As promised, there's a new tool in town. Project Web Form Flooder is still in beta, but it's functional in flooding spammer's websites with plausible data. Java source code only right now, but I'd imagine the./ crowd can deal with that.
If we flood spammer's websites with garbage data, maybe, just maybe we'll do a little to remove the profit motive in spamming, and once there's no money in it it'll end.
Isn't it time we stopped crying and started doing something?
So there shouldn't ever be an application that connects to a data replication server or an external data source? That's what you're effectively saying.
Phone APIs are not about low quality arcade games on tiny screens with poor UI controls. They're about accessing data and allowing the user to interact with that data in a mobile environment. Without the ability to read and write remote data, there's very little a next-generation phone has to offer a user over a telephone-only device.
It's about designing a secure mobile device not by hacking off all possible userful functionality, but by designing the system from the ground up with security in mind. You don't have to follow the Microsoft design paradigm (and accept the inevitable vulnerabilities) in order to provide useful functionality! There are other design models.
If FormFucker was open source, I'd be using it. And if I could lay my hands on it, I'd consider it. But all I can find regarding it is some usenet postings, and I assume the only way to get it is to have the coder email it to you. And does it run on linux? If not, it's of little use for me.
An open source alternative allows us to do a better job combating the inevitable countermeasures. It might also be more useful in testing webapps, and have broader application than just an anti-spam tool.
And anyways, it's a fun project to work on and my first opportunity to create a project that has a prayer of being interesting to anyone other than myself.
You're absolutely correct. Let me even suggest a few refinements:
- You have a java application that scans a website, identifies HTML input tags, and figures out how to fill out the form with plausible, although fictitious data.
- That application submits the generated data and ensures success by checking the http response code to the submission. Rinse and repeat.
- The application can pound about 100 submissions per minute on a broadband connection.
- The full source and app are released on sourceforge about a week from now under GPL.
- Anyone who gets some insipid email can run this app without having to create HttpUnit or HtmlUnit scripts.
- App is console based, uses java.io, java.net and java.util packages only to make install easy and ensure cross-platform reliability.
- "Random" string-based data (names, streets, cities, etc.) is contained in text files that users can maintain on their own making it difficult for spammers to identify bogus data and produce countermeasures.
- No site to check for "orders", you control where your app will pound, you are responsible for employing it wisely.
Instead of using humans to respond to computers, let's have the computers do the work, eh? Isn't that what they're for?
If it takes three pages to describe the solution, my gut feeling is it's unworkable. What's always seemed to work for me is getting smacked when I screw up.
Leave your mailserver unsecured and have it hijacked by spammers? Get blacklisted by the major mail relays and lose your business. Your screw up, you pay. That'll improve global mailserver security almost instantly.
Run chinanet.cn and actively solicit spammers? Get blacklisted not only by mail relay but also by routers by US companies tired of your crap. How long will chinese ISP's continue to allow this when their network starts getting cut off from the world?
Companies have to find the guts to actually hold other companies accountable for their making spam and fraud possible. They're the ones bearing the burden, and they're the only ones who actually have a significant cluestick to weild. If UUNet, AT&T, AOL and the RBOCs decided to cut off the enablers, those slimy hosting services and undisciplined problem children would either have to shape up or disappear.
Relaying TCP and UDP traffic is a _priviledge_, not a _right_.
Given what I've seen of the general populace, and what would likely draw viewers, a science channel lineup might look like this:
6PM: News based entirely on polls, so Americans might know whether they're thinking properly (i.e.: in the majority) or whether the majority is whacked ( i.e.: they're not in the majority)
7PM: The science of fashion - what the celebrities wear and why people think it's "kewl" - a discussion by expert panelists
8PM: Brittney Spears' music - psychologists discuss the meaning of "I'm not that innocent"
9PM: Online dating guide show - the scientific matching of people based on realtime audience voting
10PM: Science you can use: how to use Microsoft Word
11PM: Intelligent Design Hour - it must have been God.
12PM: Viruses are Bad: how to spot a virus my the header of an email message, and why not to open anything entitled "Join The Crew"
1AM: Video Game Roundup!
American's wouldn't generally know science unless it crawled up their ass and bit them on the tongue.
Yeah, I suppose it'd be easier to reach around the back of the case and fumble for the "on" switch every time I turned it on rather than fumble around in the back to plug in different cables once a week. All the practice I'd get doing that would make that little task second-nature, I'm sure.
The alternative is to get a 5U rackmount case. Some of those have all of the connections up front, they're just a royal pain to get into.
I'd LOVE to find a case where all of the connections were in the front so I wouldn't have to fish around blind behind my very pretty case for a cable. I wouldn't give a whit if it was the color of vomit, had been tagged with spraypaint, and was labelled "fag toy".
I'm shaking my head, wondering how this could happen, when I stumbled across this wonderful pearl of anti-wisdom:
"Not to mention the fact that the Linux kernel itself lacks any support for any type of journaled filesystem, memory protection, SMP support, etc,.."
Now any sysadmin that hasn't bothered to read the manual far enough to know what ext3, jfs, reiserfs and xfs are, to name a few, can't possibly have read enough to know how to implement Samba, BIND, and NFS successfully. And to claim that Linux doesn't support SMP, (and that Win98 and WinNT is a preferable SMP alternative!) is shockingly ignorant.
The true cost of this ignorance will likely be a continued incarceration with the likes of VB. I'd hate to pay that price!
There already is a Chinese Linux. Check out Red Flag at www.redflag-linux.com/eindex.html. It offers some interesting features such as "Read/write support of naked equipment" in it's "High-performance operating systems of mass memory". Seems like a winner to me.
With this fine alternative, there's no need to steal MS code, unless you're using it to improve the comments in the code. Engrish comments are probably detrimental to maintenance efforts...
I'm curious about exactly what features Windows or MacOS "brought in" "4 or 5 years" before it was available in GNU/Linux. Would that be networking? Nope, until Windows For Workgroups, Microsoft said that PC's would never need to network. Would that be internet? Nope, as Microsoft lagged everyone in rolling out web tools, claiming it was a silly fad. In all my experience, it was Microsoft that was "laughing about how dumb and needless it was" for these things to exist up until they got scared and cobbled together their own solution, usually by buying someone.
As far as MacOS, they've done some decent things up until they decided to throw away their kernel and rebuild everything on a BSD foundation. Now that's _really_ a case of being ahead of the power curve, eh? It would be laughable if it weren't for being such a brilliant idea. But I guess the BSD folks are also behind the times, and are 4 or 5 years behind microsoft in innovating such tremendous vulnerabilities for their systems.
I wardrive my neighborhood and see WAP's growing at about 10% a month. It's getting difficult to find dead spots. At the same time, Best Buy has networking (wired and wireless) stuff flying off their shelves driving higher revenues and profits. Meanwhile, communucations "choice" is still mired in regulatory politics, broadband monopolies aren't going away any time soon, and noone is seeing much price competition to deliver high-speed internet access.
So let's just screw 'em. We don't need retail telecom/broadband. We're going to soon BE that ourselves.
Wholesale internet access is getting cheaper, and all it takes is enough geeks in a neighborhood who are willing to split costs and devote a little effort, and you can bypass the crappy customer service, perhaps that bucketful of bizarre taxes, and those godawful installers. WiFi for the people, baby!
The more BS like this that government tries to pull, the more the tech-savvy will find ways to end-around this boatload of BS. Maybe then government can keep itself busy trying to screw with the ever-decreasing populace that hasn't suffered enough at the hands Comcast, Cox and the rest.
This is some REALLY novel legal theory as far as I can tell.
Congress passes a law directing the FTC to do something, yet somehow the FTC lacks the authority to implement a law??? Did this guy leave SCO's legal department in order to plant his butt on the bench?
And how in the name of jehosephat is it a "Free Speech" infringement to tell a company it may not solicit you via your telephone? They're welcome to install a telephone in my residence with my permission (for which they'll dearly pay) and they can solicit me on their own phone all they want. Telemarketing is THEFT of your property, and the last time I checked, the First Amendment never authorized people to break into your house at 3sm for the purpose of trying to sell you something.
Likewise, I fail to see the constitutional argument that the possible loss of jobs by telemarketers is a compelling state interest under the constitution. If this held any water at all, we wouldn't be pursuing child pornogaphers out of fear of economic loss to the smut industry. Now would we be restricting commerce in moonshine, machineguns or cannabis.
I'm all for using this judge's interpretation of "Free Speech" to drive his clerk and his staff up the wall by ringing his telphone off the hook. The last thing we want to do is insulate this moron from the consequences of his hallucinatory legal reasoning.
Here's a great business model that'll get you $1.92 bil in net income pretty quick--
Make every car manufacturer collect a royalty for you for the engine in their product, regardless of whether your engine is actually installed and used or not. Make every coffee maker vendor collect a royalty for you for the beans that will be used to brew your coffee, regardless of the actual beans used. This is the MicroSloth model. This is your reality right now.
But heck, complain enough about this and you're an enemy of "innovation" and thus worthy of a good flogging. Just like malicious code targetting MS products are a threat to "innovation" instead of a reason to actually engage in it. Forking dumbwits.
Years ago the FCC's enforcement unit would send out white vans crammed with signal equipment in order to discover unauthorized transmitters and other violations of the regs. Those vans are pretty much gone now.
These days, they wait for complaints of interference before they send out the vans, and there are far fewer of them than there used to be. The mentality has changed from being the airwaves police to transferring the responsibility of discovering violations to operators, and the public. The only thing they do now is investigate complaints. Seems to make sense to me -- sorta the "no harm, no foul" rule.
So all you out there with yer big 24dB antennas, while you might potentially be in technical violation, no one's going to come knocking at the door unless you end up screwing someone else over. So be good to your neighbors, use some discretion, and lo and behold the government isn't going to smite you for using the resource YOU OWN in a way that harms no one.
Some libertatian snuck his way on to the commission somehow in the 90's. This actually seems to make some sense.
I'd love to be paid "simply to live my life". Since you apparently think it's a great idea, how about you send me a check for a reasonable $100 each week?
I hear North Korea has been working on implementing this model. It's a wonderfully complete centrally planned economy with a big focus on citizen's welfare. Cuba's working on this also. Maybe we'll be lucky enough someday to enjoy all the benefits these countries have to offer. I can just imagine the joyous cries of the people who will celebrate their being freed from inflation before it got too bad!
It'll probably sound like this "Food! Please, just give me just a little food!"
Slashdot Mirror
As promised, there's a new tool in town. Project Web Form Flooder is still in beta, but it's functional in flooding spammer's websites with plausible data. Java source code only right now, but I'd imagine the ./ crowd can deal with that.
If we flood spammer's websites with garbage data, maybe, just maybe we'll do a little to remove the profit motive in spamming, and once there's no money in it it'll end.
Isn't it time we stopped crying and started doing something?
Phone APIs are not about low quality arcade games on tiny screens with poor UI controls. They're about accessing data and allowing the user to interact with that data in a mobile environment. Without the ability to read and write remote data, there's very little a next-generation phone has to offer a user over a telephone-only device.
It's about designing a secure mobile device not by hacking off all possible userful functionality, but by designing the system from the ground up with security in mind. You don't have to follow the Microsoft design paradigm (and accept the inevitable vulnerabilities) in order to provide useful functionality! There are other design models.
An open source alternative allows us to do a better job combating the inevitable countermeasures. It might also be more useful in testing webapps, and have broader application than just an anti-spam tool.
And anyways, it's a fun project to work on and my first opportunity to create a project that has a prayer of being interesting to anyone other than myself.
- You have a java application that scans a website, identifies HTML input tags, and figures out how to fill out the form with plausible, although fictitious data.
- That application submits the generated data and ensures success by checking the http response code to the submission. Rinse and repeat.
- The application can pound about 100 submissions per minute on a broadband connection.
- The full source and app are released on sourceforge about a week from now under GPL.
- Anyone who gets some insipid email can run this app without having to create HttpUnit or HtmlUnit scripts.
- App is console based, uses java.io, java.net and java.util packages only to make install easy and ensure cross-platform reliability.
- "Random" string-based data (names, streets, cities, etc.) is contained in text files that users can maintain on their own making it difficult for spammers to identify bogus data and produce countermeasures.
- No site to check for "orders", you control where your app will pound, you are responsible for employing it wisely.
Instead of using humans to respond to computers, let's have the computers do the work, eh? Isn't that what they're for?
Now that is a combination that makes my heart go pitter-patter!
If only we could mandate that anyone who writes a blog does so in emacs. The average intellectual quality of the web would fscking skyrocket.
Leave your mailserver unsecured and have it hijacked by spammers? Get blacklisted by the major mail relays and lose your business. Your screw up, you pay. That'll improve global mailserver security almost instantly.
Run chinanet.cn and actively solicit spammers? Get blacklisted not only by mail relay but also by routers by US companies tired of your crap. How long will chinese ISP's continue to allow this when their network starts getting cut off from the world?
Companies have to find the guts to actually hold other companies accountable for their making spam and fraud possible. They're the ones bearing the burden, and they're the only ones who actually have a significant cluestick to weild. If UUNet, AT&T, AOL and the RBOCs decided to cut off the enablers, those slimy hosting services and undisciplined problem children would either have to shape up or disappear.
Relaying TCP and UDP traffic is a _priviledge_, not a _right_.
I'd hate to be there. Closet Luddites don't need anywhere near that degree of provocation. Really.
6PM: News based entirely on polls, so Americans might know whether they're thinking properly (i.e.: in the majority) or whether the majority is whacked ( i.e.: they're not in the majority)
7PM: The science of fashion - what the celebrities wear and why people think it's "kewl" - a discussion by expert panelists
8PM: Brittney Spears' music - psychologists discuss the meaning of "I'm not that innocent"
9PM: Online dating guide show - the scientific matching of people based on realtime audience voting
10PM: Science you can use: how to use Microsoft Word
11PM: Intelligent Design Hour - it must have been God.
12PM: Viruses are Bad: how to spot a virus my the header of an email message, and why not to open anything entitled "Join The Crew"
1AM: Video Game Roundup!
American's wouldn't generally know science unless it crawled up their ass and bit them on the tongue.
The alternative is to get a 5U rackmount case. Some of those have all of the connections up front, they're just a royal pain to get into.
Screw fashion. I want functionality.
"Not to mention the fact that the Linux kernel itself lacks any support for any type of journaled filesystem, memory protection, SMP support, etc,.."
Now any sysadmin that hasn't bothered to read the manual far enough to know what ext3, jfs, reiserfs and xfs are, to name a few, can't possibly have read enough to know how to implement Samba, BIND, and NFS successfully. And to claim that Linux doesn't support SMP, (and that Win98 and WinNT is a preferable SMP alternative!) is shockingly ignorant.
The true cost of this ignorance will likely be a continued incarceration with the likes of VB. I'd hate to pay that price!
With this fine alternative, there's no need to steal MS code, unless you're using it to improve the comments in the code. Engrish comments are probably detrimental to maintenance efforts...
As far as MacOS, they've done some decent things up until they decided to throw away their kernel and rebuild everything on a BSD foundation. Now that's _really_ a case of being ahead of the power curve, eh? It would be laughable if it weren't for being such a brilliant idea. But I guess the BSD folks are also behind the times, and are 4 or 5 years behind microsoft in innovating such tremendous vulnerabilities for their systems.
Who's the zealot?
So let's just screw 'em. We don't need retail telecom/broadband. We're going to soon BE that ourselves.
Wholesale internet access is getting cheaper, and all it takes is enough geeks in a neighborhood who are willing to split costs and devote a little effort, and you can bypass the crappy customer service, perhaps that bucketful of bizarre taxes, and those godawful installers. WiFi for the people, baby!
The more BS like this that government tries to pull, the more the tech-savvy will find ways to end-around this boatload of BS. Maybe then government can keep itself busy trying to screw with the ever-decreasing populace that hasn't suffered enough at the hands Comcast, Cox and the rest.
Visit Seattle. Behold the future.
Congress passes a law directing the FTC to do something, yet somehow the FTC lacks the authority to implement a law??? Did this guy leave SCO's legal department in order to plant his butt on the bench?
And how in the name of jehosephat is it a "Free Speech" infringement to tell a company it may not solicit you via your telephone? They're welcome to install a telephone in my residence with my permission (for which they'll dearly pay) and they can solicit me on their own phone all they want. Telemarketing is THEFT of your property, and the last time I checked, the First Amendment never authorized people to break into your house at 3sm for the purpose of trying to sell you something.
Likewise, I fail to see the constitutional argument that the possible loss of jobs by telemarketers is a compelling state interest under the constitution. If this held any water at all, we wouldn't be pursuing child pornogaphers out of fear of economic loss to the smut industry. Now would we be restricting commerce in moonshine, machineguns or cannabis.
I'm all for using this judge's interpretation of "Free Speech" to drive his clerk and his staff up the wall by ringing his telphone off the hook. The last thing we want to do is insulate this moron from the consequences of his hallucinatory legal reasoning.
Make every car manufacturer collect a royalty for you for the engine in their product, regardless of whether your engine is actually installed and used or not. Make every coffee maker vendor collect a royalty for you for the beans that will be used to brew your coffee, regardless of the actual beans used. This is the MicroSloth model. This is your reality right now.
But heck, complain enough about this and you're an enemy of "innovation" and thus worthy of a good flogging. Just like malicious code targetting MS products are a threat to "innovation" instead of a reason to actually engage in it. Forking dumbwits.
insert appropriate
These days, they wait for complaints of interference before they send out the vans, and there are far fewer of them than there used to be. The mentality has changed from being the airwaves police to transferring the responsibility of discovering violations to operators, and the public. The only thing they do now is investigate complaints. Seems to make sense to me -- sorta the "no harm, no foul" rule.
So all you out there with yer big 24dB antennas, while you might potentially be in technical violation, no one's going to come knocking at the door unless you end up screwing someone else over. So be good to your neighbors, use some discretion, and lo and behold the government isn't going to smite you for using the resource YOU OWN in a way that harms no one.
Some libertatian snuck his way on to the commission somehow in the 90's. This actually seems to make some sense.
insert appropriate .sig here
I hear North Korea has been working on implementing this model. It's a wonderfully complete centrally planned economy with a big focus on citizen's welfare. Cuba's working on this also. Maybe we'll be lucky enough someday to enjoy all the benefits these countries have to offer. I can just imagine the joyous cries of the people who will celebrate their being freed from inflation before it got too bad!
It'll probably sound like this "Food! Please, just give me just a little food!"