I suspected that was the case, but never really checked into it. All in all, while any anti-spam efforts are better than none, ORBZ's scripts needed to be much better than they were to be effective. Still, to be fair, it was a free service, so you can't really criticize too much, and it was probably ideal for some people's anti-spam efforts.
And it's still a victory for the spammers, dammit!
No, what they *should* have done, was sent the admins with the broken servers the links to the fixes "DragonC" posted these here earlier. I mean, it's not like they couldn't find an open relay to mass email them all from, is it?;)
Not such a great loss as made out
on
ORBZ Shuts Down
·
· Score: 5, Interesting
I actually stopped using ORBZ some time ago because of the way their database worked in conjunction with the vast amounts of spam coming from DSL lines. Basically if an IP was verified clean then it could not be resubmitted within 30 days, fair enough I guess, but this really fell apart with spam originating from what appeared to be dynamically allocated pools of DSL users. Obviously the same servers were changing IPs, and being reused by the same spammers, but ORBZ's submission engine couldn't deal with this in my numerous attempts to submit active spammers.
I emailed ORBZ over the issue, citing three identical spams all of which were from the same physical server (from a typo in the headers) yet from different IPs, all of which were marked as "Verified clean within the last 30 days". ORBZ' response to this was basically "use multiple RBL servers", which I already was. I stopped using them at all the same day and switched to an alternate RBL server that I could submit spam to for automatic inclusion once verified. Since then I've also set up my own local RBL server, which makes things much easier when you have multiple SMTP servers to administer...
Re:The Earth's temperature has ALWAYS fluctuated.
on
Larsen Ice Shelf Collapses
·
· Score: 3, Insightful
The Earth's temperature has ALWAYS fluctuated -- massively.
Quite. Even if we assume (because unless someone knows better there is still no proof either way) that humanity is responsible for the CO2 emissions, that led to the destruction of the ozone layer, that led to increased sunlight melting the Antarctic icecap, so what?
The earth has experienced periods that saw much of the northern hemisphere covered in ice, and unless I'm mistaken that isn't the case at present. Also, it has had periods where the Antarctic land mass (the rock currently under the icecap) has supported a temperate climate, which again, there doesn't seem to be a present. So, humanities collective ego aside, we don't seem to have pushed "Gaea" outside her normal tolerances just yet.
It might just be a really good idea not to try and do so though...
I wonder what would happen if I attached the device to this large piece of sheet metal the local orchestra uses, placed its input microphone in front of the sheet and give the sheet a hefty whack... Or even dumped the microphone and captured the vibrations directly for that matter.
This technique is really *old*. I once had a DOS game that used this to prevent casual copying - the installer was writing additional data into the slack space at the end of it's main executable. There was something similar on the floppy too. I think what it was doing was hashing the data on the floppy with whatever was generated on the HDD, but since I just NOP'ed over the subroutine call, I really didn't need to look too closely. Or require my diskette to play the game for that matter.;)
Oh, great, now someone's going to set up a bunch of web sites containing that 9MB "words" file and get them spidered by Google! More noise in the search engine results... It'll all end in tears I tell you!
I thought of that. I got as far as "Securing the Internet. As I said above, my FreeS/WAN project is to secure Internet traffic against wiretapping." before I snorted my coffee out of my nose.
So: "Wiretapping = Bad", but "Spam = OK" then, John?
I trust you took advantage of the facility that SpamCop has about "ISP does not wish to receive complaints about..." to resolve this? Lot's of spammers cite that crap spam legislation and include a URL to some US Government site as well. I don't recall ever getting an option to send a spam report to the.gov site. If your NAP and the anti-spam organizations concerned have a clue then it should have been easy to convince them that the DMA was trying to be responsible.
Drifting off topic a bit, but an idea just occured to me regarding the lack of trust people have towards opt-out lists. If a "responsible spammer" (for want of a better term) could prove they honoured their opt-outs to SpamCop, say, then a link to a secure page at SpamCop to confirm that fact might go a long way, particularly in the DMA's case.
I have to say that often the anti-spammers are worse than the spammers.
As an "anti-spammer" myself, I have to agree that there are indeed some anti-spammers that look upon their role as some kind of holy writ and are as overzealous as that implies. And there are also some that genuinely try to do their best to fight spam (hopefully I'm in this camp). Yes, I do submit to SpamCop, I even have my own internal RBL server at work (an ISP) because it's more convenient than updating the banned IPs on all our servers one by one. On the otherhand, I'll only shitlist someone who refuses to take action against a spammer, or gets abusive (it happens), or is clearly a spammer themselves. However, I tag each entry with the date it was added and why, and expire as appropriate. It's this expiry phase that some "anti-spammers" seem to forget - shitlisting a spamming IP is all very well, but at somepoint a new user is going to be on that IP who doesn't deserve the entry.
Of course, the flipside is that while some spammers are outright criminals, there are some spammers that are genuinely trying to target their email to generate leads and act responsibly. The problem is that the criminal element has ruined it for the latter group, because almost noone trusts "Sorry - go here to opt-out of further emails" any more.
The address of the server, Toad.com, is one of 25 open mail relays hard-coded by its unidentified author into the W32.Yaha worm, according to analyses by anti-virus firms Symantec and Sophos.
Another vote for "Bullsh*t". I'm pretty certain that the LED doesn't blink for *every* single bit. And what about compression techniques that use phase and so on? You are not actually putting just ones and zeros onto the wire you know.
I don't think this is actually entirely Microsoft's fault. A *lot* of motherboards appear to have ACPI problems with Windows XP, which I gather is being quite strict in it's adherance to ACPI specs, where as some of the motherboard chipset vendors have not been so diligent. That said, I have a motherboard which is "not 100% ACPI compliant" according to the vendor which is running Windows XP fine in ACPI mode, so it looks like a classic "YMMV" issue.
My car's design has a flaw and the manufacturer issues a public recall for a free repair, I have this mentioned when I next go for a service, but choose not to have the work done because it's too inconvenient. The part fails and I am involved in an incident that causes harm to a third party - I think I should have my ass sued clean off, don't you?
My software has a bug, the vendor issues a freely downloadable patch, and even emails me about it, which I choose to ignore and don't install it. My server is compromised and used to DoS a third party - I think I should have my ass sued clean off, don't you?
In the incidence of software this is clearly related to the debate about disclosure of vulnerabilities. You have to acknowledge that software is going to have flaws, that it takes a period of time from discovery of a flaw to produce, test and release the fix, and that during this time liability is the grey area this topic is discussing, but once the fix is out and announced, responsibilty *has* to be transferred onto the people using the software rather than those that produced it.
I don't think you can blame a vendor for having a bug in their code, because it's not a perfect world and it happens (albeit more with some vendors than with others) and doing so sets a precedent that would effect other industries as well. You can however apportion a great deal of blame after the flaw becomes public knowledge, and reapportion that blame once the fix is available or if the fix is sufficiently tardy in arrival to cause problems. Which explains a great deal about some people's attitudes towards the issue of full disclosure, doesn't it?
Isn't it time to face the fact that the spammers don't care about the legality of their actions?
True enough, the spammers probably don't give a damn about what pathetic legislation can be brought against them at the moment, especially the hardcore responsible for the bulk of it. More serious legislation to let you go after the spammers, the ISP hosting them and maybe even the luser whose open relays were used would still be a further deterrent though.
That aside, I don't think you can win the fight against spam by going after the spammers directly either, but what is required is to remove their support infrastructure and watch them wither on the vine. If spammer friendly ISPs are more liable for the actions of their customers then we might stand a better chance of reducing spam. My dial up ISP in the UK, Demon Internet, has recently institued a policy of pulling the plug on it's customers before notification of the customer if they are, or are being used to, spam. Like any legislation this is a start, and every little helps... the more ISPs that implement similar procedures the better.
Sorry, but your counter examples don't wash. Do you think a book costs more than it's cover price to produce? A video game? Or an audio CD, video or DVD for that matter? Now compare that with "Friends" which runs at nearly $10m an episode to produce - that's a lot of revenue to recoup from airing. Do the math - $220m dollars per series / viewers = cost to those viewers to watch in a pay per view scheme. Friends might survive because it's a very popular show, but an awful lot of other shows would come in below the profit line and be canned, many of which are probably the ones that the typical/. reader watches, because we seem to like a lot of "cult" programs...
Don't get me wrong, I think DRM as it stands sucks big time and we've got this whole mess because no one bothered to drag copyright legislation into the digital age in a timely and effective manner. The crux of the matter though is that if the studios can't make a profit on a show then they won't make it and people are getting confused by two totally seperate and unrelated issues with regard to downloading episodes.
There is the issue of "copyright" and there is the issue of "piracy / loss of revenue". If you download an episode of show x, have you really deprived the studio of revenue? In truth the answer is probably not - you would have most likely have watched it (and the ads) when it aired, and if you couldn't have downloaded it would have recorded it instead. So all you have done is changed the media you taped it to into one more convenient for your use instead of encoding it yourself. Where the studios are losing money however is when the people who have recorded or downloaded episodes don't by the "official" releases of the show when they are released. The problem is that this has not really been settled in the courts yet like happened when video recorders first arrived.
The way things stand at the moment, I don't see that the studios have any beef with the people who download the episodes / MP3s or whatever (even if they would like to). Any potential cases would rapidly become "fair use" issues and they stand to set a precedent that they would prefer to avoid no matter what, so they grey area is not ideal but preferrential. However, distribution of movies/MP3s without approval *is* a copyright infringement, hence the attack dogs going after the likes of Napster and sites offering episode downloads.
The problem with your theory is costs, and the (dead tree) magazine industry has a similar situation. It costs more to produce an episode of a given show, or pay for the rights to air a given sporting event etc., than the potential audience alone will bear. So they need the advertising subsidies to reduce the costs to the viewers.
I don't know what the figures are for the studios, but I did see a comment in a UK PC magazine once that to produce the same content without any advertising at all would increase the shelf price from £5 to £25. Quite a hike. Would you be prepared to see your cable/satellite bill go up by the same percentage just to lose the adverts? Plus the additional amount to cover the costs of those who say stuff it and cancel their subscriptions?
I'm guessing that for the majority of viewers the answer will be a resounding "NO WAY!"
However, what RFCs (and BCPs) like this can potentially provide is an escape clause for responsible employees who discover a problem with their company's software to make it public without having their own employer sue their ass under the DMCA or whatever local equivalent might exist. Let's face it, if a Techie gives his PHB a procedure for dealing with incidents that includes a phrase like "in compliance with RFC's X, Y & Z" how many are going to read them before they sign off on them?
Or you could even be honest and openly use the RFC as a basis for your own company policies on the matter at hand.
I'm all for vendors of software (any vendor, be it Microsoft about the latest IE exploit or ISC about a hole in BIND) to keep a show stopper under their hat while they try and fix it. Provided that there is no evidence that the Blackhat crowd knows about the problem, but there needs to be constraints - 30 days seems about right. This *has* to become null and void as soon as the problem is exploited though; at least that way the people who care about security can take steps to prevent abuse.
I've seen a site well and truly compromised because frickin' Microsoft sat on a bug long after the Blackhat's had an exploit. It only took two days before their entire DMZ was rooted and credit card details stolen, and the stupid thing was, if the site had known that there was a problem they could have worked around it and avoid the legal mess they got into and are still in.
The only saving grace is that this probably won't happen to them again; they are now an ex-customer of Microsoft's and running Apache instead. True, Apache has its own problems, but at least they give you a chance to prevent any issues arising if you care to do so.
PS. Can I interest anyone in 40 used copies of NT Server? Thought not.
rather than refusing email from the offending ISPs, they are going to the rather extreme measure of refusing connections entirely (at the router, i guess, though i'm not certain how the network is set up...) from the entire IP ranges of a number of the offenders.
What they'll be doing is redirecting the eBGP route (ie. bit that says "go here to get to their IP block") for the ISP concerned to the routers equivalent of/dev/null. We use this technique a lot to dump traffic from problem areas until the problem is fixed as it's quick and easy (usually a one liner in the config) and 100% effective. It's a good way of bringing people into line, although usually just the threat of this is enough to prompt any action that is going to happen since it's about as extreme as one ISP can be to another.
Because if the wheels are on the side it's going to try and topple forwards or backwards, and you have two readily available wheels to counter that. If they are front and back, then there is no mechanism in place to stop the tendency to fall to the side.
Anybody up to testing this? Do you have a spam mailbox to submit to DMA to see who harvests it?P
Yup. For a couple of weeks now. Either my fictitious account has been lucky or DMA "e-ps" is currently legit.
So, let get this straight, some people are upset because the "conspiracy" plots are becoming more prevalent. Well, if you watch the show for its entertainmet value, who cares, as long as it's entertaining? On the otherhand, if you watch the show because you are really *into* it, then this is just like real life I'm afraid (that thing you might keep hearing that you should get one of) - conspiracies breed further conspiracies once they start to leak, so it's only natural that there should be more such episodes.
The company I work for tried this in the UK some time ago for Internet access. It worked, but the big problem was with noise - there were just so many unexplained/untraceable bits of kit fritzing with the signal. Ultimately the signal is going to pass through one or more substations and 33kV or even 133kV AC is *noisy*, especially when some of the kit is getting on for half a century and more old.
We canned the idea for Internet, but this application sounds ideal; low bandwidth, low contention (presumably), and if it goes wrong, you can always send the legacy meter readers around in a van... Or you could upgrade all your kit, I wonder which one they'll opt for...
Slashdot Mirror
And it's still a victory for the spammers, dammit!
No, what they *should* have done, was sent the admins with the broken servers the links to the fixes "DragonC" posted these here earlier. I mean, it's not like they couldn't find an open relay to mass email them all from, is it? ;)
I emailed ORBZ over the issue, citing three identical spams all of which were from the same physical server (from a typo in the headers) yet from different IPs, all of which were marked as "Verified clean within the last 30 days". ORBZ' response to this was basically "use multiple RBL servers", which I already was. I stopped using them at all the same day and switched to an alternate RBL server that I could submit spam to for automatic inclusion once verified. Since then I've also set up my own local RBL server, which makes things much easier when you have multiple SMTP servers to administer...
Quite. Even if we assume (because unless someone knows better there is still no proof either way) that humanity is responsible for the CO2 emissions, that led to the destruction of the ozone layer, that led to increased sunlight melting the Antarctic icecap, so what?
The earth has experienced periods that saw much of the northern hemisphere covered in ice, and unless I'm mistaken that isn't the case at present. Also, it has had periods where the Antarctic land mass (the rock currently under the icecap) has supported a temperate climate, which again, there doesn't seem to be a present. So, humanities collective ego aside, we don't seem to have pushed "Gaea" outside her normal tolerances just yet.
It might just be a really good idea not to try and do so though...
I suspect "loud" would be a good place to start.
This technique is really *old*. I once had a DOS game that used this to prevent casual copying - the installer was writing additional data into the slack space at the end of it's main executable. There was something similar on the floppy too. I think what it was doing was hashing the data on the floppy with whatever was generated on the HDD, but since I just NOP'ed over the subroutine call, I really didn't need to look too closely. Or require my diskette to play the game for that matter. ;)
Oh, great, now someone's going to set up a bunch of web sites containing that 9MB "words" file and get them spidered by Google! More noise in the search engine results... It'll all end in tears I tell you!
So: "Wiretapping = Bad", but "Spam = OK" then, John?
Drifting off topic a bit, but an idea just occured to me regarding the lack of trust people have towards opt-out lists. If a "responsible spammer" (for want of a better term) could prove they honoured their opt-outs to SpamCop, say, then a link to a secure page at SpamCop to confirm that fact might go a long way, particularly in the DMA's case.
As an "anti-spammer" myself, I have to agree that there are indeed some anti-spammers that look upon their role as some kind of holy writ and are as overzealous as that implies. And there are also some that genuinely try to do their best to fight spam (hopefully I'm in this camp). Yes, I do submit to SpamCop, I even have my own internal RBL server at work (an ISP) because it's more convenient than updating the banned IPs on all our servers one by one. On the otherhand, I'll only shitlist someone who refuses to take action against a spammer, or gets abusive (it happens), or is clearly a spammer themselves. However, I tag each entry with the date it was added and why, and expire as appropriate. It's this expiry phase that some "anti-spammers" seem to forget - shitlisting a spamming IP is all very well, but at somepoint a new user is going to be on that IP who doesn't deserve the entry.
Of course, the flipside is that while some spammers are outright criminals, there are some spammers that are genuinely trying to target their email to generate leads and act responsibly. The problem is that the criminal element has ruined it for the latter group, because almost noone trusts "Sorry - go here to opt-out of further emails" any more.
The address of the server, Toad.com, is one of 25 open mail relays hard-coded by its unidentified author into the W32.Yaha worm, according to analyses by anti-virus firms Symantec and Sophos.
Quoth my shell:
# nslookup toad.com
/etc/mail/BannedIPs /etc/rc.d/init.d/sendmail restart
Non-authoritative answer:
Name: toad.com
Address: 140.174.2.1
# echo 140.174.2.1 >>
#
And I thought it was just about time to go home too. Now I'm warming up my compiler... :-(
Another vote for "Bullsh*t". I'm pretty certain that the LED doesn't blink for *every* single bit. And what about compression techniques that use phase and so on? You are not actually putting just ones and zeros onto the wire you know.
I don't think this is actually entirely Microsoft's fault. A *lot* of motherboards appear to have ACPI problems with Windows XP, which I gather is being quite strict in it's adherance to ACPI specs, where as some of the motherboard chipset vendors have not been so diligent. That said, I have a motherboard which is "not 100% ACPI compliant" according to the vendor which is running Windows XP fine in ACPI mode, so it looks like a classic "YMMV" issue.
My car's design has a flaw and the manufacturer issues a public recall for a free repair, I have this mentioned when I next go for a service, but choose not to have the work done because it's too inconvenient. The part fails and I am involved in an incident that causes harm to a third party - I think I should have my ass sued clean off, don't you?
My software has a bug, the vendor issues a freely downloadable patch, and even emails me about it, which I choose to ignore and don't install it. My server is compromised and used to DoS a third party - I think I should have my ass sued clean off, don't you?
In the incidence of software this is clearly related to the debate about disclosure of vulnerabilities. You have to acknowledge that software is going to have flaws, that it takes a period of time from discovery of a flaw to produce, test and release the fix, and that during this time liability is the grey area this topic is discussing, but once the fix is out and announced, responsibilty *has* to be transferred onto the people using the software rather than those that produced it.
I don't think you can blame a vendor for having a bug in their code, because it's not a perfect world and it happens (albeit more with some vendors than with others) and doing so sets a precedent that would effect other industries as well. You can however apportion a great deal of blame after the flaw becomes public knowledge, and reapportion that blame once the fix is available or if the fix is sufficiently tardy in arrival to cause problems. Which explains a great deal about some people's attitudes towards the issue of full disclosure, doesn't it?
True enough, the spammers probably don't give a damn about what pathetic legislation can be brought against them at the moment, especially the hardcore responsible for the bulk of it. More serious legislation to let you go after the spammers, the ISP hosting them and maybe even the luser whose open relays were used would still be a further deterrent though.
That aside, I don't think you can win the fight against spam by going after the spammers directly either, but what is required is to remove their support infrastructure and watch them wither on the vine. If spammer friendly ISPs are more liable for the actions of their customers then we might stand a better chance of reducing spam. My dial up ISP in the UK, Demon Internet, has recently institued a policy of pulling the plug on it's customers before notification of the customer if they are, or are being used to, spam. Like any legislation this is a start, and every little helps... the more ISPs that implement similar procedures the better.
Don't get me wrong, I think DRM as it stands sucks big time and we've got this whole mess because no one bothered to drag copyright legislation into the digital age in a timely and effective manner. The crux of the matter though is that if the studios can't make a profit on a show then they won't make it and people are getting confused by two totally seperate and unrelated issues with regard to downloading episodes.
There is the issue of "copyright" and there is the issue of "piracy / loss of revenue". If you download an episode of show x, have you really deprived the studio of revenue? In truth the answer is probably not - you would have most likely have watched it (and the ads) when it aired, and if you couldn't have downloaded it would have recorded it instead. So all you have done is changed the media you taped it to into one more convenient for your use instead of encoding it yourself. Where the studios are losing money however is when the people who have recorded or downloaded episodes don't by the "official" releases of the show when they are released. The problem is that this has not really been settled in the courts yet like happened when video recorders first arrived. The way things stand at the moment, I don't see that the studios have any beef with the people who download the episodes / MP3s or whatever (even if they would like to). Any potential cases would rapidly become "fair use" issues and they stand to set a precedent that they would prefer to avoid no matter what, so they grey area is not ideal but preferrential. However, distribution of movies/MP3s without approval *is* a copyright infringement, hence the attack dogs going after the likes of Napster and sites offering episode downloads.
I don't know what the figures are for the studios, but I did see a comment in a UK PC magazine once that to produce the same content without any advertising at all would increase the shelf price from £5 to £25. Quite a hike. Would you be prepared to see your cable/satellite bill go up by the same percentage just to lose the adverts? Plus the additional amount to cover the costs of those who say stuff it and cancel their subscriptions?
I'm guessing that for the majority of viewers the answer will be a resounding "NO WAY!"
Answer: very few, if any.
However, what RFCs (and BCPs) like this can potentially provide is an escape clause for responsible employees who discover a problem with their company's software to make it public without having their own employer sue their ass under the DMCA or whatever local equivalent might exist. Let's face it, if a Techie gives his PHB a procedure for dealing with incidents that includes a phrase like "in compliance with RFC's X, Y & Z" how many are going to read them before they sign off on them?
Or you could even be honest and openly use the RFC as a basis for your own company policies on the matter at hand.
I've seen a site well and truly compromised because frickin' Microsoft sat on a bug long after the Blackhat's had an exploit. It only took two days before their entire DMZ was rooted and credit card details stolen, and the stupid thing was, if the site had known that there was a problem they could have worked around it and avoid the legal mess they got into and are still in.
The only saving grace is that this probably won't happen to them again; they are now an ex-customer of Microsoft's and running Apache instead. True, Apache has its own problems, but at least they give you a chance to prevent any issues arising if you care to do so.
PS. Can I interest anyone in 40 used copies of NT Server? Thought not.
What they'll be doing is redirecting the eBGP route (ie. bit that says "go here to get to their IP block") for the ISP concerned to the routers equivalent of /dev/null. We use this technique a lot to dump traffic from problem areas until the problem is fixed as it's quick and easy (usually a one liner in the config) and 100% effective. It's a good way of bringing people into line, although usually just the threat of this is enough to prompt any action that is going to happen since it's about as extreme as one ISP can be to another.
Because if the wheels are on the side it's going to try and topple forwards or backwards, and you have two readily available wheels to counter that. If they are front and back, then there is no mechanism in place to stop the tendency to fall to the side.
Anybody up to testing this? Do you have a spam mailbox to submit to DMA to see who harvests it?P Yup. For a couple of weeks now. Either my fictitious account has been lucky or DMA "e-ps" is currently legit.
So, let get this straight, some people are upset because the "conspiracy" plots are becoming more prevalent. Well, if you watch the show for its entertainmet value, who cares, as long as it's entertaining? On the otherhand, if you watch the show because you are really *into* it, then this is just like real life I'm afraid (that thing you might keep hearing that you should get one of) - conspiracies breed further conspiracies once they start to leak, so it's only natural that there should be more such episodes.
We canned the idea for Internet, but this application sounds ideal; low bandwidth, low contention (presumably), and if it goes wrong, you can always send the legacy meter readers around in a van... Or you could upgrade all your kit, I wonder which one they'll opt for...