I read the original article at www.sys-con.com, then I glossed over the comments. What I did not see is what patents do SCO have in mind. OK, patents that cover Sys V, but namely which ones? The file system hierarchy, maybe? Like / ,/bin ,/usr , and so on? Can't be. Symlinks? Pipes? Device files? The 9 bit file permissions?
I have always been wondering about this possibility. I dunno the legal / other implications there may be, so I have not tried it. Plus, it takes time.
Suppose that, instead of deleting the spam, I read it. Certainly, the spammer wants a credit card number, or banking account details. So, I pretend I want to buy whatever they sell. I give them the information they are asking for -- but INVALID information. Invalid credit card number or invalid account number. "invalid" meaning a number I made up.
Now, if I just make a random sequence of 16 decimal digits, the spammer may be able to figure out it is not valid. Probably not any combination of digits is a valid card number, I dunno. Maybe there are control digits, or in general the number has to conform to some criteria to be considered valid. Suppose that I know these criteria and I send them a "syntactically" valid card number, just a fictious one. The spammers organisation has no way of knowing this number does not work, unless they check with Master Card or Visa or AmEx, whoever the owner of the card is.
I am pretty sure this is going to hurt the spammers, provided many people do that. If they (the spammer) make plenty of requests for money transactions (I dunno the proper term) to the credit card company with invalid card numbers, the company will stop doing business with them (the spammer). This is a wild guess, of course, but I simply can't imagine that someone will make hundreds of attempts with invalid card numbers and there will be no penalty.
Something similar can be done with bank account numbers - give them an invalid one. The bank will not appreciate having plenty of requests for money transactions from inexisting accounts!
As I said, I don't know the legal implications. For the moment I do once in a while:
for i in `seq 1 100000`; do wget ; rm -f *; \ done
in an empty directory, with the URL the spammer provided. I have a cable conncetion, so this works fast. Again, if many people do that, the spammers' web sites will be brought to their knees.
Slashdot Mirror
I read the original article at www.sys-con.com, /bin , /usr , and so on? Can't be. Symlinks? Pipes?
then I glossed over the comments. What I did not
see is what patents do SCO have in mind. OK,
patents that cover Sys V, but namely which ones?
The file system hierarchy, maybe? Like / ,
Device files? The 9 bit file permissions?
I have always been wondering about this
possibility. I dunno the legal / other
implications there may be, so I have not
tried it. Plus, it takes time.
Suppose that, instead of deleting the spam,
I read it. Certainly, the spammer wants a
credit card number, or banking account
details. So, I pretend I want to buy whatever
they sell. I give them the information they
are asking for -- but INVALID information.
Invalid credit card number or invalid account
number. "invalid" meaning a number I made up.
Now, if I just make a random sequence of
16 decimal digits, the spammer may be able
to figure out it is not valid.
Probably not any combination of digits is
a valid card number, I dunno. Maybe there
are control digits, or in general the number
has to conform to some criteria to be considered
valid. Suppose that I know these criteria
and I send them a "syntactically" valid card
number, just a fictious one. The spammers
organisation has no way of knowing this number
does not work, unless they check with Master Card
or Visa or AmEx, whoever the owner of the card
is.
I am pretty sure this is going to hurt the
spammers, provided many people do that.
If they (the spammer) make plenty of requests
for money transactions (I dunno the proper term)
to the credit card company with invalid card
numbers, the company will stop doing business
with them (the spammer). This is a wild guess,
of course, but I simply can't imagine that
someone will make hundreds of attempts with
invalid card numbers and there will be no penalty.
Something similar can be done with bank account
numbers - give them an invalid one. The bank
will not appreciate having plenty of requests
for money transactions from inexisting accounts!
As I said, I don't know the legal implications.
For the moment I do once in a while:
for i in `seq 1 100000`; do wget ; rm -f *; \
done
in an empty directory, with the URL the spammer
provided. I have a cable conncetion, so this
works fast. Again, if many people do that, the
spammers' web sites will be brought to their knees.