Bye Bye, Blue Frog
May 18, 2006 11:58 AM   Subscribe

Blue Security shuts down It was just a few days ago that Blue Security was beating their chest, straight off a 'victory' over spammers. Now though, the company is conceding defeat.
posted by puke & cry (51 comments total)
 
I still think the Russian method for dealing with spammers is the best we've come up with so far.
posted by slatternus at 12:04 PM on May 18, 2006


Wired News article.
posted by Armitage Shanks at 12:08 PM on May 18, 2006


What's the russian method? Because if it involves a bullet in the head I'm all for it. And I'm not kidding.
posted by 2sheets at 12:11 PM on May 18, 2006


Russian method here.
posted by lexalexander at 12:12 PM on May 18, 2006


Yeah, that method.
posted by slatternus at 12:16 PM on May 18, 2006


That spammers death was unfortunely unrelated to his spamming.
posted by puke & cry at 12:17 PM on May 18, 2006 [1 favorite]


i was rather deceived that they decided to fold.
they said they managed to make 6 out of 10 major spammers to comply.
they MUST be doing something correctly.
(the threats [1] [2] PharmaMaster was sending were completely ridiculous btw)
but then i understand that they feel their company is too small by itself to face the massive DDOS's.
(i've seen many people discuss a distributed alternative since Blue Frog was open-source so there's hope)
posted by zenzizi at 12:29 PM on May 18, 2006


The other Russian method is to assimilate the spammers into the mafia and reclassify them as assets.
posted by sonofsamiam at 12:32 PM on May 18, 2006


I read about this in the Wash. Post yesterday, and it had a lot less detail- mainly, that Blue Frog was actually an applet you had to install that did DoS on spammers... that sort of makes them look a little less like the hapless victims here.

The question/problem I think is related to the Russian spammers' methods just as much as Blue Frog's- to what extent are each of their methods legal? It seems there need to be better laws to stop this, not hoping that more spammers are randomly killed by burglars.
posted by XQUZYPHYR at 12:33 PM on May 18, 2006


The russian method is more likely to take a payoff, or join the spammer in spaming the shit out of Americans.
posted by Artw at 12:33 PM on May 18, 2006


What do you mean by deceived, zenzizi?
posted by dmd at 12:34 PM on May 18, 2006


oops. wrong word. i meant disappointed.
posted by zenzizi at 12:36 PM on May 18, 2006


xquzyphyr:

It sent exactly one request to the spammer's sponsor for each e-mail received by each of their customers.

If that was a DOS, it was self-inflicted. I think this system should be integrated into windows, personally. It would be de-facto enforcement of the can-spam act.

Anyone who spammed people on the list would have their site brought to its knees following the spam. Even the suckers wouldn't be able to get to the site to buy anything.
posted by empath at 12:38 PM on May 18, 2006 [1 favorite]


I personally didn't find anything wrong with their method, but then I'm not a very moral person. I mean, they are spammers, right?
posted by puke & cry at 12:41 PM on May 18, 2006 [1 favorite]


I'm surprised nobody is talking about the fact that the spammers' reaction to their scheme took down all the sixapart (plus livejournal and typepad) servers, after Blue Security redirected traffic to their site to their typepad-hosted blog. I certainly enjoyed that they shut down all my sites for the better part of a day and night.
posted by luriete at 12:44 PM on May 18, 2006


Actually everyone was talking about when it happened.
posted by puke & cry at 12:46 PM on May 18, 2006 [1 favorite]


This really needs to be re-implemented by a larger company.

*cough*google*cough*
posted by empath at 12:46 PM on May 18, 2006


Say, that's a good idea. They've got the resources, and they want to be seen as Fighting Evil. Why not?
posted by languagehat at 12:51 PM on May 18, 2006


They're too corporate now. Probably be afraid of liability.
posted by IronLizard at 12:52 PM on May 18, 2006


Could Google really do this without jeopardizing a significant portion of their own machines? Going up against a powerful/well-connected spammer means that you're challenging someone with a superlarge arsenal of bots. You have to be both powerful and willing to take a lot of damage.

It seems like it would make more sense to try to take out the botnets and/or capture those computers yourself before getting into this kind of confrontation.
posted by rxrfrx at 12:57 PM on May 18, 2006


empath, would the trick then be to reach a critical mass of clients, and have the system in place with those clients, before turning it on?
posted by jamjam at 12:58 PM on May 18, 2006


rxrfrx: Doesn't pretty much every computer on the internet hit google with requests al day long anyway? I don't see how a botnet could make it significantly worse.
posted by empath at 1:01 PM on May 18, 2006


IMO it was a relatively wild-west style business plan. I think the main money in the anti-spam market is from business/corporate email management, not from consumers. The DDOS-approach of BlueSecurity doesn't feel like something that corporations would want to be a part of -- they just want to filter out spam locally in the most effective and cheapest fashion, not partake in a vigilante which could at some point come back to bite them (as was demonstrated aptly by PharmaMaster.)

Creative idea but not really market friendly.
posted by bhouston at 1:03 PM on May 18, 2006


I'm no Computer Expert, but I figured that (normal google traffic) + (hammering from a few million IPs) = a significant toll on Google's computers. It would be cool if that were not the case, though.
posted by rxrfrx at 1:06 PM on May 18, 2006


I remember when email was exciting, you looked forward to receiving it. Now I have to wade through 150+ spam messages a day just to find the 1 or 2 legitimate messages. Fuck spamers. They are fair game. I personally find that as a nuisance to the online world, online vigilantes should unite to combat them. Even if that means meeting up with them in Russia (personally I wouldn't set out for the "Russian Method" but hey one less fucking spammer).
posted by cdavidc at 1:22 PM on May 18, 2006


Really now, everyone who loves spammers raise your hand......

Ahh, you mean no one loves spammers. Maybe they will just kill themselves.
posted by cdavidc at 1:27 PM on May 18, 2006


What's all this DDOS talk? As far as I can make out BF would, for each spam received, send one email to the website advertised in the spam, asking to be unsubscribed from their mailing list. If the website folded under the weight of traffic from such requests tough, shouldn't have bothered so many people.
posted by Joeforking at 1:28 PM on May 18, 2006


I guess I should have put this link in the fpp, where the supposed spammer claims that the the blug frog method was "a daily nuisance to our server administrators" and that the opt-out requests "are easy to handle, but time consuming."
posted by puke & cry at 1:36 PM on May 18, 2006 [1 favorite]


If anyone is interested in reading the spammers congratulate themselves, they can do it on the spammer board SpecialHam.com
posted by WetherMan at 2:11 PM on May 18, 2006


not exactly, you need a login to look at anything and the register page is 404'd. Got a login, because I would find that forum fascinating.
posted by puke & cry at 2:16 PM on May 18, 2006 [1 favorite]


that last sentance should end in a question mark.
posted by puke & cry at 2:16 PM on May 18, 2006 [1 favorite]


" FUCK YOU ALL ANTIS

BLUEFROG DIED 4EVER WHAT WILL U DO NOW ?:)
POST HERE AND ENJOY WATCHING US MAKING FUN OF ANTIS WORLD :)

WE WON
YOU ARE LOOOOOOOSSSSSEEEEERRRRRRSSSS :)

BLOW US THANKS"


Eh? What a joke!

A.) Blue Frog != "Antis".

B.) Most "Antis" were opposed to Blue Frog; they don't fight abuse with abuse.

C.) Blue Security really suckered you guys into a phony war. They thought it would help them win financing for their IPO. Blue Security, not the antis, lost.

I am still using Spamhaus on my server to block your crap. I am still reporting such of your crap, which comes to accounts not on my server, to SpamCop.

SPEWS, SpamCop, and Spamhaus are still very much with us, and very much in the "war". You won a battle, but the "war" continues...

----

Lots of broken english and strange logic from the spammers, offers for deals, sponsors, servers, botnets, whatever. Cogent replies from anti's such as the above.

I trolled these forums for a project a few weeks back during the beginnings of the BlueSecurity fiasco.

The registration used to be open and the board itself isn't heavily moderated, anti's post frequently and engage in the conversations. Once the BlueSecurity stuff settles down I'm sure registration will open again.
posted by WetherMan at 2:26 PM on May 18, 2006


I don't guess you could email me a login could you, wetherMan? I'd email you but you don't have one in your profile.
posted by puke & cry at 2:31 PM on May 18, 2006 [1 favorite]


I think it's a little ironic that a company that was trying to make people fold by DDoSing them folded as soon as someone DDoS'd them. I have nothing but contempt for spammers, but man, if you plan on giving it out make sure you can take it.

What a bunch of pussies, ultimately.
posted by delmoi at 2:34 PM on May 18, 2006


What's all this DDOS talk? As far as I can make out BF would, for each spam received, send one email to the website advertised in the spam, asking to be unsubscribed from their mailing list. If the website folded under the weight of traffic from such requests tough, shouldn't have bothered so many people.

I think they were sending N2 request. So if I send 500 spams to 500 Blue Frog users, I get 250,000 bounce messages.
posted by delmoi at 2:37 PM on May 18, 2006


500 spams each to 500 users? Or each user gets a single spam? If it's the former, than 250,000 makes sense -- otherwise, I don't get why they would do that, other than to be vindictive.
posted by crawl at 3:04 PM on May 18, 2006


In all seriousness, I've long wondered why some white-hat hackers don't band together to write a virus that will actualy inoculate vulnerable machines, and de-zombifie zombie machines. I don't have the programming chops for a project like that, but I'd pitch in a few bucks

And perhaps a group of slightly stained white-hats could add a patch that will work out the location of the zombie controllers and send Tubgirl over to them in person.
posted by adamrice at 3:53 PM on May 18, 2006


Trojans that exploit a particular vulnerability have long been known to fix the hole after rooting a system. In fact, it's pretty much standard practice to fix the exploit on machines that are manually hacked to preserve root.
posted by WetherMan at 4:06 PM on May 18, 2006


Maybe we should just fucking fix SMTP already.
posted by Optimus Chyme at 4:47 PM on May 18, 2006


Ain't nothing broken about SMTP, OC. Remember, spam is sent by botnets: no matter what you replace SMTP with, if users are able to send email, then spam-botnets will be able to use users' machines to send spam.

Re retaliatory DoS attacks on spammers: the main problem with that kind of approach, as a class, is that it makes it too easy for the spammer to use you to inflict harm on a third party, by "advertising" that third party's innocent website in their spam emails.
posted by hattifattener at 6:07 PM on May 18, 2006


You'd think spammers utilizing botnets would be easy to deal with. Just backtrace the spam, find the zombified computer, and use it for evidence in a computer-hacking case against the spammer. Spammers have to be tied to their spam (since it has to make them money) so they aren't usually impossible to identify, and computer-hacking laws are harsh.

Of course this only works in first-world countries where such laws are enforced, but in third-world countries you could probably find people to chip into a collection to pay the local mafia to make the problem disappear. Slightly ethically questionable, of course.
posted by Mitrovarr at 7:04 PM on May 18, 2006


Just backtrace the spam, find the zombified computer, and use it for evidence in a computer-hacking case against the spammer.

I wonder how many grandmas have their computers setup to keep detailed offsite traffic logs.
posted by Jairus at 7:50 PM on May 18, 2006


Jairus: I wonder how many grandmas have their computers setup to keep detailed offsite traffic logs.

Well, none. But you can have an IP professional track them down by backtracing the emails, and install those tools on the still-zombified computers.
posted by Mitrovarr at 8:08 PM on May 18, 2006


500 spams each to 500 users? Or each user gets a single spam? If it's the former, than 250,000 makes sense -- otherwise, I don't get why they would do that, other than to be vindictive.

Umm...
posted by delmoi at 9:12 PM on May 18, 2006


cdavidc said 'I remember when email was exciting, you looked forward to receiving it. Now I have to wade through 150+ spam messages a day just to find the 1 or 2 legitimate messages.'

Why? I'm far from being an elite computer genius person, but I see one or two spam emails a month, tops (and that's on accounts that have addresses publically available all over the web, unobfuscated, two of which are nigh on ten years old).

Not having a go at you specifically cdavidc, I'm just genuinely puzzled at the way folk get up in arms about spam when you really don't need to see any. Admittedly, the spam filter I use cost money - $25 I think - which folk might not want to pay or be able to afford, but there must be open source ones out there, no? Not to mention Gmail, which I don't use much, but seems relatively spam-free.
posted by jack_mo at 5:26 AM on May 19, 2006


my gmail ain't jack_mo. I get 3-4 a day there. Not much, by any means but since its the only mail I get there I can warp the stats to say "my gmail gets 100% spam and no legit mail" without lying. ;)
posted by dabitch at 5:57 AM on May 19, 2006


Yeah, I just checked mine, and either I have lots of friends called Simpleton Q. Frangipani who are obsessed with the size of their penises or the Gmail spam filters are a bit shit. If all the free webmail thingies are the same, then I take back the above...
posted by jack_mo at 8:53 AM on May 19, 2006


Not so long ago, I would track down the originaiton point of spam or virus-laden messages and email complaints about breaking TOS. Usually it stopped the problem.

A few years later, I was resorting to emailng sysadmins and reporting that they were forwarding crap, usually withoiut knowing they had an open relay. Again, usually solved the problem.

These days, I have SpamAssassin running on the server, and the Thunderbird Bayesian logic filters set up on my computer, and still stuff that is blatantly spam (stock options, penis pills, etc.) sneaks through at a rate of 3 to 4 a day.

Something needs to be done. I'd bet that close to 80% of web traffic these days is garbage. I'm sick of it. The Russian Method seems fine by me; all we need is some ex-Special Forces people with the inclination to hunt down and kneecap some spamming bastards.
posted by caution live frogs at 1:11 PM on May 19, 2006


Ain't nothing broken about SMTP, OC.

The fact that domain spoofing is less than trivial and that there's no authentication chaps my hide.
posted by Optimus Chyme at 3:46 PM on May 19, 2006


Exactly, caution live frogs , it used to be a bit more 'neighbourly on the net, now tho, spam and spambots and infected machines everywhere. Blah! Will
Sender Policy Framework ever be implemented by all (and will that fix things?)
posted by dabitch at 4:46 AM on May 20, 2006


No.
posted by sonofsamiam at 7:36 AM on May 20, 2006


« Older I liked them so much better when they were The...   |   Holy recursion, Batman! Newer »


This thread has been archived and is closed to new comments