Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Writing Viruses for Fun and Profit

Hemos posted more than 11 years ago | from the insidisous-dependence dept.

Spam 172

JMPrice writes "There's a short article over at zdnet that explores a future synergy between viruses and spam, i.e. international crackdown on spam and open relays makes spammers opt to use infected computers instead as relays, and speculates a relationship between the virus writers and spammers."

cancel ×

172 comments

Sorry! There are no comments related to the filter you selected.

foist powst (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6329491)

Yawnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn ...

Uhh... (1, Funny)

NewWaveNet (584716) | more than 11 years ago | (#6329498)

...why is this news? Nobody ever thought they were using secured, well-administered machines in the first place for all their UCE needs.

Re:Uhh... (1, Funny)

SlashdotLemming (640272) | more than 11 years ago | (#6329537)

Woohoo, you win!!
First "Why is this news?" post!!

I lay claim to this FP (-1, Redundant)

Anonymous Coward | more than 11 years ago | (#6329500)

cos' I'm AC too, so who is there to know the difference.

YAY!

Re:foist powst (1, Funny)

anonymous cowfart (576665) | more than 11 years ago | (#6329774)

1) Write viruses
2) Fun
3) PROFIT!

2nd post (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6329493)

2nd post. @ weeks in a row? could it be?

Re:2nd post (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6329501)

Superb second post. I'm getting good at this.

AC and proud of it.

Re:2nd post (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6329534)

  • Superb second post. I'm getting good at this.
Translated: I have nothing else to do. Excuse me while I annoy you and waste moderator points.
  • AC and proud of it.
Translated: AC and ashamed, but I'm too afraid to loose karma

AC right back at ya!

Re:2nd post (-1)

ThatMadeNoSense (651445) | more than 11 years ago | (#6329780)

I'm too afraid to loose karma

That made no sense.

Really? (5, Interesting)

Bluelive (608914) | more than 11 years ago | (#6329505)

Has it really become harder for spammers to remain anonymous ? Anyways, if it was really for spamming purposes the virus would just start open relaying.

Re:Really? (2, Insightful)

Anonymous Coward | more than 11 years ago | (#6329567)

> .. start open relaying
not really
the developer who pays for 4 M spam masseges does not want that any other spamer uses "his" infrastructure ... ;-)

Re:Really? (1)

Bluelive (608914) | more than 11 years ago | (#6329661)

It needs to be an open relay, if it wass password protect or something it would be much to easy to sue an (ab)user of the open relay for the virus, how could he otherwise have known about it.

The inplications go WAY beyond that (5, Interesting)

rutledjw (447990) | more than 11 years ago | (#6330152)

SPAMMERS right now are crowing that "we're not doing anything illegal". Aside from using another companies computers/bandwidth/resources without permission and selling products of dubious value - they're right. But all of that is subjective WRT legality.

Now, if they're using hacked computers, they're on the wrong side of the law. Period. We're not talking civil damages any longer. The discussion point is how long they'll be in "Federal pound-me-in-the-ass Prison".

This is the dumbest idea from a spammers viewpoint I've ever read. However, I'm not under the impression many of these guys are intelligent. The only reason they've been able to defeat filters and other mechanisms is either stupid admins or half-hearted implementations.

I personally hope they do it! I'd love to see a few spend some time in our lovely Federal Corrections Facilities.

Re:The inplications go WAY beyond that (1, Flamebait)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330260)

This is the dumbest idea from a spammers viewpoint I've ever read.

Ok, like...what part of "this is speculation" did you not understand? Or did you not even read the article? Or did you read it, but find yourself unable to process the many syllables of the word "speculation?"
I admit, it's refreshing for a "journalist" to cop to speculating, but that's still a good indication that he needed a pyacheck and couldn't think of anything WORTHWHILE to write about...and of course, if it's useless and speculatory, slashdot is all over it.

Re:Really? (5, Insightful)

joto (134244) | more than 11 years ago | (#6329600)

Since most spammers advertise and sell a product, spammer can't be anonymous. At some point you will be able to send money in one direction, and goods in another. This is not particulary hard to track.

Furthermore, spamming might be more or less legal in different jurisdictions, but you can usually get away with it. Willfully spreading viruses is not something you can get away with. Only very stupid spammers would ever try that technique (as explained in the previous paragraph, it wouldn't be particulary hard to trace the virus back to it's originator)

Re:Really? (0, Flamebait)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330304)

Since most spammers advertise and sell a product, spammer can't be anonymous.

Hey there idiot...why don't you name for me the advertising agencies behind your favorite products? I'll tell you why, because even though they "sell a product," they aren't the MANUFACTURERS you fucking retard. Spammers don't PRODUCE the shit they email about. And sure, maybe they can identify the prime vector of a virus, but if it's the programmer's home computer he's a stupid fuck that deserves to be caught. In fact, he'd be only slightly smarter than you are.

Willfully spreading viruses is not something you can get away with.

This is quite possible the dumbest thing anyone has ever said. Ever. In history. Congrats, retard.

Re:Really? (2, Informative)

stefanvt (75684) | more than 11 years ago | (#6329603)

Not really, if you make sure it only sends out spam for a limited amount of time the chances of being detected are much lower.

More like a hit and run technique it is much harder to defend and act against.

You also don't leave a trail of bread crums behind. It could also be argued that you (the spammer), when charged for spamming, are the victim of an orchestrated spamming.

not hard, but not effective either. (5, Informative)

splerdu (187709) | more than 11 years ago | (#6329718)

While being anonymous for anonymity's sake isn't very hard to do, it is hard for a spammer to remain anonymous and be effective at the same time. These people are selling products, at the very least they can be traced to the guy who paid them to send the spam.

Buy our new penis enlargement pills!
Available at... errr... go figure

All it takes is... (-1, Redundant)

Alien Being (18488) | more than 11 years ago | (#6329508)

Developers! Developers! Developers! Developers!

Market speak! (4, Funny)

T-Kir (597145) | more than 11 years ago | (#6329511)

future synergy between viruses and spam

Sounds like something out of Dilbert... time load up the Bullfighter [dc.com] .

Huh? (4, Insightful)

adamofgreyskull (640712) | more than 11 years ago | (#6329512)

One clue is, in your e-mail client, the sudden presence of "delivery failure" alerts for e-mails sent to people you do not know.
Doesn't this come about from people just spoofing your address anyway? If not, Hotmail has a virus problem. :o)

Re:Huh? (5, Insightful)

Endareth (684446) | more than 11 years ago | (#6329729)

Given that I've suffered this myself, with a virus-free existence of some years, I suspect that my email address has been used on several occasions by spammers as a from address due to my use of Spamcop to attempt to report these spammers. This article really doesn't seem too well researched I'm afraid.

Re:Huh? (1)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330346)

This article really doesn't seem too well researched I'm afraid.

Gee, ya think? What gave it away, the moronic conclusions the author came to, or the phrase "this is just speculation" close to the beginning?

Re:Huh? (0)

Anonymous Coward | more than 11 years ago | (#6330058)

The fault really lies with the people that wrote the code that handles attachments. If you get a file called "log.zip.pif" and it displays improperly as a zip file, then I think that is a bug and a serious one.

Such a file should be completely identified as a problem...

Re:Huh? (1)

redheaded_stepchild (629363) | more than 11 years ago | (#6330409)

Hotmail is a virus problem.

On the plus side... (5, Interesting)

kinnell (607819) | more than 11 years ago | (#6329520)

Any spammer using this technique will be entering the realms of cyber-terrorism, and will be liable for a big prison sentence and dedicated criminal investigations. Given that spam is advertising, it probably wouldn't be very hard to track the perpetrators down once the appropriate warrants are issued. I predict that either this report is overblown, or a few spammers will end up getting the buggering they deserve in prison.

oh please (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#6329577)

you're saying that people who send bulk email should be treated the same as suicide bombers or people who fly planes into buildings? Yes spam may be annoying and even costly, but calling it "Cyber-terrorism" - what a fuckin' joke. If you buy this then you must love big brother.

Re:oh please (1)

jalet (36114) | more than 11 years ago | (#6329599)

What do you expect to do to suicide bombers ?

A real suicide bomber is dead, and doesn't care anymore about how you treat him.

Of Course Not (2, Funny)

Steve B (42864) | more than 11 years ago | (#6329975)

you're saying that people who send bulk email should be treated the same as suicide bombers or people who fly planes into buildings?

Obviously, you shouldn't treat a suicide bomber or a person who flies planes into buildings the same way you should treat a spammer. Being staked to a red ant hill under a desert sun would have no real effect on (the remaining itty bitty pieces of) the former.

What cash flow? (5, Interesting)

Anonymous Coward | more than 11 years ago | (#6329523)

Seriously, how many spammers make enough money to be able to pay virus writers any decent sum for their work?

Re:What cash flow? (5, Informative)

skurk (78980) | more than 11 years ago | (#6329589)

Quite a few, I'd guess.

Some spammers make serious cash, for instance this fellow [oregonlive.com] , who claims to have earned $1k each week.

Composing another Outlook virus is trivial. Download an existing source (either from usenet [source.code] or some web page [bismark.it] ), modify, and start spreading it.

Any 13yo kid with some programming experience can do this, and if it pays $500, it probably beats mowing lawns for several weeks!

Re:What cash flow? (1, Informative)

Anonymous Coward | more than 11 years ago | (#6329622)

I don't know...though I remember a few Slashdot articles over the past year that mention Spammers making quite a bit of money (not millionares, but not paupers either).

Soblig (3, Funny)

gostats (647325) | more than 11 years ago | (#6329524)

Article: "The virus many suspect to be sending spam is called Sobig"

Random email: "Please see the attached zip file for details."

Should I expect to find "herbal remedies" in this zip file?

.sig
Like _I_ can be more sarcastic!

Re:Soblig (1, Offtopic)

Spudley (171066) | more than 11 years ago | (#6330175)

Should I expect to find "herbal remedies" in this zip file?

Duh. It'll be a bigger pen1s, of course. What else would you expect to find if you open a zip?

And for that matter, why did you think this virus is called "So Big?"

Classic problem of a mono culture (5, Insightful)

GreatDrok (684119) | more than 11 years ago | (#6329528)

Any biologist will tell you that in an environment where there is only one type of organism, any infection that they are susceptable to that comes along will have catastrophic effects. To avoid this you need diversity. In computing the problem with having windows/intel as the vast majority is that any attack that targets that is going to cause a lot of trouble. Standards that have been implemented on many platforms and architectures are what is needed but that goes against Microsoft's desire for control of everything. However, that desire is doomed to fail because if they fail to take control they fail and if they win complete control they fail because of the lack of diversity.

it is good to have lots of operating systems and processors out there, anything else would be suicide. With proper diversity we could control both the virus and spam problems.

Re:Classic problem of a mono culture (3, Interesting)

kink (597413) | more than 11 years ago | (#6329543)

Interesting point, but you put forward the need for diversity and combine that with standards that have been implemented on many platforms. Following your line of thought we really should all be using different ways to communicate in stead of standards, to differentiate and mitigate the risk of an attack that uses one of the technologies. Standard communication protocols are just a monoculture as a "standard" operating system is. I'm more tempted to go for standards and accept the monoculture that comes with it. The "proper diversity" you're suggesting comes at the high price of losing standards; one I'm not willing to pay.

Re:Classic problem of a mono culture (5, Interesting)

GreatDrok (684119) | more than 11 years ago | (#6329557)

No, a standard can be implemented by people using different code bases. If the standard is faulty then it needs to be fixed and each implementation also needs to be fixed to deal with the problem. However, the vast majority of problems with standards come from there being a single code base. For example, SSH. There is code based on the original SSH implementation and code based on OpenSSH. Frequently there is a problem with one or the other but not both. Less frequently there is a problem with the standard itself.

Re:Classic problem of a mono culture (2, Insightful)

TallEmu (646970) | more than 11 years ago | (#6329572)

"it is good to have lots of operating systems and processors out there, anything else would be suicide. With proper diversity we could control both the virus and spam problems."

If I follow your logic, you could also make a case that having different taxation laws in every state, city and town would reduce tax evasion. More likely the same amount would go on, but it would be harder to detect and control and police. Who cares if some small guy from Assfuck, Idaho is cheating on his tax.

With diverse operating systems, there will be precisely the same number of dickheads out there writing malware, but that each would be more focussed for an OS, and perhaps more difficult to detect.

A Windows trojan is news. There are a gajillion desktops out there to attack. Who is interested in reporting a virus for a niche operating system with a few thousand users? Certainly not the mainstream. What about Antivirus tools, etc. Who is going to write them?

As for this solving spam... As far as I was aware, the internet is already built using open, diverse (and exploitable) mail protocols.

Re:Classic problem of a mono culture (3, Insightful)

JavaLord (680960) | more than 11 years ago | (#6329934)

A Windows trojan is news. There are a gajillion desktops out there to attack. Who is interested in reporting a virus for a niche operating system with a few thousand users? Certainly not the mainstream. What about Antivirus tools, etc. Who is going to write them?

I think the authors point was the problem is that there are a gajillion wintel desktops out there. It's great that a windows trojan is news, but I don't think we've seen one that is REALLY malware. Most of them only focus on self-replication and not destruction of the host.

The problem with the one host enviornment is, if some virus writer decides he is having a bad day and comes up with an exploit that can render all of the windows boxes on the net inoperable then there is a huge problem since 80% of the internet traffic will be gone. (or maybe this would be a solution to some people ;)) Geeky jokes aside, if this ever happened it would cost businesses and just plan old people millions of dollars. Non-Tech savvy People would be reluctant to connect to the net again if they bought a new PC, etc. If half the boxes out there were on a mac, the blow to the net wouldn't be as bad... I'm rambling, so I'll stop now....

that takes us right back to the dos days... (0)

Anonymous Coward | more than 11 years ago | (#6329747)

when everytime you had to release a game you had to hardcode stuff for every single sound and video card out there because there were no standard routines.

what you're asking for is a world where every person ought to write all of his own software... incompatibility and anarchy everywhere.

on the other hand, i do commend you for being a thermodynamically obedient person.

Re:Classic problem of a mono culture (0)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330474)

You are such a retarded fuck. Biology != computers, you FUCKING IMBECILE. I'm sure if organisms in your "mono culture" had a choice of opening zip files sent by strangers and getting sick, or NOT OPENING ATTACHMENTS THEY AREN'T EXPECTING and not getting sick, they'd take the less FUCKING STUPID choice. You idiot. It isn't the standards that are causing infected computers, it's fucking idiots like you who don't bother to use a little common sense.

Re:Classic problem of a mono culture (0)

Anonymous Coward | more than 11 years ago | (#6330618)

Organisms exist entirely in the physical realm. It must expose a physical interface to survive. Physical diseases can attack that interface at any time.

Computers do not exist entirely in the virtual realm. They do not have to expose the same sort of external interface, thus may have nothing for a pathogen to attach to.

Standards that have been implemented on many platforms and architectures are what is needed

Would that not also be a monoculture? ;)

Good! (3, Funny)

GrouchoMarx (153170) | more than 11 years ago | (#6329529)

So if virus writers and spammers are the same folks (or even just partners), that makes life so much easier. Only one group of people to have publically drawn and quartered. Saves time and money (and cleanup costs).

Re:Good! (0)

Anonymous Coward | more than 11 years ago | (#6329550)

I'd rather see them fight each other to the death. Or how about a A.I Flesh Festival style circus, where we pour acid over them, fire them from canons and pull them limb from limb? I bet we could find millions who'd pay to see that. It could be web cast!

Re:Good! (2, Funny)

sICE (92132) | more than 11 years ago | (#6329575)

It's even worse, i heard the subject of the email sent was "Get a free preview of McAfee PCSecurity Suite -- Complete Protection Against Viruses, Hackers & Identity Thieves"....

write me a (favourable) story (5, Insightful)

pytheron (443963) | more than 11 years ago | (#6329531)

There's no foolproof way to restrict the Sobig variations from getting onto your PC

I see that the Senoir Associate Editor wrote this piece. That may explain the embarrasingly outdated technology quotes, like One reason for this success is that the latest variants include Zip files, but with reference to the foolproof quote, what I'm inclined to believe is that the makers of ZoneAlarm paid for this sort of tripe (advert on the article). Brown Envelope journalism at it's best !

Re:write me a (favourable) story (0, Funny)

Anonymous Coward | more than 11 years ago | (#6329559)

Technically correct; there can never be a foolproof way to stop a virus. A really dedicated fool will always find a way to infect themselves. Even if the virus emailed itself to them with a message in 78pt Red Blinking Text saying "HI, A AM A VIRUS. I WILL INFECT YOUR COMPUTER AND DO BAD THINGS. CLICK HERE TO INFECT", fools everywhere will click the damn link. Half of them will claim to have done it "To see what it did".

There are millions of infected fools out there right now. How can you foolproof against fools of that magnitude?!

Re:write me a (favourable) story (1)

lovebyte (81275) | more than 11 years ago | (#6329773)

How can you foolproof against fools of that magnitude?!

You are indeed right. I propose a schema to stop office workers from spreading viruses. Anyone caught spreading an email virus will have to spend a week training in using a mail reader in a God forsaken place. For Europe, I propose the following places which I have had the unfortunate to visit for far too long:
Hanover (D)
Lille (FR)
Leeds (GB)

Re:write me a (favourable) story (1)

Johnny Mnemonic (176043) | more than 11 years ago | (#6329853)


That may explain a lot of things. I use a computer on the internet, to read email and do other typical things--and I have never been infected with a virus. I don't even use Anti-Virus software to protect my system, at all. I open all attachments sent to me, even those from people I don't know. In short, I use a computer as they were designed to be used, before they were compromised by security failures.

What's my secret? And it's more than just luck.

Re:write me a (favourable) story (-1, Flamebait)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330543)

What's my secret? And it's more than just luck.

You're a pseudo-clever mac fag who posted almost this exact same message right under the article?
Yeah, we get your lame-ass attempt at sounding intelligent. It just didn't work. Go fuck some more macs. We all know your secret, and it has nothing to do with computers.

The problem (5, Insightful)

Mensa Babe (675349) | more than 11 years ago | (#6329544)

The problem is that we are trying to catch spammers, instead of people who sell the very advertised products and services. Just follow the money, people. That way it won't matter how well spammers hide their identity. It all works because someone gets the money, which is absolutely trivial to track. If few CEOs went to jail because their companies' products were in spam, I'm sure other CEOs would at the very least stop to think about it. It is really that simple.

Re:The problem (1)

devilspgd (652955) | more than 11 years ago | (#6329609)

How about the classic joe-job defense? Who do you throw in jail if someone claims they knew nothing about it?

Idiocy (3, Funny)

0123456 (636235) | more than 11 years ago | (#6329624)

That would be great. Suppose my market is being threatened by Megasoft's new Office XYZ product that beats the pants off of mine. All I would need to do is send out spams _advertising_ Office XYZ, and the cops would run over and arrest their CEO and put them out of business. Bwahaha!

Re:The problem (4, Interesting)

Monoman (8745) | more than 11 years ago | (#6329645)

You are on to what I have been saying for years.

If my company pays another company to advertise my product and or services and they use illegal advertising methods, then shouldn't my company be punished also?

Does it matter if my company knew about the advertising methods that would be used? I don't know anyone that would hire an advertising company without knowing what service was being provided.

Re:The problem (-1, Flamebait)

I.A.N.A.T. (685596) | more than 11 years ago | (#6330595)

If my company pays another company to advertise my product and or services and they use illegal advertising methods, then shouldn't my company be punished also?

If my company pays a reseller for 50 computers, and 30 of them were constructed with stolen parts, shouldn't my company be punished even though I wasn't aware of that fact, and even though the reseller claimed that all the pcs were constructed with new parts?

You idiot. All the spammers have to do is say "we only spam legally" and whoever hires them is covered, unless they had knowledge of illegal practices by the spammer. How many CEOs are super tech savvy?

The solution (2, Interesting)

thynk (653762) | more than 11 years ago | (#6329674)

I'm really a good natured person 99% of the time. But, the easiest solution to this is not to fine the spammers we catch. Rather, a few violent and gory executions, broadcast on PPV Friday prime time, and I can imagine that you'd find a lot less spam in your mail box on Monday.

The same type of solution would work with auto accidents. If you want to reduce the number of accidents, remove the seat belts, air bags and ABS brakes. Line the dash with 6" steel spikes and I can bet you'll find the number of accidents drops to next to nothing over night because we all become the world's safest drivers.

It's all about incentive.

Re:The problem (0, Flamebait)

Ultra64 (318705) | more than 11 years ago | (#6329757)

Karma: Positive (probably because of superiour intellect)

You would think with your "superiour" intellect you would know how to spell superior.

Mod parent DOWN! (0)

Anonymous Coward | more than 11 years ago | (#6330020)

Moderators! Please mod this known troll [slashdot.org] down. Thank you. He NEVER posts anything useful or even on-topic, just like this time. THE PARENT POST [slashdot.org] SHOULD BE -1:OFF TOPIC! Why is it still Score:1?????

Re:The problem (0)

Anonymous Coward | more than 11 years ago | (#6330418)

The real problem is that spam email is a business in and unto itself. It's been metioned before (although I haven't yet seen it in this thread) that a lot of the spam being sent out these days doesn't even sell anything. and looking at a lot of the spam I get I tend to agree. Porn's all well and good, but take a look at some of those links. They're on machines that don't resolve. Same goes for your herbal remedies and even credit card offers. Not only do they not resolve, many are plain unavailable. That tells me that they were probably placed (temporarily) on a machine that was hacked and the owner probably didn't initially know about it.
How many spams have you received/seen that promise millions of addresses? That, from what I've seen, is the real business.

well, (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6329546)

it's still more profitable to attack a country and take thier oil.

Re:well, (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6329565)

Especially if you can sell lucrative construction contracts for the reconstruction after the war to your buddies and get a kick back!

I've seen the future.. (5, Informative)

Dynamoo (527749) | more than 11 years ago | (#6329569)

..and it stinks. Last week there was a massive "joe job" attack on Doxdesk.com [doxdesk.com] , a site detailing browser parasites, porn diallers and other nasty plugins. The aim of the joe job was to generate fake spam supposedly advertising the site so it would get shut down.

The spam was being generated from multiple locations simultaneously, and from IP addresses that looked like standard ISP subscribers, mostly in the US and Western Europe. It looks suspiciously like the spam was being sent from Trojanised PCs.

Bearing in mind that the people most likely to want to force Doxdesk.com off the web were browser parasite writers, it seems to me that there is a definite link now between these parasites, certain viruses/trojans/worms and spammers. Just another bit of proof that these people have no respect for the law.

Re:I've seen the future.. (0)

Anonymous Coward | more than 11 years ago | (#6329959)

I don't think that the viruses/worms are deployed by spammers. Spammers are parasites, they use what's there. Why should they invest something (by paying someone to infect hosts or by doing it themselves)? When an IRC script-kiddy builds a zombie-net, the spammers go piggyback.

I'm not so sure... (4, Insightful)

nepheles (642829) | more than 11 years ago | (#6329587)

It's difficult to see how spammers could remain annonymous. At the moment, they're an annoyance, but if they enter the realm of law-breaking to this extent, it is likely that there will be a major crackdown. And this shall not be difficult, because of the very nature of spam -- to get you to buy a product. Therefore, there must be a link to the spammer.

It won't work.

Re:I'm not so sure... (1)

Matts (1628) | more than 11 years ago | (#6329655)

When you're sending out a virus, or just writing a mass mailer and letting it spread itself, there is no product to advertise. No product means no link. Think of the virus as the "first stage".

When it comes to doing the spamming itself the spammer is just "innocently" using an open proxy, and while that may be rude it's not considered illegal. It would be very hard to link the spamming and the virus writing in any legal way without access to the machine which created the virus (and finding the source code to it on a spammer's machine), hence the link is purely speculation, but it's based on pretty strong coincidental evidence.

This is NOT new (5, Informative)

Anonymous Coward | more than 11 years ago | (#6329607)

This has been the consensus at SPAM-L for quite some time. You might want to subscribe.

Google for SPAM-L's FAQ [google.com]

Goatse Receiver, ass contortionist, dead at 55 (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6329611)

Goatse Receiver, ass contortionist, dead at 55 I just heard some sad news on talk radio - ass stretching exhibitionist Goatse Receiver was found dead in CmdrTaco's home this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - even if you didn't enjoy his work, there's no denying his contributions to fooling intarweb noobies. Truly an American icon. *_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*
g_______________________________________________g
o_/_____\_____________\____________/____\_______o
a|_______|_____________\__________|______|______a
t|_______`._____________|_________|_______:_____t
s`________|_____________|________\|_______|_____s
e_\_______|_/_______/__\\\___--___\\_______:____e
x__\______\/____--~~__________~--__|_\_____|____x
*___\______\_-~____________________~-_\____|____*
g____\______\_________.--------.______\|___|____g
o______\_____\______//_________(_(__>__\___|____o
a_______\___.__C____)_________(_(____>__|__/____a
t_______/\_|___C_____)/______\_(_____>__|_/_____t
s______/_/\|___C_____)_R.I.P.|__(___>___/__\____s
e_____|___(____C_____)\______/__//__/_/_____\___e
x_____|____\__|_____\\_________//_(__/_______|__x
*____|_\____\____)___`----___--'_____________|__*
g____|__\______________\_______/____________/_|_g
o___|______________/____|_____|__\____________|_o
a___|_____________|____/_______\__\___________|_a
t___|__________/_/____|_________|__\___________|t
s___|_________/_/______\__/\___/____|__________|s
e__|_________/_/________|____|_______|_________|e
x__|__________|_________|____|_______|_________|x
*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*
ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal. ImportantStuff:Pleasetrytokeeppostsontopic.Trytore plytootherpeople'scommentsinsteadofstartingnewthre ads.Readotherpeople'smessagesbeforepostingyourownt oavoidsimplyduplicatingwhathasalreadybeensaid.Usea clearsubjectthatdescribeswhatyourmessageisabout.Of ftopic,Inflammatory,Inappropriate,Illegal,orOffens ivecommentsmightbemoderated.(Youcanreadeverything, evenmoderatedposts,byadjustingyourthresholdontheUs erPreferencesPage)Ifyouwantrepliestoyourcommentsse nttoyou,considerlogginginorcreatinganaccount.Probl emsregardingaccountsorcommentpostingshouldbesentto CowboyNeal.

Re:Goatse Receiver, ass contortionist, dead at 55 (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6329628)

LOLOLOLOLOL

Thats the funniest troll I've read in a long time.

Re:Goatse Receiver, ass contortionist, dead at 55 (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6329642)

Thats the funniest troll I've read in a long time.

No it's not, you just happen to be more receptive to poopoo humour than your fellow pimple-faces at the moment, that's all.

Don't worry, it'll pass in a few years ...

Re:Goatse Receiver, ass contortionist, dead at 55 (-1)

Anonymous Coward | more than 11 years ago | (#6329654)

Oh shut up you bitter old man. [nero-online.org]
No one wants to hear your latest rant on how society has gotten out of control since you were a "youngin".

Don't you have some Depends you could be changing?

se.cx

Sobig virus (3, Interesting)

Rosco P. Coltrane (209368) | more than 11 years ago | (#6329619)

So, Sobig is a worm that infects your machine and sends spam ? Let me rephrase this : Sobig is a worm that infects your *Windows* machine and sends spam.

Since Microsoft has started a crusade against Spam (to free-up bandwidth for their own humongous patches and service packs no doubt, they never do anything without a reason), shouldn't they start by fixing the very platform that makes it possible for worms to send spam ?

future README.TXT (4, Funny)

Matey-O (518004) | more than 11 years ago | (#6329621)

Please note, in order for Outlook 20X6 to operate properly, you must first place this workstation on your DMZ for no less than 15 minutes, in order for it to receive IMAP7NukeViagraHGH.D@MM

This will allow you to have a high speed, reliable, DRM'd Microsoft Email eXPerience! (tm)

Spammers & Virus Writers are the same anyway (4, Interesting)

adzoox (615327) | more than 11 years ago | (#6329644)

I had written a slashdot story submission not too long ago that was rejected [slashdot.org] . Here it is:

Some Spammers=Some Hackers

Today's court ruling [idg.net] in favor of the ISP Earthlink [earthlink.com] vs Spam Ring Leader Howard Carmack got me to thinking.

Are ALL Spammers doing it for a profit? I find that many to most SPAM emails I receive in my inbox have unresolved links. Meaning; you can't "take advantage of the DEALS you are getting". (not that you'd necessarily want to) What would be the purpose of sending out emails such as this in great quantity, and using the man hours, hardware, etc to do it?

I think it may have to do partially with "the hacker mentality" Not all hackers do things for the common mythical reasons we like to think they do. (Revenge on the corporate world, profit, fame) - they do it because they can and a lot do it because they are mentally obsessed with it.

This was the attitude of a former colleague of mine that was hacker. He came from a rich family, was very well known in the community, and had a 1000 easier ways to get what he was wanting accomplished. He was obsessed first of all with hacking, second doing it with a Macintosh, and 3rd just because he could.

I'm not alluding to hackers having a mental problem, nor really comparing hackers to spammers.

This ruling, just made me think of motivation. Maybe if we can tap the motivation for Spammers, then maybe we can come up with the solution.

Re:Spammers & Virus Writers are the same anywa (4, Insightful)

b1t r0t (216468) | more than 11 years ago | (#6329870)

Calling people like this "hackers" is like calling punks who spray paint graffiti on railroad cars "painters" and "artists".

New conspiracy theory (1, Interesting)

GillBates0 (664202) | more than 11 years ago | (#6329656)

A couple of days back somebody brought up a point on this discussion [slashdot.org] about the W32.Sobig.E@mm worm that the short lifetimes and more or harmless payloads of recent viruses is probably an indication of antivirus companies releasing viruses and worms for fun and profit.

If that is the case, the popular ./ meme holds good for both spammers and antivirus people:

1. Release viruses/worms.
2. Use compromised computers as relays.
3. Send lots of spam.
4. ???
5. Profit
6. Sell antivirus software.
7. ???
8. Even more profit.

Tracking (2, Insightful)

Infernon (460398) | more than 11 years ago | (#6329673)

Seeing as how spammers are paid for the messages that they send out, how is it possible to track the messages that have been sent using this type of method? If you've got millions of nodes around the world sending messages on your behalf, how do you tell how many you've sent so that you can bill your clients?

Re:Tracking (3, Informative)

Anonymous Coward | more than 11 years ago | (#6329708)

Seeing as how spammers are paid for the messages that they send out, how is it possible to track the messages that have been sent using this type of method?

Easy. It's called seeding. Mass mailers and those selling mailing lists use it all the time. The idea is simple; along with the target addresses, the company paying for the mail service plants known fake addresses along with the supposedly good ones. If the known address is used when it shouldn't be or is not used when it should be, you automatically have your tracking.

How this works in the spammer world, I don't know though I'm thinking that anyone moderately familiar with mass mailing can figure it out in an hour or two.

Along those lines, though, if the company paying for the spammer's services is that sophisticated they also know that they are paying for an abusive service -- not one strictly made up of 'opt-in' or 'verified interested' people.

simple solution to this problem (2, Interesting)

Lumpy (12016) | more than 11 years ago | (#6329675)

Simply institute a fine of $1000.00 per ad to the company in the virus-transmitted spam. They are easy to find as they give you the website/telephone numbers in the spam it's self.

To hell with the spammers, target the companies in the content.

Re:simple solution to this problem (5, Insightful)

iapetus (24050) | more than 11 years ago | (#6329713)

And the simple gaping flaw in this ingenious solution is that I can now drive you out of business by spamming with your contact details.

Nice try.

simple problem of the simple solution (0)

DarkGreenNight (647707) | more than 11 years ago | (#6329785)

1)Pay a spammer
2)Spammer spams about the competition
3)???
4)Profit!

Obviously 3 is to sue the competition for spamming, but don't tell anyone ;)

Folks who work for ISPs will be angered... (5, Insightful)

wowbagger (69688) | more than 11 years ago | (#6329719)

Folks who work for ISPs will be angered by this post, but before you hit reply, take a deep breath, step outside yourself for a bit, and think about what I am about to type.

While ISPs are not to blame for this problem, ISPs are in the position to correct this problem. This is not about fixing blame, it is about fixing the problem. Keep that in mind.

Now, as I've said in previous posts about this sort of thing, it all boils down to preventing the spread of infection - mathematically, if the expected value of the number of hosts infected by any given host is greater than one, then the infection will be much like a supercritical mass of fissionable material. So the trick is to reduce the expected value to less than one.

Now, there are plenty of ways to do this, most of which involve the ISP taking some action.
  • Require users to keep their machines virus free, and disconnect them QUICKLY when they fail to do so.
  • Scan outbound email, and drop all mails that have attachments with extensions that do not match the Mimetype (e.g. an attachment with an extension of type .scr but a Mimetype of audio/midi). (Yes, this would not matter had Microsoft correctly implemented Mimetype checking in IE, but they didn't - the OS looks at the file extender, not the Mimetype.)
  • In the same vein, block all outbound mails that contain directly executable attachements. Friends don't send friends programs, and if they must do so, they zip them first.
  • Limit the average user's ability to bypass such filtering - do not allow users to directly send to SMTP, SMB, and NFS ports unless the user have explicitly asked for such access and taken responsiblity for doing so.
  • Upon getting complaints about violations, QUICKLY move to resolve the problem - as in, within 24 hours. If the customer will not or cannot solve the problem within that time, shut them down until they can.


In short, take responsiblity for FIXING the problem, and force your downstream customers to do the same.

I have been receiving a steady stream of virus laden emails from udw.ac.za (a university in South Africa). I have repeatedly contacted them as well as their up stream provider (saix.com). All SAIX does is send a nastygram to UDW. All UDW does is experiment in topological auto-proctology. Were SAIX to say "Alright - we've had five complaints this past week. You obviously are not doing anything to solve the problem, so until you do, we are blocking port 25 outbound from you" then UDW would be HIGHLY motivated to correct the problem.

But right now, most ISPs have the attitude of Mind Over Matter - "We don't mind, so it don't matter. Over and out." As such, the problem persists and grows. ISPs mail servers handle a steadily increasing stream of viruses and spam, for which they complain bitterly about having to buy new equipment (while raising their fees), but they don't actually try to SOLVE the problem.

If ISPs were to say, "The line must be drawn here. Here, and no further." - if they were to start blocking viruses and spam, disconnecting users that spread them, and requiring their downstream to do the same, then the expected value of the number of hosts any one host can infect would drop to a tiny fraction of 1, and the reaction would damp out. Viruses would not longer spread like wildfire, the news would no longer report upon them, and the virus writers would no longer get egobo from writing them.

However, as long as ISPs continue to do their best Sgt. Schultz of Stalag 13 ("I SEE NOTHING! NOTHING!") impersonation, as long as ISPs say "It's not our fault - we are not to blame, why should we do anything about it!" then the problem will only grow.

(/me sits back and waits for the inevitable flames from ISPs wishing to do exactly that...)

Re:Folks who work for ISPs will be angered... (5, Insightful)

Minwee (522556) | more than 11 years ago | (#6329885)

It's a nice idea, but the biggest problem that I can see is that it would make ISPs responsible, in a very real, legal and scary sense, for the content of the packets that they carry.

As it stands, an ISP is not that much different than the phone company. They connect one user to another and don't worry about what is being said. What you are proposing is that all service providers would spy on their users and take corrective action if they are caught saying the wrong things.

This would be no different than the phone company terminating your call if they hear you mention the words "pie", "face", "chimp" and "white house" all in the same conversation.

If an ISP were to take such an interest in what their users have to say, then it would leave them in a tricky legal position -- If they have a policy of shutting down users who traffic in Windows Malware 2002 (tm), then why do they turn a blind eye to such horrible things as kiddie porn, copyrighted music and Harry Potter fan-fiction? The lawsuits would spread like wildfire, and the imminent death of the internet would arrive at eleven.

Re:Folks who work for ISPs will be angered... (4, Insightful)

radish (98371) | more than 11 years ago | (#6329909)

I'm not an ISP, but I'm a customer of one. Much as I hate spam, if my ISP implemented the measures you described, they would cease to be my ISP. I don't want my ISP telling me what type of attachments I can send (my company already does such checks on internal mail, and it drives me mad, but it's their network so they can do as they please). As for virii, trojans etc, well if I cause an actual problem to their network, or another of their clients, then sure they have good reason to disconnect me. But putting some requirement on me to keep my machine "virus free" (what does that mean anyway?) they will almost certainly end up mandating use of some (commercial, windows only) antivirus package. Great - there goes support for other OSs.

Where I do agree is in responding to problems. However I've not had so many problems here. In the few occasions where I've had serious problems from people scanning, flooding, whatever, I've complained to the appropriate place (in one case I remember an italian ISP, in another a US one) and it's been fixed. Guess I've been lucky.

Virus free (2, Insightful)

wowbagger (69688) | more than 11 years ago | (#6330224)

" they will almost certainly end up mandating use of some (commercial, windows only) antivirus package."

No, that is exactly why I phrased it as I did - "require the user to keep his machine virus free."

If a machine is sending virus laden emails, then it is not virus free. Otherwise, innocent until proven guilty.

As for the attachements - I am sorry, but your right to swing your arm ends where my nose begins, your right to play your stereo ends where it enters my house. Society can quite legitimately ask its members to curtail dangerous behaviors. I can think of no circumstance in which sending an executable program as-is is needed or even wise. Not only will zipping the program reduce the size of the program (and thus the load on the mail server) it will add CRC protection to the program so that an error in transmission has a higher chance of being detected and corrected.

"my company already does such checks on internal mail, and it drives me mad, but it's their network so they can do as they please."
Guess what - Your ISP's networks is THEIR network, so by your own arguement THEY can do as THEY please.

Re:Folks who work for ISPs will be angered... (0)

Anonymous Coward | more than 11 years ago | (#6330225)

However, as long as ISPs continue to do their best Sgt. Schultz of Stalag 13 ("I SEE NOTHING! NOTHING!") impersonation, as long as ISPs say "It's not our fault - we are not to blame, why should we do anything about it!" then the problem will only grow.

Perhaps ISPs are trying to hang on to the "common carrier" protections. If they start to police their networks too much, they may loose these protections (if they have them), thus they may become (if they are not already) liable for any damages performed by any of their users. I dunno - someone who knows more about this care to comment?

PEBKAC (3, Informative)

WegianWarrior (649800) | more than 11 years ago | (#6329737)

Or for those not so keen on abverbiations, Problem Exist Between Keyboard And Chair.

Make sure you got the latest anti-virus program. Do not open attachments from prople you don't know. Be wary about opening attachement from people you do know. Avoid HTML-enchanted (ha!) mail like the plauge. If possible, run another e-mail client than Outlook and Outlook Express. Set up and maintain a firewall that can block traffic that goes out as well as in. Use common sence - you wouldn't enter a house of ill repute in real life in fear of a STD, so you shouldn't visit a website of ill repute in fear of getting a virus or worse.

Seriously... if more people used their heads to think with and was a little more suspious about things, this would not be a problem.

Re:PEBKAC (3, Interesting)

MrMickS (568778) | more than 11 years ago | (#6329842)

How long before someone writes a virus does the following:
  1. Examine sent items folder looking for items with attachments.
  2. Send another message to the same person as a follow up with an infected version of the attachement.
This would get through most of the operator suspicion filters. If the payload mutates enough to make it difficult to fingerprint it would miss virus checkers as well.

Taking this into account the problem isn't the operator but an MUA/OS that allows code to be executed in such a manner. Signed documents, trusted sources, etc may help here.

Re:PEBKAC (0)

Anonymous Coward | more than 11 years ago | (#6330008)

Here we call it PEBMAC. Problem exists between monitor and chair. Rolls off the tongue a little better than PEBKAC.

surprised (3, Funny)

deuist (228133) | more than 11 years ago | (#6329738)

I think real news here is not that people are writing viri for profit, but that ZDnet is still operating. Seriously, I thought that they went out of business years ago.

This is a worrying idea (4, Insightful)

Glyndwr (217857) | more than 11 years ago | (#6329771)

1. Write devastating super-virus
2. Release it
3. Destroy unsuspecting internet
4. ???
5. Profit!

ObSlashdotJoke aside, I always wondered where step 4 came in. Clearly, from the number of viruses doing the rounds now, bragging rights alone is enough of a draw for many; equally clearly, from the vast weight of bugs in viruses, it primarly draws teenage l33t hax0rs with more testosterone than talent.

All the devestation of every trojan and virus in history has been without a clear step 4. The addition of a step 4 worries me a lot, and as has been said before [slashdot.org] even non-Windows people like me can't feel smug and safe forever.

Guess this gives a new meaning to... (3, Funny)

rediguana (104664) | more than 11 years ago | (#6329814)

viral marketing! ;)

Re:Guess this gives a new meaning to... (1)

Pig Hogger (10379) | more than 11 years ago | (#6330476)

Are those virii GPLed???

DDoS (4, Insightful)

Megane (129182) | more than 11 years ago | (#6329936)

So now DDoS also means Distributed Distribution of Spam?

In one of the first of these that I saw back in May, the spammer apparently hadn't yet learned the art of using the Bcc: header, and all the addresses it was being sent to were clearly harvested from one newsgroup that I regularly read (and post in). That's how I knew it was spammed, and not just an "address book dipper" virus. And for some time, people have been spamming binaries pictures newsgroups with .exe attachments.

I'm glad to do my part in creating a diverse computing environment by running OS X instead of the leading virus-ridden OS. Is there any truth to the rumor that Microsoft is going to rename Outlook Express as ActiveVirus[tm]? :-)

Re:DDoS (1)

martin (1336) | more than 11 years ago | (#6330064)

I always say Lookout rather than Outlook myself..:-)

Bad for the business model (3, Interesting)

ToadMan8 (521480) | more than 11 years ago | (#6330072)

Simply, those writing spam e-mails are trying to sell something. Spam is (for the most part, before more than now) legal. Taking over drone computers (hacking / virii) to send your spam e-mail is not. You have to make money from your business somehow. If you send spam from infected / hacked computers sending people to your website that obviously collects money for something... well, you have to have a name behind money collection. Someone has to own the paypal account or the charge vendor account... They will find you simply enough. In my mind this whole concept is bogus, as you can't hack or infect and send advertisments. That's like advertising Giant Eagle by spraypainting your daily sales on the front of buildings.

Re:Bad for the business model (3, Informative)

cdrguru (88047) | more than 11 years ago | (#6330226)

You miss the point - why do you connect the company selling a product with the spammer advertising it?

Often, there is an advertising company that charges $1500 or so to "advertise" your product for you. They then pay subcontractors to actually send it.

Also, often the company with the product gets told the advertising company's list is 100% opt-in. Then, they turn it over to subs with "send this to your list - any list" and include these email addresses...

Until you make "spam" illegal to send out, you will never stop this. Advertisers absolutely believe they are selling a legal product that there is demand for. And there is - or you wouldn't be getting any spam.

Advertising (spamming) companies are responsible (2, Interesting)

ToadMan8 (521480) | more than 11 years ago | (#6330321)

UPS can't ship Cocaine. It's illegal to do so. Regardless weather the dealer told them it was powdered sugar or not, UPS is either responsible for being part of the transaction or they can plea bargain out and tattle on the dealer himself.

The advertising companies first of all can't use virii to send spam. Secondarily, and in direct response to your objection, they can't claim they thought their illegal practice is legal because of what they heard from the company they are advertising for. Ignorance is no excuse (to do something illegal).

It's true (5, Informative)

paranode (671698) | more than 11 years ago | (#6330189)

I run honeypots and work in security and I can tell you firsthand that this is definitely an accurate conclusion to draw. People exploit Windows boxes all the time and the only things I ever see them do with them are opening up spam relays or hooking it up as a bot to a warez IRC channel. There's absolutely no skill involved, it's just script kiddies with automated tools taking advantage of lazy Windozers who forget to set SQL passwords or ever patch their system with the latest updates. It's pathetic, and it really makes me think that spam can never be stopped no matter how much legislation gets passed.

Then... (2, Funny)

gr8_phk (621180) | more than 11 years ago | (#6330380)

Then they'll try to sue the anti-virus companies for blocking their advertising.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?