Blue Security's Bad Publicity Week Continues: Accused Of Knocking Out Six Apart
from the headaches-at-Blue-Security dept
Blue Security is not having a very good week, it seems. The company already had mixed reviews, as some felt its efforts to knock out spammers by filling their web forms with bogus info went a bit too far towards vigilante justice. On Tuesday, the news started spreading that the company's "Do Not Spam" list had been hijacked by spammers -- which wasn't entirely correct (but close enough for many). Instead, as has been predicted by anyone studying the idea of a Do Not Spam list, some spammers simply "washed" their list, and used the difference to figure out who many Blue Security users were. They then started bombarding those users with angry spam. At about the same time, Blue Security was hit with a massive distributed denial of service attack. Whether or not it was set up by the same spammer isn't clear -- but certainly seems likely. Shifting gears for a second, late Tuesday, a number of people noticed that the blogs they had hosted by Six Apart had been knocked offline. Six Apart has had some struggles over the last few months -- so many chalked it up to more growing pains. However, someone is now claiming the two stories are connected. Digg points us to a story claiming that after Blue Security's site went down, they pointed their hostname to a typepad blog, effectively moving the denial of service attack right into Six Apart's lap. The writeup makes it sound a lot more nefarious than it might really be. Blue Security probably figured that since their site was down just as the other problem was happening, they might as well direct people to their blog for more info... without realizing that the impact might take down all of Six Apart. Either way, it appears Six Apart has been careful not to place the blame on Blue Security... but as the story spreads (even if Blue Security had the best of intentions), it would seem that this just isn't Blue Security's week.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
The Moving DDoS grabbed Attention
Now- whatever you feel about BlueSecurity and their program- They became a victim of DDoS and a portion of US Critical Infrastructure was affected. This effectively draws US law enforcement into the fray.
Sounds like a cool strategy.
[ link to this | view in chronology ]
This is indefensible
Either (a) Blue Security did not understand what the impact of this change would be or (b) they did.
If (a), then they're idiots. Anyone with even a TINY clue about network and system security should have been able to figure this out in 30 seconds. If (b), then they bear equal blame for the attack on Six Apart. Given that their entire business model is based on redirecting abuse, though, I doubt that they have the courage and/or integrity to admit this.
Blue Security are scumbags, and anyplace that hasn't already permanently blacklisted them (and their idiot customers) should do so immediately.
[ link to this | view in chronology ]
Re: This is indefensible
By describing Blue Security as scumbags and their customers as idiots, you make it clear that you probably have some connection to the spam "industry", and you are possibly a spammer yourself. It doesn't surprise me that you would hide behind an alias, as do spammers.
I endorse any punishment short of physical violence for spammers. They not only do harm to us individually, but cause damage to our economy and our society.
Just the fact that spammers have intentionally corrupted a tool as valuable as email is enough to convince me that they deserve anything they get. Spammers represent some of the worst of human nature: the willingness to hurt others just for the chance to make a few pennies. Spammers are the real scumbags, and Blue Security, however misguided their techniques may have been, are absolutely correct in wanting to put a stop to spam and the despicable people who create and distribute it.
[ link to this | view in chronology ]
Re: This is indefensible
Stupid A$$!
[ link to this | view in chronology ]
I wonder how many such comments are from spammers.
Whilst I agree, that the DDoS should not have been redirected to another site, I believe that Blue Security was simply sure, that one of the world's hugest sites is well-prepared for such things as DDoS (it must have been slashdotted or lived through a digg-effect many times before, so it must have been prepared). Therefore I believe that Blue Security did not realize, that this could have such a large impact (because they did not realize, how massive the DDoS on their domain was).
The tactic used by Blue Security and Blue Frog obviously has nothing to do with a DDoS attack, but most Anonymous Cowards and idiots who cannot read before commenting seem to be apt to go to such conclusions. Some of them, because it's in their interest (they are or they represent the spammers affected), some because they can't read (and don't have a slightest clue as to how Blue Frog works), and some of them simply because they heard something somewhere and repeat it like a well-trained parrot.
Blue Frog does not DDoS. Every member submits ONE complain only to the sites this member has been spammed by (i.e. if a member forwards spam to Blue Security, which spamvertizes a certain site, that same member sends ONE complaint via the Blue Frog to that site). This is obviously too hard to understand for some.
Regarding publicity, maybe it's not wonderful, but it sure has drawn much interest to the system and Blue Security, once it's up and running again, will most probably experience an influx of users, who noticed that spammers are intimidated, and conclude that the system works.
[ link to this | view in chronology ]
Re: I wonder how many such comments are from spamm
For starters, idiot, I'm one of the Internet's leading spam-fighters. And of the things that all that experience has taught me is that any attempt to fight abuse with abuse is likely to either (a) fail and or (b) hit the wrong target. Or both. It's stupid, it's wrong, and it's unethical.
Another thing it's taught me is that providing information to the enemy -- especially via automated processes that can be gamed via judicious use of input data -- is truly stupid. That's why, for instance, SMTP callbacks are an idiotic idea and are used only by morons who don't know any better. And it's why Bluesecurity's methodology is fatally flawed. (Of course, it sounds good to ignorant newbies, since it makes them feel like they might be actually hurting the spammers. And those dumb suckers are stupid enough to fall for that little bit of emotional manipulation.)
Second, do you really think that spammers, or their minions, are going to waste time posting comments here? Why should they bother? Please. You're not important enough for them to worry about.
Third (and this partially repeats point 2), you clearly have no idea who you're dealing with. Professional spammers are not stupid. They're not newbies. They're well-funded, they have access to enormous network and computing resources, and they have some amazingly talented programmers working for them. Bluesecurity, at its best, could only hope to be a mere pinprick.
Fourth, given that they're wholly ineffective, it really does beg the question of why a DoS attack and why now? Oh, I'm well aware that Bluesecurity's sucker customers and sockpuppets are claiming that it's because they were having an impact. That's utter nonsense of course, but it does make for great PR for Bluesecurity.
Fifth, and finally, the ignorance displayed in the followup comments here is truly appalling. Apparently few of you have taken the time to learn the history of the spam/anti-spam struggle, and as a result you are intent on making mistakes that others already made years ago, discovered, analyzed, and wrote up -- so that you wouldn't repeat them. But you are. And as a direct result of that, you're making the problem worse. It'd be nice if you stopped.
[ link to this | view in chronology ]
Re: Re: I wonder how many such comments are from s
Most of the "Internet's Leading Spam-Fighters" have very recognizable names... "Anonymous Coward" isn't one of them. The folks I know who deal with spam, and with identity theft, joe jobs, phishers, scammers, and the like tend to take the attitude that while Bluesecurity is a bandage, and a misguided one at that, they aren't so quick to label it ineffective or to label the folks who use it suckers and sockpuppets. And most of those that I know who are the Internet's Leading Spam-Fighters are happy to have their name (or even their pseudonym) be associated with their statements (since most of the folks involved tend to have an ego, like the rest of us.) Not saying you aren't a leading spam-fighter, but without evidence of your authority, I'm having a hard time believing you since your statements don't meld with what I've previously heard, though there are many factions in that community and you may be speaking from one that I haven't heard from before.
Bluesecurity may be misguided, and it may or may not be making a difference (that has yet to be seen.) However, dumping everyone who uses Bluesecurity (for which I must admit, I do not use, have never used, and will likely never use,) into the category of "suckers" without explaining to the rest of us why they are making the same mistakes others made years ago (I have not heard from anyone within the spam-fighting community until now that Bluesecurity made any mistakes previously made, just that there were some issues about whether innocents could be hurt by the effort, though Bluesecurity has promised that humans are involved with making sure that no innocent is hurt.)
I am well aware of the history, and quite frankly, nothing you have said would make me believe in the machinations of an Anonymous Coward. If anything, it is obvious you either have an axe to grind with Bluesecurity, or you like trolling Techdirt...
[ link to this | view in chronology ]
Re: Re: I wonder how many such comments are from s
Oh, sure you are, Mr. Anonymous Coward.
[ link to this | view in chronology ]
Re: Re: I wonder how many such comments are from s
[ link to this | view in chronology ]
Re: Re: I wonder how many such comments are from s
For starters, you claim to be a leading spam fighter, but don't give any credibility to that claim. For all that I know, you could be a spammer's sock puppet (or not - I'm currently 50:50 on that issue).
Another thing, Blue Security tried to be polite towards the spammers, and they wanted to establish a business model ("pay for our services, and you'll be opted out from spam"). That part didn't work, but it's absolutely inessential for the rest of their approach to work. A volunteer project with no intent of being nice to spamvertized sites could simply lodge a complaint per spam received, and effectively destroy the business model of the spammers.
(Skipping second and third points, which are indeed valid.)
Fourth, you say that the DDoS against Blue Security is not an indication that they have something, but you fail to give a single reason.
Fifth, the lack of arguments you're giving is truly appalling. Apparently you neither looked at the other details of Blue Security's approach, nor do you give us unwashed masses a link to the pages where the mistakes that others made years ago are described and analyzed. It would be nice if you were a little more constructive.
Until then, the only effect of your comments is that of (trying to) dishearten anti-spam approaches.
Actually that makes your a candidate for the "spammer's sock puppet" tag. I'd be happy to be proven otherwise, of course - give some real arguments and some details, educate instead of shouting down, and you'll be given more credit.
Thanks for listening.
[ link to this | view in chronology ]
hmmm, ok
Not sure, but I know my delete button works well - it seems to deal with spam just fine. And it's free with the purchase of any standard keyboard :)
You'd think a security company would be ready for various internet based attacks, but perhaps I'm wrong...
All that being said, no this anonymous poster doesn't know - past what I read here and a quick google search - what either of these two are.
Oh, Blue Security's web site's down - kinda hard to see what it's all about...
[ link to this | view in chronology ]
Re:
It's like telling a woman "if you don't like getting raped, you should wear a chastity belt. It's the only tool you need to fight rape".
Tell you what, if you don't mind having to delete hundreds of spam every day, and if you don't care about the lost productivity, damage to the economy, the extent of human frustration spam causes, and the despicable people who would try to force something down another person's throat, then you just go ahead and keep hitting that delete button.
But stay out of the way of those of us who believe we have the right to protect ourselves from spam and the damage it does.
[ link to this | view in chronology ]
Re: Delete does not work
Blue Security does this just right with Blue Frog. Unfortunately, a war broke out. And with it, the spammer bribed a major internet backbone staff to remove DNS pointers to official Blue Security web servers. This means that SYN flooding/distributed DOS attacks against the official Blue Security webservers did not actually cripple Blue Security's webservers. Blue Security's website was still available only to Israel at that time. In order to communicate with its global users, Blue Security had to temporarily set up camp somewhere - and maybe they figured that one of the fastest ways to do this was with Six Apart's blogging services. It is unfortunate that the irate spammer mindlessly attacked Six Apart's webservers because of this.
Blue Security may have been at fault for not properly informing Six Apart of their temporary camp set up. But we cannot just irresponsibly claim that Blue Security was the cause of the attack - it was the spammer.
[ link to this | view in chronology ]
The spammers are mad, so it IS working
Robin
[ link to this | view in chronology ]
Whose internet is it anyway?
These thugs are also posting inaccurate and misleading information about Blue Security.
These are criminals who send millions of SPAM e-mails containing obnoxious material on a daily basis and do not care two hoots about anyones rights, legal or otherwise.
Blue security is a legitimate and legal response which enpowers me and the other 500,000+ members to exercise my right to ask the spammers to stop sending me this junk.
All the spammers have to do is to stop bothering the community by using the tools provided for that purpose by Blue Security.
Alternatively they can become legitimate, provide real websites, genuine opt-outs, pay taxes and obey the law.
That is the point is it not?
The spammers are criminals engaged in a criminal activity.
[ link to this | view in chronology ]
I'm a Blue Frog user
Since then, I have seen my amount of spam go through the roof: from 5 or 6 spam e-mails a day to 35 to 40.
How does this increase in spam help the spammers? Sure, they may be angry that people are trying to fight back, but if they didn't spam people in the first place, we wouldn't need to report their spam.
By sending "angry spam", this simply escalates the battle: spammers send more spam, which will then get reported to Blue Frog, SpamCop, the FTC, ISP's, and others, which will place them on black lists even faster than before.
The best way to fight spam is to teach people not to buy products listed in spam e-mails. If we can get people to stop clicking the links, then the revenue to these spamvertised sites would stop. If the sites have no income, they won't pay the spammers to send spam.
And you know what? This tactic is perfectly legal. :)
And to all the people who say "just hit the delete key": have you ever thought about the economics involved? If it takes one person one second to delete the e-mail, how long does it take everyone to delete millions of spam e-mails? Now multiply that by an average person's wages and you start to see the cost of lost productivity.
Plus, what about the costs on the networks that transmit these spam e-mails? The spammer pays nothing to send out millions of e-mails, yet the relays, switches, servers, and receiving people have to bear the cost.
[ link to this | view in chronology ]
You Are Served!
Thank you Henry for that simple yet direct explaination of the 'why' we use the Blue Frog.
When I get a phone call from a person I do not know, I first ask who they are and who they work for. Then I ask if this is a marketing call. I then inform them that I do not take marketing/sales calls and promptly hang up.
This is what Blue Security does for me and my emails. I don't request that Spammers send me this additional work-load each day. So this is my way of dealing with it.
Of course the Delete Key works...BUT...
I have found that most of the removal links don't get me off their spam campaigns. Rather it appears that efforts are doubled or tripled against me for politely asking for my email address to be removed.
Someone has to fend for the less technophile of us out there and Blue Security is one shining knight in a small group of them.
God bless the people behind Blue Security who want to stand up against the hoards of unwanted spammers and their vile garbage dumping.
You Spammers make life on the computer less fun, far less productive and an outright pain to use.
I will fight back as you leave me no option. So take your licks damn it!
- or kindly stop your assaults on my daily life!
[ link to this | view in chronology ]
Spam vs Junk Mail...
[ link to this | view in chronology ]
Re: Spam vs Junk Mail...
[ link to this | view in chronology ]
Re: Spam vs Junk Mail...
I'll actually leaf through my 'Junk Mail'. My Spam usually goes right into the trash without a first glance.
[ link to this | view in chronology ]
Re: Spam vs Junk Mail...
and as for americans being fat or lazy, or what ever it was u said, all i can say to that is what booger redwine from muleshoe, texas would say, "FUCK YOU, TOWEL-HEAD." ah..thanks for listening. i feel so much better now.
[ link to this | view in chronology ]
Re: Spam vs Junk Mail...
My sister did so for a year to pay her way to Paris, so I like to think there are others so resourceful.
[ link to this | view in chronology ]
I've got at least 50 spamails.
[ link to this | view in chronology ]
I hate spam.
[ link to this | view in chronology ]
Part of the reality of becoming a hosting company is dealing with the ugliness of site hosting. DDoS is a tremendous challenge but one that a lot of Rackspace techs and gambling site techs could tell you about.
[ link to this | view in chronology ]
Spam filtering by Pobox.com
I am in no way affiliated with Pobox.com, but am only a *very* satisfied customer. For only $20/year Pobox.com's service is invaluable. It has kept my mailbox virtually spam-free for a few years now.
[ link to this | view in chronology ]
Re Spam and Junk Mail
I do not know of any other word to use to accurately describe the activities of the spammers who threatened me and fellow my community members repeatedly over the last few days, or push invitations to buy illegal copies of software, umprescribed drugs, bogus stock options or pornography into my in-box.
If these spam e-mails were physical "junk mail", sent out by the million, then the perpetrators would quickly be stopped.
The whole structure of the internet would need to be changed in order to stop spam at a technical level.
[ link to this | view in chronology ]
Re: I wonder how many such comments are from spamm
See:
http://www.realtechnews.com/posts/3011
which contains posts from spammers.
Have a good look at the threats and spoofed comments.
Blue Security uses a number of methods for spam reporting, not just SMTP.
I have only been in the IT industry for 35 years, so I guess you could call me a "Newbie". So please explain:
1) How can a situation already out of control get any worse?
2) Why should we stop?
3) You are the expert - What alternatives do you offer apart from calling us idiots?
4) Why haven't the "experts" managed to solve this issue so far?
It would be very nice for the spammers if we did stop - wouldn't it?
[ link to this | view in chronology ]
Brief answers to your questions.
2. You should stop because you are making the problem worse. (I would think that would be obvious, but maybe not.) Handing over valuable intelligence to the enemy is a very stupid move no matter how it gets done. Doing it abusively is much worse. (Free clue for those who haven't been paying attention for the last several years: spammer web sites are frequently not what, or where, they appear to be.)
3. Well-known, well-understood, massively documented anti-spam technqiues make it a trivial exercise to deal with 95% of incoming spam. Dealing with what remains gets progressively trickier (and thus harder) as you go, of course, but then it becomes a question of whether you're trying to return your incoming mail to a usable state or whether you're trying to nail every last one. A fairly clueful setup using a solid MTA (sendmail or postfix or courier or exim), DNSBLs, RHSBLs, perphaps SpamAssassin, perhaps MIMEdefang, perhaps ClamAV or another AV tool, will easily deal with in excess of 99% of incoming spam correctly -- that is, by rejecting it during the SMTP conversation so that it doesn't cause backscatter. (And I'd be remiss if I didn't mention the Spamhaus DROP list. Put it in your firewalls. It stops a lot more than just spam.)
None of this is particularly new. It's all been written up over and over and over again. Yet we see people wasting time with overpriced junk (e.g. Barracuda), "anti-spam" software sold by spammers (e.g. IHateSpam from Stu "spambag" Soujerwman), abusive practices (e.g. callbacks), spamming anti-spam software (e.g. C/R), bonehead ideas (e.g. SPF/DomainKeys/etc.) and other nonsense.
4. We have. On our mail systems. All you have to do is do the same thing on yours and you'll be roughly as successful. ("roughly" because everyone's incoming spam is different. You might do a bit better, you might do a little worse.)
5. (in answer to your last question). No. They spammesr don't care. They don't care because it doesn't affect them. It doesn't affect them because they now have access to/control of the largest distributed, scalable, fault-tolerant computing cluster ever built. They have resources that make server farms like Google's look insignificant. So the chances of anyone mounting any kind of successful attack against that are absolutely zero. It'd be like trying to drown someone who owns the ocean. It's very, very stupid to even try.
Oh, it appeals to the emotions, to "strike a blow against the spammers" and all that. But it's ridiculous, childish nonsense -- which is why only ignorant newbies buy into it. And...as we've seen repeatedly...the most likely outcome of any attempt to "attack the spammers" will be abuse (re)directed at innocent third parties.
[ link to this | view in chronology ]
Re: Brief answers to your questions.
When you talk to people this way, you only serve to alienate them and push them right toward Blue Frog just to show you what an idiot YOU are. People like you get your kicks by flaming others no matter what the truth is.
Unless you can say something helpful, go find yourself a hole to crawl into and let us discuss this without your angry garble.
Isn't there a way to ban people like this from this forum?
[ link to this | view in chronology ]
I'm a Blue Security member, and I fully support what Blue Security is trying to do. This DDoS simply inspires me to continue to fight. I even telephoned Blue Security in Israel today, giving them my support.
Mark
[ link to this | view in chronology ]
Re: Brief answers to your questions
1) There is no charge to personal users from Blue Security . If they are indeed some kind of profiteers, I just delete the application and delete the spam automatically as before instead of forwarding it to them. So where is the "profiteering" in that?
2) It can't get worse. What intelligence to the enemy? They already have my e-mail address in their lists. My IP address - sure, you can have it, it's dynamically assigned.
3) Most people don't have the resources you describe individually. But they do, in total, represent much more in terms of networking capability than any spam merchants. The method is also voluntary, democratic and seems to be working.
4) Most organisations for whom I have consulted in the past have also solved their spam problem (at a huge cost) - but how about joe public??
5) The spammers do care! They are also in businesss, and this is all bad for their business.
Blue Security has evoked a response precisely because the spammers know that they cannot win when the numbers game gets past a certain level. 500,000, 1 million, 10 million - Blue securities membership went from 33,000 to 500,000 in a few months. What will the spammers do when the community size gets into the millions? Order more bot nets? Destroy the internet? I don't think so. They will just get on with their rediuced and more profitable "customer list".
[ link to this | view in chronology ]
Still some incorrect info out there...
[ link to this | view in chronology ]
Re: Anonymous Coward and his kind.
A million "pin pricks" and you bleed to death. Dumbass.
When the SpamKing, PharmaKing, Killa and the rest of those puss suckin, wanna be tough guy, beyatches.
Have no paying customers. All of their amazing "cluster" will be worth what?. Their shit will be in pawn shops, as
they try to pay back their Mafia, Gangsta Girlfriends.
There should be bullets to the head and cement boots for all, as their criminal empires collapse.
Their Pain is a beautiful thing.
Your jealousy of the Blue Community is just sad.
We have done more to hurt the spammers in less than
a year than all the other methods combined, have in the
last ten.
By "Spam Fighter" it is obvious that you meant "Spam
Ignorer". I'll clean up my yard and screw everyone else.
Note to "Spam King" from the BLUE FROGS, SUCK IT!!!
[ link to this | view in chronology ]
Some answers, round 2
1. Surely you don't think they're doing this out of the goodness of their hearts, do you? (Not that some people aren't doing it out of the goodness of their hearts: they are. But those people aren't incorporated, burning venture capital, etc. They're the volunteers who have done the vast majority of the Internet's anti-spam work for many years. It's just that Bluesecurity isn't among them.) I think you should ask yourself this question: "How, exactly, is Bluesecurity going to make any money off this?" Their VC backers no doubt have an answer to that question.
2. The information you're providing to spammers is that they managed to reach you. That is: a spam message sent from such-and-such an IP address, with such-and-such a technique, with such-and-such content, headers, formatting, etc., made it through your defenses and got to you. They don't actually know that UNTIL YOU TELL THEM. Which you're doing. Which means that you're helping them better understand what methods/messages enhance deliverability, and which don't.
Not only does this information have value to them, it has value on the open market. Spammers have built, and maintain, and sell/trade/rent, databases which contain a lot of this information. And they're becoming increasingly sophisticated about tracking it -- in part because so many people have failed to learn a basic lesson: "tell the spammers nothing". So every time you use Bluefrog (or any other tool like it) you are actively helping the spammers enhance and refine their methods.
Congratulations.
3. I understand that most people don't have those resources. Fair enough. But lots of other people do, and they've made those resources available (sometimes for free, sometimes for a charge). You and I and everyone else have choice in how we receive our mail: if we choose poorly, and thus receive a lot of spam as a result, that's our fault. If we choose wisely, then we may have to pay for it (or pay a bit more for it), but one benefit of that ought to be reasonably effective anti-spam measures.
Another way of saying it: I don't expect everyone to know how to set up Postfix+SA+ClamAV+DNSBLs+greylisting. I do expect everyone to be able to find someone who knows how to do that.
4. I'm well aware that many organizations have solved their problem at huge cost. They're stupid. It's not necessary to spend a lot of money to "solve" this problem, unless "solve" includes the specification "100%" -- and then I would argue that this is a wholly unrealistic specification.
For example, merely using a reasonable set of DNSBLs (e.g., Spamhaus XBL, SORBS, NJABL, DSBL, let's say) nails the overwhelming majority of spam. It's free. It can be set up in minutes. It works with nearly every sane MTA and even some insane MTAs. Yet we find people spending thousands of dollars on products/services which do nearly the same thing. That's just stupid.
5. I don't think so . Chatter in the spammer world (on their web sites, IRC, etc.) has nearly completely ignored Bluesecurity. They're not regarded as a threat -- and with good reason, because, as I pointed out above, they provide a useful, free service to spammers. So I don't accept at face value the story that "this is a DoS attack launched by a spammer". Really? What proof has been produced to back that up?
And given Bluesecurity's response -- including deliberately revectoring the attack onto an innocent third party -- I think there's much more here than meets the eye. See for example this analysis, which I largely agree with.
There are a number of other curious things in play here as well, but this is long enough, so let me suggest that anyone interested in adequately educating themself to the point where they can discuss this in a clueful way should be reading these mailing lists: spam-l, nanog, spamtools, spam-research, ietf-asrg and the newsgroup news.admin.net-abuse.email.
[ link to this | view in chronology ]
Re: Some answers, round 2
So in brief,
1) Let Blue Security speak for themselves, assuming they are allowed to. At least I know who they are and where they are. I detect a large dose of "sour grapes" in your response.
2) Equally, each SPAM message contains information which can be used, assuming someone cares enough to do so. I am glad that you are not responsible for the analysis (I usually re-position people like you into areas where their egos cannot do any damage).
3) I agree that "You and I and everyone else have choice in how we receive our mail:". I choose not to receive mail from a given source. I do not expect to be harassed by the sender as a result of that decision. The techie bit is irrelevant. Some of us do understand the acronyms, but they are there mainly to inflate your ego.
4) Why is everyone "stupid" just because they do not do what you think is best? I would suggest a crash course in communications management of the human variety. Assuming you are the same "anonymous coward" who makes other posts to this forum you are a one man consultantcy looking after" 500 seats". That hardly qualifies you to pontificate about corporate strategy. It is likely that the professionals involved, like me, have a wider point of view, are better qualiified and more experienced than you, Mr. Coward.
5) If you are the expert you claim to be, then you should be able to come up with some evidence one way or the other. I leave it in your hands.
The analysis you point to is not the only one I have seen.
You fail to mention that the hosting service concerned did not blame anyone for the incident.
The hosting service was supposed to be able to handle a DDOS regardless of the intended victim. DDOS attacks happen thousands of time a day throughout the internet.
Once again, why not Blue Security speak for themselves, assuming they are allowed to.
The only education I would suggest for you, with the greatest sincerity, is a course in human relations. Why not get a perspective outside the rather limited box you apparently inhabit. A little humility goes a long way. I am sure that someone out there knows you and reads these posts. They are probably as unimpressed as I am.
[ link to this | view in chronology ]
Blue Security
1. They sought the anti spam and security communities blessing to engage in this reverse DDoS business and they failed. Even the leaer of the Anti Spam Research Group "ASRG" spoke out against them.
2. No engineer was bribed as the data available proves no routes where changed. Blue Security hasnt offered a shred of evidence to counter this fact.
3. Noone can find evidence of a routing blackhole and I invite Blue Security to produce some.
4. Blue Security knew they were under attack when they redirected their web pages through a DNS change to Typepad. Subsequently, the spammers targeted their name servers instead which then caused major domain outages at Tucows resulting in the impact to 104K domains.
5. Blue Security may have pointed their nameservers at UltraDNS without asknig because at one point yesterday, they were pointed at udns2 and udns3.ultradns.com
Again, the CEO of Blue Security hasn't provided a shred of evidence to ANY malfeasance of anyone on the Internet or any backbone provider and It's becoming harder to tell who the miscreant is as this saga continues.
[ link to this | view in chronology ]
I stand with BlueFrog
The idea that the Blue Frog approach equates to vigilantism is bizarre. There are no cyber-cops. Vigiliantes are wrong only when they supplant justice -- but as of yet, there is no justice for spammers -- only profit.
The only problem I have with Blue Frog is that it has not been effective. But just the thought that I am participating in a plausible attempt to make spamming unprofitable comforts me.
[ link to this | view in chronology ]
Bluesecurity: lots of hype, but no proof
but has failed to produce compelling evidence supporting them.
They've claimed that spammers are angry with them. Yet
they've produced no proof of this, and publicly-available
evidence (that is, chatter on spammer forums) indicates that
spammers are laughing at them.
They've claimed that their "anti-spam" technique is effective,
yet they've not shown that it is so.
They've claimed that they've been subjected to an attack by a
spammer, but haven't proven that it is so.
They've claimed that their "anti-spam" technique only targets
spammers, but haven't proven that. (And others have produced
evidence demonstrating that it's wrong.)
They've claimed considerable expertise in this area, yet they
have failed to demonstrate the ability to cope with a DoS attack
in a professional, responsible, ethical manner -- including awareness
that all anti-spam (anti-spyware, anti-whatever) sites will eventually
be subjected to these and thus must prepare for them from day one.
They've claimed experience, yet nobody from Bluesecurity can be
found on any of the working groups, mailing lists, newsgroups, web
forums, or other places where the most experienced, knowledgeable
people fighting spam communicate.
I simply don't find them credible.
[ link to this | view in chronology ]