×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hotmailers Hawking Hoax Hunan Half-Offs

kdawson posted more than 4 years ago | from the how-horrific dept.

Spam 135

Frequent Slashdot contributor Bennett Haselton writes "An estimated 200,000 Hotmail users currently have their auto-reply set to a message spamming an advertisement for Chinese scam websites, which sell "discounted" electronics. Presumably the spammers compromised a large number of Hotmail accounts to pull this off, but wouldn't it be pretty easy for Hotmail to query for which users have that set as their auto-reply, and turn the auto-reply off for them?" Read below for Bennett's thoughts.

After a recent mailing that I sent out to a subset of my proxy mailing list, I got back 18 auto-replies from Hotmail users, all substantially similar to this:

Dear friend:
We are an electronic products wholesale .Our products are of high quality and low price. If you want to do business , we can offer you the most reasonable discount to make you get more profits. We are expecting for your business.

Please visit our website: www.wedosale.com

Email: wedosale@vip.188.com .
MSN: wedosale@hotmail.com .

Looking forward to your contact and long cooperation with us!

Our mainly products such the phones, PSP, display TV, notebook, video, computers, Mp4, GPS, xbox 360, digital cameras and so on.

Welcome to visit our website!

Some of the spam auto-replies advertised different websites, and the wording varied between the different auto-responses, but they were all similar advertisements for Chinese electronics "retailers." (And so, I assume, the websites are all fronts for the same company -- if multiple spammers had independently hacked Hotmail users' accounts to set their auto-replies, it would be vanishingly unlikely that those spammers would all happen to be electronics hawkers.) This was from a mailing that I sent to a set of subscribers that included about 26,000 users with "hotmail.com" e-mail addresses. If 18 out of 26,000 users in my sample have had their accounts hacked to send spam auto-replies, then this must be happening to a large number of Hotmail users -- not a large proportion (only one in 1,500, in my sample), but with about 300 million Hotmail users, that would still be a large absolute number.

The same spammers have apparently been spamming through Hotmail auto-replies for at least 11 months, according to this post in the Windows Live Help community forum from January 2009. At first, some pundits seemed to have assumed that spammers had created these accounts themselves and subscribed the accounts to people's lists, in order to spam the list owners (and, if it's a list that accepts subscriber posts, broadcast the spam to the other list readers). However, looking at the addresses in my proxy mailing list that were sending the spam auto-replies, I noticed that (1) our records show that the auto-reply-spamming subscribers joined the mailing list by various means, signing up through different Circumventor websites, not indicative of how a spammer would have joined the list by automated means, and (2) many of their email addresses are associated with legitimate-looking Myspace and Facebook accounts. Thus it looks as if these were real users who joined the list legitimately, and then got their accounts hacked by the spammers, who set those users' accounts to send the spam as an auto-response.

(If you happened to look at the spammers' www.wedosale.com website, at this point you might be thinking: I don't want to give money to spammers, but can I really get a Blackberry for only $295? Couldn't I just order from the website, and then if the goods don't show up or they're not as advertised, I can dispute the charge on my credit card? Well, I signed up for a dummy account on the www.wedosale.com page and got as far as the order page, and the only payment types that they accept are wire transfer, Western Union, and Moneygram -- precisely those types where you cannot get the money back or dispute fraudulent charges. If you've already gone and ordered a Blackberry, don't hold your breath.)

If my 26,000 users were a representative sample of the 300 million current Hotmail users, then with 1 out of 1,500 users in my sample being "infected," I could estimate that about 200,000 Hotmail users (1/1500 times 300 million) are currently set to send spam auto-replies. Hotmail claims to process 3 billion non-spam e-mails per day, for an average of about 10 non-spam e-mails per Hotmail user. That's the average for all users; what's the average for the infected users? Some factors would tend to lead to a lower average for infected users -- if they have lots of friends sending them mail, it's more likely that one of their friends would have told them about the auto-reply spam and told them to turn it off, so perhaps the users still sending the spams are the ones who don't receive a lot of messages from their friends. On the other hand, some of the infected accounts may be receiving more (non-spam) e-mail than average; one reason people sometimes abandon webmail accounts is that they're getting too much mail, even from newsletters like the Circumventor list that they had legitimately subscribed to. So, figuring that factors in both directions roughly cancel out, if each infected user is receiving the average number of 10 emails per day and sending 10 auto-reply spams in response, that's still a total of 2 million outgoing spams per day shilling for nonexistent Chinese iPhones.

These are just back-of-the-envelope calculations, but even I'm overestimating by a whole order of magnitude, that's still 0.2 million auto-reply spams per day, or about 70 million spams that will be sent by this one company through Hotmail's servers in the coming year, if Hotmail doesn't stop it. (And closer to a billion spams in the coming year if I'm not overestimating.)

And it's actually worse than that, because these spams are less likely than average to be filtered, since they're coming from Hotmail's servers. Normally you'd think that the content-based module of a spam filter would have no problem catching a message like the one at the top of this article, especially if millions of similar messages have been spewed out over the past year. However, messages from Hotmail's servers, regardless of content, are less likely to be blocked, since their network has a good reputation for sending little spam overall (due to measures such as requiring users to fill out a CAPTCHA when signing up, blocking each account from sending more than 500 messages per day, etc.). When I sent messages to the infected Hotmail users from my Gmail account, to see if the auto-responses would get through Gmail's spam filter, Gmail's blocked only half of the replies. When I mailed all the users again from my Hotmail account, the results were strange -- most of the users' accounts sent back no auto-reply at all, not even a reply that got routed to my junk folder. (Why would Hotmail accounts not send an auto-reply in response to a message from a Hotmail user? Please post if you have any idea what's going on there.) However, of the infected Hotmail accounts that did send a spam auto-reply, 100% of those auto-reply spams were delivered to my inbox. (Apparently, Hotmail's spam filter usually assumes that messages from other Hotmail users can't possibly be spam.) Only Yahoo Mail's spam filter, when I sent a test message to the infected users from my Yahoo Mail account, blocked all of the auto-replies as junk mail.

For the infected users on my mailing list, I sent them a link to a set of instructions I'd written about how to set and un-set their Hotmail auto-reply and how to change their Hotmail password, with the hopes that they'd eventually see the message and follow the steps. 18 users rescued, 200,000 to go.

So this is basically what's happening, but it still leaves some unanswered questions, such as: Why Hotmail accounts, but not Yahoo Mail, GMail, or AOL accounts? I've never noticed any auto-reply spam sent from any accounts at any of those other services. Whatever the spammers did to gain control of so many Hotmail accounts, if it was profitable for them, why didn't they do the same thing for Yahoo Mail? And, why did only one spammer do this? If they're sending between 1 and 10 million spams per day for free, they're probably making money at it. Whatever they did to hack those accounts, why wouldn't other spammers figure out the same method and copy them?

Presumably the Chinese spammers stole large numbers of passwords from Hotmail users either via a huge phishing attack, or through a security hole in Hotmail or some other part of the Windows Live service. If it was done via a security hole in Hotmail that the spammers discovered, then that would explain why the spammer's methods only worked for Hotmail accounts, and also why no other spammers have copied their techniques. (A phishing attack, on the other hand, would be easy to modify for other webmail services, and would also be easy for other spammers to emulate, so that's not consistent with the observed evidence so far.) I also found this post from blogger Stuart Shelton describing how his account was hacked by Chinese spammers -- and from the blog post, it's clear that he's very tech-savvy and would have been unlikely to fall for a run-of-the-mill password phish. If the attack happened even to people who know what they're doing, that seems to make the security hole explanation more likely.

Perhaps others can come up with some theories about what happened. It's easy to come up with guesses, but the hard part is to reconcile them with the fact that it has only affected Hotmail users so far, and no other spammer seems to have figured out how to copy the same technique yet.

But there's a much simpler question too: Why doesn't Microsoft just turn off the auto-replies for these users' accounts? They can query to see exactly which users have these messages in their auto-replies, and then un-set the auto-reply automatically. Yes, I know that even for a simple database operation like that, there's always more to it when you're managing hundreds of millions of accounts across multiple servers -- but if it will stop this one sender from sending between 50 million and 500 million spams (that in many cases will bypass people's spam filters) from Hotmail's servers in the coming year, isn't it probably worth it?

And even if it wasn't a phishing attack this time, sooner or later some other spammer will probably capture tens or hundreds of thousands of Hotmail accounts using a phish or some other method, and try spamming through auto-replies as well. So if Hotmail "fixes" this batch of auto-reply spam for practice, then the next time it happens, they'll know exactly what to do to take care of it.

I've written some columns where I strongly believed every word but expected a lot of opposition, some where I wasn't sure if I was right and just wanted to see what people thought, and . But I rarely argue something that I think is a no-brainer. Hotmail should un-set the auto-replies for those users whose accounts are spamming for nonexistent Chinese electronics knockoffs, before those accounts send another several hundred million spams in the coming year. Am I smoking crack?

Then again, maybe expectations for Hotmail shouldn't be set too high. I use SpeakEasy for my mail provider, and on about November 19th I found that all messages sent to hotmail.com addresses from SpeakEasy's servers were being bounced with an error message rejecting them for "spam-like characteristics."I called SpeakEasy and they confirmed that they knew Hotmail was blocking all mail from their users (although for "security reasons," SpeakEasy couldn't tell me what they were trying to do about it). The block wasn't lifted until about November 28th, when my messages started getting through again.

If SpeakEasy, which has been in business for 15 years, has annual revenues of $60 million, and was bought in 2007 by Best Buy, can't even get through to Microsoft in less than 10 days to tell them to stop blocking all mail from their servers, then Microsoft should first fix their postmaster trouble ticket system, so that people are not blocked from writing to their friends and family members at Hotmail for a week and a half. Then get to work on the spam auto-responders.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

135 comments

tl, dr (5, Insightful)

spun (1352) | more than 4 years ago | (#30687548)

Wow, Bennett. You sure do like the sound of your own typing, don't you? You could really have said all that in 1/10th the space.

Re:tl, dr (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#30687602)

Wait, are you saying that Bennett is trying to make up for having small genitals by writing lengthy articles? Is that what you're suggesting?

Re:tl, dr (1, Troll)

spun (1352) | more than 4 years ago | (#30687666)

Well, I wasn't, but since you brought it up, I think we must ask ourselves: Does Bennett Hasselton write lengthy articles to make up for having a small penis? And just how small is it? I mean, are we talking three inch pencil dick, or the kind of micropenis that would look too small as a girl's clit? Inquiring trolls want to know.

Re:tl, dr (1, Informative)

bsDaemon (87307) | more than 4 years ago | (#30687704)

I'm not saying that he does have a small penis, but how can we know for sure? As slashdot readers we have a right to know, and I'm asking questions! What happened to my slaaaaaaaaaashdoooooottttt....?

Re:tl, dr (0)

Anonymous Coward | more than 4 years ago | (#30687822)

The trolls ate it.

Re:tl, dr (0)

Anonymous Coward | more than 4 years ago | (#30687862)

He's got an angry inch

Re:tl, dr (1)

Rary (566291) | more than 4 years ago | (#30688790)

Does Bennett Hasselton write lengthy articles to make up for having a small penis?

Well, I'm not saying he does, but I can't help but wonder why he has never denied it.

Re:tl, dr (5, Interesting)

SUB7IME (604466) | more than 4 years ago | (#30687630)

Regardless of the information density of his post, I disagree with his assertion that Hotmail should flip the 'autoreply' bit on these accounts. I do not think Hotmail wants to get involved in guessing whether or not someone intended to set any particular auto-reply message: "Surely, Mr. Jones, you didn't intend to drop an F-bomb in your auto-reply."

More to the point, these are hacked accounts. If you were going to take any action, *disabling* (even temporarily) the accounts and flagging them for forensic follow-up would strike me as more appropriate.

Sorry, no. (1)

Frosty Piss (770223) | more than 4 years ago | (#30688356)

Regardless of the information density of his post, I disagree with his assertion that Hotmail should flip the 'autoreply' bit on these accounts. I do not think Hotmail wants to get involved in guessing whether or not someone intended to set any particular auto-reply message: "Surely, Mr. Jones, you didn't intend to drop an F-bomb in your auto-reply."

Even if the Hotmail user *DID* intend on being part of some Chinese SPAM, Hotmail has every right and even possibly some responsibility to not allow that particular use of their email system.

Re:tl, dr (0)

Anonymous Coward | more than 4 years ago | (#30688744)

Uh, if they flip it, the user can flip it back as long as they change the text to something else.

Re:tl, dr (1)

psithurism (1642461) | more than 4 years ago | (#30689036)

As someone who uses email autoreplies, it would be rather annoying to come back from a month of vacation to discover my auto reply was flipped off three weeks ago because I provided links to my home-business site and people have been wondering why I haven't been responding.

I would sum up your response, AC, as: "can't the users just deal with inappropriate actions of their email providers?" To which I would say no.

Re:tl, dr (0)

Anonymous Coward | more than 4 years ago | (#30687650)

He's absolutely right. What a waste of space.

Re:tl, dr (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30687690)

What kind of asshat has a first name like Bennett anyway? I say my dear chap, have you seen Smithers Jones recently? I met Berkshire Hathaway last week and the old boy asked after him. Heard the news about old Jackson Pollock? Frightful, what?

I wonder if hos business card says "frequent slashdot contributor" on it?

Re:tl, dr (1)

Red Flayer (890720) | more than 4 years ago | (#30688048)

FWIW, both Bennetts I have known have been redneck hicks (and proud of it).

Suburban NJ... one drove a Pinto, the other a Chevord pickup truck (Chevy front and chassis, Ford bed welded on). Both with Confederate flags in or on their vehicles.

(Just commenting on an inane offtopic comment thread because there's no way I'm going to read BH's massif just to glean a sentence or two of potential insight).

You'd think the guy's writing experience consists of stretching three-paragraph essays to 1500-word essays in high school.

Re:tl, dr (1)

JWSmythe (446288) | more than 4 years ago | (#30687792)

    tl.dr. Something about a guess of the number of accounts set with spammy autoresponders. He does know that it's hotmail, so most of the autoresponses are going back out to other spammers, right? It sounds like a nice spammy feedback loop.

Re:tl, dr (0)

Anonymous Coward | more than 4 years ago | (#30687846)

Also, Bennett should go back to Fark with his headline.

Re:tl, dr (1)

u38cg (607297) | more than 4 years ago | (#30688420)

If only there was a way to query slashdot to only return stories which do not have the Bennet Haselton spam content...

slimy yellow bastards (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30687558)

slimy yellow bastards

Better idea (2, Interesting)

MichaelSmith (789609) | more than 4 years ago | (#30687566)

For the infected users on my mailing list, I sent them a link to a set of instructions I'd written about how to set and un-set their Hotmail auto-reply and how to change their Hotmail password, with the hopes that they'd eventually see the message and follow the steps. 18 users rescued, 200,000 to go.

Why don't you just send them information on how not to use hotmail. And while you are at it, why are you sending mass emails to a bunch of obviously clueless people? Are you a spammer?

Re:Better idea (1)

Mr. DOS (1276020) | more than 4 years ago | (#30687976)

It's a mailing list of web proxies [peacefire.org]. Browser-based proxies are popular with clueless people who don't know better ways of circumnavigating web filtering.

      --- Mr. DOS

Better ideas for circumnavigating web filtering? (1)

jonaskoelker (922170) | more than 4 years ago | (#30689330)

Browser-based proxies are popular with clueless people who don't know better ways of circumnavigating web filtering.

I must have missed Clue, issue #57. What better ways are there?

Tor? That's slow. Set up a shell account and your own proxy? Why bother if it's not on your machine (and so you shouldn't trust it) anyways? Get a VPN exit at Relakks or something? Those cost money; "free" beats that.

Exactly what better alternative do you have in mind?

Real smart... (1)

LostCluster (625375) | more than 4 years ago | (#30687582)

Can we have the mail addresses in the "ad" changed to MailTo: links so the spam bots that troll /. have an easier time rendering the contact info useless?

Re:Real smart... (1)

QuoteMstr (55051) | more than 4 years ago | (#30687710)

My email is far from useless. Email address obfuscation is security theater.

Re:Real smart... (1)

kliklik (322798) | more than 4 years ago | (#30687952)

Why do you think it's a security theater? I'm sure some implementation of email obfuscation are weak and there are already bots that can harvest for example someone at example dot com or similar, but stronger techniques should be able to fool the bots.

Re:Real smart... (0, Troll)

sexconker (1179573) | more than 4 years ago | (#30689038)

I'm sure some implementation of email obfuscation are weak and there are already bots that can harvest for example someone at example dot com or similar, but stronger techniques should be able to fool the bots.

Bots are already better than humans at image captchas.
Do you think the bots are actually deterred by plain old text?

Re:Real smart... (1, Funny)

Anonymous Coward | more than 4 years ago | (#30689202)

Bots are already better than humans at image captchas.

I call bullshit. Some bots may be smarter than some humans, but then some rocks are smarter than some humans.

A Possible Answer to One of the Many Questions (5, Insightful)

eldavojohn (898314) | more than 4 years ago | (#30687638)

Why Hotmail accounts, but not Yahoo Mail, GMail, or AOL accounts?

My uneducated guess is the simplest reason for it: of the pervasive services (MSN Games, XBox Live, etc) that comprise the entire "Windows Live" experience, one has become susceptible to some form of attack. Maybe it's not even full fledged access but some sloppy development that gave someone the ability to set your auto-response on and text to it if they only know your e-mail address? I don't know if Windows Live has a common sort of authentication service that is so familiar with all Google Apps or Yahoo's many applications but I'm guessing that someone: 1) figured how to hack a MSN app or 2) figured how to monitor one or (most likely) 3) made a page that passed as an MSN log in page and figured how to get on Facebook and Myspace and circulate the link. Once you logged in, they redirected you to the real page and just went about logging your log in information. You kind of touched on this later but didn't run with it when you said:

Presumably the Chinese spammers stole large numbers of passwords from Hotmail users either via a huge phishing attack, or through a security hole in Hotmail or some other part of the Windows Live service.

That's my guess. I wouldn't put it past any of these e-mail providers to slip up when trying to link together seventy different applications to one set of credentials. Convenience always comes at a cost.

Re:A Possible Answer to One of the Many Questions (1)

Brian Gordon (987471) | more than 4 years ago | (#30687776)

Or yahoo/google already cleans up auto-reply spamming.

Or this problem does exist with yahoo, gmail, and AOL.

Re:A Possible Answer to One of the Many Questions (0)

Anonymous Coward | more than 4 years ago | (#30688722)

It definitely exists with gmail. It happened to me, and there are a few threads in google groups that refer to the problem, though no one had a definitive cause (makes sense if it's an XSS/CRSF attack like I suspect, there would be no footprint left on the computer)

Re:A Possible Answer to One of the Many Questions (1)

sexconker (1179573) | more than 4 years ago | (#30689090)

It definitely exists with gmail. It happened to me, and there are a few threads in google groups that refer to the problem, though no one had a definitive cause (makes sense if it's an XSS/CRSF attack like I suspect, there would be no footprint left on the computer)

It was a big deal in 2008 and early 2009.
It was an XSS vulnerability that Google refused to come out and admit.
It was primarily used to steal domains from people with shitty registrars (such as godaddy).

Find a domain you want.
Poke around to see if you can find a gmail account associated with it.
Set up an autoforwarder to an account you have access to.
Hit the "transfer my domain to some communists" button.
Click the confirmation link that got auto forwarded to the address you set up.
Take over site.
Send ransom email to gmail account.

Re:A Possible Answer to One of the Many Questions (0)

Anonymous Coward | more than 4 years ago | (#30688078)

AOL started blacklisting people who send out a lot of messages YEARS ago. (I got shut off when I was reporting on a disaster to some emergency volunteer types, who asked to be cc'd on that particular disaster, and had to call up AOL to get them to review my messages and get whitelisted for that address.) I guess Hotmail's owner doesn't know how to monitor their accounts for spam, or, maybe they get a percentage of the spammer's profits?

Re:A Possible Answer to One of the Many Questions (1)

lpaul55 (137990) | more than 4 years ago | (#30688406)

I got one of these from a hijacked Yahoo! mail account. This isn't limited to HotMail.

Re:A Possible Answer to One of the Many Questions (0)

Anonymous Coward | more than 4 years ago | (#30688444)

I can confirm that this isn't necessarily limited to hotmail, as I had this happen to me on a gmail account, about a month ago. Virtually the same message. You can find other instances of this happening to gmail accounts as well (but no clear cause).

Like another poster down below, I strongly suspect an XSS or CRSF based attack was the culprit. My reason for thinking this is that the password on the account was not changed, nor were any other accounts affected (I of course changed all my passwords and thoroughly scanned all my computers - even the macs! - for malware and rootkits. Everything came up clean.)

The nature of the hack (mass-mail to my contact list happened first, followed by the auto-responder) is consistent with a best-effort to propagate assuming:
1. Temporary access to the account, similar to if you walked up to a logged-in session. You can make changes to several account settings, but if you try to change a password you'll be prompted for the old one.
2. Unable/unreliable to directly propagate further through the email. Even if the linked site contained bad code (afaik it doesn't), it relies on an active webmail session to operate, so instead they focus on scamming via fraudulent goods, rather than trying to rebroadcast the message.

Only 200,000? (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#30687642)

I didn't bother reading the full summary, but I wonder what technique the hackers were using to only hit 200,000. If it was by individual account, thats some pretty tedious changes to make.
If they managed to hack the computers, why not set up a spamming botnet the good old fashion way?
If they managed to hack hotmail, why not infect them all?

My guess is they were using some phishing to get usernames and passwords?

Re:Only 200,000? (1)

Dogun (7502) | more than 4 years ago | (#30687730)

I suspect they purchased a block of accounts from someone who had a much bigger pool for sale.

Re:Only 200,000? (1)

asdf7890 (1518587) | more than 4 years ago | (#30687938)

If they managed to hack the computers, why not set up a spamming botnet the good old fashion way?

If a company advertises on TV, why both with radio and print also? Simple: multiple outgoing streams of your information improves the total number of people that will see your advert. This works the same for spammers as it does for people who bombard our senses with product information and/or brand identity by more legitimate means.

Maybe the fishing attacker got lucky and at the same time as picking up a new account to use, the browser used to enter the information was also vulnerable to some sort of drive-by install. Or the other way around: a drive-by install dropped in a botnet client and a key-logger in at the same time, and that logger eventually picked up a username+password.

Re:Only 200,000? (1)

MichaelSmith (789609) | more than 4 years ago | (#30688152)

  • Open a chain of internet cafes in china
  • Load each machine with a hacked copy of windows which logs user names and passwords
  • Collate user names and passwords on a central machine
  • ??? Not required
  • Profit!

Re:Only 200,000? (1)

Bert64 (520050) | more than 4 years ago | (#30688492)

By doing that, you would get usernames and passwords for all kinds of services, not just hotmail...
Also, 99% of your accounts would be chinese.

Re:Only 200,000? (1)

Finallyjoined!!! (1158431) | more than 4 years ago | (#30688238)

I didn't bother reading the full summary, but I wonder what technique the hackers were using

Maybe if you had have read the full summary you wouldn't have had to have asked such a stupid question.

TL:DR (4, Insightful)

AliasMarlowe (1042386) | more than 4 years ago | (#30687676)

drone, drone, drone, drone, drone, drone...
a spammer hijacked autoreply on less than 0.1% of Hotmail lusers.
drone, drone, drone, drone, drone, drone...

Summarized that for you.

I get very similar spam, often masquerading as replies, but never actually a reply from anyone I sent mail to. It's possible that the "autoreply" is just demonstrating that the bot is smart enough to inspect incoming mail as well as harvest the contact list on the infected machine.

What amazes me is how many of you think .... (2, Interesting)

Anonymous Coward | more than 4 years ago | (#30687688)

that MS is not in on this. The anti-spam law PURPOSELY allows the ISP to spam all they want. MS was working with the guy from Denver, Eddie Davidson, until MS got greedy. They were charging 1 million/month for x amount of spams to be sent to their hotmail and MSN account. Then MS told the guy that they were upping the rate to 5 Million. So Davidson decided to approach Qwest. The deal was 2 million, the fake IPs, and of course, the cooperation on the DNS. Same deal as MSN, but at half the new price. His real mistake was in telling them that the situation with MS, because Nachio was friends with Gates. Once Gates found that out, THEN he went after Davidson.

Right now, MSN has FULL capability to shut this off. You can scan the email at the server and see that it is the same thing. Of course, will they do so? Nope. They are simply scamming the Westerners just like so many others.

Re:What amazes me is how many of you think .... (2, Interesting)

JWSmythe (446288) | more than 4 years ago | (#30687876)

    Did you happen to have a Hotmail account before Microsoft bought them? If you did, you would have seen the marked increase in spam coming in as soon as they took ownership. It wasn't just a little, it was huge. That was when I gave up my account. Well, I still have it, but it collects spam. There are thousands in that box now, which is hilarious since I never use it. I only log in occasionally to get a laugh of how many spams there are, and to see if anyone accidentally wrote to me there.

 

You said why yourself... (4, Insightful)

eln (21727) | more than 4 years ago | (#30687696)

You said yourself, early in this unnecessarily long article, that the wording and URLs varied in these autoreplies. So, it seems like Microsoft would have to do more than just search for a particular string, and they'd run a very real risk of either not getting them all or, much worse, accidentally deleting someone's legitimate autoreply. Not to mention, just deleting autoreplies from the affected accounts isn't going to be a solution, because the spammers can just create new ones continually. I would imagine if this is as major a problem as you seem to think it is, someone at Hotmail is trying to figure out a good solution.

This is a new and novel form of spamming, and presumably the spammers are using Hotmail in particular because they've managed to find an easy way to break into hotmail accounts in particular, and don't have the scripts written or whatever to break into yahoo, gmail, or other accounts. Hotmail has lots of users, if you can break into them, you've likely got enough accounts that you don't need to break into the others. Maybe Hotmail will figure out a way to combat this at some point, and the spammers will move on to another provider.

Also, this whole article seems like an overly long and drawn-out way to advertise your own mailing list. I'm not saying that's what you're doing, but that's how it seemed to me.

Re:You said why yourself... (1)

pgn674 (995941) | more than 4 years ago | (#30688510)

, and presumably the spammers are using Hotmail in particular because they've managed to find an easy way to break into hotmail accounts in particular, and don't have the scripts written or whatever to break into yahoo, gmail, or other accounts.

Another situation that wasn't considered: Maybe the spammers did use phishing attacks to get into the Hotmail accounts, and could just as easily get in other web mail accounts. But, if the spammers found an easy way to automate the setting and altering of auto-replies in Hotmail but not in other web mail accounts, then they would probably only set auto-replies on Hotmail accounts.

Re:You said why yourself... (1)

orkysoft (93727) | more than 4 years ago | (#30688810)

I think this "easy way to break into hotmail accounts" is just a collection of websites that offer ringtones or porn or something stupid like that, if only you enter your Hotmail address and password. They can then use that Hotmail/MSN account for spamming MSN contacts, setting autoreplies to spam, or similar stuff.

I don't beleive it (1)

rudy_wayne (414635) | more than 4 years ago | (#30687718)

"Hotmail claims to process 3 billion non-spam e-mails per day"

I don't beleive that there are 3 billion non-spam e-mails sent every day.

Re:I don't beleive it (2, Informative)

JWSmythe (446288) | more than 4 years ago | (#30687942)

No, that's very easy to believe.

    If their filters don't see a message as spam, then it is non-spam.

    My box currently has 3,000 emails in it. 2,000 are in the "Junk" folder. 1,000 are in the "Inbox." Therefore, I've received 1,000 non-spam emails.

    In reality though, not a single one of those emails was any sort of legitimate message.

    This is the top of my Hotmail inbox, that no one legitimate writes to. They're all non-spam according to Hotmail.

                Unread Jennifer-Johnson Auction-Processor Position. Easy Work & Great Pay?
                Unread New Career! Medical Billing Training from your Home.?
                Unread TermFinder Prepare for every possibility with term life insurance?
                Unread Local Phone Services Need local phone service? Check out these promotions.?
                Unread Mr. Shang Young Attachment Confirmation Reference Number:BEG/2551256008/07?
                Unread Degrees in Criminal Justice Exciting opportunities abound in law enforcement.?
                Unread Veterinary Programs Care for animals. Enroll in local veterinary programs.?
                Unread Retrevo Editor CES 2010 preview and predictions?
                Unread Aid-for-School. You can afford to go to school?
                Unread Boot Camp They will come home a different person?
                Unread Sunroom Sunrooms. Create a sunny oasis you can afford.?
                Unread Medical Billing and Coding Opportunities in medical billing?
                Unread New Orleans Jazz and jambalaya. New Orleans.?
                Unread Truck Dont miss these deals on trucks.?
                Unread Match.com Find your match today?
                Unread Security Camera Security comes in small packages?
                Unread Match.com Find your Match today.?
                Unread Engagement Ring Looking to buy an engagement ring??
                Unread Solar Panels Let the sun pay your electric bill?
                Unread Solar Panels Do not pay another electric bill?
                Unread Apartment Search Rental property search?
                Unread Bing Bing in the New Year: Search Smarter in 2010?
                Unread Rene Garcia New whitepaper by David Norfolk: "The Integration Tar-Pit"?
                Unread Search Schools Network Keep your New Year's resolution - finish your degree?
                Unread Human Resource Training Enroll in a Human Resource program?
                Unread Retrevo Editor Happy Holidays to friends of Retrevo?
                Unread Government Grants Browse the 26 federal grant-making agencies?
                Unread First-PREMIER-BankCard You've been invited to apply for the First Premier Black Card?
                Unread Public Records Locate someone quickly. Public records.?

Re:I don't beleive it (1)

AndrewNeo (979708) | more than 4 years ago | (#30688218)

I've had Hotmail set to only accept mail from the people on my address book since the Junk folder was introduced, and spam STILL gets through.

Re:I don't beleive it (0)

Anonymous Coward | more than 4 years ago | (#30688380)

Hmm, I have a hotmail custom domain (which I lose at the end of Feb. because they are no longer free) that I have had for several years and it doesn't get any spam at all. I wonder what the difference is? I just logged onto it again and except for service notices about the domain going away if I don't choose to pay $14.95 a year for the service (which I won't), there aren't any emails there at all. No spam.

Only hotmail? (3, Interesting)

davosmith (1308917) | more than 4 years ago | (#30687720)

Why Hotmail accounts, but not Yahoo Mail, GMail, or AOL accounts? I've never noticed any auto-reply spam sent from any accounts at any of those other services.

I've had this happen with friends' Yahoo accounts (also offering Chinese electronics), so it isn't exclusively a Hotmail problem.

You Seem to Have Dual Expectations (1)

eldavojohn (898314) | more than 4 years ago | (#30687728)

I found these juxtaposed blocks of text interesting:

I've written some columns where I strongly believed every word but expected a lot of opposition, some where I wasn't sure if I was right and just wanted to see what people thought, and . But I rarely argue something that I think is a no-brainer. Hotmail should un-set the auto-replies for those users whose accounts are spamming for nonexistent Chinese electronics knockoffs, before those accounts send another several hundred million spams in the coming year. Am I smoking crack?

Then again, maybe expectations for Hotmail shouldn't be set too high. I use SpeakEasy for my mail provider, and on about November 19th I found that all messages sent to hotmail.com addresses from SpeakEasy's servers were being bounced with an error message rejecting them for "spam-like characteristics.

So on one hand you're advocating a no-brainer unsetting auto-replies that have Chinese knockoff sites and then to have Hotmail generated a system that automatically inhibits this for spammers. Because they'll just make another domain or make the domains dynamic so you can't just block based on a couple URLs. And the slippery slope might have a few people upset that their mom and pop business link on their signature in their away message keeps forcing Hotmail to unset their auto-reply message. Because it's probably spam. And then you go on to complain about being the victim of such a slippery slope. Someone at SpeakEasy was spamming Hotmail bad. So they threw the baby (you) out with the bath water (spam). And you suffered. Who cares? Well, obviously you did. I just caution you that auto censorship is bad ... just in general. The least they could do is try to turn their Bayesian filters or whatever spam filters they have on their auto-reply messages. That's the best solution to me. No reason to go overboard at the drop of a hat and implement what you're suggesting.

Only spammers will see the auto-reply (0)

Anonymous Coward | more than 4 years ago | (#30687732)

Isn't Hotmail just used as a spam collector anyway? So normal users don't need to send stuff to Hotmail accounts. Therefore, only spammers will ever see this auto-reply.

What was the problem again?

Now what the fud is kdawson rambling about? (0)

Anonymous Coward | more than 4 years ago | (#30687738)

More FUD maybe?

Poster misses the point (1)

cdrguru (88047) | more than 4 years ago | (#30687742)

Anti-spam activism is its own goal - if someone (e.g., Microsoft) is blocking mail as spam, well that is just too bad. Maybe it is spam and maybe it isn't - there is no accountability involved. Email is intended to be unreliable, so there can never be an assumption that your mail isn't going to be blocked as spam for any of a number of reasons.

Further, why Microsoft doesn't "fix" these accounts is very simple - it isn't their problem. It might be their user's problem but again spam has it own rewards. Nobody gets paid any more or less because of such attacks, so their dedication of limited resources to stopping it isn't going to happen. As to how effective it might be to try to curb this activity, well, they probably aren't going to succeed. The attackers have virtually unlimited resources at their disposal, whereas Microsoft has only a small staff that has better things to do than "fixing" compromised user accounts.

Probably a lot of the accounts compromised have been abandoned anyway.

Today, spam has its own culture and trying to get in the way of the spam will often cause much more grief than just blocking it or rolling with it.

Re:Poster misses the point (0, Troll)

Dumnezeu (1673634) | more than 4 years ago | (#30687924)

Further, why Microsoft doesn't "fix" these accounts is very simple - it isn't their problem

Remember the GMail search, which scans your emails for a given text? Some people went nuts about that one and it took Google forever to explain to those idiots what a script is. I mean, while we're at it, why didn't they complain that Google's web servers and their web browsers "read" their email? I would expect those same people to consider any kind of action on Microsoft's side to be a breach of account privacy.
Another way to put it: would you agree if GMail removed your signature because it contained the word "fuck" in it?

Hotmailers Hawking Hoax Hunan Half-Offs (0)

Anonymous Coward | more than 4 years ago | (#30687744)

I want spam that matches this article title. Here's an example, spammers:

Alliteration always alienates affluent accountants;
Achievement and acquaintance abhors adultry.
Adobe abundantly admires abdominal aborigines.
Anus-v1agra-cl1ck-h3re

Re:Hotmailers Hawking Hoax Hunan Half-Offs (1)

QRDeNameland (873957) | more than 4 years ago | (#30687990)

The better story would be Hoax Hawking Half-Offs Hunan Hotmailers, where someone impersonating a famous vocally-assisted theoretical physicist bisects Chinese spammers (preferably by broadsword or light-saber) for the good of humanity.

Moderation needed (5, Insightful)

rudy_wayne (414635) | more than 4 years ago | (#30687774)

Can we mod this article -5 way too fucking long

Re:Moderation needed (1)

Captain Spam (66120) | more than 4 years ago | (#30688320)

Nah, I'd bottom it out at -4. I'd give it a +1 back for the atrocious abuse of alliteration.

Yes, I know most would rather it take an extra -20 for that, but hey.

Re:Moderation needed (1)

DeadCatX2 (950953) | more than 4 years ago | (#30688502)

With that attitude, it's a good thing you don't do anything important, like build any devices that must conform to some sort of FCC standard. If you thought this was long, you'd probably die reading the USB standard or an RFC...

Re:Moderation needed (0)

Anonymous Coward | more than 4 years ago | (#30689208)

thing is that information density is usually higher in a RFC.
real standard like USB or IEEE1394 have perfected an art : make sure you are properly asleep before putting the only important phrase in the page....

spamming the spammers (1)

Ogive17 (691899) | more than 4 years ago | (#30687812)

Well if my account was compromised, they'd only be spamming the spammers, since that's all that shows up to my hotmail account. It's my default email used when email is required for something.

Re:spamming the spammers (1)

rudy_wayne (414635) | more than 4 years ago | (#30687958)

Well if my account was compromised, they'd only be spamming the spammers, since that's all that shows up to my hotmail account. It's my default email used when email is required for something.

I've found that Gmail does an excellent job of spam filtering and makes a good spam trap. Whenever I have to give out an email address I use my Gmail account, which I access via POP3 from Mozilla Thunderbird. I never see any spam unless I log in to the web interface and look at the spam folder.

Infinite loop (1)

psYchotic87 (1455927) | more than 4 years ago | (#30687832)

When I mailed all the users again from my Hotmail account, the results were strange -- most of the users' accounts sent back no auto-reply at all, not even a reply that got routed to my junk folder. (Why would Hotmail accounts not send an auto-reply in response to a message from a Hotmail user?

Perhaps to avoid an infinite loop of auto-replying between two compromised hotmail accounts?

Bennet - Duuuuuuuuuude! (0)

Anonymous Coward | more than 4 years ago | (#30687848)

When you see yourself up late at night typing like a madman, that's a sign that you forgot a lithium dose ... or several. And if you didn't, talk to your doctor, you may need to up your dosage.

Fraudulent sales (1)

hk117 (1702360) | more than 4 years ago | (#30687856)

It's a shame that there aren't any controls in place for Western Union or MoneyGram. At least the Credit Card companies leave you some manner of recourse against the dishonest. I understand that criminals will continue to prey on hope, but can't some of these companies assume a bit more responsibility than chiding their customers to be careful?

Re:Fraudulent sales (1)

Bert64 (520050) | more than 4 years ago | (#30688596)

Because they give out cash at the other end, once someone has walked away with the cash it's gone and there's no real way to trace it...
Getting a merchant account which enables you to receive credit card payments is a fairly complex process which requires you to prove the legitimacy of your business and pay a fair amount for the service. It's typically also tied to a bank account, and the bank will freeze your account if they think your up to no good... If you regularly empty out all the funds that will trigger suspicion.

R E C O V E R Y ! (1)

redelm (54142) | more than 4 years ago | (#30687974)

Just what is so tough? Scan autoreplies for the spam sig and delete (leave ar set to blank). Spam affected [l]users with a msg.

Or just turn off AR altogether. It's an optional feature, and people that rely excessively on the internet or optional features get what they pay for. There will be whiners! Which would they rather: buggy code or nothing? Bugfree code is _not_ an option. No service at all is. [intern BoFH]

Sure, HotMail has egg all over its' face for allowing an exploitable hole (most likely). But better to 'fess & fix than duck & cover (up).

May be the spammers sign up for this mailing list? (0)

Anonymous Coward | more than 4 years ago | (#30688096)

Have you ever stopped to think that the spammers are subscribing to this particular mailining list? Basing your proportion on a small number of mailing -list subscriber is not statistically prudent anyway. It may not mean any broad issue with hotmail at all, may be the spammer signed up with the mailing list with 18 different ID's

Do your part, waste scammers time (3, Insightful)

Antiocheian (859870) | more than 4 years ago | (#30688106)

I am currently engaged in wasting the time of a scam site by continuously asking instructions on how to pay with "Western UNION", how much euros the dollar is, how to explain to "Western UNION" that this is a legitimate transaction, what to do now, etc.

All in the name of a Nokia model that doesn't exist.

The goal is to type as little as possible and make them type as much as possible without giving pre-made answers.

Annoying and unprofessional (2, Insightful)

Dunbal (464142) | more than 4 years ago | (#30688124)

Trying to make a catchy sounding headline by using the same first letter in every word, while obfuscating the meaning is something that's only done by shoddy would be journalists. It ranks just below turning your headline into a question, and only proves the weak mind of the journalist in question when they a) actually spend time thinking of which words to use and b) pat themselves on the back for how clever they think they are.

Gmail too..not just Hotmail (0)

Anonymous Coward | more than 4 years ago | (#30688194)

It's happened to GMAIL too...my wife had the same message in her OOO

XSS (4, Interesting)

jamesh (87723) | more than 4 years ago | (#30688222)

This sounds suspiciously like something that could be implemented via cross site scripting. You visit a link and happen to be logged into hotmail and it magically changes your autoreply for you. Like that thing that kept turning my google safe search off.

How'd they get the accounts? (1)

wadeal (884828) | more than 4 years ago | (#30688260)

They wouldn't need to hack any Windows Live accounts, I remember a few months ago a list of 10's of thousands of emails and passwords for some christian site were uploaded to 4chan, from this atleast 1 in 10 had used the same password for their email account. So just find a site with a good number of users and hack that.

Spam Solution (0)

Anonymous Coward | more than 4 years ago | (#30688308)

Why doesn't Microsoft just turn off the auto-replies for these users' accounts? They can query to see exactly which users have these messages in their auto-replies, and then un-set the auto-reply automatically.

Your solution advocates a

(*) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money

( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it

(*) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers

( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists

( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored

( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks

( ) Countermeasures must work if phased in gradually
( ) Sending email should be free

( ) Why should we have to trust you and your servers?
( ) Incompatibility with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome

( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough.
        Furthermore, this is what I think about you:____________________
( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Hotmail blocking issues (0)

Anonymous Coward | more than 4 years ago | (#30688364)

If SpeakEasy, which has been in business for 15 years, has annual revenues of $60 million, and was bought in 2007 by Best Buy, can't even get through to Microsoft in less than 10 days to tell them to stop blocking all mail from their servers, then Microsoft should first fix their postmaster trouble ticket system, so that people are not blocked from writing to their friends and family members at Hotmail for a week and a half. Then get to work on the spam auto-responders.

The major UK University I work for had a similar issue with emails to Hotmail being rejected around the same time (late 2009), and it took 2-3 weeks before it was sorted. Microsoft/Hotmail don't seem to be interested in prompt resolution of incorrect blocking, despite the importance and volume.

Gmail too (1)

nstrom (152310) | more than 4 years ago | (#30688544)

I'm not too sure that gmail isn't a target... A couple weeks ago, my friend's Gmail account got hacked and the spammers sent the following message out to all his contacts:

I am willing to give you a surprising happiness! Yesterday i had
received the digtal camera which i ordered from ---www.wwooz.com--
last week. its quilty is very good , and the price is very low.i am
satisfied with it.

If the products you expect is on the site, it is a wise choice for you
to buy from this site.I believe you can get many surprising happiness
and concessions.

Incidentally,they import the products from korea.all of the products
are brand new and original. they have good credit and many good
feedback.they are worth trusting for us .
Best wishes !

And where would Microsoft make a million dollars.. (1)

wowbagger (69688) | more than 4 years ago | (#30688780)

"Why doesn't Microsoft just disable autoreplies like this?"

OK, so suppose Microsoft were to do so. They have to expend a non-trivial amount of time to write a program to scan the Hotmail database, locate a set of potentially cracked accounts, and flip the bit - that's going to cost some amount of money.

Then there is the very significant risk that they will piss off some users by incorrectly disabling their perfectly innocent autoreplies, which can lead to complaints that cost money to process.

Then there is the risk that, having taken responsibility to deal with THIS particular spam attack, somebody could then hold them legally responsible for some OTHER spam attack - "You took this action, why did you not take these other actions?" Yes, rational people might find that silly, but this is the legal system we are talking about here, and Microsoft DOES have a lot of money.

So, there is a non-zero risk of cost to Microsoft. So, where in all of this does Microsoft make a million dollars? Where it the UPSIDE to Microsoft to do this?

That thundering silence you hear in coming up with an upside is why Microsoft doesn't do this.

(NOTE: you can search-and-replace Microsoft with $RANDOM(EMAIL_PROVIDER) or $RANDOM(ISP) and not really change this argument - I'm not picking on Microsoft here.)

Interesting... (1)

Bert64 (520050) | more than 4 years ago | (#30688784)

You can go and see other people's "orders" on that wedosale site:

http://www.wedosale.com/vieworders.asp?orderno=20100108063848 [wedosale.com]
http://www.wedosale.com/vieworders.asp?orderno=20100108063731 [wedosale.com]
http://www.wedosale.com/vieworders.asp?orderno=20100108064033 [wedosale.com]

The order numbers are not sequential, they seem to be incremented by a random number each time but it would be easy to see what other people have ordered...
The first part of the order number is clearly based on the date: 20100108

The front page says you can pay with visa, but when you get to the order page the visa option seems to be missing... Once you complete an order it doesn't seem to do anything aside from putting your "order" into the vieworders system, it doesn't tell you where to send the money to or anything.

Re:Interesting... (1)

ashitaka (27544) | more than 4 years ago | (#30688922)

Look at the order time. The order number is just the date and time. They'd better not have more than one order/second.

Order No. 20100108063848
Order Date 2010-1-8 6:38:48

The site is just there to pick up personal info.

I guess I'm the only one (0)

Anonymous Coward | more than 4 years ago | (#30689062)

To have read that headline the first time as "Hotmailers Hawking Hoax Human Half-Orcs". This is not nearly as interesting as I first hoped.

Wrong solution (0)

Anonymous Coward | more than 4 years ago | (#30689302)

Why doesn't Microsoft just turn off the auto-replies for these users' accounts?

Because that would be wrong. If the accounts are still compromised, the spammer could just turn them on again or use normal messages. It's not even clear how the accounts were hijacked, so how are they going to sanitize them? (By "they" I mean the company, not the account owners. The latter obviously don't care.) If it's 100% established that the autoreplies weren't forged, these accounts should be cancelled immediately. By letting a spammer take control of their email accounts, these people have become spammers themselves and should be treated as such.

account compromised (2, Interesting)

chentiangemalc (1710624) | more than 4 years ago | (#30689318)

My sister's hotmail account was compromised by Chinese spammers, and the password as well as secret questions were changed. However hotmail support was able to recover the account by providing 'last successful logon location', where we usually used the service from, original secret question, details about emails inside. I expect hotmail was chosen as a target for the simple reason high volume of accounts i.e 270+ million accounts, vs gmail 140 million.

Hotmailers Hawking Hoax Hunan Half-Offs (0)

Anonymous Coward | more than 4 years ago | (#30689658)

Hotmailers Hawking Hoax Hunan Half-Offs

How Horrible!

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...