What is Digg?Sponsored by Dragon Age: Origins
See the new YouTube feature trailer for Dragon Age: Origins view!
youtube.com/DragonAge - EA presents BioWare's new dark fantasy epic Dragon Age: Origins. '9/10' from Game Informer.
77 Comments
- eridius, on 10/12/2007, -1/+29Do you understand how this works? Blue Security changed their DNS so bluesecurity.com was an alias of bluesecurity.blogs.com. This can be done without their webserver ever going back online. What this means is any future attempts to contact bluesecurity.com would instead contact bluesecurity.blogs.com, very neatly shifting the DDoS off of bluesecurity's network and onto Six Apart's. And they did this completely intentionally - I refuse to believe the person (or persons) responsible for this decision didn't know what they were doing.
In any case, you make it sound like Six Apart has some blame for not being able to withstand a DDoS, which is pretty ridiculous. And no, the attacks were aimed at taking down Blue Security's website, not taking down Six Apart's network. - SpyDerMann, on 10/12/2007, -2/+20Have you considered guys that yesterday bluesecurity.com was linked by Slashdot? DOH. But well, we have to take into account that the Russian Mafia spammers (yes, Mafia. We're talking about big money hackers here) want to take down Blue Security as soon as possible.
Don't worry, tho. If they kill us they'll make us much stronger (just wait till a decentralized version of Blue Frog appears)
And regarding vigilantism, take this into account: _ALL_ the recipients have the LEGAL right (CAN-SPAM) to opt out. Even if that implies taking the spammer's website down as a side effect. - ingoldsby, on 10/12/2007, -6/+20I wonder if BlueSecurity even thought of the fact they would be shifting the DDOS attack off to six apart. It appeared that they seemed to want to get a message out to people trying to get to bluesecurity.com. so they redirected to a site they could post blogs to.
That said, if they didn't think about it taking down that host, they should have - But I don't think it was an intentional "QUICK SHIFT THE ATTACK OFF OUR SERVERS" that the writer of the article makes it sound to be.
I for one actually agree with the way that they are fighting back against spam. Let's face it, filters don't work well. - eridius, on 10/12/2007, -5/+19What? Six Apart isn't some backup network for Blue Security - they provided a blog for Blue Security. Nowhere in the service agreement was the implication that Six Apart was responsible for blunting a DDoS against Blue Security's main server. They paid for a *blog*. If I buy an apple from you, do I have the right to expect you to step in front of a bullet for me? Or, more accurately, do I have the right to *push* you in front of a bullet for me?
- panique, on 10/12/2007, -1/+14They should have changed their DNS records to point to 127.0.0.1
- scriptkiddie, on 10/12/2007, -0/+12We should have a day where we attack the major spammers. "Global Attack on Spammers" Day.
- Novion76, on 10/12/2007, -1/+12While it's unfortunate that another server got taken down, it's not fair to claim that Blue Security deliberately made an attempt to DDoS another server to save their own. I did see Blue Security's blog a little earlier today, and I believe that that was their attempt to stay in contact with their users on a site they believed could withstand an attack. Did they intend to have the other site go down? I doubt so. My apologies to the typepad and livejournal users (I am one myself), but your hosting really was not down for that long. Take a break from the blogging and wander elsewhere.
The site that is talking about Blue Security, while some criticism is deserved, I feel is being unfairly biased. If anything, they are helping the spammers by not properly researching about what bluesecurity ACTUALLY does before they make claims about it (Don't know? Read http://www.ranum.com/security/computer_security/editorials/bluesecurity/). Blue Security does not DDoS other spammers. For every spam sent that lands in a bluefrog user's box, and opt out is sent in return. That seems fair enough doesn't it? It's not malicious code, and it's something any user could do on their own, only now it is automated. If the spam website cannot take a wave of opt outs equal to the spam they send out, that's their fault.
Regarding the current spike in spam for Blue Frog users (like myself) why are you surprised? When your artillery is down they will fire everything they can until you can get it back up. They are attacking as hard as they can because Blue Frog doesnt have the resources to fight back at the moment. I just hope that Blue Frog does get back up in the next few days. When it does, I am sure there will be hell. The first sign of hope is that my frog no longer has that orange exclamation mark beside him that has been there for hours.
I'm saving up my spam (really it's not that bad at the moment, I only have 11 in my junk folder waiting), and I am fairly certain they belong to the same spammer. Have patience.
For those who will join us, http://sourceforge.net/projects/bluefrog - dishkuvek, on 10/12/2007, -9/+20Redirecting your DNS to shift an attack from you to someone else is absolutely shady.
- radu79, on 10/12/2007, -2/+12Some DDoS uses IP addresses, and some uses host names.
It is perfectly plausible they didn't know their host name was DDoSes, and they believed it was the IP, in which case they just wanted to post some info for the world to see. - DefensiveCore, on 10/12/2007, -0/+10What happened was a spammer or spammer group used the Blue Frog list cleaning tool to clean the list they already had. By seeing which e-mails were missing, they were able find out roughly (some percentage of error) who uses the Blue Security service. So essentially, they already had your e-mail to begin with, now they are just trying to scare you off of Blue Security. They only win if you quit the service. Otherwise, well, your e-mail is probably going to stay on that original spammer list since it was already there to begin with. Now it just looks like they are narrowing their operation to just those they think are using Blue to drop the number of users, hence increase in both threat spam and "normal" spam. However, at the same time, they are burning their resources for 0 profit.
- Guspaz, on 10/12/2007, -2/+12Was this stupid of them? Yes. Did they DDoS anybody? No.
Also, Blue Security doesn't DDoS spammers. There is a direct one to one correlation between spam mails received by their users, to unsubscription requests sent. The spammers only receive as many ubsubscription requests as they sent out spam, and if they can't handle an unsubscription request for every spam they sent out, TOUGH.
That said, I don't use Blue Frog. I tried out their client briefly once, hated it, ditched it, and never looked back. But I don't have any sympathy for the spammers, and I don't agree with the conclusion of the article here.
Understand too that being under a DDoS isn't always obvious. How can you tell the difference between a server being hammered with legitimate traffic and a server being DDoS'd? In both cases your bandwidth graph spikes and you can't access the box. They might have just figured that the recent publicity over the spammer-threats had lead to some huge site linking them, and hoped that their blog could handle the traffic better than they could. - inactive, on 10/12/2007, -6/+16what a *****. i'd be pissed if i was Six Apart.
- oboreruhito, on 10/12/2007, -3/+13"This is just in."
Kent Brockman? - inactive, on 10/12/2007, -11/+21blue aren't shady. why is this moron continuously reffering to them as a shady company. they are perfectly open about what they do, and i agree with their methods.
it was a stupid idea on their part to point their domain are someone else service to try deflect the attack on them, but the real people to blame are the spammers luanching a dos attack against blue for simply sending them unsubscribe requests.
these spammers are using hacked zombies, but the summary and this blog make it seem like blue is the one dosing six apart, which is untrue. - sfacets, on 10/12/2007, -4/+14Who cares about the collateral... what they're doing is great work, ridding the internet of scum.
- inactive, on 10/12/2007, -2/+12Exactly. If the brief was truthful and not sensationalized, it wouldn't be as "Diggworthy" as if it was saying that BlueSecurity had DDoS'd LiveJournal on purpose.
And by the way, I joined BlueSecurity just because of the response that their actions have been getting. If they've made the spammers mad enough to start DoS attacks, BlueSecurity is doing a good job!
War is hell. They attack our inboxes, so we hit them where it hurts until they stop. - Fleury, on 10/12/2007, -10/+19Maybe I don't understand here, but how is a simple redirect to their blog on Six Apart's network shifting a sophosticated DDOS attack? It seems to me that if Blue Security's servers are already overloaded, a) They wouldn't be able to redirect to their blog, and b) They're the ones suffering the brunt of the attack anyway.
Six Apart is suffering from a DDOS in the same way as if someone's LiveJournal which originated on their network was controversial and caused some evildoers to launch a DDOS against them.
Sure, it was an iffy move on Blue Security's part to effectively say, f- this, our homepage is going to be on LiveJournal, but that still means that:
1. Six Apart couldn't deal with DDOS attacks directed against their network
2. Those attacks were aimed at taking down a page provided by Six Apart's services
3. The real villains here are the guys that are spamming your inbox and launching DDOS attacks against homepages - NetJoe, on 10/12/2007, -0/+8you really cant just shift a domain that's getting slammed to someone else without making arrangements for the load. it makes you look ignorant or malicious and neither improves your credibility.
- eridius, on 10/12/2007, -5/+12Are you asking me to believe that a company that intentionally spawns DDoS attacks doesn't know what they're doing when they shift a DDoS attack off of their network and onto Six Aparts?
- mailman-zero, on 10/12/2007, -2/+9I started using Blue Frog about five days before all of this started. I agree that the DDoS attacks are obviously happening because Blue Security is doing something right. I can put up with this. Gmail has already adapted and now blocks around 95% of the stuff I'm getting, so it doesn't really affect me, and it all just keeps getting reported back through the frog.
This could be the surge in publicity that Blue Security needs to get an insane amount of users! - dishkuvek, on 10/12/2007, -1/+8They would still be able to point their primary site address (www) to their blog on TypePad if their DNS was being hosted elsewhere, which is usually the case.
Also, this was not a "sophisticated" DDOS attack, the article is only saying that TypePad is calling it so (for some unknown reason).
Their homepage was NOT on LiveJournal, just their blog. So their homepage and their blog are on two entirely different servers in two entirely different locations. Six Apart should not have to deal with the DDOS because it was not directed at them. The attacks were NOT aimed at taking down a page provided my Six Apart, Blue Security forced this to be so. So while the real enemy may still be spammers, Blue Security did something very shady. - WikiTerra, on 10/12/2007, -3/+10First of all, the people at blue security aren't purposefully bringing down anyone else's servers--they had their URL redirect to the blog because their own server was down. How should they have know that the attack would be massive enough to take down a site that's part of a much bigger network? Even if you still condemn them, you should only be doing it for lack of foresight. Blue has a little kiddie pool being filled by a firehose, and they siphoned the flow to an olympic sized pool.
Second of all, how can anyone possibly call blue security shady? They're only able to do what they do because people sign up for it and use their service. As far as I can tell, they send out one email per message received, per user receiving it. The spammers have no moral or legal grounds for claiming that the people they send spam to shouldn't be allowed to reply with stop a sending request. If they keep getting more of those requests it's their own fault for continuing the spam, not blue security's, and not the user's.
Blue Security is fighting on your side. Don't condemn them. - hfiske, on 10/12/2007, -2/+8bigjuju posted this on the other Blue Security Digg story (http://www.digg.com/security/Spammer_threatens_to_publish_anti-spam_registry_e-mail_addresses._) yesterday. It is an entry on a spammers messageboard regarding the effect that the Blue Security commumity is having on them and their 'sponsors' (the websites the spam messages advertise) and looks like they are starting to hurt. Now is not the time to give up fighting them, we had 500,000 members before this ddos attack, lets see what a million can do... 8^)
==============================
" RE: B l u e S e c u r i t y | READ U... (in reply to killthem)
Ginsta, they didn't do anything to you YET, but they are attacking many sponsors, some you might even be promoting. They aren't just attacking sponsors, they're attacking our community by the hypocritical position of justifying their means by the end
It's just a matter of time (if we don't take action now) before they have a botnet of which we would have no chance of stopping, you have to understand that. If they built their userbase to say 2 million, 1 request command to each of their "frogs" would drop the host in a minute. No point letting someone gain power without being challenged. If they want to be on top they'll have to show they have the balls to undergo some deep *****.
In all reality, these idiots try to speak as if their intelligent on their forum, you should read it. Half the a**holes can't spell "protocol" and 50% of them are high school drop outs who don't realize it takes 1 second to click a delete key and be mindful of where you place your email address.
While bad attention is always good, because it's still attention, this is a rare case where no one will jump into this fight simply to "stand up to fight spam" while also being mindful they are willing participating in illegally ddos operations. It'll be a matter of time before BlueSecurity gets shut down for that fact alone, until then, stand up for your industry and kill the ***** out of their userbase.
Their page is being held down, you won't get complaints, just hit the ***** out of their inbox until they realize they'd get LESS spam by not being part of the BF botnet.
My enemy's enemy is my friend, just remember that and spam the f*** out of those *****" - gotamd, on 10/12/2007, -3/+8This entirely innaccurate. Blue Security did not DDoS anyone. A russian spammer, or group of spammers, DDoS'ed Blue Security. Blue Security mistakenly moved its root address to other servers, which wasn't smart but by no means is that similar to them intentionally DDoS'ing those servers.
- inactive, on 10/12/2007, -1/+6If their approach wasn't working, then the low life spammers wouldn't have DDoS'ed them.
- fintheman, on 10/12/2007, -2/+7Sorry, the source forge link works fine, use it to download bluefrog
Thank you DDosers for letting everyone know about bluefrog!! - SpyDerMann, on 10/12/2007, -2/+7This is just in. Apparently the spammers not only DDOSed BlueSecurity, they also killed the DNS and the BGP peering points.
http://slashdot.org/~Spy+der+Mann/journal/134842 - cybe, on 10/12/2007, -2/+7Looking forward to try Blue Frog...
- ingoldsby, on 10/12/2007, -5/+9I'm not asking you to believe anything, I'm just stating my opinion on the matter - however mainly what I have an issue with in regards to the article is how the poster refers to the company as if they are sneaky and underhanded. I do think that BlueSecurity should have just dealt with the attack on their own instead of redirecting, but I don't think it was as malicious as you make it sound.
They aren't at all, they are completely open about how they are operating. - enderu, on 10/12/2007, -0/+4Who cares about collateral? Oh, I don't know...maybe the tens of thousands of paying customers who lost service for 6 hours.
- bajones, on 10/12/2007, -1/+5All I know is that BlueSecurity was working great until I got the first threat email from these spammers. Since then, I've been getting 20-30 spam emails per day (and I'm sure they're all from the same person), about 1 out of 7 is another threat about BlueSecurity.
Well Guess what. It's great fun for me to forward them on to Blue Security. It actually makes me feel a lot better after I do it. This is war and I'm not giving in. - inactive, on 10/12/2007, -4/+8He even misrepresents how their software works:
"accurate description would be that the service performs outright denial-of-service attacks on spammers, and does so by convincing people to install an application (Blue Frog) on their computers which launches and participates in the attacks."
Thats totally untrue. All it does is send an opt-out email to the spammer on behalf of every person they (the spammer) have spammed.
Its no different than if the spam receiver had clicked on the 'Opt Out' link themselves.
Whoever wrote the atricle is a shill for spammers the world over!
Reported as Innacurate!
However, knowingly redirecting a DDos attack is pretty lame! - TugsMcgroin, on 10/12/2007, -0/+4Service agreement... people still read those? What did bluesecurity have to loose (well, besides all this bad publicity) by screwing sixapart? From my perspective, nothing. But then, I don't use either company's products. Why didn't they just point their domain back at one of the spammers?
- AlanJayWeiner, on 10/12/2007, -0/+3Just to clarify - it's *less* than one opt-out for one spam received; not all spam will generate an opt-out.
And Blue Security throttles the opt-outs so that they *don't* DDOS the spammer's servers.
They've modified their methodology several times to keep to the ethical side - the original plan was to send more opt-outs which *would* have DDOS the spammers.
For example, before they mount the opt-out campaign, they attempt negotiations with the spammer - they give the spammer at least 10 days to voluntarily remove members names from their lists; if they do, then no opt-outs are sent at all. Only if the spammer persists in sending spam to Blue Security members will they receive any opt-outs.
They also send reports to law-enforcement authorities for spam regarding drugs, child porn, etc.
They want to be a thorn - annoying enough so the spammer decides it's easier to clean their lists; they're not trying to destroy spammers.
Several spammers have agreed to clean their lists; these spammers are no longer sending spam to Blue Security members. One of the spam tools has even automated cleaning their lists, so any spammer using that bulk-mail manager can clean their address list simply and easily.
It's unfortunate that a few spammers would rather fight like this; after all, Blue Security members won't buy from them in the first place; removing our names from their address lists won't reduce their income.
It reminds me of when my children were little; thinking that if they throw a big enough tantrum they'll get what they want. It didn't work; once they learned that, the tantrums stopped.
- Al Weiner -
Blue Security member since 24 Sept 2005
(mail to my "catchall" account is way up right now, but mail to my real email - and my kids! - is way down; about a third of what it was in Sept 2005) - oops123, on 10/12/2007, -3/+6This is a war and BlueSecurity is fighting at the front. I think that everyone should join them to support the only effective anti-spam activity.Read this for why:
http://www.comagz.com/webmagazine/nir/support_bluesecurity_now_its_your_chance_to_fi - nodnarb24, on 10/12/2007, -4/+7I agree with ingoldsby. I think they were primarily just trying to get their information up again and thought that Six Apart could take the load since they are a large site. I believe they just weren't thinking straight about the consequences and they will probably pay for that mistake. If they really wanted to redirect the attack, I'm sure they would have found a better target than someone innocent like Six Apart.
- tylerni7, on 10/12/2007, -0/+3127.0.0.1? Hey... that's my computer! (/sarcasm)
- mntpng, on 10/12/2007, -0/+2I'm collecting all my spams from now on. If these spamming thugs can bully me into thinking I should just take their spam and like it, they have another thing coming. Obviously Blue Security is working and this DDOS attack by spammers are going put them out of business. This DDOS is their last ditch desperation move and probably their last one. I hope this just may be the turning point on war against spam.
- eridius, on 10/12/2007, -1/+3There actually was a story I saw the other day about somebody stealing Blue Security's list, but Blue Security said it wasn't a problem since their list is encrypted.
- CoolWind, on 10/12/2007, -0/+2If you want to join the fight, the latest Bluefrog client is available from download.com (Sourceforge only has the source code.)
- eridius, on 10/12/2007, -11/+13Being open about what they do doesn't mean what they do isn't shady. It's shady as in questionably legal and possibly unethical (depending on who you talk to). Not shady as in secretive.
- Novion76, on 10/12/2007, -0/+1By the way, save up your spam until the BlueSecurity website comes back. It seems that the servers are being hit too hard to receive the opt out complaints that they normally would.
For new users, you'll have to wait anyway until the main website comes up so that you can create accounts to be protected. As BlueFrog's policy goes, you send out only one opt out email per spam you received under a protected account. If you dont have an account registered with them, you will not send out opt outs. That is not to say I don't appreciate your efforts, only that your efforts will have to wait a bit until the Frog gets back on it's feet at www.bluesecurity.com
My apologies for the info link above where I included a ) in the link inadvertently (for those who didn't pick up on that)
Here it is again
http://www.ranum.com/security/computer_security/editorials/bluesecurity/ - gotamd, on 10/12/2007, -0/+1Did anyone else notice that this was the first story dugg (and, obviously, submitted) by this user "delfuego"? It seems like he showed up just in time to post this innaccurate article smearing Blue Security on Digg.
- codyman, on 10/12/2007, -1/+2I have blue security and it was working fine until i started receiving threats and then my spam load increased dramatically... whats up?
- wiphey, on 10/12/2007, -4/+5you kinda made it sound like bluesecurity actually ddos'd someone..... when they were the ones getting attacked
- bairy, on 10/12/2007, -2/+3"How should they have know that the attack would be massive enough to take down a site that's part of a much bigger network?"
So to use the anology in the article: It's ok to divert the water to your neighbors basement and start filling it. I mean how were you to know it would be flooded?
Is it okay to get someone elses servers to brunt the load if it's just a little attack?
Whether they knew it or not, BS redirected traffic to another company, taking down one of the world's busiest sites for several hours. And that's wrong no matter what service they provide.
(p.s. I know your point was that the headline was inaccurate, which seems to be a growing trend on digg, and I agree it was) - inactive, on 10/12/2007, -0/+1Bluesecurity did act irresponsibly. However, I have been using this software for some time.I don't plan to quit using any time soon. I ain't certainly gonna give into the threats of these spammers.
Actually, this proves that the spammers are scared. Guys join blue security ( it integrates with ie, fx thunderbird software.It works on web based mails like gmail and yahoo ).
Blue security probably wanted to keep the users informed about the developments and hence pointed their domain towards the blog without thinking about the consequences.
~ Pallab
www.pallab.net - weeeezzll, on 10/12/2007, -0/+1Just so everyone is aware, they did not redirect a DDoS. Their IPs were black-hole filtered making them unreachable outside of Israel. When they realize people outside of Israel couldn't see their page they pointed their domain name to their Typepad blog so they could let users know what was going on. After they redirected...quite a bit after...PharmaMaster started the DDoS. Once PharmaMaster realized they had redirected their site he then chose to go directly to the source and DDoS attack their DNS provider. Not just Blue Security's domains, but Tucows DNS server directly.
- scottc, on 10/12/2007, -0/+0"How should they have know that the attack would be massive enough to take down a site that's part of a much bigger network?"
Because they are a "security" company, maybe? - delfuego, on 10/12/2007, -0/+0SpyDerMann, is there any source for your statement about the BGP route hacks? I can't find one, and it doesn't seem very likely.
-
Show 51 - 77 of 77 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is