Comments on: Bye Bye, Blue Frog

Bye Bye, Blue Frog

puke & cry — Thu, 18 May 2006 11:58:47 -0800

Blue Security shuts down It was just a few days ago that Blue Security was beating their chest, straight off a 'victory' over spammers. Now though, the company is conceding defeat.

By: slatternus

slatternus — Thu, 18 May 2006 12:04:29 -0800

I still think the Russian method for dealing with spammers is the best we've come up with so far.

By: Armitage Shanks

Armitage Shanks — Thu, 18 May 2006 12:08:53 -0800

Wired News article.

By: 2sheets

2sheets — Thu, 18 May 2006 12:11:09 -0800

What's the russian method? Because if it involves a bullet in the head I'm all for it. And I'm not kidding.

By: lexalexander

lexalexander — Thu, 18 May 2006 12:12:48 -0800

Russian method here.

By: slatternus

slatternus — Thu, 18 May 2006 12:16:00 -0800

Yeah, that method.

By: puke & cry

puke & cry — Thu, 18 May 2006 12:17:53 -0800

That spammers death was unfortunely unrelated to his spamming.

By: zenzizi

zenzizi — Thu, 18 May 2006 12:29:34 -0800

i was rather deceived that they decided to fold. they said they managed to make 6 out of 10 major spammers to comply. they MUST be doing something correctly. (the threats [1] [2] PharmaMaster was sending were completely ridiculous btw) but then i understand that they feel their company is too small by itself to face the massive DDOS's. (i've seen many people discuss a distributed alternative since Blue Frog was open-source so there's hope)

By: sonofsamiam

sonofsamiam — Thu, 18 May 2006 12:32:03 -0800

The other Russian method is to assimilate the spammers into the mafia and reclassify them as assets.

By: XQUZYPHYR

XQUZYPHYR — Thu, 18 May 2006 12:33:01 -0800

I read about this in the Wash. Post yesterday, and it had a lot less detail- mainly, that Blue Frog was actually an applet you had to install that did DoS on spammers... that sort of makes them look a little less like the hapless victims here. The question/problem I think is related to the Russian spammers' methods just as much as Blue Frog's- to what extent are each of their methods legal? It seems there need to be better laws to stop this, not hoping that more spammers are randomly killed by burglars.

By: Artw

Artw — Thu, 18 May 2006 12:33:45 -0800

The russian method is more likely to take a payoff, or join the spammer in spaming the shit out of Americans.

By: dmd

dmd — Thu, 18 May 2006 12:34:41 -0800

What do you mean by deceived, zenzizi?

By: zenzizi

zenzizi — Thu, 18 May 2006 12:36:35 -0800

oops. wrong word. i meant disappointed.

By: empath

empath — Thu, 18 May 2006 12:38:09 -0800

xquzyphyr: It sent exactly one request to the spammer's sponsor for each e-mail received by each of their customers. If that was a DOS, it was self-inflicted. I think this system should be integrated into windows, personally. It would be de-facto enforcement of the can-spam act. Anyone who spammed people on the list would have their site brought to its knees following the spam. Even the suckers wouldn't be able to get to the site to buy anything.

By: puke & cry

puke & cry — Thu, 18 May 2006 12:41:22 -0800

I personally didn't find anything wrong with their method, but then I'm not a very moral person. I mean, they are spammers, right?

By: luriete

luriete — Thu, 18 May 2006 12:44:09 -0800

I'm surprised nobody is talking about the fact that the spammers' reaction to their scheme took down all the sixapart (plus livejournal and typepad) servers, after Blue Security redirected traffic to their site to their typepad-hosted blog. I certainly enjoyed that they shut down all my sites for the better part of a day and night.

By: puke & cry

puke & cry — Thu, 18 May 2006 12:46:17 -0800

Actually everyone was talking about when it happened.

By: empath

empath — Thu, 18 May 2006 12:46:32 -0800

This really needs to be re-implemented by a larger company. *cough*google*cough*

By: languagehat

languagehat — Thu, 18 May 2006 12:51:29 -0800

Say, that's a good idea. They've got the resources, and they want to be seen as Fighting Evil. Why not?

By: IronLizard

IronLizard — Thu, 18 May 2006 12:52:47 -0800

They're too corporate now. Probably be afraid of liability.

By: rxrfrx

rxrfrx — Thu, 18 May 2006 12:57:39 -0800

Could Google really do this without jeopardizing a significant portion of their own machines? Going up against a powerful/well-connected spammer means that you're challenging someone with a superlarge arsenal of bots. You have to be both powerful and willing to take a lot of damage. It seems like it would make more sense to try to take out the botnets and/or capture those computers yourself before getting into this kind of confrontation.

By: jamjam

jamjam — Thu, 18 May 2006 12:58:31 -0800

empath, would the trick then be to reach a critical mass of clients, and have the system in place with those clients, before turning it on?

By: empath

empath — Thu, 18 May 2006 13:01:22 -0800

rxrfrx: Doesn't pretty much every computer on the internet hit google with requests al day long anyway? I don't see how a botnet could make it significantly worse.

By: bhouston

bhouston — Thu, 18 May 2006 13:03:52 -0800

IMO it was a relatively wild-west style business plan. I think the main money in the anti-spam market is from business/corporate email management, not from consumers. The DDOS-approach of BlueSecurity doesn't feel like something that corporations would want to be a part of -- they just want to filter out spam locally in the most effective and cheapest fashion, not partake in a vigilante which could at some point come back to bite them (as was demonstrated aptly by PharmaMaster.) Creative idea but not really market friendly.

By: rxrfrx

rxrfrx — Thu, 18 May 2006 13:06:48 -0800

I'm no Computer Expert, but I figured that (normal google traffic) + (hammering from a few million IPs) = a significant toll on Google's computers. It would be cool if that were not the case, though.

By: cdavidc

cdavidc — Thu, 18 May 2006 13:22:41 -0800

I remember when email was exciting, you looked forward to receiving it. Now I have to wade through 150+ spam messages a day just to find the 1 or 2 legitimate messages. Fuck spamers. They are fair game. I personally find that as a nuisance to the online world, online vigilantes should unite to combat them. Even if that means meeting up with them in Russia (personally I wouldn't set out for the "Russian Method" but hey one less fucking spammer).

By: cdavidc

cdavidc — Thu, 18 May 2006 13:27:27 -0800

Really now, everyone who loves spammers raise your hand...... Ahh, you mean no one loves spammers. Maybe they will just kill themselves.

By: Joeforking

Joeforking — Thu, 18 May 2006 13:28:29 -0800

What's all this DDOS talk? As far as I can make out BF would, for each spam received, send one email to the website advertised in the spam, asking to be unsubscribed from their mailing list. If the website folded under the weight of traffic from such requests tough, shouldn't have bothered so many people.

By: puke & cry

puke & cry — Thu, 18 May 2006 13:36:48 -0800

I guess I should have put this link in the fpp, where the supposed spammer claims that the the blug frog method was "a daily nuisance to our server administrators" and that the opt-out requests "are easy to handle, but time consuming."

By: WetherMan

WetherMan — Thu, 18 May 2006 14:11:36 -0800

If anyone is interested in reading the spammers congratulate themselves, they can do it on the spammer board SpecialHam.com

By: puke & cry

puke & cry — Thu, 18 May 2006 14:16:15 -0800

not exactly, you need a login to look at anything and the register page is 404'd. Got a login, because I would find that forum fascinating.

By: puke & cry

puke & cry — Thu, 18 May 2006 14:16:38 -0800

that last sentance should end in a question mark.

By: WetherMan

WetherMan — Thu, 18 May 2006 14:26:00 -0800

" FUCK YOU ALL ANTIS BLUEFROG DIED 4EVER WHAT WILL U DO NOW ?:) POST HERE AND ENJOY WATCHING US MAKING FUN OF ANTIS WORLD :) WE WON YOU ARE LOOOOOOOSSSSSEEEEERRRRRRSSSS :) BLOW US THANKS" Eh? What a joke! A.) Blue Frog != "Antis". B.) Most "Antis" were opposed to Blue Frog; they don't fight abuse with abuse. C.) Blue Security really suckered you guys into a phony war. They thought it would help them win financing for their IPO. Blue Security, not the antis, lost. I am still using Spamhaus on my server to block your crap. I am still reporting such of your crap, which comes to accounts not on my server, to SpamCop. SPEWS, SpamCop, and Spamhaus are still very much with us, and very much in the "war". You won a battle, but the "war" continues... ---- Lots of broken english and strange logic from the spammers, offers for deals, sponsors, servers, botnets, whatever. Cogent replies from anti's such as the above. I trolled these forums for a project a few weeks back during the beginnings of the BlueSecurity fiasco. The registration used to be open and the board itself isn't heavily moderated, anti's post frequently and engage in the conversations. Once the BlueSecurity stuff settles down I'm sure registration will open again.

By: puke & cry

puke & cry — Thu, 18 May 2006 14:31:46 -0800

I don't guess you could email me a login could you, wetherMan? I'd email you but you don't have one in your profile.

By: delmoi

delmoi — Thu, 18 May 2006 14:34:49 -0800

I think it's a little ironic that a company that was trying to make people fold by DDoSing them folded as soon as someone DDoS'd them. I have nothing but contempt for spammers, but man, if you plan on giving it out make sure you can take it. What a bunch of pussies, ultimately.

By: delmoi

delmoi — Thu, 18 May 2006 14:37:50 -0800

By: crawl

crawl — Thu, 18 May 2006 15:04:46 -0800

500 spams each to 500 users? Or each user gets a single spam? If it's the former, than 250,000 makes sense -- otherwise, I don't get why they would do that, other than to be vindictive.

By: adamrice

adamrice — Thu, 18 May 2006 15:53:10 -0800

In all seriousness, I've long wondered why some white-hat hackers don't band together to write a virus that will actualy inoculate vulnerable machines, and de-zombifie zombie machines. I don't have the programming chops for a project like that, but I'd pitch in a few bucks And perhaps a group of slightly stained white-hats could add a patch that will work out the location of the zombie controllers and send Tubgirl over to them in person.

By: WetherMan

WetherMan — Thu, 18 May 2006 16:06:02 -0800

Trojans that exploit a particular vulnerability have long been known to fix the hole after rooting a system. In fact, it's pretty much standard practice to fix the exploit on machines that are manually hacked to preserve root.

By: Optimus Chyme

Optimus Chyme — Thu, 18 May 2006 16:47:39 -0800

Maybe we should just fucking fix SMTP already.

By: hattifattener

hattifattener — Thu, 18 May 2006 18:07:21 -0800

Ain't nothing broken about SMTP, OC. Remember, spam is sent by botnets: no matter what you replace SMTP with, if users are able to send email, then spam-botnets will be able to use users' machines to send spam. Re retaliatory DoS attacks on spammers: the main problem with that kind of approach, as a class, is that it makes it too easy for the spammer to use you to inflict harm on a third party, by "advertising" that third party's innocent website in their spam emails.

By: Mitrovarr

Mitrovarr — Thu, 18 May 2006 19:04:37 -0800

You'd think spammers utilizing botnets would be easy to deal with. Just backtrace the spam, find the zombified computer, and use it for evidence in a computer-hacking case against the spammer. Spammers have to be tied to their spam (since it has to make them money) so they aren't usually impossible to identify, and computer-hacking laws are harsh. Of course this only works in first-world countries where such laws are enforced, but in third-world countries you could probably find people to chip into a collection to pay the local mafia to make the problem disappear. Slightly ethically questionable, of course.

By: Jairus

Jairus — Thu, 18 May 2006 19:50:16 -0800

Just backtrace the spam, find the zombified computer, and use it for evidence in a computer-hacking case against the spammer. I wonder how many grandmas have their computers setup to keep detailed offsite traffic logs.

By: Mitrovarr

Mitrovarr — Thu, 18 May 2006 20:08:40 -0800

Jairus: I wonder how many grandmas have their computers setup to keep detailed offsite traffic logs. Well, none. But you can have an IP professional track them down by backtracing the emails, and install those tools on the still-zombified computers.

By: delmoi

delmoi — Thu, 18 May 2006 21:12:18 -0800

500 spams each to 500 users? Or each user gets a single spam? If it's the former, than 250,000 makes sense -- otherwise, I don't get why they would do that, other than to be vindictive. Umm...

By: jack_mo

jack_mo — Fri, 19 May 2006 05:26:08 -0800

cdavidc said 'I remember when email was exciting, you looked forward to receiving it. Now I have to wade through 150+ spam messages a day just to find the 1 or 2 legitimate messages.' Why? I'm far from being an elite computer genius person, but I see one or two spam emails a month, tops (and that's on accounts that have addresses publically available all over the web, unobfuscated, two of which are nigh on ten years old). Not having a go at you specifically cdavidc, I'm just genuinely puzzled at the way folk get up in arms about spam when you really don't need to see any. Admittedly, the spam filter I use cost money - $25 I think - which folk might not want to pay or be able to afford, but there must be open source ones out there, no? Not to mention Gmail, which I don't use much, but seems relatively spam-free.

By: dabitch

dabitch — Fri, 19 May 2006 05:57:13 -0800

my gmail ain't jack_mo. I get 3-4 a day there. Not much, by any means but since its the only mail I get there I can warp the stats to say "my gmail gets 100% spam and no legit mail" without lying. ;)

By: jack_mo

jack_mo — Fri, 19 May 2006 08:53:50 -0800

Yeah, I just checked mine, and either I have lots of friends called Simpleton Q. Frangipani who are obsessed with the size of their penises or the Gmail spam filters are a bit shit. If all the free webmail thingies are the same, then I take back the above...

By: caution live frogs

caution live frogs — Fri, 19 May 2006 13:11:51 -0800

Not so long ago, I would track down the originaiton point of spam or virus-laden messages and email complaints about breaking TOS. Usually it stopped the problem. A few years later, I was resorting to emailng sysadmins and reporting that they were forwarding crap, usually withoiut knowing they had an open relay. Again, usually solved the problem. These days, I have SpamAssassin running on the server, and the Thunderbird Bayesian logic filters set up on my computer, and still stuff that is blatantly spam (stock options, penis pills, etc.) sneaks through at a rate of 3 to 4 a day. Something needs to be done. I'd bet that close to 80% of web traffic these days is garbage. I'm sick of it. The Russian Method seems fine by me; all we need is some ex-Special Forces people with the inclination to hunt down and kneecap some spamming bastards.

By: Optimus Chyme

Optimus Chyme — Fri, 19 May 2006 15:46:22 -0800

Ain't nothing broken about SMTP, OC. The fact that domain spoofing is less than trivial and that there's no authentication chaps my hide.

By: dabitch

dabitch — Sat, 20 May 2006 04:46:06 -0800

Exactly, caution live frogs , it used to be a bit more 'neighbourly on the net, now tho, spam and spambots and infected machines everywhere. Blah! Will Sender Policy Framework ever be implemented by all (and will that fix things?)

By: sonofsamiam

sonofsamiam — Sat, 20 May 2006 07:36:17 -0800

No.