With our powers combine we are captain bandiwth leech
November 29, 2004 5:39 PM   Subscribe

Also is this not essentially a DOS attack?
posted by sourbrew at 5:40 PM on November 29, 2004

yes - also, this was already hashed out at /.
posted by bob sarabia at 5:46 PM on November 29, 2004

this was already hashed out at /.

so?
posted by quonsar at 5:52 PM on November 29, 2004

thanks quonsar.
posted by sourbrew at 5:55 PM on November 29, 2004

This has enormous liability issues. If a spammer sees that his site is being hammered, all he needs to do is change the DNS record to point to another system. More than likely he'd point it towards one of his competitor's sites and get them DDOSed off the net while he's busy sending out spam with a new, freshly registered domain.

And if this would happen to get turned on a legitimate site, hold on to your socks. I imagine there's great potential for a civil suit as well as possible criminal liability here in the US.
posted by mstefan at 6:04 PM on November 29, 2004

so?

so take the comments from that discussion, add a pinch more whining, and tada! metafilter.
posted by bob sarabia at 6:09 PM on November 29, 2004

I say unleash the dogs of DOS
posted by inksyndicate at 6:13 PM on November 29, 2004

so take the comments from that discussion, add a pinch more whining, and tada! metafilter.

i'd tell you to fuck off, but i'm not allowed to.
posted by quonsar at 6:29 PM on November 29, 2004

and here I was, ready to opine that MeFi didn't have the alpha geek thing going on...
posted by allan at 6:31 PM on November 29, 2004

OMG you mean other people have discussed this? Then what are we doing? Why have you even told me about this, when these Other People have it perfectly under control?

I'm going to go back under my duvet now.
posted by Pretty_Generic at 6:48 PM on November 29, 2004

This is a brilliant on Lycos's part. Possible chain of events:

1. Lots of people go to Lycos for the first time in 5 years.

2. Lycos gets sued, many times, by many spammers.

3. The spammers could win in court, but it doesn't matter: countries will change their laws. Anti-spam legislation is a politician's wet dream, universally popular.

4. Profit. Seriously. Lycos desperately needs publicity.
posted by Tlogmer at 6:54 PM on November 29, 2004

This is a monumentally bad idea.
posted by mr_roboto at 6:56 PM on November 29, 2004

Either way, it's hilarious.
posted by DrJohnEvans at 7:03 PM on November 29, 2004

Yeah, let's go down to the spammer's level!

Sad, sad Lycos.
posted by blacklite at 7:15 PM on November 29, 2004

This is a terrible FPP. Please don't do it again. kthnxby. ;-)
posted by Cryptical Envelopment at 7:26 PM on November 29, 2004

Cryptical Envelopment

- i will not give your the satisfaction of any response to that, troll elsewhere

Also Tlogmer i sort of feel the same way you do to about it. Lycos is essentially a defunct company and this will generate some sort of hit boost for them. However, i think that in todays world of users that expect increasingly interesting and bottom line free software i doubt that they will turn a profit over it. However, it may force spam legislation faster which is a boon to us all.
posted by sourbrew at 7:38 PM on November 29, 2004

curses

your of course being you
posted by sourbrew at 7:44 PM on November 29, 2004

yawn ... a really old idea, and a bad one. Lots of spams are joe-jobs, and of the ones that aren't, you don't think the spammers host their websites on their own computers, do you?
posted by hattifattener at 7:57 PM on November 29, 2004

Even if it's a pointless idea, the muhaha factor is off the charts. The NORAD-style attack graphic is breathtaking to behold ... it is a taste of Armageddon.
posted by inksyndicate at 8:21 PM on November 29, 2004

Lots of spams are joe-jobs, and of the ones that aren't, you don't think the spammers host their websites on their own computers, do you?

From the article:
"The sites being targeted are those mentioned in spam e-mail messages and which sell the goods and services on offer."

Which eliminates the joe-job concern. And if they're targeting sites that are accepting orders, then I'd think there's a good chance that they are hosting the sites. If not, people had better be securing their servers so that spammers aren't getting a free ride at their expense anymore.

The NORAD-style attack graphic is breathtaking to behold ... it is a taste of Armageddon.

It is! Though I have to admit that the stats being displayed for each targeted site is cool, too.

Bad idea or not? I want to see what the results of this are are over the next couple of weeks before I decide.
posted by jperkins at 8:39 PM on November 29, 2004

Though I have to admit that the stats being displayed for each targeted site is cool, too.

Ahem. Not that I'm using it. Or anything.
posted by jperkins at 8:42 PM on November 29, 2004

heres some other stuff that goes along with this fpp.

Run the Lycos screensaver from a webpage using shockwave

Artists Against 419 - Stealing bandwidth from 419 scammers and Lad Vampire, the gallery of 419 image thievery.
posted by bob sarabia at 8:44 PM on November 29, 2004

I applaud the idea, but Lycos' implementation seems a bit amateurish (considering the know-how they should have). What's up with that Make Love Not Spam top page for example? That directs me to a map of Europe of which some countries are marked in yellow. Well I guess people from Norway, Switzerland, Belgium or Portugal are out of luck -- so can't they use the service? And what happened to Northern Ireland?

None of the countries marked is the country I live in, so I boldly click on Italy, since I've always liked the shape. That directs me to a screen in Italian. Now it dawns on me that when they said "Please select your country" what they really meant was "Please select your language." But if that is the case, what's up with Austria or Ireland? Or is there really some deeper geographical significance to all this?
posted by sour cream at 9:07 PM on November 29, 2004

This is probably very bad news for Lycos.
posted by fandango_matt at 9:26 PM on November 29, 2004

jperkins:

Which eliminates the joe-job concern.

Let's say my competitor has come out with a new product. So I send out a gazillion spams advertising it for them and, blam, they have no website. I win.

And if they're targeting sites that are accepting orders, then I'd think there's a good chance that they are hosting the sites. If not, people had better be securing their servers so that spammers aren't getting a free ride at their expense anymore.

Well, duh, if we could get people to secure their machines (random Windows desktops account for a lot of it) then spam would be much easier to get rid of.
posted by hattifattener at 9:46 PM on November 29, 2004

If a spammer sees that his site is being hammered, all he needs to do is change the DNS record to point to another system.
The system appears to be monitored by humans and a 'health check" is performed to test the validity and uptime of the target server. A lot of spam sites use raw IPs anyway.

The spammers could win in court
You're kidding me right? This is like a hitman suing me for destroying the pistol he was planning on killing me with. Sure he could do it but only from a jail cell.

The REAL danger here is that the spammer works out how to use this traffic to make even MORE money. It's possible the spammer could use the vast volume of unique IP traffic to get himself ranked high in some top list and effectively convert all this hate traffic into revenue producing traffic.

Economics is the killer here. Not the law.
posted by DirtyCreature at 10:24 PM on November 29, 2004

Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your ip address and request have been logged and will be reported to your ISP for further action.

When I click on the "Make Love Not Spam" link I get this warning. Am I missing something here?
posted by jeffmik at 11:13 PM on November 29, 2004

Lycos? You mean they're still in business?
posted by dingobully at 11:14 PM on November 29, 2004

All I get when I look at make love not spam is:

"Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your ip address and request have been logged and will be reported to your ISP for further action."

*sigh* I miss out on all the fun.

on preview: or what jeffmik said
posted by squeak at 11:21 PM on November 29, 2004

Let's say my competitor has come out with a new product. So I send out a gazillion spams advertising it for them and, blam, they have no website. I win.

And blam, my competitor also has a bunch of new customers, so it's a win-win! Killer!
posted by bingbangbong at 12:24 AM on November 30, 2004

I believe the map is because they haven't started offering the product yet it is only in a test phase.
posted by sourbrew at 1:06 AM on November 30, 2004

You can select "international english" from the drop-down, though.
posted by Tlogmer at 2:07 AM on November 30, 2004

You can select "international english" from the drop-down, though.

Right, international English, as opposed to one of those localized versions. Or is "international English" the dumbed down version for people in SE Asia?
Although right now, the page doesn't load at all. Is it possible that we've MeFi'ed it out of orbit? Also, I'm a little scared to call it up after what squeak wrote.
posted by sour cream at 3:07 AM on November 30, 2004

sour cream, it's actually made by a Swedish agency called Starring for Spray internet services/portal (self link) and the follow up announcement yesterday was that hurrah, now Lycos Europe are playing too.
posted by dabitch at 3:15 AM on November 30, 2004

I'll stick to SETI@home, I think, as I'm unsure, and uncomfortable with some of the possibilities. Besides, spam isn't going to be beaten this way. Not even hurt. Let's see what Bill and friends come up with.
posted by nthdegx at 3:15 AM on November 30, 2004

my beef with it (even though I really fancy the ballsyness of the idea) is the same as the Registers:
A spokesman for Lycos in Germany told The Register he believed that the tool could generate 3.4MB in traffic on a daily basis. When 10m screensavers are downloaded and used, the numbers quickly add up, to 33TB of 'useless' IP traffic. Seems Lycos may hurt not just spammers
posted by dabitch at 3:46 AM on November 30, 2004

In regards to what squeak wrote, when the screensaver was only available in Sweden I wrote and asked a few ISPs if they would tolerate the use of this toy on their network or if their users might get in trouble. While some (friends at ISPs) thought that the screensaver was definatly against ISP policy, none have responded with an official "you'll get in trouble for that". 9800 people in Sweden are currently using the screensaver.
posted by dabitch at 3:54 AM on November 30, 2004

Did someone hack the "Make Love Not Spam" site?

The direct downloads are available here:
Direct download for Windows version.
Direct download for MacOS X version.
Direct download for MacOS 9 version.

If the spammers are complaining, you know it's working. I can't wait until open source takes this idea and makes it a thousand times better and more agressive. Meanwhile, I think I will go to sleep with about 10 of these screens open, just to stick it to the spammers that much harder on them.
posted by insomnia_lj at 4:41 AM on November 30, 2004

What might be of interest to some is that this is an implementation of a proposal of Paul Graham's mentioned in passing in, "Will Filters Kill Spam" and detailed in, "Filter that Fight Back." Paul Graham is the same guy who proposed Bayesian filtering of spam in, "A Plan for Spam." In "Filters that Fight Back" he predicts and addresses many of the concerns raised as well as how he sees predicts this will work out:

"The biggest spammers could probably protect their servers against auto-retrieving filters. However, the easiest and cheapest way for them to do it would be to include working unsubscribe links in their mails. And this would be a necessity for smaller fry, and for "legitimate" sites that hired spammers to promote them. So if auto-retrieving filters became widespread, they'd become auto-unsubscribing filters...In this scenario, spam would, like OS crashes, viruses, and popups, become one of those plagues that only afflict people who don't bother to use the right software."

Well, duh, if we could get people to secure their machines (random Windows desktops account for a lot of it) then spam would be much easier to get rid of.

And this provides another incentive for people to secure their computers. So we're in agreement that this aspect isn't a bad thing - 'cause you'd raised that as a concern earlier in the thread ("you don't think the spammers host their websites on their own computers, do you").
posted by jperkins at 6:59 AM on November 30, 2004

"Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your ip address and request have been logged and will be reported to your ISP for further action." From the site.

Scratch that, that *is* the site.
posted by codger at 7:01 AM on November 30, 2004

Looks like the site is down. Could be that they're a victim of there own success, or it could just be that somebody's showing them exactly what a DDOS is.
Whatever the situation, this is going to be an interesting month for makelovenotspam.com.
posted by seanyboy at 4:43 PM on November 30, 2004

I am still getting the proper site, but it seems many people are getting this message about their actions being reported.

It's very odd.
posted by sycophant at 11:00 PM on November 30, 2004

Reports began to surface earlier this week that the Web site containing the "Make Love, Not Spam" download had been hacked, with users receiving a message reading "Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your IP address and request has been logged and will be reported to your ISP for further action."

A Lycos Europe spokesperson says that the site has "absolutely not been hacked," however. The company was victim of a hoax, she says, and someone mocked up a screen shot of the hacked site and forwarded it via e-mail.

Uh huh. I guess all the people who are reporting seeing that message in their browser windows when visiting that site are either lying or don't know the difference between a web page and an email. Though the site hasn't been accessible for me at all since last night.

All in all, it's a stupid and legally shady idea.
posted by Orb at 3:30 PM on December 2, 2004

All gone.
posted by ajpresto at 3:36 AM on December 4, 2004