuws/2013/13/cyberbunker-niet-meer-in-bunker-kloetinge
    Claims Cyberbunker hasn't used the bunker location since 2010. I guess that explains why the claimed SWAT thing wasn't reported in Dutch news (and also why they waited to pose so nicely on the picture). The bunker location is currently property of http://www.bunkerinfra.com/ which apparently has several such locations and has nothing to do with the old occupant.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    1. Re:Cyberbunker lied about location by Incadenza · · Score: 2

      I guess that explains why the claimed SWAT thing wasn't reported in Dutch news (and also why they waited to pose so nicely on the picture).

      The picture on their site does not even a show SWAT team (which would be a ‘arrestatieteam’), it shows ‘Mobiele Eenheid’, i.e. Riot Control. Or does anyone think they would use those batons to hit the bomb-proof door? Also, that kind of shield is good against bricks, but not against bullets.

      Mobiele Eenheid is very seldom used for police raids. They only keep these at hand when they suspect a lot of bystanders that will interfere with a riad (trailer parks, really bad neigbourhoods), not when they raid a bunker.

  4. More misinformation about the swat episode by Anonymous Coward · · Score: 2, Informative

    They never said once they were under attack by SWAT teams, their website merely states they have in the past successfully slept-through an attempted SWAT raid that failed at the blast doors. Whether or not this is even true is questionable. It was most certainly not recent however.

    1. Re:More misinformation about the swat episode by Anonymous Coward · · Score: 2, Funny

      their website merely states they have in the past successfully slept-through an attempted SWAT raid that failed at the blast doors.

      SWAT teams are well known for just giving up and going home if they can't get in, of course.

    2. Re:More misinformation about the swat episode by dreamchaser · · Score: 2

      Yes, it would be so entertaining to watch police be diverted from actually fighting real crime over a prank. Think about what you said. There is *nothing* funny or entertaining about 'SWATting', regardless of whether you are the one perpetrating it or the target, or just a spectator.

  5. Re:Certainly stupid to ask the question here by thaylin · · Score: 3, Informative
    He posted to his facebook that he was behind it, of course he has sense deleted it. On marge 21 he wrote

    "Hi Spamhaus, despite allowing your crap to be back up for a day or so, i see our demands still have not been met. stand by for more.".

    --
    When you cant win, ad hominem.
  6. Ladies, start your engines by Anonymous Coward · · Score: 3, Funny

    From TFA:

    "He describes himself in his own Web postings as an Internet freedom fighter, along the lines of Julian Assange of WikiLeaks, with political views that range from eccentric to offensive. His likes: German heavy metal music, "Beavis and Butt-head" and the campaign to legalize medicinal marijuana. His dislikes: Jews, Luddites and authority."

    Anyone want to put that profile on a dating site to see if it garners interest?

  7. Re:Not as black and white as people think by Anonymous Coward · · Score: 2, Insightful

    I know. It's not fair to blame robbers -- locks are too easy to fix.

  8. Re:Not as black and white as people think by betterunixthanunix · · Score: 2

    It sounds like you are suggesting...spam filters, hashcash, and greylisting. Oh, wait, we do that already.

    The reason SMTP endures despite numerous attempts to replace it is that it does one thing and it does it well. Spam exists because SMTP is so good at delivering messages, and because it does so cheaply. I will not be parting with email any time soon.

    Much as I dislike Spamhaus, it is hard to side with someone whose grievances include "Jew lies."

    --
    Palm trees and 8
  9. Re:Not as black and white as people think by Sponge+Bath · · Score: 2

    No pancake is so thin that it has only one side.

    You haven't tried my Mobius pancake recipe.

  10. Well, he seems like a nice... wait. what? by Jeremy+Erwin · · Score: 2

    Mr. Kamphuis’s current nemesis is Spamhaus, a group based in Geneva that fights Internet spam by publishing blacklists of alleged offenders. Clients of Spamhaus use the information to block annoying e-mails offering discount Viagra or financial windfalls. But Mr. Kamphuis and other critics call Spamhaus a censor that judges what is or isn’t spam. Spamhaus acted, he wrote, “without any court verdict, just by blackmail of suppliers and Jew lies.”

  11. Re:What about the idea by Phroggy · · Score: 2

    What about the idea that Spamhaus, by being a blacklist, is denying service to all sorts of websites itself? Why is a DDOS attack that much different from what they do every day?

    I mean, sure, they block a lot of spam, but what about all the times someone's domain gets blacklisted and it's not spam? And yeah, I realize domain admins opt in to use their blacklists.

    I don't think you really understand what you're talking about. First of all, Spamhaus isn't denying service to web sites; they're listing IP addresses of known spam sources. Mail administrators use the list to block email - not web sites - from those IPs. Spamhaus is just one of many such services, but Spamhaus happens to be the best. Why is that? Exactly because they keep the false positives to a minimum. What you're talking about theoretically COULD happen, and certainly does happen with other blacklists, but the reason we mail admins use the Spamhaus SBL-XBL lists instead of the other blacklists is because we DON'T see legitimate servers getting blocked. Believe me, if we were blocking legitimate mail, our users would complain. It's not happening.

    It still does not change the fact it's a denial of service, coming from a self-appointed body that is in no better position to judge what is and is not spam than anyone else.

    They are in a better position. I don't know how they do it, I don't know how they got into that position, but they've managed to pull it off.

    A real common tactic with political campaigns is to sign up for the opponents mailing list on an AOL account, wait for them to send you an email, then complain you are receiving spam. AOL turns around and gets that domain blacklisted. Then it takes time and resources to resolve the issue.

    I just don't see much of a difference.

    The difference is that while this happens all the time with AOL's internal blacklist, Spamhaus doesn't work this way.

    --
    $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
    $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;