What is Digg?56 Comments
- rushfan, on 10/12/2007, -0/+19Bah. This isn't spamming spammers. They're receiving an opt out message that they're required to comply to, last checked. The bottom line is that it's never ethical to initiate force, but to fight back against force is OK given the circumstances.
The bottom line is that spammers have become a nuisance and since people, or the host provider, is paying for the equiptment and network, they have a right to demand that spammers stop sending them messages. It's like how you can get a restraining order on somebody who leaves you 60 voice mails in one day.
Anyhow, I never used BlueFrog because I was afraid something like this would happen... - mntpng, on 10/12/2007, -0/+18Blue Frog doesn't send emails or bounce emails to spam originating machine. That would be bad since many spams originate from zombies. It's really a semi automated complaint system by visiting the site the spam wants you to visit and it files a complaint to the website. From what I hear there is lot of human factors involved to not accidentally cause harm to innocent third party. Imagine if 450,000 spam recepient actually visits every single website spammer wants you to visit and then files a complaint to the website. That's how Blue Frog works and it works quite well. It works so well that spammers have their backs against the wall and this is their desperate last attempt at trying to stay in business.
- WaterDragon, on 10/12/2007, -0/+17Internet users need to catch some spammers, and 'make an example of them', publically!
(in interntational waters, perhaps, so it is not a crime)
;-) - inactive, on 10/12/2007, -0/+15As richardiscool says, the websites become the target for the opt-out emails. If it was a totally automated system I'd be worried about the vaidity of the targets, but BLue Security actually uses people to do the work in finding out the originator, not just some dumb bot that will get it wrong most of the time.
The fact that the spammers are getting pissed off and DDoSing Blue is ample proof that the emails are getting through to their intended targets and not just some poor fool who has a spam-bot running on their PC!
If anything, the spammers, by their retaliatory actions, will cause Blue Security to gain hundreds of thousands of new members. I've just signed up; Not that I get an unmanageable ammount of spam, but simply because its totally clear that Blue Security is having an effect against these scum of the earth spammers! - richardiscool, on 10/12/2007, -0/+14wandog, the opt-out requests are sent to the website being advertised.
- electricmime, on 10/12/2007, -2/+16Its not spam because you are replying to their message.
- jonnypt, on 10/12/2007, -0/+14Spam the "spammers"
See if i care. Wish they could be flooded in such a way their accounts would be for ever banned. All of their IP banned, and their hard drives destroyed. A bit radical. But sincerely, I'm tired of receiving mails: "Enlarge this" "Rock hard that".
Cut me a break. But it's a bit our fault for sending those mails, with the forward option... - IAmAI, on 10/12/2007, -0/+12I agree. Spammers should not be allowed to use the Internet or computers. Period.
- hfiske, on 10/12/2007, -0/+9Very good (but long) article about Blue Security and the Blue Frog here -
http://www.ranum.com/security/computer_security/editorials/bluesecurity/
The spammer conducting the current DDoS attack has admitted that Blue Security have found the way to defeat spam which is why he launched the attack. Anyone wishing to keep up to date with the latest developments while the Blue Security website is down should take a look here -
http://castlecops.com/postx154269-0-15.html - Elohir, on 10/12/2007, -0/+9No, it doesn't use the From: value for responses.
- CaffeinatedGeek, on 10/12/2007, -1/+10Due to a mistake in the story there seems to be some misunderstanding of what Blue Security is doing. Blue Security does not send e-mail. As I understand it Blue Security has a list of users who do not want to receive spam. When one of those users reports a piece of spam to Blue Security blue Security contacts the spammer and request that the spammer remove all Blue Security members from their e-mail list. Blue Security claims that 6 of the 10 largest spammers comply with their requests.
It actually makes sense for a spammer to comply. After all these are people who care enough to install software and make complaints. That’s not what I would call a likely customer. It’s sort of a free list washing service.
If the spammer continues to send spam Blue Security will troll the advertised web site looking for an opt-out or a complaint page. Then every time that spammer sends out a message they will instruct their Blue Frog client software to go to that page and fill out the form. So if they have 450,000 members the web site gets 450,000 people filling out the form for every single message. Instant DDOS. Even if the server doesn’t keel over at minimum the cost of that message just went through the roof due to bandwidth wasting. If the site does go down then the message is guaranteed to be useless since the clueless people who buy from spam can’t go to the page to make a purchase.
Their theory is this is legitimate because they are simply responding to the message. Personally I have my reservations about being involved in any form of DDOS regardless of the noble nature but logically it does seem that this should work from a very practical standpoint. I think that the spammer(s) orchestrating this attack is proving that Blue Security is hurting the scummiest of the spammers. - mirzmaster, on 10/12/2007, -0/+5I for one am all for subjecting spammers to corporal punishment. They are the single biggest nuisance of modern times.
- CyberTroll, on 10/12/2007, -0/+5Innocent people can't be hit by the current system, they respond to the person advertising in the spam not the person who sent it. So even if zombies are used the only person affected is the company that is advertising.
- CyberTroll, on 10/12/2007, -0/+5No actually they don't send out 450,000 to one, they send out one to one, if a client receives a spam that cleint sends the complaint. the send no more trafic to the site than would be caused by the visitor going to the site and filling out the complaint.
Please read the links above before you post. - inactive, on 10/12/2007, -0/+5How can it seem like a DDoS? All they are doing is sending the opt-out message on your behalf when you notify them of the spam. The reason most people don't fill out the opt out forms/emails is simply because they are afraid that it will 'verify' their address and they'll be deluged by spam for the rest of eternity. If users weren't (rightfully) afraid of that happening we'd all be filling out the opt-out forms on every flaming website selling stuff via spam we could lay our hands on.
Ane main reason that its NOT a DDoS is that the opt-out/complaint emails are not just sent all out in one big go. It might take weeks for all the emails to be sent out, the spammers servers won't ever be crippled but they might just get a nasty shock when they see their usage stats and the price they have to pay to their host. - smokeyghetto, on 10/12/2007, -0/+4Blue frog works pretty good. Slowed down my junk by half for one of my accounts. this took about two months.
We should all support Blue Security.
This is great. I like when the spammers get frustrated like we do. LOL - astrotrain, on 10/12/2007, -0/+4I agree, Spammers should have their computers taken away for abuse of the Internet and eMail. It should be a law!
- panique, on 10/12/2007, -0/+4No, they are creating more opt-out forms submissions for the websites that are being advertised in the SPAM. It sometimes is helpful to actually read an article prior to commenting on it.
- mntpng, on 10/12/2007, -0/+4Here is a press release from Blue Security:
http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20060504006094&newsLang=en
Here is a forum discussing current Blue Security situation:
http://castlecops.com/f230-Blue_Security.html - Doggpound, on 10/12/2007, -1/+5If peoples computers are bot computers and they crash from the reply then that's a good thing. Its people that do not protect their computers that are helping destroy the Internet. This will force them to get someone to fix their computer. I will be signing of for bluesecurity.com when they get their servers back up.
- SpyDerMann, on 10/12/2007, -0/+3The actual e-mail addresses aren't sent to the opt-out e-mail forms. Instead a message is sent thru the forms (even the Buy / Subscribe me) forms with bogus information and an invitation to join the do-not-intrude registry.
I.e. First Name: I received SPAM from your site. Neither I, nor
Last Name: the Blue Security community welcome your mails.
Address: Please use the do-not-intrude registry at www.bluesecurity.com
The spammer never knows which e-mail address originated the response. - thundercleese, on 10/12/2007, -0/+3Good point about the list washing service.
I noticed that the article mentioned innocent people who have had there computers hacked are being hit by Blue Frog as a result of this service. Personally I do not think most of these people are all together innocent in that they have not kept their machines patched. So at the least, maybe this will cause them to patch their machines and limit the number of computers the spammers have.
That the spammers are taking the time to target Blue Frog tells me Blue Frog is effective. Each machine the spammers use to target Blue Frog is once less machine sending spam. - gekkokid, on 10/12/2007, -0/+3spammers are like litter in the street no one wants it - spam the hell out of them blue security
and Elohir it was frontpage yesterday - hfiske, on 10/12/2007, -0/+3See if this independently written article answers your concerns CG:
http://www.ranum.com/security/computer_security/editorials/bluesecurity/ - panique, on 10/12/2007, -0/+3No, you twit, _this_ does not happen to your domain. Read the article.
- Novion76, on 10/12/2007, -0/+3http://www.bluesecurity.com is back online, albeit minus a few image links here and there. Nothing too big.
This is something from their forum, which is relevant for current and will be users:
"Unfortunately due to the illegal actions against us and the massive DDoS attack, we are currently making some necessary adjustments on maintaining our facilities. Therefore, your Blue Frog will not post opt out requests in the next few days.
Please report your spam messages to us only after our service is back in full functionality.
Thank you again for your patience.
Moran Nir
Community Manager
BlueSecurity.com "
I can't wait. - rderveloy, on 10/12/2007, -0/+3From what I read here:
http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20060504006094&newsLang=en
This attack sounds like a serious criminal offense. Blue Security needs to contact the authorities and have this guy hauled off to the slammer. - XSforMe, on 10/12/2007, -0/+3The Blue Frog client is open source, you can find it in Sourceforge:
http://sourceforge.net/projects/bluefrog
For the time being, you will have to wait a bit until you can open an account at bluefrog.com, but its just a question of time before they prevail before the current DOS against their IT infrastructure. - rderveloy, on 10/12/2007, -0/+3The messages aren't sent to the spammer or to where the opt-out link points, but rather the company whose advertisement appears in the spam.
For example:
You get a suspicious email with an advertisement about an "enhancement" drug.
You submit the suspected spam to Blue Security for analysis.
If the email is identified as spam, then an opt out message will be sent to the company that makes the drug. This is repeated by all of the blue frog members who received the same email. This effect discourages the company from paying spammers to advertise their product.
The effect hits spammers where it hurts: the pocket book. - crazyguy821, on 10/12/2007, -0/+2I had no clue anything like this was out there. Seems blue frog got major publicity from this. Best thing for the home user its all FREE! up to 10 email addresses. And it integrates with Yahoo and hotmail...ect. This is awesome, I wont sign up my main domain because I actually NEVER get any spam on that account. Its pure bliss, and I am very carefule with my address. Currently Blue Frog is sitting around 471,000 users lets add to that!
- CyberTroll, on 10/12/2007, -2/+4So? We have Windows vista posts on the front page on a regular basis. Unless your name is John C Dvorak and you don't get spam this is an important subject.
- mirzmaster, on 10/12/2007, -1/+3I think what everyone should do to help out Blue Security is to create a separate Gmail account and use it to solely report spam to Blue Security (once they're back up). It won't protect your primary account, but hopefully it will discourage spammers if enough people register w/ Blue.
Think it'd work? - ricky1146, on 10/12/2007, -0/+2Its not coming up at all for me. Dang i wanted to fight the spam lol.
- CaffeinatedGeek, on 10/12/2007, -1/+3You are correct. To modify my statement if the spammer sent to the entire Blue Security database of addresses they will receive 450,000 opt out messages or complaints of some type of complaint if an opt-out is not available. Hitting the entire database with one message is probably not realistic but around 20% is not unreasonable so if they sent to 100,000 of the 450,000 members then they will get 100,000 opt out messages. This is for every single message sent. So for a large spammer the end game is still the same. You either have a DDOS or a huge waste of resources. As much as Blue security tries to claim otherwise this is the case. It’s also the only reason that their product works. If it didn’t inflict pain it would not be of any use.
I’m not in any way saying the blue security is bad. It is an interesting way of stopping spam.
When the service was first offered I gave it strong consideration but I will not personally be using it because their methods feel too much like a DDOS to me. For the people who do not have these reservations Blue Security is probably a great way of fighting back. And hey if you inflict enough damage to put a few spammers out of business thanks you helped me. - Novion76, on 10/12/2007, -0/+2That has nothing to do with bluefrog though. If it were, you'd be getting opt out requests, not mail-undeliverable messages.
Besides, the spammer gains nothing by having all his orders forwarded to you - inactive, on 10/12/2007, -1/+3These spammers really are idiots... By spamming the Blue Security members aren't they just creating more anti-spam mail for themselves?
- inactive, on 10/12/2007, -0/+2Wow. This soft is getting a lot of publicity. I think that the spammers move to attack them it gonna backfire.
I have been using this soft for a couple of months. Pretty impressive. Sits in your system tray without using too much resources and does it's job.
Check http://www.pallab.net/2006/05/05/the-war-over-spam/ - CarzorStelatis, on 10/12/2007, -0/+2If someone is anti-social enough to not bother protecting their PC from virii, then if they receive replies to the spam they are sending then that's their own damn fault.
- troydoogle7, on 10/12/2007, -0/+2The site will be back up soon, its been down the last few days. The spammers can't continue the DDOS forever!
- Elohir, on 10/12/2007, -1/+2Fairly sure this was front page yesterday but any exposure for Blue Security is just peachy keen by me.
- DuffDemon, on 10/12/2007, -0/+1If you read the latest report on the BlueSecurity site is says that they were not under a DDoS attack at that time:
"In order to inform our community of what had happened, we used a previously-existing blog site for the Blue Community which had been host to our corporate website prior to July 2005. We posted a short blog item to inform our users and other constituents of the situation and how we were working to solve the issue. After the name server had been updated such that traffic to www.bluesecurity.com reached the blog, the blog was active and functioning and many users had posted comments. It was only 40 minutes after the redirection that PharmaMaster decided to launch a DDoS attack on www.bluesecurity.com, now hosted at TypePad." - inactive, on 10/12/2007, -0/+1Actually a lot of the spam we are recieving are fake. Gmail is having no problem in filtering them. Also they make no sense.
codeman38 they probably thought that livejournal will be able to withstand the attack. They pointed to their blog to keep people informed.
For anyone interested
Download link : http://www.download.com/Blue-Frog/3000-2092_4-10527188.html
Firefox Extension : https://addons.mozilla.org/firefox/1863/
~ Pallab
http://www.pallab.net - CarzorStelatis, on 10/12/2007, -0/+1Would serve them right - if you make the choice to not install virus protection, and hence leave your machine open to becoming a spam-zombie, then you have no right to complain if people reply to the spam you are sending.
- phoenix11, on 10/12/2007, -0/+1"those same customers are now on the receiving end of a stream of e-mails ordering them to stop using Blue Security's services."
hmph. IANAL, but seems to me that the users are being extorted and Blue Security's business is being interfered with.
On the other hand, I'm going to have to check this Blue Frog thing out. - jason7655, on 10/12/2007, -1/+1To Joey67
http://www.ftc.gov/bcp/conline/pubs/credit/prescreen.htm
not exactly what you want but it could help you if you are talking about other opt out opps. - ChanKaiShi, on 10/12/2007, -1/+1I'm still confused how this all works. Opt-out emails are usually fake and go to null automatically or in worst case collected by spammers to send even more spam. Contacting somebody in "contact us" as well as contacting ISP is also pointless since ISP usually already know what is going on allow this website to be hosted. Some like (".cn" don't care alltogether). The only valid thing is filling a form like you try to order something but this is easily detered with "captcha" characters which would prevent any automatic submission and would hardly take any resources with static images. How exactly this can stop spammers from spamming?
- jonnypt, on 10/12/2007, -3/+2If they were smart. No. I don't know Blue Frog's system, but i think it would be very easy, to avoid that kind of situation. Hope they have thought of that.
- Joey67, on 10/12/2007, -3/+1Does anyone get "junk" real mail anymore? This annoys me way more than spam. I live in an apartment complex and have a tiny mailbox. If I don't pick up my mail every day... it ends up packed with garbage. I get home from work, open the thing up... and I have to practically rip the stuff out... full of flyers for local super markets, coupons, advertisements, etc... none of which I have ever used or even look at. It's gotten to a point where I just take the crap and toss it in a post office mailbox since none of it is addressed to me. Is there some way to opt out of junk paper mail? Since it's not actually addressed to me, it must be some distribution deal with the post office.
just-in-time Edit... looks like there isn't a way to stop it easily... I guess they'll just keep getting my junk mail back... http://www.ecofuture.org/jmusps.html - codeman38, on 10/12/2007, -3/+0It gets worse. Instead of just shutting down their servers during the DDoS attack, BlueSecurity shifted the burden onto Six Apart, the company responsible for MovableType and LiveJournal, by forwarding all traffic to their TypePad account.
see: http://digg.com/technology/A_little_info_on_how_Blue_Security_DDOSed_TypePad_and_LiveJournal
Maybe this wasn't *intentional* on their part, and I'm *not* suggesting (as some commenters have said) that BlueSecurity was DDoSing Six Apart... but really, that wasn't exactly the most elegant way of handling things, either, by any means. - omegadan, on 10/12/2007, -3/+0I have about 20 domains and this happens to me several times a year. Someone decides to use my doman to fake sending spam, and my inbox is filled with thousands of mail-undeliverable messages, and away notices and the like.
-
Show 51 - 56 of 56 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is