Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lycos Pulls Vigilante Anti-spam Campaign

CowboyNeal posted more than 9 years ago | from the hardly-knew-ye dept.

Spam 328

davidwr writes "Eweek reports that Lycos is scrapping it's anti-spam campaign: 'On Friday, Lycos Europe gave up the ghost, posting a 'Stay Tuned' note on the MakeLoveNotSpam.com Web site it was using to distribute the screensaver. The Lycos Europe home page, which heavily promoted the screensaver all week, was also scrubbed clean of any references to the screensaver.' See previous Slashdot coverage from Nov. 26, Dec. 1, and Dec. 2."

cancel ×

328 comments

Love my cock with all your heart (0, Troll)

(TK)Dessimat0r (668222) | more than 9 years ago | (#10995976)

Paedophile hunt police find human skull

AMERICAN police made further grim discoveries yesterday during their investigation into a paedophile network responsible for kidnapping girls.

A skull and bones were dug up at the home of the network's suspected ringleader, Rob Malda. It was feared that they were the remains of two teenagers who disappeared from New Orleans a year ago. The bones were unearthed after police spent six days digging at a house in Holland, Michigan, one of six properties owned by Malda.

On a visit to the house last week, Malda told police that his accomplice, Jeff Bates, had buried five bodies under a shed. Maximillion Arturo, a police spokesman in Michigan, said that no further statement would be made until families had been informed.

There was speculation last night that the remains are those of shemales from the GNAA. Malda has admitted abducting them. However, he earlier told police that he believed the two girls were still alive and being held somewhere outside Michigan.

Two eight-year-old girls abducted by Malda have been found buried at another of his properties. They starved to death while he was in prison on a theft charge. Malda's wife, Kathleen Malda, has told police that she was supposed to feed the children while her husband was in prison, but was too frightened to enter their cell.

Another two girls were found alive by police two days after Malda's arrest on Aug 13. Ten people, including Malda, his wife and an American police officer, are in custody in connection with the case.

The raped corpses of two women and parts of a third body have been discovered in a freezer at the Slashdot headquarters, along with the remains of an 80 year old woman that remain unidentified.

TrollKore - At the head of the game.
I hate you, I hate your country, and I hate your face.

inevitable (4, Insightful)

marvy666 (215740) | more than 9 years ago | (#10995979)

fighting fire with fire doesn't always work

It may not work, exactly (5, Insightful)

mcc (14761) | more than 9 years ago | (#10996035)

But who's to say it isn't still beneficial? Lycos probably caused some problems for spammers with this, or made them feel less secure, in the week this stunt was running. More importantly, look at all the publicity Lycos got out of this; if it wasn't for this spam thing I probably wouldn't have even thought about Lycos's existence once in the second half of this year, and probably you or most of the other people here wouldn't have either. Instead, thanks to makelovenotspam, they've been rescued for at least a moment from obscurity and irrelivance and they've been all over the headlines for a week. Meanwhile, by getting out now Lycos possibly avoids the otherwise-almost-certain legal problems from all of this.

Was makelovenotspam, in its short life, effective? Almost certainly not. Was makelovenotspam a public good? I'd bet not. Was makelovenotspam good for Lycos? ... well probably.

Re:inevitable (0, Offtopic)

l0b0 (803611) | more than 9 years ago | (#10996042)

OT warning: This is why guns shouldn't be allowed to carry. Criminals will always have bigger guns, so I prefer if they have small ones, and I've none. I'd much rather get robbed & beaten than killed.

You are a born loser (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#10996057)

You know what you and your kind of people are?

Sheep. Victims. Loosers.

"People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf." -George Orwell

Re:You are a born loser (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#10996287)

You know what you and your kind of people are?

Cavemen. Neanderthals. Idiots.

Re:inevitable (3, Funny)

Anonymous Coward | more than 9 years ago | (#10996091)

Your post really makes no sense whatsoever. Small guns can kill just as easily as big ones. Also, if gus are illegal, the criminals will still have them.

Re:inevitable (3, Insightful)

Orgazmus (761208) | more than 9 years ago | (#10996233)

I think that logic is wierd. Here in Norway guns are outlawed, and most criminals dont have guns. Of course there are some gangs who have them, but arming grandma down the street wont make those guns go away.
Of course it is possible to get a gun, but since nobody has them, why should criminals take the risk?

Re:inevitable (4, Funny)

QuickFox (311231) | more than 9 years ago | (#10996332)

I'd much rather get robbed & beaten than killed.

Sissy. Real men don't mind getting killed.

Re:inevitable (2, Insightful)

ssimontis (739660) | more than 9 years ago | (#10996076)

Did it even have to work? Lycos probably did it for some publicity. Did they get publicity? Yes. Was it good publicity? Not really. Did it still do what they wanted it to do? Yes.

Good, it was stupid (5, Insightful)

Anonymous Coward | more than 9 years ago | (#10995980)

I can't believe the execs at Lycos even had the balls to O.K it as a plan, let alone develop and support it. Corporate sponsored DDoS attacks? What would have been next; MPAA sponsored screen savers that attacked BitTorrant link sites? SCO sponsored screen-savers that attacked kernel.org and Slashdot?

Re:Good, it was stupid (3, Interesting)

0x461FAB0BD7D2 (812236) | more than 9 years ago | (#10996004)

Interestingly, BitTorrent sites, such as Suprnova and LokiTorrent, were hit with massive DDoS attacks this week, just after Lycos started their ScreenDoSer effort.

For more: BitTorrent takes a hit from DDoS attacks [techspot.com]

It wouldn't be a surprise if the spammers re-directed their sites to the trackers, as both Suprnova and Lokitorrent had torrents for the screensaver. At the current time, it is still unknown who was behind it.

Re:Good, it was stupid (1, Interesting)

Anonymous Coward | more than 9 years ago | (#10996027)

Perhaps if it DOS'd only servers which had sent YOU spam personally, it would be more acceptable? I think its a great idea.

Re:Good, it was stupid (1)

SunPin (596554) | more than 9 years ago | (#10996154)

At the current time, it is still unknown who was behind it.


Could it be that the spammers somehow share the same host? Maybe SuperNova has a side business...

Re:Good, it was stupid (0)

Anonymous Coward | more than 9 years ago | (#10996291)

Nonono, you must understand that even thieves are better than spammers.

Re:Good, it was stupid (3, Interesting)

denthijs (679358) | more than 9 years ago | (#10996012)

I can't believe the execs at Lycos even had the balls to O.K it as a plan
I find it very sad that they don't have the balls to go through with it.
Finally someone stands up and fights a worthy cause only to stop after one week.
I have but one word for this behavior: cowardism
Will someone please pick up the towel out of the ring??

Re:Good, it was stupid (3, Insightful)

I(rispee_I(reme (310391) | more than 9 years ago | (#10996041)

the word is actually cowardice.
just so you know.

Re:Good, it was stupid (1, Insightful)

Anonymous Coward | more than 9 years ago | (#10996055)

There is nothing wrong with fighting spammers, but this the completly wrong way to go about it. It is vigilanty justice. It would be very easy for this sort of thing to be used by people like the RIAA or MPAA to target people they don't like. How about political websites using such tactics to force people of oposing viewpoints from the web? I'm sure Animal Welfare groups would love to hit some prominant medical research companies and force them off the web. Or maybe there are some right-wing groups who are just chomping at the bit to target Jewish or Black websites? Would that be O.K too? The justification is the same; one group does not like what another group is doing so they attack them.

It is the wrong way to go about this. It creates colatoral damage (The traffic intended for those spammers websites had to be routed you know), it is inefective (How does it solve the problem of bot-nets and zombie clients?), it is morally dubious (See my examples above) and it creates sympathy for the person(s) who are being attacked. How does that help?

Re:Good, it was stupid (0)

Anonymous Coward | more than 9 years ago | (#10996149)

> It is vigilanty justice.

The correct spelling is vigilanntie

Re:Good, it was stupid (0)

Anonymous Coward | more than 9 years ago | (#10996198)

I did realise my spelling error some time after I posted, but the correct spelling is "Vigilante".

Re:Good, it was stupid (4, Insightful)

secolactico (519805) | more than 9 years ago | (#10996068)

I have but one word for this behavior: cowardism

The execs at Lycos are accountable to board members and shareholders. The legal grounds for this kind of operation are shaky at best (I don't think there are any precedents).

Exposing the company to legal action (from the spammers, ISPs, etc) would not be in the best interest of the shareholders.

I think that whoever ok'd this plan was not the one who cancelled. Maybe he/she was simply overriden by higher-ups. Heck, for all we know, that exec might be looking for work right now.

Do you really think it was a good idea? If enough people think so, somebody will come up with a copy of it... maybe as an extension of SPEWS or somesuch service.

Myself, I think the intentions are noble but the execution flawed. Is there any accountability for this? You would no longer be just excerising your right not to be bothered by using RBL. You will be actively striking back at somebody, and innocent bystanders that get targeted will incur in damages that go beyond not being able to send e-mail.

Re:Good, it was stupid (2, Insightful)

uncleFester (29998) | more than 9 years ago | (#10996315)

Finally someone stands up and fights a worthy cause only to stop after one week.

... uuh, finally [spews.org] ?

I have but one word for this behavior: cowardism

How about three words.. cease and desist? If they didn't have one against them already, you had to bet someone would be sending one soon. And frankly I'm suprised such an idea made it past their legal dept (if it even went before legal). I appreciate and welcome their desire to get in this fight.. but the plan of attack was a rather bad one, imho. When handling swine try not to sink to their level.. then you're sure to get covered in mud as well.

-'fester

Re:Good, it was stupid (5, Funny)

u-238 (515248) | more than 9 years ago | (#10996105)

What would have been next; MPAA sponsored screen savers that attacked BitTorrant link sites?

I can see it coming; Earn credit towards BlockBuster video rentals, every 5,000,000 packets earns you $0.50 towards your next rental.

MPAA already heading that way... (3, Interesting)

John3 (85454) | more than 9 years ago | (#10996164)

based on their early dabbling [p2pnet.net] in anti-P2P efforts [newsfactor.com] . Right now they are just searching out offenders but Lyco's move to bring down spammer sites might encourage the MPAA and RIAA to take more agressive steps.

While Lycos was on unsteady legal footing in terms of their targets (i.e. it's often tough to connect a web site to the spam sender) the MPAA and RIAA can easily prove that a particular user or BitTorrent link site is sharing/hosting/providing copyrighted material. It may be just a matter of time before earlier efforts to legalize RIAA and MPAA DDOS attacks [com.com] are resurrected.

no fair... (5, Funny)

buro9 (633210) | more than 9 years ago | (#10995984)

... i always wanted to be part of a botnet

Obligatory (1, Funny)

Anonymous Coward | more than 9 years ago | (#10995998)

... i always wanted to be part of a botnet

What, you don't have access to Windows?

Non-story (0)

Anonymous Coward | more than 9 years ago | (#10996019)

"the company appears to have scrapped the campaign."

Huh? They just put on a "stay tuned" on the site, because the spammers are fighting back redirecting either to legit sites (Microsoft was one) and Lycos themselves.

Lycos is most probably just automating the process of detecting that and improving the requests (they were doing random POST and GET).

Let's hope they don't scrap the program. I see too many celebrating spammers posting here.

Re:Non-story (1)

AndroidCat (229562) | more than 9 years ago | (#10996260)

I see too many celebrating spammers posting here.

An interesting claim. Proof?

Re:no fair... (2, Insightful)

Jouser (243992) | more than 9 years ago | (#10996158)

Yeah, like the others have recommended simply install Windows XP and just leave unpatched for a few hours and then you'll be a part of a botnet and DDOS'ing someone near you very soon.

Re:no fair... (4, Funny)

corbettw (214229) | more than 9 years ago | (#10996269)

... i always wanted to be part of a botnet

Said the Slashdot poster ironically.

Wishful thinking! (2, Funny)

theundead (670428) | more than 9 years ago | (#10995990)

Now if only spammer would follow the suit!

errr.. ::day dreaming::

well summed up: (2, Insightful)

gl4ss (559668) | more than 9 years ago | (#10995991)

**"I find the anti-spam downloadable DDoS tool to be without a doubt irresponsible, possibly illegal, sets a really bad precedent, gives the wrong impression to users, and possibly the dumbest thing I have heard of this week," said Adrien de Beaupre, an incident handler with the SANS Internet Storm Center (ISC).**

besides than that.. anyone care to pull ye olde form and tick the right places for this particular 'solution for spam'?

Fine, you twisted my arm. (5, Funny)

IO ERROR (128968) | more than 9 years ago | (#10996039)

Your post advocates a

( ) technical ( ) legislative ( ) market-based (x) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from state to state.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(x) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires cooperation from too many of your friends and is counterintuitive
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(x) Anyone could anonymously destroy anyone else's career or business
( ) Ideas similar to yours are easy to come up with, yet none have ever worked
( ) Other:

Specifically, your plan fails to account for

(x) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are unaffected by client filtering
( ) Outlook
( ) Other:

and the following philosophical objections may also apply:

( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures cannot involve wire fraud or credit card fraud
(x) Countermeasures cannot involve sabotage of public networks
( ) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(x) Killing them that way is not slow and painful enough
( ) Other:

Furthermore, this is what I think about you:

( ) Nice try, dude, but I don't think it will work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Fine, you twisted my arm. (1)

XMyth (266414) | more than 9 years ago | (#10996256)

I love that post.

next stop (1)

loyalsonofrutgers (736778) | more than 9 years ago | (#10996079)

Man: The Most Dangerous Game.

How long until someone makes a clone of this? (5, Interesting)

Anonymous Coward | more than 9 years ago | (#10995992)

Really it's not that complex of a product to make and given that it seems to have been somewhat successful at accomplishing it's goal (or in fact too successful by actually DOSing the spammers) I don't see it as that unlikely that someone will go and create a new screensaver that is even more destructive.

Clearly there is at least some interest in fighting spam with DDOS even though it's not the best solution.

Re:How long until someone makes a clone of this? (2, Interesting)

Lisandro (799651) | more than 9 years ago | (#10996181)

This is something i thought the first second i've heard of the whole thing. That Lycos had the balls to do something like that is impressive in the first place, but they did, and it actually worked. How long will it be until someone releases a DDOS attack client that targets known spammers? It won't matter if it's ethical, most people are so fed with spam that they'll use it anyway. Gladly, even.

Imagine a pretty screensaver a-la-SETI, but showing number of flood packets being sent...

for linux... (1)

Janek Kozicki (722688) | more than 9 years ago | (#10996257)

I want one, opensource, which runs under linux. I will run it as a daemon on all 5 of my servers.

the spammers win (1, Insightful)

saladami (827277) | more than 9 years ago | (#10995995)

I for one welcome our new spamming overlords..

gone the way of john lennon (-1, Offtopic)

silid (733394) | more than 9 years ago | (#10995997)

it seems despite concerted efforts of peace (love) loving folk someone is bound to spoil all the fun john lennon was shot december 8th 1980 [bbc.co.uk] - was this anniversary assination a few days early?

Personally a bit of a shame (3, Interesting)

Nexum (516661) | more than 9 years ago | (#10996000)

Personally I think this is a bit of a shame. I know a lot of people here weren't too keen on the aggressive style and dubious legal grounds of this scheme, but to tell the truth, if there was a possibility it would eradicate or at least slow spam down, then I'd have to say I'm all for it.

Perhaps the problem here is that with Lycos being the single point of failure, as well as being a customer facing organisation, its position was just untenable.

There has certainly been lots of talk about building in such a system to mail clients, and perhaps having a distributed spam-attack system that way - perhaps this will be legally more tenable (they actually emailed you personally) as well as more resilient to pressure.

Re:Personally a bit of a shame (3, Interesting)

gl4ss (559668) | more than 9 years ago | (#10996010)

*Personally I think this is a bit of a shame. I know a lot of people here weren't too keen on the aggressive style and dubious legal grounds of this scheme, but to tell the truth, if there was a possibility it would eradicate or at least slow spam down, then I'd have to say I'm all for it. *

look, when the system was so stupidly built that the spammers could just add a refresh tag to forward the flood to wherever they wanted, it had no chance of really slowing the spam down at all.

kneejerk reaction tactics, with bad execution, that was only supposed to make lycos look like it was doing something for the problem in the eyes of normal folk who don't understand enough to see that it was a fucking stupid idea to do in the first place(especially stupid wheny you were a big company and actually could end up accountable for all the fucking around you do).

Re:Personally a bit of a shame (1)

Phleg (523632) | more than 9 years ago | (#10996088)

look, when the system was so stupidly built that the spammers could just add a refresh tag to forward the flood to wherever they wanted, it had no chance of really slowing the spam down at all.

By all accounts, it wasn't. There would have been little reason for Lycos to write a full-blown HTTP interpreter, when all they wanted was something to repeatedly fetch pages.

Re:Personally a bit of a shame (1)

gl4ss (559668) | more than 9 years ago | (#10996268)

*By all accounts, it wasn't. There would have been little reason for Lycos to write a full-blown HTTP interpreter, when all they wanted was something to repeatedly fetch pages.*

rtfa? apparently they did.

**Evidence of a shooting war in cyberspace was uncovered by anti-virus vendor F-Secure. The company reported that one of the spam sites under attack by the Lycos screensaver simply added a Meta Refresh tag that redirected all incoming traffic back to Lycos.**

Lycos /.ed (1)

IO ERROR (128968) | more than 9 years ago | (#10996018)

Looks like Lycos is /.ed...this time forever.

Existing installations? (4, Interesting)

slavemowgli (585321) | more than 9 years ago | (#10996028)

What about existing users of the screensaver? Will it continue to work (i.e., flood spam sites)?

Re:Existing installations? (3, Informative)

grazzy (56382) | more than 9 years ago | (#10996050)

Nope, it says "Stay tuned" there too.

Re:Existing installations? (1)

slavemowgli (585321) | more than 9 years ago | (#10996070)

Pity.

Re:Existing installations? (1)

fred911 (83970) | more than 9 years ago | (#10996112)

Or.. are the bots atonomous? Or are there now thousands of zombies just waiting for a call to duty?

This sucks... (1)

david_594 (735508) | more than 9 years ago | (#10996033)

This sucks, now I need to get a new trippy screen saver.

It Was Doomed To Failure From The Start (1, Funny)

Stephen Samuel (106962) | more than 9 years ago | (#10996037)

They never had a Linux version.

Re:It Was Doomed To Failure From The Start (0)

Anonymous Coward | more than 9 years ago | (#10996049)

They never had a Linux version.

No. It didn't play ogg.

Campaign failed but... (2, Insightful)

cyberise (621539) | more than 9 years ago | (#10996045)

Lycos did win a minor victory in getting it's company name in the news again. Before this I'm sure most people forgot this company existed. Even bad publicity can be good "sometimes".

Re:Campaign failed but... (1)

ivan37 (149147) | more than 9 years ago | (#10996129)

I wouldn't doubt that that was all they were looking to get out of it. The site, makelovenotspam.com was hosted and created by a marketing company. Now why would an internet company with an entire staff of HTML, graphics, ... gurus and certainly their own server farm outsource to a marketing company? I submit that they needed some publicity and their marketing company came up with a creative way to get some.

Well crap, now we need a replacement. (4, Funny)

Anonymous Coward | more than 9 years ago | (#10996046)

I propose Slashdot's editors agree to "accidentally" incorrectly rewrite one submitted link per week to point to the site of a major spammer. It will have exactly the same effect as the Lycos DDOS screensaver, fulfilling its necessary service now that Lycos has backed out, but lack the legal risks and require no new technological infrastructure.

Re:Well crap, now we need a replacement. (0)

Anonymous Coward | more than 9 years ago | (#10996228)

good idea...

mod parent up...

I'm guessing (0, Flamebait)

chachob (746500) | more than 9 years ago | (#10996047)

Lycos couldn't handle all the bandwidth required since no one visits their site anymore... ;)

So.... (1)

EvilCabbage (589836) | more than 9 years ago | (#10996065)

... anybody got it mirrored? :D

How about an email program that does this (4, Interesting)

G4from128k (686170) | more than 9 years ago | (#10996066)

Why not build this feature into an email client (e.g. Thunderbird). When you get a spam, you put it in a special folder and the client repeatedly accesses the site (a la the Lycos screensaver). That way nobody can be cited for orchestrating a DDoS or unfairly blacklisting. Each recipient can make their own spammer determination.

Whether the client uses the exact URL in the email (which often has identification codes for the recipient of the spam or the affiliate who sent it) is a matter of debate. On the one hand, I don't want to identify myself to any spammer or show that my email is live.

On the other hand, I would want the spam site to know that using my email address will only bring it grief. As a side bonus, it might even bankrupt the site when it has to pay its spammer affiliates for all the automated clickthroughs. If a greater percentage of people clickthrough via automated means (but don't buy), it harms both the spam-marketed site (in bandwidth and affiliate charges) and it hurts the spammer when sites reduce their clickthough payment rates. I can only hope that this will cause spammer-using sites to crack down on spammers that are too aggressive.

Re:How about an email program that does this (4, Insightful)

AllUsernamesAreGone (688381) | more than 9 years ago | (#10996163)

When you get a spam, you put it in a special folder and the client repeatedly accesses the site

So how do you determine which is the right site programmatically?

Go off the email address? Won't work becasue the vast majority of spam uses forged From addresses (I regularly get bounces for spams some asshat has sent with my domain in the from:)

Write something that interprets the email headers and attacks the originating IP? Won't work thansk to the army of windows boxes running proxies to hide the real sender - you'll just end up attaching an innocent, if ignorant, DSL peon.

Write something that grabs URLs from the email and attacks that? Won't work either.. well, it will work, it just means that now all a spammer has to do is bung the URL of a competitor or someone they don't like in there and now you're doing a DDoS for them.

Pretty much any scheme you come up with has so many ways around it or possible abuses that it'd be more dangerous than the problem itself. Even if it isn't determined programmatically, relying on some degree of user interaction or target selection, it is likely to be open to abuse.

Re:How about an email program that does this (1)

Strolls (641018) | more than 9 years ago | (#10996230)

Write something that grabs URLs from the email and attacks that? Won't work either.. well, it will work, it just means that now all a spammer has to do is bung the URL of a competitor or someone they don't like in there and now you're doing a DDoS for them.

Might I refer you to Paul Graham's essay, A Plan For Spam:
"The Achilles heel of the spammers is their message. They can circumvent any other barrier you set up. They have so far, at least. But they have to deliver their message, whatever it is."

So, yes, sending out spam with an enemie's URL in it might increase bandwidth costs to that person, but it doesn't benefit the spammer. In order to make sales - the only reason the he spams in the first place - the spammer has to give out his own contact details - usually in the form of a URL.

Re:How about an email program that does this (1)

Strolls (641018) | more than 9 years ago | (#10996191)

I'd thought about something like this myself - it doesn't even have to be part of the email client.

Just write a screensaver to grep every file in a folder for URLs & download the images. Thus one points this screensaver at the maildir of "exciting commercial opportunities" which you've automatically filtered using bogfilter.

Personally, I'd get it display the images on the screen, but that's because I like filth, and I particularly enjoy the viagra advert which shows a photo of a pharmacist subtitled "My wife likes the perks of my job!"

Reverse engineer SWF (0)

Anonymous Coward | more than 9 years ago | (#10996073)

Has anyone else thought about decompiling the flash movie and modifying it to do lots of lovely things to the spammers without the help of Lycos?!

oh well, (0)

Anonymous Coward | more than 9 years ago | (#10996075)

I am surprised that a company did this first. This is perfect for a community project. Maybe attack not just spam sites, but also spam mailservers(fetched from your favourite blacklist), spam software companies...

Netcraft Reports (2, Informative)

the_mighty_$ (726261) | more than 9 years ago | (#10996077)

Netcraft is reporting this too. Check out there story here [netcraft.com] . I wonder if the fact that several Internet backbones were blocking Lycos's site [netcraft.com] had anything to do with them finally deciding to pull it. My guess is simply that this was creating too much bad publicity. Everyone was talking about how Lycos was using unethical tactics to try to stop spam. Lycos probably figured it was not worth it.

Re:Netcraft Reports (0)

Anonymous Coward | more than 9 years ago | (#10996173)

So why would backbone providers block traffic to Lycos's site? Are they making an ethical decision on part of the Internet? Are they treating this DOS like any other and were taking steps to mitigate it? Or do they have some obligation to see that spammers can continue without obstruction?

Two wrongs... (1)

Staplerh (806722) | more than 9 years ago | (#10996086)

It's cliche, but two wrongs don't make a right. Lycos had a good goal, but the ends don't always justify the means.

Future (0)

Anonymous Coward | more than 9 years ago | (#10996090)

I'd say Lycos are just getting legal advice on whether to continue- the screensaver's future lies in the hands of lawyers now. People entrusting corporate decisions in the hands of lawyers? God help 'em ;)

Join the fight! (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#10996094)

I'm developing a screen saver to DDOS porn sites, sites that enable illegal file trading, sites that promote drug use and promiscuity, and sites the promote dissent on the Iraq war, which puts soldiers at risk. I'm sure you will join the fight to remake the net in our own image and so your own sensibilities are never offended.

Since (1)

u-238 (515248) | more than 9 years ago | (#10996095)

This isn't all to complicated to concoct, I wonder if anyone will take it upon themselves to create a screensaver that does the exact same thing.

When I say anyone, I mean anyone with the basic programming capability to do such a thing. Without huge corporate liability behind his back, one anonymous vigilante could easily pull this off; and I and many others would quickly flock to his cause, this can be taken for granted.

seems like a good idea (0)

Anonymous Coward | more than 9 years ago | (#10996098)

This to me seems like a reasonable idea. Soon, no ISP will want to host a spam site if it brings with it crippling bandwidth usage. Regulation has failed to stop spam, so the only solution appears to be attacks on the machines hosting such sites.
A simple tool that ignores meta tags and redirects would be a better idea though. That way, all the bandwidth usage is centred on the server being utilised by the common criminal. With a text file listing the addresses and resource names to download, and headers matching those of a common browser, spammer's bandwidth usage and site responsiveness could be seriously degraded without them being able to distingush between genuine clients or DDOS clients. Such a tool can be created in an hour or so, and is hardly a major technical achievement (lycos did it in macromedia flash). A central server should not distribute the list of spam sites in such an instance. If users add sites from spam they recieve themselves, we can guarantee that the right abusers are being targeted. We would also likely need an exeption list to prevent common free hosts that ARE resonsive to quickly removing spam sites from being targeted immediately, and the client would have to automatically check which sites have been dead for a months periodically, and after maybe six months, remove them from the list of sites to be attacked. The problem with the above is finding some host from which to safely distribute such a client, without it being attacked by subhuman trash.
Personally, i always take the time to vist spammers sites, and fill out their form submissions to let them know my view on their crimes. If we all complain to their ISPs, and if we all ignore the rubbish they are selling and their crooked schemes, spammers will have a lot less reason to continue with their base criminality. Die spammer, die, die, die.....

Re:seems like a good idea (1)

AndroidCat (229562) | more than 9 years ago | (#10996322)

What about spammers that use relays of zombie boxes to lead to their real site? (With stupid spammer tricks to obscure the links.)

Anyone have a list of the spammer sites? (0)

Anonymous Coward | more than 9 years ago | (#10996101)

Wanna post it here?

Boy, I'm sure clicking 'post anonymously' for the first time in ages... ;-)

Finally (1)

Sv-Manowar (772313) | more than 9 years ago | (#10996102)

Finally.. lycos realise that trying to police the web will not work. Its like trying to stop car thieves by stealing their cars, and they underestimated the amount of spammers who have the money and know how to bring them trouble.

a great idea, but thats how it should have stayed, an idea.

Re:Finally (1)

u-238 (515248) | more than 9 years ago | (#10996131)

Find a quote where they claimed they would stop spam all togeter. While you're doing that, try to rationalize the notion you've proposed - that it's wrong to steal your car back from a theif.

Spammers cost hundreds of thousands to control in office environments, and waste your personal time and bandwith. There's nothing more warrented, more rational and more justifiable than volunteering your small part in retributing this injustice yourself, when the CURRENT law lacks the haste and adequacy to do it itself.

Everyone who used the Screensaver: (2, Funny)

oexeo (816786) | more than 9 years ago | (#10996106)

You do realise many spammers are from the Russian Mafia? Please don't be surprised when you find a horse's head on your pillow, and don't expect any sympathy from people who told you being a vigilante moron with the delusions of moral superiority is a Bad Thing(TM).

Anti spam from a spyware vendor? (5, Informative)

Shaper of Myths (148485) | more than 9 years ago | (#10996114)

I stopped trusting Lycos the day I started finding this bloody thing [ca.com] on my customers computers. That they tried and failed at something so shady in the first place doesn't seem like much of a surprise to me. This was just some poorly done publicity stunt, probably dreamed up in by some PHB deep in the dungeons of their marketing department.

Mod the Parent up (1)

moniker (9961) | more than 9 years ago | (#10996192)

If you have mod points, please mod the parent post up.

Lycos is only doing this to get mentioned in the media.

Lycos is a known spyware distributer/collaborator. If I had to choose between the lesser of two evils (weevils?), I would much rather have spammers than spyware. At least with Spam, I can use Spambayes.

My department has three people who support 800+ computers that need to run MSIE. Spam is a pest and an inconvenience. Spyware disables the machine and causes a lot of work when a machine must be returned to working order. There isn't one product that finds 100% of this crap, and our users aren't deemed smart enough by management to be able to use two browsers, so we are stuck with MSIE being the only browser on these machines.

Re:Mod the Parent up (0)

Anonymous Coward | more than 9 years ago | (#10996234)

Spam and spyware are joined at the hip.
Most spammers use spyware as mass remailers. Most mail administrators will tell you a lot of spam comes from home cable/dsl accounts, a majority of which are infected windows machines.

Mod the parent DOWN (1)

qadmon (239439) | more than 9 years ago | (#10996255)


You really don't 'work' in a 'department' do you? You live in your moms basemen,t don't you? You haven't seen the sky in four years ,have you? You are glad you don't live in Virginia,aren't you?
.
You make a living stealing bandwidth , don't you?
.
Your disposable.

Re:Mod the parent DOWN (1)

moniker (9961) | more than 9 years ago | (#10996289)

hehe

Bob? Bob? Is that you? [michaelawards.com]

A blog site for anti-spam endeavors.. (1)

qadmon (239439) | more than 9 years ago | (#10996122)

is sorely needed so folks can gather around and develop a solution similiar to the Lycos pardigm.

If someone knows of such a site would you please reply to this post with details?

Like others I am very interested in seeing the work(vigilantism though it be) continue since all other efforts --including the questionable 'security ' groups who are screaming FOUL.

They wish this type of activity to continue so their own 'rice bowl is not broken'. In other words they profit from the work of crackers,zombie artists and their ilk ,so naturally if us peckerheads down here in the dirt were able to solve our problems they would be jobless!

Maybe someone else can pick up the ball. (2, Interesting)

initsix (86050) | more than 9 years ago | (#10996123)

DOS'ing spammers has potential to make a serious dent in spamming revenue and actually lessen the amount of spam we see in our mailboxes. This is why spammers fought back so quickly against Lycos; they saw their bottom line being compromised. A big company like Lycos is not best organization to lead an attack against spammers because they are an easy target for spammer retaliation on the internet and have a lot to lose legally and financially.
Instead if a lose group of spam haters worked together to develop open source version of the "Make Love Not Spam" screensaver or something similar, you would end up with a much more formidable foe to spamming. The OSS version would need handle redirects (and not follow them) and would need to have a decentralized mechanism for distributing target information. If Lycos can put together 100,000 volunteers in a week or two, then it's not far fetched to see another similar open source project pulling similar numbers. Especially if it were available for both Windows and *NIX.

Re:Maybe someone else can pick up the ball. (0)

Anonymous Coward | more than 9 years ago | (#10996331)

Can the existing code Lycos has created be used?

Unethical (1, Insightful)

gone.fishing (213219) | more than 9 years ago | (#10996134)

Lycos made a major blunder with this campaign. I think it actually gave the entire computing community a black eye and am thankfull they pulled it as quickly as they did.

It worked along the same theory that "It takes a criminal to catch a criminal" does. That sometimes, you have to get down and dirty to fight back.

If the only people that got hurt by that kind of plan were the bad guys, I'd buy it. But it doesn't work that way. There is colatteral damage and often times the innocent victims outnumber the bad guys. All that traffic was sent through the internet, across innocent's routers and delayed legitimate traffic. Especially near the end where the bad guys got on the net. I would have hated to be a legit user going through the same service provider as the bad guy!

You could argue that the bad guy's ISP is partly to blame and I'd agree but things aren't that simple. There are several upstream providers and thousands of legit users that were hurt. The colatteral damage was too much.

On top of that, this action gave bad guys ammunition. They are now pretty much able to make a case that other legitamate users are using similar tactics as they are. The screensaver turned end user's computers into bots!

Two wrongs don't make a right. Thank you Lycos for recognizing this a little late but still you did figure it out.

It's worse than that (1)

Tau Zero (75868) | more than 9 years ago | (#10996319)

It would take almost nothing for the spammers to use masses of zombie-bots as proxy web sites which issue redirects to the real sites. Hitting the zombies would not cost the spammers anything, and it would be trivial for the zombies to keep lists of requesters and redirect redundant requests to targets they'd like to DoS.

The only way you could avoid this is if the zombie bots' ISP's notice huge amounts of incoming traffic and take them off-line. If this functions as a mechanism for notifying ISP's that a particular user is running a zombie, it would be all to the good; unfortunately the first step isn't perfect by itself, it's just one more step in the arms race.

Open Sourced? (2, Funny)

jarich (733129) | more than 9 years ago | (#10996153)

If Lycos really wants to make a dent and get some free PR, they should release the source... it would ported to Linux, embedded in a virus, and live forever! ;)

I know a lot of people don't agree with the concept, but I do. The law is getting better but it hasn't handled the spam problem yet. Making the business model invalid is a great idea.

Think of it as free speech... by having everyone visit the website, it's just like having an old fasioned sit in so the company can't do business.

Spamming is bad (1)

Easy2RememberNick (179395) | more than 9 years ago | (#10996161)

So the spammers were outraged that someone would do what they are doing to others?

Spammers mod points... (1)

qadmon (239439) | more than 9 years ago | (#10996186)

'pears a lot of spammers are in the crowd meta-modding up the posts that are favorable to their venue.

Why else is some of these getting a 4? Just how prevalent are spammeisters on slashdot? How much are they trying to control the attitude here?

I notice at this point most are choosing AC when they do so.

They see the battle. They know they are in for a fight. They have nothing better to do with their miserable useless life than beat upon innocent users with their ugly pink porcine slime.

I say stomp the dirty vermin out. What ever works -go for it.

Re:Spammers mod points... (0)

Anonymous Coward | more than 9 years ago | (#10996241)

I wouldn't be at all surprised if Lycos had some major backbones leaning on them whispering: Bad for business......

Re:Spammers mod points... (1)

qadmon (239439) | more than 9 years ago | (#10996270)

and I wouldn't be suprised that many nerds and geeks will say to themselves:
"Gee maybe I need to do some business with Lycos, since they are compatiable with my goals and took a shot when others did the cowards trick and stayed at home."

I liked it (1)

unixcorn (120825) | more than 9 years ago | (#10996209)

IMHO Lycos had the balls to stand up to the spammers and that is a good thing. To the people who are poo-pooing Lycos I say you are wrong. I don't think the plan backfired at all. Their method got some attention and points out that something needs to be done.

Hrmmm.. (0)

Anonymous Coward | more than 9 years ago | (#10996218)

Maybe someone will port this as a new plugin for the Thunderbird spam filter. :-)

Vigilantes = Self Righteous Idiots (3, Insightful)

t_allardyce (48447) | more than 9 years ago | (#10996235)

Vigilante really means "someone who thinks they are above everyone else and the law" which is basically the same definition as a criminal. In fact I would even go as far as to say Lycos are worse than spammers in principle - spammers don't target individuals they mail everyone they can find, and separate spam groups don't collaborate to fill your box, they are all independently adding their contribution. Vigilantes often make mistakes and because of their revenge attitude their punishment is often worse than the original crime. Take the recent Mexico City lynch mob, not only did they get the wrong people, but their burning someone to death demonstrated that they were far sicker than even the worst of those they were trying to target. Vigilantes are just wrong. Lycos should be prosecuted if they've broken the law on this, otherwise the law needs to be revised.

We can find a solution to spam and it doesn't need to involve stupidity.

Gaze into the crystal ball... (5, Interesting)

gregor-e (136142) | more than 9 years ago | (#10996237)

If someone does an OS distributed bandwidth-sucker against spammer sites, how do the spammers respond? Well, first they go with one-shot URLs that respond with a low-bandwidth 404 after being clicked once. Of course, a persistent SBS (Spammer Bandwidth Sucker) will simply go on racking up 404s, which do still cost the spammer something.

Next, the spammers will start converting all the zombie PCs they now use for distributed email attacks into web servers that provide their advertisers a distributed source of order-taking. This means that unsuspecting PC owners everywhere will soon rack up astounding bandwidth overruns as URLs that point to their PC get entered into the SBS program.

Nevertheless, an SBS does strike directly at the spammers, raising the hoop a bit higher and perhaps winnowing out the less 'professional' among them.

The only sure cure for spam, of course, is to take the battle one step further, by consuming all the resources of the advertisers directly - call their phones, request literature, place fraudlent orders with non-existant CC numbers (that, of course, pass Luhn MOD 10 checking) and provide contact phone numbers that ring forever. This will swamp them with orders that tie up their sales staff, cost them money and ultimately starve them.

The only problem with "the final solution" for spam is that it takes individual effort on a daily concerted basis. So spam endures by riding on the backs of those so clueless that they actually order products from spammers and those of us too lazy to do anything about it.

Ain't humanity grand?

Did you track the results? (5, Interesting)

0x4a6f6e43 (837256) | more than 9 years ago | (#10996272)

Call it what you want but it probably was working. I recorded a drop in spam that started last thursday and was proportional to the number of screen savers in operation. By the time it hit 104,000 savers in operation daily spam was down over 80%. I actually had three solid hours with no spam (that hasn't happened since 9/11). Historically spam rises during this time frame.

It's odd that attacking websites seemed to have dropped the amount of spam. Makes me wonder just how close the spam servers are to the spam website servers. Maybe the innocent victems we are so worried about are really the spammers.

Come on all you people - this was a probe - yack about good or evil and POST YOUR RESULTS!

What did this really do. I can't be the only one who tracks spam. Admins, what do you say?

It's already in the wild (1)

incog8723 (579923) | more than 9 years ago | (#10996285)

The software is already running. No way to stop it now. I'll bet that 50% of the people who downloaded it are happy with it, and never uninstall it.

Having said that, I think it's hubris encoded. No self-respecting company would release such illware.

one thing i've noticed (2, Informative)

m2bord (781676) | more than 9 years ago | (#10996288)

i report every piece of spam i get and one thing i've noticed since lycos announced this program is the inclusion of the nvidia.com and yahoo.com domain names as active links in the spam.

this is no doubt an attempt to direct the ddos over to innocent bystanders.

lycos is going to have to realize that the only way to stop spam is to remove the financial reward to those who do spam.

don't buy from spamvertised companies and you'll see the spam problem diminish.

The mob has tasted blood and wants more... (5, Interesting)

volcanus (837192) | more than 9 years ago | (#10996320)

For the first time, the angry mob (people around the world with email accounts) have tasted blood and they want more. "The beast is wounded, quick, go for the eyes!"

It hardly seems important whether the notion of DOS-styled retribution is appropriate or even legal - no such moral or legal considerations have managed to control people's decision to download mp3's and movies for free.

This is history in the making, and as I see it, the real story is this; we have been victims with no means of defending ourselves, while our frustration and anger grow without end. Suddenly a revolutionary appears on the scene and give us hope, showing us how we can fight back.

It's no longer an issue of whether or not we will, or should fight back - the mob has tasted blood and will have more. As far as I'm concerned, it falls to forums like this one to "think-tank" relatively responsible solutions, and I've heard some good ideas here in the last week.

We all know someone is sitting in their basement right now, pulling an all-nighter, writing the next tool of mass-retribution, fueled by strong coffee and an even stronger hatred of spam. I suggest that if cooler heads are to prevail in any manner, it will be by creating a less-malicious tool of retribution, one which attempts to focus the attacks on legitimate "military targets" by requiring manual human selection of the targets, not by letting some distributed software select the targets automatically. Better hurry, the latter approach is probably more tempting to programmers who have succumbed to the blood-lust...
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...