Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lycos Anti-Spam Site Compromised [Updated]

timothy posted more than 9 years ago | from the spy-vs-jerk dept.

Spam 520

An anonymous reader writes "Lycos, shortly after producing a screen saver to fight spammers using a DoS-style attack appears to have been hacked. Attempting to download the screen saver from lycos results in this message 'Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your ip address and request have been logged and will be reported to your ISP for further action.' Or maybe it's just a joke -- can you ever tell?" Update: 12/01 15:07 GMT by T : According to Lycos, the defacement reports were actually just a hoax.

Sorry! There are no comments related to the filter you selected.

This is getting really messy.. (2, Insightful)

Anonymous Coward | more than 9 years ago | (#10961204)

If there are only a few large spamming... erm... entities, then I wonder how and when they'll finally be caught.

Attack! (1, Insightful)

Pmkool1 (827418) | more than 9 years ago | (#10961206)

Attack those spammers! Someone needs to stand up to them!

Re:Attack! (5, Funny)

FREELZEE (774446) | more than 9 years ago | (#10961242)

WTF... i can't tell if it's slashdot attacking these links or the spammers screwing them up. i guess we'll never know

Re:Attack! (4, Insightful)

mr_z_beeblebrox (591077) | more than 9 years ago | (#10961330)

Attack those spammers! Someone needs to stand up to them!

Spam is a huge amount of traffic on the net, that is my problem with it. Turning clueless lycos users into antispambots will not DECREASE the traffic on the net but increase it. Also, if joe blow user gets a screen saver that DDOSs a.b.c.d and said spammer goes out of business resulting in cox cable giving my grandma a cable modem at a.b.c.d do you really think J Blow user is going to know to get his screensaver updated or are a large chunk of them going to run the initial screensaver as long as they ran Win 98 unpatched (forever)

hopefully it's written better than that (5, Insightful)

frovingslosh (582462) | more than 9 years ago | (#10961444)

I have not downloaded the screen saver and don't know how it works, but it would be a no-brainer to have written it to get it assignments when it goes active. After all, it certainly has Internet access (or it's can't run up the spammer's usage anyway). So it just has to check a site, get one or more assignments, and start running up the spammer's bill. Not a bad concept.

The spammer's response is a strong indication that it's a pretty good idea, and one they really don't like and see as an actual threat to them.

Only a matter of time (1)

hussain (579409) | more than 9 years ago | (#10961207)

Surely this has pissed off SOMEONE. Its too bad really, this just makes me want to get it more.

haha (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10961210)

1st post

Ridiculous (3, Funny)

bool morpheus() (689231) | more than 9 years ago | (#10961212)

They wouldn't let phone telemarketers threaten you into buying whatever product. Aww, let's all feel sorry for the poor spammers. Boo hoo hoo.

No surprise (5, Interesting)

JuggleGeek (665620) | more than 9 years ago | (#10961214)

I'm not surprised. Spammers, phishers, and other scammers have obviously been hiring geeks to write software for them for some time. Without that, they wouldn't have armies of owned machines ready to send out their spam for them, etc.

The Lycos screensaver has gotten a lot of press, and could certainly put a crimp in the spammers pocketbooks, and spammers aren't honest, so why wouldn't they hack Lycos?

Re:No surprise (3, Interesting)

Omniscientist (806841) | more than 9 years ago | (#10961258)

Exactly, your average spammer I'm sure does not have the coding skills you need for what damage spam wrecks (though I'm sure a few do). That was the first thing I thought, that they hired someone to compromise Lycos. However, do you think this could bring further legal trouble possibly to the blacklisted spam sites? Might be a reasonable cause to do some investigation....

Re:No surprise (5, Insightful)

kasper37 (90457) | more than 9 years ago | (#10961270)

Hiring geeks? How do you know it's not geeks themselves doing the spamming? Just because someone is smart and has networking/programming know how doesn't mean that they are immune to the draw of easy money.

Other Theories (1, Insightful)

Anonymous Coward | more than 9 years ago | (#10961278)

Or maybe it was a concerned white hat cracker who thinks DDoSs are just as bad as spam. Maybe it was a Free Software fan/advocate who doesn't want GNU/linux associated with vigilante justice.

Re:Other Theories (2, Insightful)

ottawanker (597020) | more than 9 years ago | (#10961388)

Or maybe it was a concerned white hat cracker who thinks DDoSs are just as bad as spam
But defacing a website is 'less bad' than a DDoS or spam? That would be some interesting logic on his part.

Re:Other Theories (0)

Anonymous Coward | more than 9 years ago | (#10961408)

Replying to myself here to clarify that yes I am aware that the comment was a joke. There was supposed to be another joke stuck onto the end of "But defacing a website is 'less bad' than a DDoS or spam? That would be some interesting logic on his part." along the lines of, "kinda like how ..", but I decided to remove it (I'm sure you can all guess the topic). Only after submitting noticed that it now looks like I'm one of those humourless idiots.

Re:Other Theories (0)

Anonymous Coward | more than 9 years ago | (#10961426)

Spam and DDoSs effect many people. Altering a website effects only one.
Hell, I fail to see how it's much worse than writing something on a chalk board.

Re:Other Theories (1)

Junichiro Koizumi (803690) | more than 9 years ago | (#10961412)

What does this have to do with 'GNU'/Linux? The screensaver (like all decent software) doesn't even run on 'GNU'/Linux.

Re:No surprise (0)

Anonymous Coward | more than 9 years ago | (#10961438)

So how about some real evidance?

Oh yeah you have none.

Simple Way To Counter Lycos Threat (2, Interesting)

amigoro (761348) | more than 9 years ago | (#10961216)

I am guessing that some of the spammers just changed their DNS records to make their domain names to point to the lycos site. Actually, now these spam targetted domains can be used as weapons, just by changing their DNS records. Well-done Lycos!


Moderate this comment
Negative: Offtopic [mithuro.com] Flamebait [mithuro.com] Troll [mithuro.com] Redundant [mithuro.com]
Positive: Insightful [mithuro.com] Interesting [mithuro.com] Informative [mithuro.com] Funny [mithuro.com]

Re:Simple Way To Counter Lycos Threat (5, Funny)

Streyeder (569869) | more than 9 years ago | (#10961259)

So, what happens when Lycos points their DNS servers right back at them? Maybe it would create a cyber time-space vortex that would suck websites back into the past? ;) An internet wormhole of sorts... Ok, time to turn off DS9 and get back to hw...

Re:Simple Way To Counter Lycos Threat (0)

Anonymous Coward | more than 9 years ago | (#10961304)

Please stop using the whole moderate this comment thing. It's very distracting and really stupid.

Re:Simple Way To Counter Lycos Threat (1)

Parsec (1702) | more than 9 years ago | (#10961310)

If you're in control of the list of targeted spam sites, you can 1. make sure it never points back to your sites, and 2. alert a human whenever the DNS entry gets changed and verify before your spam fighting techniques take action against an innocent party.

mod parent down known troll (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10961357)

see posters posting history and see the -1's for yourself

Re:Simple Way To Counter Lycos Threat (1)

c0p0n (770852) | more than 9 years ago | (#10961400)

Actually, the screensaver could do a real damage on the Spam machine (and having in mind your comment, on Lycos itself). Keep in mind that half of the fools that would download the screensaver have their PCs acting as zombie relayers, so the screensaver would steal the bandwidth of the rootkits they've installed.

Flooding the spammers domains is absurd and uneffective.

Re:Simple Way To Counter Lycos Threat (0)

Anonymous Coward | more than 9 years ago | (#10961421)

parent is a known troll, mod parent down.

You (1)

Delifisek (190943) | more than 9 years ago | (#10961218)

Have to tougher them to fight them...

But ... they were "ready" (4, Funny)

Joosy (787747) | more than 9 years ago | (#10961219)

Clearly it must be a joke, since a Lycos rep is quoted as saying: "There's a risk we will receive some denial of service attacks in the next few days but we are ready."

obligatory (4, Funny)

Neo-Rio-101 (700494) | more than 9 years ago | (#10961220)

Lycos, shortly after producing a screen saver to fight spammers using a DoS-style attack appears to have been hacked. ....and now totally slashdotted off the map to boot.

Re:obligatory (3, Funny)

TheOtherAgentM (700696) | more than 9 years ago | (#10961268)

That's how to combat spam. Just /. the servers.

Re:obligatory (0)

Anonymous Coward | more than 9 years ago | (#10961364)

Stop this obligatory oww they've been Slashdotted shit. We all know the power of the herd and don't need you making the same joke about it in EVERY... SINGLE... POST...

"Fighting" spammers (4, Insightful)

Dancin_Santa (265275) | more than 9 years ago | (#10961221)

The way to "fight" spammers is by following the law and litigating against them. Childish things like using illegal hacking tools just puts gasoline on an already out of control blaze. More stringent laws and serious punishments for spammers is the final key to doing away with the vast numbers of spammers.

The "technological" solution to spam has shown itself to be totally ineffective. The solution which has worked to not only put a small dent in the daily dose of spam but also enrich the general public has been to take the spammers to court and eventually to jail when necessary.

Spam is like selling kids crack cocaine. No one wants that kind of shit in the neighborhood, but the only people willing to "take back the streets" are ninnies and other gang members.

Re:"Fighting" spammers (2, Insightful)

the pickle (261584) | more than 9 years ago | (#10961254)

The solution which has worked to not only put a small dent in the daily dose of spam but also enrich the general public has been to take the spammers to court and eventually to jail when necessary.

Uh.

Define "worked."

My inbox is seeing *more* spam, not less, compared with three years ago.

If we're going to be jailing people, we need to be jailing more than one token high-profile spammer every year. Just like a legitimate business, don't you think these douchebags have vice-presidents who run their ops when they're in the clink? Of course they do...

Jailing them -- at least on this scale -- isn't going to help. We need asset seizure, BIG TIME.

The first grandma who gets her computer seized because it's a zombie box sending spam is going to be massively bad PR for the spammers (dirty little thieves, they are, targeting grandmas like that) and Microsoft (worthless insecure OS...).

Seriously, give it a try. But for the love of all things holy, DON'T JUST PUT THREE TOP DOGS IN JAIL IN THE COURSE OF TWO YEARS. THAT ISN'T WORKING!

p

Re:"Fighting" spammers (5, Insightful)

Nykon (304003) | more than 9 years ago | (#10961273)

Technology moves much faster then any of the law making parts of our government. A blanket law could harm innocent people, look at the rampant abuse of the DMCA? It had good intentions but was too broad and was abused for other purposes.

Heck, even people in the infosec community have enough trouble keeping up with spammers from a defensive corporate security aspect, more less waiting for the government to do enough research to put together a law that may or may not be valid by the time it is voted on and put into action.

Unfortunetly I think the spammers know this, and the best we can hope for is maybe stiffer fines. Then again with the money most of the big guys make off "email marketing", chances are they can afford a good enough lawyer to get them off the hook or a fine that will barely dent their pocket.

Let's not forget the fact that laws are only valid for US spammers. You get a spammer using zombies or even servers in a country that could care less about American policy and laws, and all we have to fall back on is "technology' to aide us.

Re:"Fighting" spammers (3, Informative)

metlin (258108) | more than 9 years ago | (#10961296)

Really well said.

Vigilante style justice does not always work out. For one, you open yourself up to illegal attacks from them, too.

If I legally took a spammer to court and if he DDoSed me, it would only strengthen my case. I have the legal recourse to support my stand.

However, if you did something like what Lycos did, what're you going to tell the judges? They hacked me for hacking them?

As much as I'd love to see spammers get kicked in the nuts, this is not the path to take. It makes us no different from them.

Re:"Fighting" spammers (4, Insightful)

Anne Thwacks (531696) | more than 9 years ago | (#10961299)

Since its pretty clear that the US law enforcement officers are unable to attack a doughnut, let alone anything to do with computers, I would not hold out much hope. Two spammers in 20 years is not a successful campaign.

And dont tell me its not Americans that are responsible ... how comes all the adverts are for American companies?

Follow the money. If American banks had their licence removed if they passed money to spammers, there would be no spam.

Re:"Fighting" spammers (1)

Trillan (597339) | more than 9 years ago | (#10961333)

I have a link [hrw.com] that explains why litigation will NEVER work.

So what do YOU recomment? (1)

MMaestro (585010) | more than 9 years ago | (#10961359)

So what do you suggest the government/corporations/people do about this? Before you give any suggestions, note the following:

1. Any decision must take longer than 6 months to reach. With few exceptions (Patriot Act, declarations of war, etc etc.) any piece of law in the government (at least the U.S. government) takes months to pass through the Senate and signed into law by the President. Therefore you CANNOT arrest someone, hold them until a bill passes and THEN jail them since everyone else under him would've scatter. Essentually making you look like a fool to people like the /. crowd. Governments (unless acting together) at out.

2. It cannot be done through EULAs since EULAs do not extend internationally. A simple proxy setup somewhere in Russia, India or China is enough to bypass that instantly. Corporations at out, due to legal reasons.

3. It MUST invade people's privacy. This is the INTERNET. This isn't CSI where you have fancy fingerprints that you can match up with the FBI's database. Theres no trail of breadcrumbs you can follow back you the spammers computer since it'll often lead internationally or through a zombified computer. Theres no motives here other than money, no doubt cover with its own miles and miles of internet BS covering its ass. You have millions of suspects, many of which are assisting in the crime without knowing it. Any law enforcement agency smaller than every intellience branch in the world combined cannot handle this task, the U.N. and watch-dog groups are out due to sheer amount of research that would be necessary.

What do you do? As for your analogy with spam and cocaine, ever hear of vigilantes? Course not, cause most of them act ILLEGALLY. A few 'accidents' to the local drug dealer does wonders to drug abuse in the area, instead of having to pay an extra hundred dollars in taxes to keep the same drug dealer in an overpopulated jail.

Re:"Fighting" spammers (0)

Anonymous Coward | more than 9 years ago | (#10961368)

While I am not sure if I support DDOSing, how is your plan going to help kill the spam gangs in Russia and other countries?

And if this is just in the US, what laws are going to help us with this? The can-spam act gives companies permission to spam you, and hasn't affect the spammers much.

Who is going to take care of finding/rooting out the spammers and going to court? With the anonymity of the internet, and the tactics employed by them (viruses, obscuring urls, using relays, other tricks, etc), doing that isn't as simple as you might think it is. Plus the thing can be too costly, even tracking down one might not be worth my time and effort.

And from what I have read, spammers are not necessarily nice people and sometimes are criminals or have a criminal background. There have been some that have stalked anti-spammers, left threats, filed lawsuits with the intent to science/threaten, etc. I am not sure I would want to go through suing a spammer if that means they will be harassing me in real life.

And who are we going to get to act on the spammer you find? The FBI couldn't care less about helping those anti-spam sites being DDOSed, what makes you think some US government agency is going to care or do anything about people being spammed

At least the DDOSing can do some good, it takes up their bandwidth and makes their costs much higher.

Re:"Fighting" spammers (0)

Anonymous Coward | more than 9 years ago | (#10961377)

Are you nuts? My company gets apptomixmaly 2000 infividual items of spam a day, roughly 300 per person. 98% of this is effectivly taken out by a combination of flagging on the mail server and local sorting in Apple Mail. We've had two false positives in the last four months.

And yes, we do check through manually, just in case. The times coming when we won;t bother anymore though, as the technological solutions we use to combat spam work.

Re:"Fighting" spammers (2, Interesting)

Ilgaz (86384) | more than 9 years ago | (#10961386)

http://www.spamcop.net/ [spamcop.net]

Yes, I know some postmasters hate it, Korea just doesn't care and China directly ignores them...

At least you do something legit and may have an effect. I saw lots of reports saying "ISP already took action" on lots of reports I send.

Well, getting 400 mails (four hundred) on my Yahoo Plus/week, I took a decision. I only report spams in my native language to Spamcop. Being in scene for too long, I know 98% of TR ISP's actually take action against them since I know their admins.

IMHO the thing must be done is, take care of all abuse reports, ESPECIALLY non geek users abuse reports (via spamcop) and take action. Action maybe blocking access of that account to net.

Spamcop's power comes from something else. It auto investigates the REFERENCED URL and its host. While those assholes use worms, zombies to send mail, unfortunately LOTS of people click on spam links so they must use a first class hosting provider generally.

First class hosting provider, especially on scam mail takes care of report since they don't want to get trouble with Citibank, FBI etc.

While you generally see ISP postmasters doesn't care about spamming customer, hosting provider takes care of spammer assholes "business"(!).

Taste of revenge ;)

Re:"Fighting" spammers (0)

Anonymous Coward | more than 9 years ago | (#10961448)

Yes mum.

Works both ways... (2, Insightful)

Anonymous Coward | more than 9 years ago | (#10961223)

Yes, hacking websites is wrong, you know this, you shouldn't be doing it. Your ip address and your actions have been logged and will be reported to your ISP for further action.

Re:Works both ways... (1)

Anne Thwacks (531696) | more than 9 years ago | (#10961311)

... And expect your ISP will take the same action he did against the spammers.

Lad Vampire unaffected (5, Informative)

Lost Race (681080) | more than 9 years ago | (#10961224)

Lad Vampire [aa419.org] is still going strong. It's similar to the Lycos thing but only targets 419 scammers.

Re:Lad Vampire unaffected (1)

CoolSilver (794518) | more than 9 years ago | (#10961399)

And now being on /. comments gains it another army to help.... :P

Well if it was not a joke then.... (2, Insightful)

hashish (62254) | more than 9 years ago | (#10961226)

Someone was worried.

Works for me (1)

shaneh0 (624603) | more than 9 years ago | (#10961227)

At 3:06AM I downloaded the EXE without a hitch. Anyone have any screenshots of the hijack that might mike this an actual.. um.. story?

Shane

Re:Works for me (4, Insightful)

Pathwalker (103) | more than 9 years ago | (#10961294)

At 3:06 am you downloaded AN EXE file.

Do you know for sure it is the one you think it is?
Do you know for sure what your system is doing?

If the site had been compromised, how do you know that file is the one which was originally hosted there?

Re:Works for me (1)

Jugalator (259273) | more than 9 years ago | (#10961308)

Yeah, considering how much of a target their site may become, they should considering digitally signing their EXE. Windows nowadays supports digitally signed EXE files.

Raise Your Hands, People... (3, Insightful)

the pickle (261584) | more than 9 years ago | (#10961228)

...if you're remotely surprised that this happened.

...
...
...

Yeah, didn't think so.

If something like this is ever going to work, it's going to have to be a lot more underground, just like the spammers.

p

BitTorrent (1)

ToPAz3in6 (583698) | more than 9 years ago | (#10961233)

Somebody, Please set up a torrent for the installer and post it. Spammers may be persistant F**kers... but nobody can hinder the /. community when it comes to banding together for a cause.

Re:BitTorrent (0)

Anonymous Coward | more than 9 years ago | (#10961237)

No matter how illegal or unethical that cause may be!

This link still works (2, Informative)

lou2ser (458778) | more than 9 years ago | (#10961234)

If anyone is interested, this link still works:

http://download2.makelovenotspam.com/screensavers/ MLNS_screensaver_en.exe [makelovenotspam.com]

Re:This link still works (1)

hussain (579409) | more than 9 years ago | (#10961246)

I REALLY wouldn't use that. If they've comprimised the main site, what makes you think the installer is clean?

Who knows.. it might be rife with spyware cack and zombie guts..

Re:This link still works (1)

lou2ser (458778) | more than 9 years ago | (#10961253)

I thought of that as soon as I clicked submit.....I wonder if someone who has a download from a few days ago wouldn't mind posting the MD5?

MD5 sum as of 11/26 (5, Informative)

david_594 (735508) | more than 9 years ago | (#10961284)

I downloaded the installer on 11/26 when the first /. article came out and the MD5 sum of that file was: 237ee99dc7f35d2e2c0a8640086167bf

Re:This link still works (1)

lou2ser (458778) | more than 9 years ago | (#10961369)

Just checked the file available from the link above. MD5 matches the one in the reply. Looks safe.

237ee99dc7f35d2e2c0a8640086167bf

Re:This link still works (2, Informative)

aqua (3874) | more than 9 years ago | (#10961416)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OSX version of the screensaver downloaded on the afternoon of 26th
November, compared to download just now (second checksum for reference,
download it yourself as a hedge against a compromised server giving back
good data to hosts known to have already downloaded the file).

Lines wrapped to reduce mangling.

- -rw-r--r-- 1 aqua staff 1120108 26 Nov 14:19 \ .Trash/MLNS_screensaver_en.dmg
ea8c53d0fb0f30faf3 6b93064936c6cf .Trash/MLNS_screensaver_en.dmg

- -rw-r--r-- 1 aqua staff 1120108 1 Dec 00:41 \
Desktop/MLNS_screensaver_en.dmg
ea8c53d0fb0f30faf 36b93064936c6cf Desktop/MLNS_screensaver_en.dmg

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBrYfGU5XKDemr/NIRApqmAKDXGuZG5gWvp/9QS7dU Aq REuUfYWwCeJ4hL
+fP7YMmg3DwVFCspiLqze+g=
=4LKC
- ----END PGP SIGNATURE-----

In Korea... (-1, Offtopic)

cshah 1 (803515) | more than 9 years ago | (#10961236)

old people are spammers

Re:In Korea... (-1)

Anonymous Coward | more than 9 years ago | (#10961269)

In Soviet Russia spam old people you!

Re:In Korea... (-1)

Anonymous Coward | more than 9 years ago | (#10961277)

..dead horse beats you.

Guess thats something else they have in common with Russia.

Stupidest idea ever. (4, Insightful)

Mordant (138460) | more than 9 years ago | (#10961238)

Not only because the command-and-control server can be hacked and the hosts running the screensaver turned into a botnet used to launch DDoS attacks, as we see - but because a) the veracity of the so-called 'target list' cannot be verified to the degree necessary to make this even theoretically sensible (i.e., it could be gamed by those submitting false spam reports to induce the system to attack innocents, not to mention the PCs of innocents which have been compromised as spam-proxies along with the network infrastructures of their ISPs), but outbound DDoS can be just as devastating as inbound DDoS.

This is the stupidest idea ever. I hope several someones end up suing Lycos over this, it's just moronic.

-All- security measures should be predicated upon the sentiment expressed in Hippocrates' _Epidemics_ (-not- the Oath, that's a popular misconception) - '. . . first, do no harm'.

Re:Stupidest idea ever. (1)

the pickle (261584) | more than 9 years ago | (#10961274)

not to mention the PCs of innocents which have been compromised as spam-proxies

To paraphrase another thinker-type, John Selden:

"Ignorance of the machine excuses no user."

Just because they didn't *intend* to get their box compromised doesn't mean they're entirely innocent, either.

p

Re:Stupidest idea ever. (0, Troll)

Anonymous Coward | more than 9 years ago | (#10961293)

To paraphrase a bunch of stupid people:

"She deserved it"

Your John Selden is an idiot and relativist to the utmost degree if he really believes that a person ought to be held accountable for the criminal actions forced upon them by another person. And you, for putting your faith in him, are lower than slime.

Blaming the victims is the first resort of the criminal.

Re:Stupidest idea ever. (2, Insightful)

the pickle (261584) | more than 9 years ago | (#10961425)

Oh, no. The actions were not "forced upon them" by anyone.

They *chose* to buy a computer, *knowing* the risks of viruses, spyware, etc.

They *chose* to put that computer on a broadband connection.

They *chose* not to keep their virus protection software up-to-date.

They *chose* not to place the computer behind a firewall.

They *chose* to leave the computer out there like a sitting duck, just waiting for an infection to come along and pWn the box.

It doesn't make it any less low that there are scum who would take advantage of this situation, but...

If someone without proper education is caught operating a motor vehicle, that person is subject to severe penalty.

People with your attitude are the problem with society. WHY CAN'T PEOPLE JUST TAKE SOME FUCKING RESPONSIBILITY FOR THEIR OWN ACTIONS? If you fuck up out of ignorance, well, tough shit. Learn. And then don't fuck up next time.

p

Re:Stupidest idea ever. (4, Funny)

flyingsquid (813711) | more than 9 years ago | (#10961360)

I agree. We should not be going after spammers with internet attacks.

We should be going after them as angry mobs armed with pitchforks and torches.

Re:Stupidest idea ever. (1)

dj_super_dude (86692) | more than 9 years ago | (#10961366)

Desperate people resort to desperate measures. To say they should be sued for this is fighting for the side of spam rather than against. Why is a box that has been compromised and is spewing emails to the world considered not fair game? Simply becaused the owner was unlucky or complacent enough not to secure it?
Do no harm? How about pleading self-defence... Kill or be killed.

lol, bring it on (4, Funny)

Mia'cova (691309) | more than 9 years ago | (#10961241)

Report me? haha. Knowing my ISP, they'd probably increase my bandwidth.

I hope the guys who attacked Lycos are getting hit hard by their service. Keep it up Lycos! You're obviously hitting a nerve.

Alternate article (1)

lou2ser (458778) | more than 9 years ago | (#10961244)

Guardian seems to be /.ed. (WTF?)

Here is a link [zdnet.com.au]

An alternative perhaps (3, Insightful)

lachlan76 (770870) | more than 9 years ago | (#10961245)

This kind of tactic, if not outright illegal, is a grey area...now perhaps, if you simply made a script to go through the emails, put every link on a list, and used spare bandwidth to request pages from all of the links that have been sent, that could be legal, but still a grey area.

What I don't think is a good idea is a company deciding who deserves to be DDoSed. In that sense, it is little better than MyDoom, which also attacked unpopular companies.

Personally, I think we should try to take down companies that use spam for advertising legally, rather than using a DDoS. But I might not have the popular view, you never know.

Re:An alternative perhaps (1)

burns210 (572621) | more than 9 years ago | (#10961387)

What US law would you like to apply to a Chinese email server admin?

You think Congress passing a law is going to make it at all enforcable in countries that feel free to tell Americans where they can shove it?

Legality is a joke when enforcing something like spam on the internet. If you get China to crack down, which you won't, then the 25lb servers just get shipped to India, Pakistan, russia, east europe, sout america... Hell. Anywhere.

Furthermore, some now do, and more will, use bot networks of rooted Windows machines as proxy slaves to spam email, creating a virtual barrier from the real bad guy.

Re:An alternative perhaps (1)

lachlan76 (770870) | more than 9 years ago | (#10961427)

I meant to use a method of removing spammers from the internet that is not illegal.

Re:An alternative perhaps (0)

Anonymous Coward | more than 9 years ago | (#10961437)

a method of removing spammers from the internet that is not illegal.

Legalize the hunting of spammers.

They're a day late and a dollar short (1)

Gary Destruction (683101) | more than 9 years ago | (#10961247)

That screensaver is probably already circulating on P2P networks as well as FTP and Instant Messenging.

Re:They're a day late and a dollar short (1)

xstonedogx (814876) | more than 9 years ago | (#10961337)

A copy with a trojan attached is probably doing the same.

Long Term Damage.. (1)

DirtySnachez (817738) | more than 9 years ago | (#10961250)

It'll be interesting to see how this pans out in the long run. One would imagine that this type of 'bad news' (such as comprimised security) will scare off a whole lot of users, and as a result reduce the overall bandwith power of what they're trying to accomplish. I wouldnt run a background app if I was aware that there's a legion of spammers out there trying to make exploits. Just my $0.02

People still download screensavers? (5, Insightful)

Prairiewest (719875) | more than 9 years ago | (#10961261)

I'm amazed that Lycos thinks this will actually work, simply from the fact that I do not know anyone that has downloaded a "screen saver" for their computer in the last year.

It used to be all the rage... yes, starting with AfterDark decades ago, and finally culminating in WebShots a few years ago. But does anyone really do this nowadays? Seriously?

Maybe if it showed a random "babe/hunk of the day" while doing its nasty work it would be downloaded by more people...

Re:People still download screensavers? (1)

bmantz65 (642864) | more than 9 years ago | (#10961382)

I probably haven't downloaded any in the past two or three years. Ever since I moved to a LCD monitor, I didn't have the need for a screensaver anymore.

Re:People still download screensavers? (1)

Johnno74 (252399) | more than 9 years ago | (#10961452)

Yeah, I know... I think one of the reasons for this, is most screensavers are either totally lame, or they max out your cpu/vid card. These days, the difference between your cpu running at 1% and 100% is several 10s of degrees, and a measurable difference in your power bill.

Give me a nice tasteful screensaver that doesn't tax my system, and I'll use it. I used the matrix screensaver for ages!

Fighting Fire with fire (3, Insightful)

lennart78 (515598) | more than 9 years ago | (#10961267)

I hate spam as much as the next person, but I'm having serious doubts about this project. How easy might it be to target this system to a legitimate website and turn the thing into a botnet for DDoS-attacks, and stuff like that?

The problem with spammers is a hopelessly outdated protocol for sending and relaying e-mail on the one hand, and on the other, governments failing to produce adequate legislation to combat spammers, scammers, and the like on the Internet.
Then think that most companies and business-oriented lobby groups fight hard to keep e-mail available as a direct marketing medium, the same way they would thoroughly object to a ban on telephone-based telemarketing.

We don't need a bunch of cowboys arming themselves with guns and taking out everyone they see as a danger to society/Internet, we need decent, solid legislation, and government commitment to take out spammers.

Re:Fighting Fire with fire (0)

Anonymous Coward | more than 9 years ago | (#10961341)

yes, gov't involvement in countries that dont give a damn ... personally my only problem with this program is that it only sends 3.5mb a day, and that it sends information slowly. if i had my way with this program that setting would be much more agressive.

As it is now the program is just a passive way to increase bandwidth costs on the behalf of the spammer, and I'm OK with this. it doesn't prevent the site from working, just increases the cost. Kind of like how they raise the internet traffic levels costing everyone ELSE money...
(yea, I know I'm not helping that situation any, but at least now it affects them too)
and let's not even get into spyware ... that might as well be a virus. It can make a computer unusable ... Spammers, scammers, spyware. It's all to the same end for the same reason with no regard to anyone else and I hardly see why I shouldn't return that courtesy.

Re:Fighting Fire with fire (1)

dannytaggart (835766) | more than 9 years ago | (#10961384)

We already have decent, solid legislation [spamlaws.com] , but the law-breakers keep, well... breaking the law. The solution is not passing new laws, but figuring out how best to beat the spammers.

I agree that it's not in general a good idea for private entities to carry out vigilante justice, but it should also be legitimate to engage in self-defense. As long as there is adequate recourse in case a legit website is mistakenly targeted, the Lycos project sounds promising.

Haha (0)

bryan986 (833912) | more than 9 years ago | (#10961272)

They asked for it, prime target for all attacks is a site that tries to prevent them, they should have been prepared!

In Soviet Korea... (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10961279)

Only old people attack spammers. ...c'mon this works for once since only old people use e-mail.....hello?....hello???..Well FUC[NO CARRIER]

like i was gonna install it anway (0)

Anonymous Coward | more than 9 years ago | (#10961282)


when lycos's software is already flagged as spyware by all the anti-spyware manufacturers there is no way i want to run any of their shit no matter how good the cause

lycos was once a great engine (remember the ftp search) now its just one step away from a domain squatters site with financial services and casinos the prominent advertisers and search results dictated by who pays the most not the most relavent

perhaps the owners should go get proper jobs

"...is bad, you know this" (4, Insightful)

Romancer (19668) | more than 9 years ago | (#10961287)

And hacking websites that attack spammers is fine.

Re:"...is bad, you know this" (2, Interesting)

Romancer (19668) | more than 9 years ago | (#10961327)

On a side note, can we petition Slashdot to have a rotating link to spammers websites or the links in the spam they send. You know, to show we're looking at what they want to show us... a lot... a whole lot, enough to crash their bane of the internet.

Seems like a hack... (1)

Jugalator (259273) | more than 9 years ago | (#10961295)

Or maybe it's just a joke -- can you ever tell?

Yes, since it's working now again, it was probably unintentional.

Linux (0, Offtopic)

ajs318 (655362) | more than 9 years ago | (#10961301)

Anyone tried to compile the MacOS X version under Linux? Any success?

imrworldwide (0)

Anonymous Coward | more than 9 years ago | (#10961309)


is not the download link, is the submitter a lycos employee or getting kickbacks from linktracking ?
IMR are in the same buisness as doubleclick and the rest of those scummy companies and are therefore firewalled to the hilt why link to them at all ?

legally (2, Informative)

nilbog (732352) | more than 9 years ago | (#10961313)

Since they have hacked Lycos's server, they are just as much, if not MORE in the wrong then people who are fighting back against them. As far as I understand, LEGALLY their records can still be used as evidence, since it was not a police agency who obtained the data illegaly

The screensaver put my processor usage up to 100% though, so I stopped using it after one day.

Nothing for Koreans to worry about since (0)

Anonymous Coward | more than 9 years ago | (#10961316)

In Korea, only old people use email.

obligitory all your bases r belong to us (0)

Anonymous Coward | more than 9 years ago | (#10961320)

self hacking? (1)

smartsaga (804661) | more than 9 years ago | (#10961322)

So now instead of being lured into clicking into something you just voluntarily download a hack and install it as a screen saver??? yeah right.... Like people is stupid enought to do that... (sarcasm anyone?)

It's about time... (1)

Phidoux (705500) | more than 9 years ago | (#10961331)

... we all fought back. Being passive about the spam problem isn't going to do much about getting spam to go away. I, for one, support what Lycros have done and I can't wait for them to get the makelovenotspam site back up again, so that I can download the screen saver.

good to see some ethics (1, Interesting)

Anonymous Coward | more than 9 years ago | (#10961334)

I glade to see some hackers excersing their abilities in an ethical manner. Two arguments follow the DoSing of spammers. First just because some one does something wrong does not justify you doing the same. Second once you have Lycos DoSing people they suspect as being spammers, where do you draw the line. Whats stopping them from DoSing their competitors or mom/pop. Also if the FBI is going to waltz around stating "bad 13 year old hacker, no DoSing for you" than why the hell does a massive corporation have any more of a right to deny access to ones internet connection.

Re:good to see some ethics (1)

TheLink (130905) | more than 9 years ago | (#10961420)

Just because Lycos does something wrong does not justify them being hacked either.. :)

read again (2, Informative)

tota (139982) | more than 9 years ago | (#10961422)

Because the spammers call it DoS does not make it so.


The point of this screen saver is to increase the running costs of those website.


Who do you believe?

Now we need a virus... (1)

qualico (731143) | more than 9 years ago | (#10961340)

...with the Lycos screensaver as a payload.

Something needs to be done.
I'm sick of Nigeria, Rolex, Logos, Viagra and all the other needless crap.

Re:Now we need a virus... (2, Funny)

krymsin01 (700838) | more than 9 years ago | (#10961414)

You know what, I'm sick of pirates. Actual sea pirates. I think we should ship all ocean water in the sea to Mars. Oh wait...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?