Slashdot Mirror


User: damn_registrars

damn_registrars's activity in the archive.

Stories
0
Comments
5,958
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,958

  1. Opt-out as a by-product of CAN-SPAM on Opting Out Increases Spam? · · Score: 2, Informative
    Some of us may recall that the CAN-SPAM 2003 ACT specifically set forth rules for opt-out mechanisms from spam. Granted few spammers give a damn about CAN-SPAM for numerous reasons, but the opt-out link does give the spammer / owner of the spamvertised site the appearance of being in compliance. Even though as people have already pointed out the opt-out link generally just confirms for the spammer that your address is indeed active and read.

    If you ever wonder why so many spammers couldn't possibly care less about CAN-SPAM, just consider this:
    • Few spammers operate from within the US
    • Few spamvertised web sites are hosted in the US
    • Few registrars that sell to spammers and spamvertised sites are in the US
    • The act itself has lead to absurdly few prosecutions since being passed almost 6 years ago
    • Effective spammers excel at obfuscating their work to hide their identity and location, so even if they are in the US it is quite difficult to show it in relation to their work
  2. not likely a useful exercise on Opting Out Increases Spam? · · Score: 1

    how can I forge bounce messages so that they think my email address is invalid?

    Being as most spam passes through open mail relays (often botnet systems themselves), using forged headers (commonly with your email address in the from field), the bounce message would likely never get to the actual spammer. It would likely do you just as much good to open the spam and hit reply, saying "please kind mister spammer remove me from your list".

  3. (you)-CAN-SPAM on Opting Out Increases Spam? · · Score: 1

    They pass a law to reduce the junk mail, and what does it do? Causes a flood of MORE junk mail.

    I think you're missing part of the picture if you really believe that the CAN-SPAM act increases junk mail. After all, only a trivial portion of spam comes from inside the US as advertising for US based companies. If you look at most of your spam you'll find it generally passed through open mail relays on another continent, is advertising for a company on yet another continent, who purchased a domain from a registrar on possibly a third continent outside North America.

    So then in how many of those areas do US laws have jurisdiction? You're right, zero.

    And these are the same dunderheads that want to control health care??

    Actually, no. If you some how have read any of the proposed legislation in the US congress today, you would know that not a single proposed bill was going to control health care as you put it. The closest anyone has gotten so far is to try to help you buy health care from an existing HMO, or perhaps help you buy a health care plan that is currently available to government workers (which is not controlled by the government). You really need to pay more attention to where you are getting your opinions from.

  4. it does one other thing on Opting Out Increases Spam? · · Score: 1

    All that opting out does in those circumstances is prove that your address is an active one, and that makes it loads more valuable, so they'll sell it on to their spammers as a premium "active email address!

    Actually, the opt-out "option" also gives the spammers the appearance of being in compliance with the (you)-CAN-SPAM ACT, which requires an opt-out mechanism for all spam. Too bad that as we all know the (you)-CAN-SPAM ACT is utterly worthless, unenforced, and (at best) nebulously defined. The opt-out link allows the spammers and owners of spamvertised sites (none of whom are frequently from this country most of the time, which makes the act even more meaningless) to look like they care about the act while actually enhancing their lists as you mention.

    Which is why I usually put other peoples' email addresses into the opt-out. I generally use the email addresses of slashdot employees or the registrants and registrars of the spamvertised domains.

  5. How many slashdot members... on Yahoo Pulls the Plug On GeoCities · · Score: 1

    ... know that they had a geocities page at one point in the past, but haven't done anything with it in at least 10 or more years? I know I used to have a page in "siliconvalley/Heights" but I'll be damned if I remember what my login was for it. Not that the world is any worse off for it disappearing, as it had little more than warcraft II maps and a bunch of animated "under construction" gifs.

  6. Interesting processor name on AMD Overclocks New Phenom II X4 To 7 GHz · · Score: 2, Funny
    While the summary read

    955 Black Edition

    I saw it to say

    955 Brick Edition

    Which I think is a CPU I would prefer to stay away from...

  7. Re:Foxit isn't all that great, either on F-Secure Suggests Ditching Adobe Reader For Free PDF Viewers · · Score: 1

    There's no particular _need_ to open the PDF in browser, is there?

    I wish that were true. Unfortunately there are some academic journals that I read that have found a sufficiently creative way to obfuscate the identity of the PDF versions of articles such that you can only open the article in a browser window (at which point then you can save it as a PDF).

    It is extremely annoying, but reading those articles is absolutely required for me to do my job as a scientist. And as much as I would rather not use the Adobe reader if I didn't absolutely have to, I'm not going to use another system entirely just to read papers. And keeping two PDF readers (one as a plugin the other for all other uses) doesn't make any sense, so back to Adobe I went.

  8. Foxit isn't all that great, either on F-Secure Suggests Ditching Adobe Reader For Free PDF Viewers · · Score: 1

    I tried to get by with foxit reader for a couple years, updating as often as it requested. I found that unfortunately it was not a suitable replacement in all cases. As someone else already mentioned, it cannot open the newest PDFs made by the newest Acrobat (though that is to be expected). However that is not my biggest problem with foxit.

    My biggest problem is that the foxit plugin for firefox is terrible in terms of long-term stability. I have never seen a plugin consume memory so voraciously; even flash isn't that bad. If I opened a pdf in firefox through the foxit plugin, and then closed the window, firefox would nonetheless proceed to consume all available memory and drag my system to its knees in a few days or less, even without opening up any additional pdfs in that time period. Removing foxit and installing the adobe reader solved that problem.

    I would very much prefer to not use the Adobe reader, but when the alternative is that bad I don't have much choice.

  9. The benefit of being outdated on Intel Cache Poisoning Is Dangerously Easy On Linux · · Score: 2, Insightful

    All the hardware I currently use is considered "obsolete" by hardware vendors, software vendors, OS groups, and any kind of support personell you can imagine. However, by being that dated it is also considered to not be worthwhile for virus writers or others who work on compromising peoples' systems en masse.

    Long live my P4, bitches. It might not be perfect, it might not be able to play Quake 7 or any other bleeding edge games, but with each passing month we see more security threats that fall under the category of "unapplicable" to my system.

    Don't even ask me what video card I use, what kind of hard drive I have, what kind of optical drive I use, or what operating systems I boot. I'll likely get carted away to a nice padded room if I try to tell people that those are still useful.

  10. Not quite what I had in mind by the summary on Sink Your Balls Quickly With Pool-Cue Robots · · Score: 1

    When I read the summary I was expecting some clever system that went around the perimeter of the table and pushed a robotic-controlled cue stick of some sorts. Instead we get what look to be small RC cars with special front ends. This is closer to soccer than it is to pool.

    Now if instead something was built that did go around the perimeter of the table, and shoot in a more-or-less human fashion, that would be intriguing as it would actually be something that a human could play pool against. This is more of a gee-whiz (pool) parlor trick, IMHO.

  11. Beta testing? That is SO web 1.0... on Exploring the Current State of Beta Testing · · Score: 1

    At least that is what I have learned from the way code has been rolled out untested around here. Besides who needs beta testing when you already have a large base of readers who will put up with shitty code as long as the information they seek is out there somewhere?

  12. Note to the BBC on Stephen Hawking Is "Very Ill" In Hospital · · Score: 1

    I'm pretty sure that anyone who knows who Hawking is knows of his disease and what it has done to him. Hence we already know he isn't the most photogenic person on the planet. Couldn't you find a slightly better picture of him?

  13. dropping your cable on Adobe Pushing For Flash TVs · · Score: 1
    As from the summary:

    the question of dropping your cable becomes a little bit more reasonable

    I find this rather unlikely. For one, cable companies are now amongst the largest ISPs in the country - for some people they are the only reasonable option for high-speed access. Couple that to the "bundling" pricing that the cable companies do for internet access and I don't see it very likely that people will drop their cable TV service for this (and don't forget the cable companies threatening to charge by GB for access).

  14. On a side note (geography) on 12 Small Windmills Put To the Test In Holland · · Score: 3, Interesting
    For those who wondered where the country New Zealand got its name; or more so where the "old" Zealand is:

    Dutch province of Zeeland

    There is your answer.

  15. Errant department tag on Why Republicans Won't Retake Silicon Valley · · Score: 1

    From the prepare-for-pudge-rage dept

    That tag doesn't really apply here. Or at least, not to this specific discussion. Pudge keeps his political discussions to his journal, where he can squelch a long list of people he disagrees with. If he posted here, those people could reply to him and point out the problems in his arguments.

  16. Why a DoS attack? on Zombie Macs Launch DoS Attack · · Score: 1

    I find it interesting that the compromised macs have been used as zombies for a DoS attack. It doesn't seem like the smartest use of newly compromised systems, as such a use of a system can be so intense in terms of memory and bandwidth usage that it should be fairly easy for even a novice user to notice that something is awry.

    I'm rather surprised that the people behind this didn't go for something less obvious, like spam propagation.

  17. Re:Can we stop it? on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    ICANN has never given a damn what anybody says anyway.

    Sadly, I have never seen any evidence to the contrary.

    However, I am glad that some people did not allow that to stop them from lodging their concerns to ICANN over this issue anyways. I figure even if they choose to ignore feedback given to them and go ahead with the gTLDs-for-sale plan anyways, at least we will be able to call them out as liars when it blows up and they try to claim that nobody saw it coming.

    gain them more power

    I'm not sure how they could have more power, unless they found a way to declare themselves their own country.

    influence

    I'm not sure what they have influence on, beyond the internet. I don't really see why they would care, anyways.

    and money

    I would say that one, more than any other, is the factor pushing this decision. Apparently the ICANN people learned nothing from the collapse of the financial markets in the US that followed the massive de-regulation of the same.

  18. Re:check your inbox on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    Whether you use filters or not is completely irrelevant to the spammers, it matters about as much to them as what kind of car you drive.

    why bother trying to make it hard to filter?

    The operative word in my statement is you. They don't care what filter you use, or if you filter at all. They know what the most common filters are and they adapt their messages accordingly. It doesn't matter what techniques you employ personally. They'll still send you spam regardless.

    Well obviously they'll make less money if their spam makes it into fewer inboxes

    Not necessarily. There is no static fraction of users who will click on spam messages. Some people will click on damned near anything.

    And who are these people who don't use any kind of spam filters?

    There are plenty of people who don't use filters, for one reason or another. I know several people who don't filter.

    Most people that I know either use a commercial host (e.g. Gmail, Hotmail, Yahoo) which uses spam filtering techniques by default, or else use their company address that is filtered by their company.

    Do the people you know represent a comprehensive cross-section of the world's population? I didn't think so.

    And some day, we will have to actually address the spam problem with something of true merit.

    And what would that be?

    It is an economic problem. It needs an economic solution. If the profit motive is removed in one way or another the problem will go away; spammers send spam because they make money from doing so.

    You have a solution?

    You certainly haven't offered one.

    On the other hand, I have had dozens of spamvertised domains shut down. My actions have lead to spam-friendly registrars losing their accreditation. I have helped people plagued by spam problems learn how to make their voices heard so that the people with actual power on the internet (registrars, up to ICANN) realize the actual problem.

    None of that ever can, or ever will, be accomplished by filters.

  19. Re:Impossible to overstate the SPAM opportunity .. on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    One might also make the case that their target is already incredibly vulnerable and adding more gTLD's to the mix won't make them any more or less vulnerable.

    I disagree with you on this because of how the new gTLDs change registration.

    Under the existing TLDs, registrars are expected to maintain some level of accuracy in their registration records, or they can lose their accreditation status. This is how many spamvertised domains were shut down before, they would have bogus registration data and the owners would allow them to be shut down rather than share correct data (the registrars were generally in on it, too; they would sell hundreds or thousands of domains at a time to a spammer and shut them down on demand).

    However, under the new gTLDs, the TLD owner sets the rules for registration. Which means now a domain could potentially be registered forever with bad information under a new gTLD. Which means that the spam sent out next week would refer to a website that will still be up in 5 years (generally most spamvertised domains now live on the order of a few weeks to a few months before they get shut down).

    Hence this system enhances the number of customers that a spammer could possibly bring in, as the old spams will still have valid links. It also increases their margin as they won't need to register anywhere near as many domains, and they won't have to worry about their registrar ever losing accreditation.

    I guess I just personally don't care about that crowd

    You probably should rethink that position. The people in "that crowd" are a big part of why spam exists. And we can never solve this problem with filters only. Spam exists because it is profitable. If you really want to end spam you need to do something about the profit, not just about the email that goes to your own address.

  20. Re:check your inbox on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    I could put in a spam filter that said

    First of all, you are giving way too much credit to your filter. If you really want to lie to yourself and believe that somehow you can filter your way out of a spam problem, you are free to do so while other people actually try to work out a real solution to the problem.

    "block any email that comes from .pillz, is relayed from .pillz, contains a link to a .pillz address, or even has '.pillz' anywhere in the body."

    That's great that you have filter rules, if they make you happy. But you are missing several things here

    • Link obfuscation in the spam email that will prevent your magic filter from detecting the link
    • Spammers likely don't give a shit about you personally anyways
    • Many people don't update their spam filters if they use them
    • Many other people don't use filters at all

    In short your assumptions seem to be based on your belief that either spammers care about you, or that the entire world will use your rules for approaching email. Likely neither is true. You do realize that even if you personally never, ever, click on a spam link, and never, ever purchase something through spam, it will still be sent to you, right? Even if you filter it, the spam is still sent to you because someone came up with your email address in some way, shape or form. And there are millions of other addresses out there that are on spamming lists as well. Most of the people who check those other addresses don't use rules anywhere near as stringent as your own.

    And on top of all that, how many times are you willing to update your filter rules? $185k is not much money to spammers and their cohorts. They can purchase more gTLDs if they want. After all, these become domains that they never need to re-register. If you go back through your old spam (if you ever saved any) and checked the links in those old messages, you'll find that >>99.99999% of the spamvertised domains are no longer operating. You may have new, almost identical spam - even sent on behalf of the same actual "company" - but it is pointing to a new domain. Which should lead you to ask what happened to the old domain; it was at some point shut down and abandoned, generally to avoid detection under the rules of the old TLD it was under.

    However, the owner of a gTLD gets to set those rules on their own. The owner of .pillz might be just fine with registrations that never expire that have contact information in Antarctica. Which will, in the end, save money for the spammers.

  21. Re:Impossible to overstate the SPAM opportunity .. on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    but is there even a single person out there who's smart enough to de-obfucsate a URL, and still stupid enough to do so?

    You don't read many spam emails, clearly. Otherwise you would know how this works.

    The recipient doesn't have to de-obfuscate anything. Their email software will do it for them. In the message (when it is read by their filter) the domain name is obfuscated. But it will render correctly through a variety of techniques when they open the message.

    To the user it is nothing special, just another advertisement for cheap (pills/software/shoes/whatever). To the filter it is nonsense that doesn't match any restricted pattern.

    Or even more so, the user isn't using a filter to begin with.

  22. Re:check your inbox on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    It seems equally trivial to block email containing URLs from the spam domains

    If you really want to set your filters to read your email at that level of detail, it may be possible.

    That is, until the spammers improve their link obfuscation techniques such that the link is there but your filter can't pick it up (which is already fairly common).

    which of course is why spammers won't go there

    You are assuming that spammers care about filters, and there is absolutely no evidence to support that dream. Spammers will continue to send out as much spam as possible because they get paid by how much money they raise for whomever is paying for their services. Whether you use filters or not is completely irrelevant to the spammers, it matters about as much to them as what kind of car you drive.

    Hence they will go there because they can make money doing it. There are plenty of people who don't use filters for their email, or they don't use filters that will be able to catch this.

    And some day, we will have to actually address the spam problem with something of true merit.

  23. Re:Impossible to overstate the SPAM opportunity .. on New ICANN TLDs May Cause Internet Land Rush · · Score: 1
    You are overlooking several things, here.

    it will be retardedly easy to find which companies are dumb enough to sell domains to spammers on their gTLD.

    That is a piece of information that most people wouldn't even know how to find, let alone what to do with it.

    Every browser I use can be setup for phising detection

    That's great. Though I doubt the spammers are interested in you anyways. They know that there are plenty of people still using ancient versions of netscape and even the early AOL browsers on their 10+ year old PCs that connect via dial-up. These are the people the spammers are looking to make money off of, and they'll make plenty off of them to make up the money quickly of registering in the new TLDs.

    Even more so, spamvertised sites will become cheaper under the new TLDs because the registrations will never have to expire (or even have valid data). Previously registrars had an obligation to keep good WHOIS data, but that all goes out the window now for the registrars involved in selling under the new gTLDs.

    I can't imagine a corporation wanting to compromise theirs

    Do you know any major corporations involved in spamming? Neither do I.

    However, for the spamming big shots, $185,000 isn't much money at all. They can easily funnel it to one of their unscrupulous registrar friends to buy .pillz or whatever other new gTLD they want. Then they have a permanent registration base.

    Having major phishing filters block your gTLD on it sounds incredibly expensive

    Again, you are assuming that the spammers and phishers care about the technologically savvy. That is not their target market anyways. They will quickly make up their costs off of people who don't know better, and the rest of us will see a new deluge of spam as a direct consequence.

  24. Re:Impossible to overstate the SPAM opportunity .. on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    No, I'm going to consider any mail with a link to any site other than a .com, .net, .org, .edu or .us spam.

    Well, I wish you good luck with that. I will tell you right now that spammer link obfuscation will quickly make that approach obsolete. You can come back later and tell me I was right if you would like.

  25. Re:check your inbox on New ICANN TLDs May Cause Internet Land Rush · · Score: 1

    I'm not sure I understand

    To put this as kindly as possible, I'm pretty sure you do not understand.

    Then I could just block everything coming from those domains

    At no point was I talking about blocking, and at no point would it do you any good.

    Do yourself a favor, and check the headers of the next spam you get. You'll find that a less-than-trivial fraction of all true spam actually come from the spamvertised domain.

    So even if all spamvertised sites were in .pillz, it would do you no good to block email that originates from .pillz, because the email won't be coming from there anyways. If you check those headers you'll see that few of the open relays that push spam around are even in registered domains anyways. Most spam gets moved around by unsecured windows boxes that are on 24/7 internet connections (generally in people's homes) that have been compromised and added to a botnet.