Comment Spammer Caught on Open Wi-Fi
June 23, 2006 10:59 AM   Subscribe

Guy comes home, finds wardriving weblog spammer using his free wi-fi. Now he knows the spammer's address and license plate number. What should he do?
posted by brownpau (73 comments total)

This post was deleted for the following reason: hoax.



 
Punch him in the face. Not for the free Wi-Fi, but for the spamming.
posted by Astro Zombie at 11:02 AM on June 23, 2006




Um, block outgoing port 25?

'Course, I use gmail...
posted by LordSludge at 11:05 AM on June 23, 2006


secure his wi-fi network?
posted by jonson at 11:05 AM on June 23, 2006


How was his wifi set up? Did he use a encryption standard? Did he filter access by MAC addresses? (i mean he is the only person in his complex to use it...)

'Just curious...you know...
posted by phyrewerx at 11:06 AM on June 23, 2006


What jonson said, except I went all indirect and all that...man Fridays destroy my brain.
posted by phyrewerx at 11:07 AM on June 23, 2006


Feel like an idiot for not securing his wireless network.
posted by xmutex at 11:08 AM on June 23, 2006


I think it's time to subscribe the spammer to as many free magazine offers as possible.
posted by weston at 11:09 AM on June 23, 2006


Stop leaving his wi-fi open? I mean, seriously, how fucking hard is that?
posted by Artw at 11:09 AM on June 23, 2006


Why is this complicated for anyone? If you're broadcasting an unencrypted signal, you're inviting other people to receive it. If you're capable of plugging in an unencrypted router, you're capable of reading and following the uncomplicated security instructions that came with it. Until then, this is completely nonoutrageous, and getting upset about it just demonstrates that you're a moron.

Ugh.
posted by gum at 11:10 AM on June 23, 2006


LordSludge: "Um, block outgoing port 25?"

He's comment-spamming blogs, not email.

It was my understanding that this kind of thing is done by bots, not people. I can't imagine this guy is sitting there manually typing in "tons and tons of crap about phentermine." If he has an automated script running, why even sit in the car? Park at a coffeeshop and take a walk. Or put the laptop in the back and do some reading.

Any chance he's just spywared up?
posted by rafter at 11:10 AM on June 23, 2006


Burn down his house in the middle of the night. With luck, you'll get his wife and kids, too.
posted by solid-one-love at 11:14 AM on June 23, 2006


I wonder if this dude is just trying to make money from advertising on his web site. :O :O :O
posted by chunking express at 11:14 AM on June 23, 2006


Plus, the guy is making enough to have just moved into a brand new house. While the poster suspects that "Adsense is paying his mortgage" does he really think think anyone pulling down that kind of money needs to mooch off his wifi?

I'm sure you could spam yourself into a new house with the right business sense, but the spammers who are making a living of it are not doing it by driving around town looking for open access points.
posted by rafter at 11:16 AM on June 23, 2006


1. Tell the guy to stop using the wireless network.
2. Have the guy arrested for using the wireless network
3. ???
4. Profit!


3. Sue the bastard.
posted by triolus at 11:16 AM on June 23, 2006


Wait until he comes back, pull out ettercap, trojan his box, steal his bank account.
posted by sonofsamiam at 11:20 AM on June 23, 2006


the spammers who are making a living of it are not doing it by driving around town looking for open access points.

This is true. The big-time spammers own or 0wn mail relays themselves. I hear botnets are big with spammers these days, too.
posted by sonofsamiam at 11:23 AM on June 23, 2006


Like my grandfather once said (wise man that he is), a swift kick to the groin solves all of life's problems.
posted by antifreez_ at 11:23 AM on June 23, 2006


I find it rather odd that someone who can successfully use a packet sniffer can't properly secure their own wireless network.
posted by Adam_S at 11:32 AM on June 23, 2006


There is a lot of conjecture in this. It is not necessarily the case that This Guy is the one spamming blogs, which is the kind of thing that I would imaging you'd do, you know, at home or an office of some kind. He's just assuming it because the guy was using his laptop in his car. There are reasons to use a laptop other than internet, ya know.

I think it is more than a little likely that it's someone else in his apartment complex that is doing this.
posted by JHarris at 11:34 AM on June 23, 2006


I am sure he knows how to secure it, but left it open for altruistic reasons.
posted by caddis at 11:34 AM on June 23, 2006


Print up bumper sticker reading "I am a spammer". Apply to car. Let mob justice take its course.

Look up his name (probably available via property-tax records). Find out what you can about him. Send him a personally addressed letter that will creep him out.

Find some other comment-spammer that this guy is stealing business from, pass along his details, and let mafia-style justice take its course. If you can keep two spammers busy messing with each other, they'll have less time to mess with regular folk.
posted by adamrice at 11:35 AM on June 23, 2006


Couldn't you ... oh, I dunno ...

Wait for him to come back, call 911, and tell the cops you've already told the guy to push off ...

Seems to work for coffee shops ... :)
posted by kaemaril at 11:42 AM on June 23, 2006


That's ridiculous. I would definitely never put such effort into promoting my phentermine site.
posted by MrZero at 11:43 AM on June 23, 2006


I am sure he knows how to secure it, but left it open for altruistic reasons.

Well.... if his intention was for random people to take advantage of it then that's exactly what happened!
posted by Artw at 11:43 AM on June 23, 2006


"I was sitting in my car using a wireless connection that someone had obviously left open for anyone to use, and then the guy shuts it down and stalks me all the way home. I have a picture of his car and his house, what should I do?"
posted by Armitage Shanks at 11:50 AM on June 23, 2006


I believe the traditional thing to do is to post his address and phone number to the web, and let his punishment be decided by whatever crazy 'net vigilante cares to administer it. There's probably a better way, but it would take more work.
posted by sfenders at 12:03 PM on June 23, 2006


Hire someone to kill him.
posted by puke & cry at 12:04 PM on June 23, 2006 [1 favorite]


So, he leaves his Wi-Fi open for use, but now objects because the use was not an 'approved' use by him? What if the guy was perusing abortion sites and the owner of the Wi-Fi was anti-abortion? And so on.

There is no story here. He left it open; if he doesn't like the guy using it, either close it (at least to that one person) or accept that not everyone has the same values as you. The fact that we would almost universally dislike the particular use it was being put to is not relevant.
posted by Bovine Love at 12:07 PM on June 23, 2006


Um, the question is not "what should he do about somebody stealing his bandwidth" (which would indeed be a dumb question), it's "what should he do about having found a spammer."
posted by languagehat at 12:12 PM on June 23, 2006 [1 favorite]


Bovine Love, are you defending blog spammers as people with "different values?" That's what it sounds like to me.
posted by brownpau at 12:14 PM on June 23, 2006


spammers, child pron traffickers, terrorists... They all just have "different values". I guess technically that's true.
posted by Crash at 12:20 PM on June 23, 2006


There is no story here. He left it open; if he doesn't like the guy using it, either close it (at least to that one person) or accept that not everyone has the same values as you. The fact that we would almost universally dislike the particular use it was being put to is not relevant.

It's completely relevant because it IS the question. Did you visit the link and read it? He's not asking how to stop someone from using his Wifi. He's asking for ideas for fun ways to make a spammer miserable.


Um, block outgoing port 25?

Wow. Did anyone actually READ the thing that was linked to?
posted by glenwood at 12:24 PM on June 23, 2006


Here's what I suggest:

Host a chili cookoff. Spread fliers and invitations all over the spammer's neighborhood, and make sure he's there for the chili cookoff. Then, encourage his parents to trespass on the farmland of a crazy old farmer with an itchy trigger finger. Soon, the farmer will shoot her parents to death. Then, collect the bodies and dismember them, grinding the useable parts into hamburger. Make chili. Serve the chili to the spammer at the chili cookoff, then reveal that the chili is made from his parents. "Yes! Yes! Oh let me taste your tears! Oh, the tears of unfathomable sadness!"
posted by NedKoppel at 12:29 PM on June 23, 2006 [3 favorites]


Here's what I would do.

Take the photos, and the logs of activity showing what he was doing. Take his home address. Contact the local cable modem/dsl provider that gives him his connection at home and tell them they have a spammer on their network and get his connection to his spammy livelihood cut off.
posted by mathowie at 12:32 PM on June 23, 2006


Anyone find it suspicious that this is the only post on a web site named www.spam-blocker-resource.com? And the site is also selling anti-spam software/books? No one?

1. Create story about spammer (because everyone knows spammers spam by hand in their front seat). Make sure to use buzz words like wifi & wardriving.
2. Drive traffic when story is posted to Metafilter.
3. Add ads about anti-spam software & books.
4. Profit!
posted by Crash at 12:32 PM on June 23, 2006


Bovine Love, are you defending blog spammers as people with "different values?" That's what it sounds like to me.

Yes, I am. I don't like spammers, and admittedly might like to fool with them a little, but seriously, it is just a spammer. In most places it isn't illegal, it isn't particularly immoral, it is just highly aggravating. So are neo-nazis.

Crash: Child porn and terrorists? Get serious, and get some perspective. It is just a spammer, and not a very good one at that. Cut him off and move on. They guy will die a natural death, metaphorically speaking.
posted by Bovine Love at 12:35 PM on June 23, 2006


Here's what I suggest:

Host a chili cookoff.


That's been done to death though.
posted by 445supermag at 12:35 PM on June 23, 2006 [1 favorite]


Crash: Nah, that couldn't have occurred to anyone. What're you, some crazy conspiracy nut? :)
posted by kaemaril at 12:36 PM on June 23, 2006


Bovine Love, I wasn't serious, so no perspective needed. Sorry if you're offended, I was originally going to have it read spammers & republicans, but thought that was offensive (to spammers, obviously). Although I think lack of values is better than different values. Still, I call BS on the post.
posted by Crash at 12:53 PM on June 23, 2006


Man, sometimes you guys are just too easy.

Here's the domain info for the "spam blocker" site. Note that the "state" is listed as "Derby", although the zip in Durham, NC.

The city he has listed; Alvaston, is a city in the UK that dates back to the 11th century...but is not, so much, in North Carolina.

This is a just a scam to get people to buy products from the amazon links at the bottom. Someone more ambitious than me could probably find out who gets paid from the affiliate links, but I just don't care enough to do the leg work.
posted by dejah420 at 1:01 PM on June 23, 2006


Heh.

The guy comes home from work early because he feels like crap and then somehow has the energy to stalk some dude across town.
posted by Slarty Bartfast at 1:03 PM on June 23, 2006


(@dejah420)

Double Heh.
posted by Slarty Bartfast at 1:05 PM on June 23, 2006


ran to my window with my cell phone camera (Sony Ericsson z520)

I wonder why the Google ads at the bottom of the page don't include one for cell phones with this odd, out of place plug here.

I'm with those who say that anyone who reacts to the suspicion of WiFi usage by bounding for their packet sniffer is going to secure his network in the first place.

Anyway, other weirdnesses include creating an image specifically to declare that there's an image that's not there for privacy reasons. Why go to that trouble? Why not just pull the image, maybe leaving a line of text in its place?

I'm inclinded to think this whole thing was concocted to generate traffic.
posted by George_Spiggott at 1:05 PM on June 23, 2006


(Or what deja said)
posted by George_Spiggott at 1:06 PM on June 23, 2006


100% fakety fake.

I did post a suggestion in the box at the bottom of the story: "I suggest you stop posting fabricated first-person stories on your site, as it is an unethical way to drive traffic to your ads for spam-blocking products."
posted by damehex at 1:12 PM on June 23, 2006


Metafilter: Sometimes you guys are just too easy.
posted by casconed at 1:17 PM on June 23, 2006


Anyone find it suspicious that this is the only post on a web site named www.spam-blocker-resource.com? And the site is also selling anti-spam software/books? No one?

Yes! Hyphens in a domain name are a dead giveaway that something's fishy here. And I think there are more reasons this is fishy. Let's review:

--no name is given in the caught-a-spammer article
--no location is given
--the domain hosting the story is a bullcrap site with no redeeming value
--the pictures SEEM to illustrate the story, but in fact they could be of anyone doing anything anywhere.
--there is no packet dump
--the mention of the cell phone brand name is a non sequitir, perhaps to draw Google ads

That's enough to set off an investigation. Digging shows us spam-blocker-resource.com is registered to

Ronald Jaffre (ronald.jaffre@gmail.com)
+1.2528984556
Fax: 0.00000
92 Alwards Close
Alvaston, DERBY 27713
US

That's a false address. The zip code is for Durham, North Carolina. Alvaston, Derbyshire, is in the United Kingdom.

Next, Googling "Ronald Jaffre" turns up this Digg profile. He's a new member since May 26, which suggests he has only recently been hitting a lot of high-ranking sites looking for free traffic. There we find that he has submitted one link, http://www.thegooglecache.com/?p=23.

Now look who thegooglecache.com is registered to:

Russell Jones (rjonesx@gmail.com)
+9.192608723
Fax: 0.00000
Durham, NC 27713
US

Same initials. Okay, that could be a coincidence. Same zip code, umm, could be a coincidence, but suspicious. The zip code matches the city and the address is an actual Durham, N.C., address The posts at googlecache.com are entered by "russ," so we can assume for the moment that the name has a good chance of being real. However, it's too common to do anything definitive with. Anyone want to take this further?
posted by Mo Nickels at 1:17 PM on June 23, 2006


ODB!
posted by sonofsamiam at 1:20 PM on June 23, 2006


I think the people responding "he should've just password protected his access point" are off base here.. I don't get the impression that he has a problem with people using his access point. Just that this particular person was using it to commit dastardly deeds.

As someone that provides an open access point in my home for anyone to use (with a big antenna on it to spread the signal as far as possible), I'd still be pissed if someone were using it to spam.
posted by Laen at 1:26 PM on June 23, 2006


I'm with Crash.

1) The problem with "different values" is what doesn't it cover. He's pointing out the black and white extremes, but it's hard to defend trying to hawk what are probably bogus drugs by creating deposites of plaque on other people's information.

2) Nobody is driving around looking for open wi-fi so they can manually spam. Nobody who can run a packet sniffer has an open wi-fi network AND really cares what people do on their open wi-fi network.

I think this is what "I Love Bees" could have been if you removed all the creative staff and replaced them with a guy who was taking a marketing class before he dropped out of the community college.
posted by Kid Charlemagne at 1:33 PM on June 23, 2006


If you pay with a credit card, the name you give only has to match your initals. So yeah this is probably some BS. Where did you find it brownpau?
posted by delmoi at 1:39 PM on June 23, 2006


Mo Nickels! Internet Detective! Good work!
posted by Phantomx at 1:41 PM on June 23, 2006


Since one of the posts at thegooglecache.com is a link to the post in the FPP, I would say it's more than coincidence.
posted by Biblio at 1:50 PM on June 23, 2006


oh well, at least I didn't see any of the ads on that site.
posted by puke & cry at 1:51 PM on June 23, 2006 [1 favorite]


cock punch both of them
posted by sfts2 at 1:52 PM on June 23, 2006


Expanding on Mo Nickel's investigation:
It can't be Ol' Dirty Bastard, he's dead. Assuming it's the Russell Jones Mo Nickels pointed to, a quick google search reveals he works for (or previously worked for) Virante, a "leading interactive marketing agency". So is this a quick side business to try and generate a couple of bucks, or is this a proof of concept of some sort?
posted by Crash at 1:59 PM on June 23, 2006


Russell Jones works at Virante with Jeffrey Staub who posted the original link.
posted by sonofsamiam at 2:13 PM on June 23, 2006


Biblio's right: the "Russ" at googlecache.com show up as one of only THREE people that have linked to this story. Here's the googlecache.com link to the spam-blocker-resource.com page. It was also the FIRST place to link to it.

Besides Metafilter, the only other site to link to the stupid story is at enemieslist.com. That domain is registered to

hesketh.net
hesketh.net hostmaster
5400 Glenwood Ave Suite G-11
Raleigh, NC 27612
US
Phone: (919) 834-2552
Email: hostmaster@hesketh.net

For those of you that don't know, Raleigh and Durham (where the other domain was registered) form two points of the famed Research Triangle and are the R and DU in "RDU," the three-letter FAA-assigned airport acronym. Could be a coincidence, as Champeon has decent net-cred, but let's just count this as a data point toward hoax, shall we?
posted by Mo Nickels at 2:16 PM on June 23, 2006


I hang my head in shame at having posted this.
posted by brownpau at 2:16 PM on June 23, 2006


flagellate yourself.
posted by puke & cry at 2:24 PM on June 23, 2006 [1 favorite]


Sonofsamiam, it's probably not a coincidence that jstaub became a member of Digg only yesterday. So it looks like this:

Jones creates a crappy site with a false story, has his coworker post the link on Digg, then Jones digs the link and posts it on his own blog as it belongs to someone else.

The question still remains: how'd you find it, brownpau? Digg? You've got great credentials here and elsewhere so I don't think you're in on it. (And it is, after all, not that big of a deal: a child-like scam to do what, get a few traffic spikes? Everybody that's ever been Slashdotted, Dugged, Farked, or whatever will tell you that such single-interest spikes do very little for add revenues, add very few users to email lists or RSS subscription totals, and result in very few extra return visits. Now, if they had a real community there or the promise of lots of new interesting stuff, it'd be a different story.)
posted by Mo Nickels at 2:24 PM on June 23, 2006


...as if it belongs to someone else...
posted by Mo Nickels at 2:25 PM on June 23, 2006


Searching usenet for virante.com reveals them plugging such reputable endeavors as www.colon-cleanse-constipation.com and a post from then 18-year old founder Ryan Allis indicating they have made at least a million doing this online marketing *coughspam* thing.

My scruples have scru'd me once again.
posted by sonofsamiam at 2:26 PM on June 23, 2006


(oh, folks, please don't directly link to these sites, mefi has high pagerank and they are really doing quite well already)
posted by sonofsamiam at 2:29 PM on June 23, 2006


what a bunch of douchebags.
posted by puke & cry at 2:29 PM on June 23, 2006 [1 favorite]


Found it here. He's normally a reputable source, so I didn't really think to double-check this stuff.
posted by brownpau at 2:33 PM on June 23, 2006


At the risk of fanning this flame, I am Russ Jones to whom you all are referring.

1. Yes, this is my site.
2. Yes, this absolutely happened.
3. No, this did not happen to me. The blogger in question uses blogger.com
4. WEP was cracked, not an idiot, just happened.
5. I was asked to host this article because of my and my companies commitment to FIGHTING link spam. We own and operate LinkSleeve, an XML-RPC system that fights link spam on blogs, wikis, forums, etc
6. We threw up this site months ago (check the whois record) but never did anything with it.
7. Opportunity presented itself with a great TRUE story.
8. That image does exist, we just removed it because some of the imagery could make the house identifiable when smart people like yourselves figured out where it happened.
9. The page has made less than $1 in adsense today and no referral sales - only an idiot would try to make money on an anti-spam post. Don't we all use AdBlocker anyway?
10. I use false data on that and many domains to prevent from getting email spammed - everyone with any intelligence would do this.

So, conclusions.
1. Yes it happened.
2. No it is not spam.
3. Yes it is my site.

If you have any questions, just email me at rjonesx@gmail.com - I can talk to the guy who this happened to, but if this kind of angry a$$ paranoia continues I am just going to take the site down. Fricking ridiculous.
posted by rjonesx at 2:41 PM on June 23, 2006


1. Rich spammers wardrive all the time.
2. The dashed out domains used to be effective in search engine marketing, not any more and we dont use them anymore.

Anymore "bash the guy for posting a good true story questions?"
posted by rjonesx at 2:44 PM on June 23, 2006


only an idiot would try to make money on an anti-spam post

I've caught anti-spyware spyware before.
posted by sonofsamiam at 2:45 PM on June 23, 2006


rj: On your blog you say "Some guy" not "Someone I know who's story I'm hosting to avoid retribution". As far as trying to avoid Spam by using fake Whois stuff: Well, I never check the email addresses associated with my domains (in fact, I don't even have a mail server running for the domain those email addresses are on). There's no reason to fake my name or whatever, and I could just use domain privacy stuff if I wanted too.

People on metafilter catch on to this thing pretty well, although we can be a little oversensitive.

only an idiot would try to make money on an anti-spam post

Maybe maybe not. But given the null hypothesis (all possibilities equal) there's still a 75% chance you're trying to make money off this.

1) you could be an idiot.
2) you could be wrong when you say only an idiot would do this.
3) neither.
4) both.

*shrug*.
posted by delmoi at 2:54 PM on June 23, 2006


1. Boy, people sure do get angry, don't they?
2. And check out the numbered lists!
3. From people who may or may not be from Derby.
4. And it's true because I say so.
5. So there.
6. ???
7. Profit!
posted by solid-one-love at 2:55 PM on June 23, 2006


Well, I am not lying. I know that is insufficient, but at least I came out here and spoke for myself. I did say "some guy" on my blog. I really DO NOT want this guy to get screwed by this guy who war-drove. Moreover, this guy is probably going to start spamming me for this crap if he knows I know the guy personally.

It amazes me why no one can see why anonymity was at least a LITTLE bit important in this situation. But whatever, every time he spams me, its one more ip and domain added to LinkSleeve's DB. :-)
posted by rjonesx at 3:06 PM on June 23, 2006


« Older OperaTube   |   To Boldly Redo What Some Man Had Done Before Newer »


This thread has been archived and is closed to new comments