×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Botnet Mafia in Online Turf War

samzenpus posted more than 6 years ago | from the make-them-an-offer-they-can't-refuse dept.

Spam 266

An anonymous reader writes " The kind of turf war seen in the real world by drug gangs is being replicated by the criminal gangs behind spamming botnets, and things are turning nasty."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

266 comments

Somehow... (0, Offtopic)

s_p_oneil (795792) | more than 6 years ago | (#19112151)

I don't think this would make an exciting movie.

Re:Somehow... (2, Interesting)

PrescriptionWarning (932687) | more than 6 years ago | (#19112351)

I think it might still be better than Hackers, Swordfish, and that one with Sandra Bullock though... :P

Re:Somehow... (1)

d3ac0n (715594) | more than 6 years ago | (#19112411)

That would be "The Net". and yeah, it sucked as bas as the others, except that you got to see Sandra Bullock in a bikini sipping a martini. So it wasn't all bad.

Re:Somehow... (0)

Anonymous Coward | more than 6 years ago | (#19112683)

Swordfish has Halle Berry topless. Plus, she looks better than Sandra, so I would say Swordfish is slightly better. Though both movies sucked.

Re:Somehow... (4, Funny)

billcopc (196330) | more than 6 years ago | (#19113183)

I'm still waiting to be cast in an XXX Hackers spoof, where copying a garbage file sends the female lead on a dirty, dirty quest to get out of trouble with the sleazy fat ugly cops that pursue her.

Might as well spoof Takedown as well, where a fugitive hacker leads his asian arch nemesis on a cross-country chase through every brothel in the USA, all over a dick-length argument. They finally settle their feud in a stomach-churning scene where they both anally violate a journalist named John Warkoff.

Oh come on! When have you ever seen pr0n with a good story ?

Re:Somehow... (1, Insightful)

s_p_oneil (795792) | more than 6 years ago | (#19112659)

Well, I could be wrong. Sneakers wasn't bad, and it managed to include hackers and the mafia. ;-)

Re:Somehow... (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#19112367)

The term Mafia far too often implies Italians , Is this a poor choice of words or just an oversight?
Mafia is offensive

Yes Mafias exist in many races , cultures and religion but Mafia to many people implies Italians,anbd is unfair to them.

See dictionary definitions anywhere ..
the word mafia sends chills though many fine Italian folks and rightly so, because it is they who are far too often falsely associated with this criminal activity., Even though Mafia's of other races and countries are far more prolific and ruthless .It is all in all unfair to them
It really is a slap in the face to Italians , I blame the media and Television for much of this

Re:Somehow... (0, Redundant)

Architect_sasyr (938685) | more than 6 years ago | (#19112461)

Kind of like when you tell a Yahoo technician to google something? Or mention a petrol bowser? Get over it... noone's deliberately slandering the italian's, if anything they're acknowledging that they were the best in a particular field. It's like calling script kiddies crackers, or even going so far as to call them "hackers". It's only offensive if you want it to be offensive. Until then, get off slashdot and let me read some real information.

On Topic: Why is this news? We've been watching worms and other "malware" fight it out for the last few years... they come up with new weapons, we come up with new protections (and some of us with hats stained gray may come up with a few new weapons too ;)... same shit different day...

Re:Somehow... (0, Offtopic)

arivanov (12034) | more than 6 years ago | (#19112613)

Exactly.

It is not news yet. It will be news when it hits the streets and DDOS will be supplemented by luparas at dawn. The e-organised crime and the real crime appear to be merging more and more so one day this will happen. In fact it may already be happening, but in places where one more or one less dead body does not make anybody notice. After all on the streets of St Petersburg "Zhizn cena kopeika" as it is (and has always been).

Re:Somehow... (2, Informative)

Fordiman (689627) | more than 6 years ago | (#19112953)

Ah, get over it.

I'm actually *related* to italian mafioso (though not involved), and I don't give a half-shit about this. Mafia implies italians about as much as Nazi implies germans. It's a specific group of Not-Very-Nice people, and these days, they're of any race creed or color. Use it in that fashion and the implication fades.

No, seriously. If your offended, your oversensitive. Shut up and deal with it.

Re:Somehow... (1, Funny)

Anonymous Coward | more than 6 years ago | (#19112605)

It would probably be the kind of movie where both gangs walk up to each other rhythmically snapping, the tension building until they ultimately explode into violent "singing" at one another. Personally, I think it sounds like a gripping romp.

hai 2 u (-1, Troll)

Anonymous Coward | more than 6 years ago | (#19112159)

mexicans did wtc

Trying to care (3, Interesting)

tomstdenis (446163) | more than 6 years ago | (#19112161)

Trying to care, ..., nope failing.

As someone who doesn't have an email address anymore, I really don't care about spam in the slightest, or the battle they go over to spam people. Most of my spam, that actually made it to my inbox when I had a gmail account was in Portuguese or some random asian looking language. To me it was all gibberish [more than usual] and fleeting. But the ever presence of it [on average I would receive anywhere between 100 and 500 spams a day, with about 5-10 in my inbox] just gnaws at you. Day after day people keep assaulting your inbox, trying to take away the service from you.

And even though gmail is free, it was still MY inbox, if you know what I mean. And having these low lifes just clutter it up every day with the same foreign language bullshit nonsense was annoying.

Eventually I just deleted my account. I have a cell phone if people want to contact me. And for work I have a private email addy that my co-workers can use. Personal email is just a waste.

Tom

Re:Trying to care (0)

Anonymous Coward | more than 6 years ago | (#19112221)

To me it was all gibberish [more than usual] and fleeting.
I wondered where you got your material from.

Re:Trying to care (5, Funny)

Oligonicella (659917) | more than 6 years ago | (#19112329)

Wow! What the hell were you doing/where were you going that you got so much? I look at tits and ass online and still only get some 10-20 a day on a heavy day. Wow.

Re:Trying to care (1)

jaavaaguru (261551) | more than 6 years ago | (#19112395)

Yeah, because your email address is automatically sent to spammers when you view pictures/videos online.
</sarcasm>

Re:Trying to care (0)

Anonymous Coward | more than 6 years ago | (#19112565)

clickity clickity clickity...
I'm working on it.
- T&A Marketing geek

Re:Trying to care (3, Insightful)

tomstdenis (446163) | more than 6 years ago | (#19112409)

I posted in usenet for several years, wrote OSS software, have my email addy on my websites, etc.

My work email has yet to receive a single spam. Oh, that's because I don't use it for anything but work and it's not on any webpage.

Tom

Re:Trying to care (0, Flamebait)

Anonymous Coward | more than 6 years ago | (#19112567)

The word is "address". What the fuck does "addy" mean? Do you somehow believe that it makes you 'cooler' if you spell words wrong, or leave off chunks of them?

Re:Trying to care (1)

DeadCatX2 (950953) | more than 6 years ago | (#19113045)

Actually, in some computer disciplines it is useful to shorten long words, like address.

Say you have an address bus and a data bus. You're drawing a schematic. "Data" fits in just fine, but "address" would run into one of the two boxes. "Addy" is four letters long, just like data.

Re:Trying to care (0)

Anonymous Coward | more than 6 years ago | (#19113129)

It would be ADDR not ADDY, wtf

Re:Trying to care (3, Informative)

Anonymous Coward | more than 6 years ago | (#19112701)

You're lucky then. All it takes is for your address to end up in some other person's email client, and they become infected with a spam harvester bot of some kind. It's not as if you even have to communicate with that person. Some fool can forward a crap joke to everyone they know, chances are they won't use bcc:, resulting in your address being sent to a fair number of people.

 

Re:Trying to care (1)

Aladrin (926209) | more than 6 years ago | (#19112561)

Those of us with REALLY old addresses get spammed incessantly because there was a time when it was safe to post your email address anywhere. My oldest (still working) address has been moved to gmail's hosting. It clears the spam automatically after 30 days, and there's 2,962 pieces of spam in there right now. That's almost 100 per day for an account I barely use now, and didn't use AT ALL for about 8 years. (Started actively using it again a few months ago.)

Re:Trying to care (1)

ClintJCL (264898) | more than 6 years ago | (#19112589)

I've had the same email since 1993 and it is publically posted in 1000s of places..... I still get less than 50 spams a day.

Re:Trying to care (1)

asninn (1071320) | more than 6 years ago | (#19112675)

Two things: a) leave your email address on the web somewhere (spam spiders WILL pick it up eventually), and b) give it time (the more your email address is traded around, the more spam you will get). Also, if you change email addresses, c) have your old address forward to the new one in case someone still uses the old one. Oh yeah, and d) register one or more domain names and set up a catch-all address for them that collects email sent to non-existant accounts.

I get about 3000 spam mails per day, of which about ~10 or so make it to my inbox on average. I could get rid of - I'm guessing - 90% of that by disabling my old email addresses' forwarding, but I don't want to close that door just yet; nobody's used those addresses in years, but they still MIGHT float around somewhere, and even though my new one can easily be figured out if google my name (no, not "asninn", so you don't have to try that), I want to make sure that I can still be reached. It may sound strange, but I take a certain pride in the first email address I ever got still working and (valid) email sent to that still reaching my current inbox.

Re:Trying to care (2, Funny)

medraut (136992) | more than 6 years ago | (#19112385)

Until one of your coworkers turns out to be one of the eevil spammers! Then we'll watch you cry.

Medraut

aren't you special? (4, Insightful)

ClintJCL (264898) | more than 6 years ago | (#19112633)

You come off as an asshole. Just letting you know.

P.S. Some of us need personal email and have relied on it heavily for 15 years.

Re:aren't you special? (2, Interesting)

tomstdenis (446163) | more than 6 years ago | (#19112765)

Part of my point was that we don't really need e-mail. It's just nice to have. Just like cell phones. Given that my email was turning into a never ending headache, and I can totally live without it, the smart choice was to just ditch it.

We shouldn't get too worked up over botnets fighting.

Re:aren't you special? (0)

Anonymous Coward | more than 6 years ago | (#19112837)

Agreed, some of us need personal email.

But I have a personal email addr and haven't received a single spam for about 8 or 10 years now. What are people doing to be getting spam any more?

I got some on my previous email addr, which I had published clear on usenet in the days before there WAS spam. But I learned my lesson, got a new addr, and have been spam free ever since. It's very easy to not get spam, so I'm surprised *anyone* gets spam any more.

Re:Trying to care (0, Troll)

Ash Vince (602485) | more than 6 years ago | (#19112777)

So you won't mind if I post your email address (shown in your message header) after removing the spam obfuscation then?

I really did consider doing this (especially since its a Gmail one and you probably wouldnt have got any spam anyway) but decided that giving the spammers one more email would just result in extra crap flying round the wires of the internet, even if it did never get anywhere you could read it.

Re:Trying to care (3, Funny)

spazmolytic666 (549909) | more than 6 years ago | (#19112795)

I would receive anywhere between 100 and 500 spams a day...

How did this get a (Score:4, Interesting)? Dude, here's a free clue, stop signing up for pr0n with your email and you wont get the spam.

Re:Trying to care (1)

backwardMechanic (959818) | more than 6 years ago | (#19112895)

Because the spammers know your work email address is different, and wouldn't want to bother you there? It's my work email that I have a bigger problem with, because it's the most useful to be able to post around. I want to put my email address on papers and posters, because someone interesting might contact me. I want to have my email address on my home page for the same reason. I certainly don't want to post my cell number in the same way. It's true that email isn't necessary, but it's certainly very useful.

Re:Trying to care (1)

LordEd (840443) | more than 6 years ago | (#19112913)

If you really did delete your account, you aren't getting it back because gmail says it is in use. I had to check because dropping your email address can be dangerous if your accounts are tied to it. (see password change [slashdot.org].

Re:Trying to care (1)

tomstdenis (446163) | more than 6 years ago | (#19113025)

No, what I think happened is when you delete an account google doesn't let anyone else use the name. Because it was "taken" 30 seconds after I deleted it. Google would be stupid to let others re-use usernames.

Tom

Re:Trying to care (4, Insightful)

inviolet (797804) | more than 6 years ago | (#19113043)

As someone who doesn't have an email address anymore, I really don't care about spam in the slightest, or the battle they go over to spam people.

You do realize that the costs of spam mitigation are all passed on to you, in the form of higher prices for gadgets, for professional and financial services, and eventually for everything else? Or do you not care about that either?

By the way, now that we are out of the Grunge era, it is no longer automatically cool to not care about such things.

Botnets and MACS (-1, Troll)

Anonymous Coward | more than 6 years ago | (#19112167)

I don't want to start a holy war here, but what is the deal with you Mac fanatics? I've been sitting here at my freelance gig in front of a Mac (a G5 w/1 Gig of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Mac, the same operation would take about 2 minutes. If that.

In addition, during this file transfer, Safari will not work. And everything else has ground to a halt. Even BBEdit Lite is straining to keep up as I type this.

I won't bore you with the laundry list of other problems that I've encountered while working on various Macs, but suffice it to say there have been many, not the least of which is I've never seen a Mac that has run faster than its Wintel counterpart, despite the Macs' faster chip architecture. My 486/66 with 8 megs of ram runs faster than this machine at times. From a productivity standpoint, I don't get how people can claim that the Macintosh is a superior machine.

Mac addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a Mac over other faster, cheaper, more stable systems.

ISPs have to be the solution (5, Interesting)

sherriw (794536) | more than 6 years ago | (#19112185)

Time for ISPs to stop being so nicey-nice about this.

1) Send an email to all customers saying that the ISP will begin choosing a random day (say every 3 months or so) to scan for infected computers churning out email.
2) On that random day (random so the spam bots won't be programmed to be silent on that day) the ISP shuts down outgoing mail for all infected computers on their network.
3) Customer who can't send mail is irate and calls ISP tech support hotline.
4) Tech support says: we warned you... please follow these virus removal instructions and install/update your anti virus software.

Bam problem solved. People who keep getting blocked every 3 months will quickly learn to take better care of their computers. Along with the customer's invoice the ISP could send an information sheet with prevention and removal instructions.

Maybe governments can give ISPs a little financial help for doing this?

Unfortunately I don't see any other solution other than tough-love.

Re:ISPs have to be the solution (5, Funny)

tomstdenis (446163) | more than 6 years ago | (#19112215)

Can't have that. People can't be held responsible for what goes on in their computers. After all they're big magical boxes and the public is just so stupid.

I think this is a problem only MSFT can solve.

Tom

Re:ISPs have to be the solution (0)

morgan_greywolf (835522) | more than 6 years ago | (#19112343)

I think this is a problem only MSFT can solve.


And what, exactly, about MSFT's previous security track record makes you think that they can solve it? Note that it isn't a technical talent issue, but a managerial issue (i.e., gotta spend money on new stuff [revenue generating tasks], not on fixing old stuff)

Re:ISPs have to be the solution (2, Funny)

d3ac0n (715594) | more than 6 years ago | (#19112439)

-1 for missing the sarcasm.

Although I suppose he should get -1 for not using a /sarc tag.

-1's all around! Whee!

Re:ISPs have to be the solution (1)

tomstdenis (446163) | more than 6 years ago | (#19112443)

Dude, sarcasm. I think this is a problem that people should solve by taking responsibility for their actions. But that will never happen because as a society [e.g. as a whole] we have the maturity of a three year old.

Tom

Re:ISPs have to be the solution (4, Informative)

Richard W.M. Jones (591125) | more than 6 years ago | (#19112225)

I don't know about the rest of the world, but in the UK ISPs routinely cut off people if their machines are spewing spam (or other malware). The first thing most users know is when any web page they try and visit takes them to an ISP page telling them to run some malware scanning software.

Rich.

Re:ISPs have to be the solution (1)

CastrTroy (595695) | more than 6 years ago | (#19112569)

I haven't heard of much of that happening on the other side of the pond. It is a good idea though. However, I think there would be a lot of backlash, as North Americans feel it is their god given right to have internet, and will probably cause a lot of legal trouble for the company cutting them off. It's much like trying to take someone's drivers license away. Even if they have been charged multiple times with drunk driving, they are able to get their license back, because it's something they "need". In some situations a car is needed, but if you continually show that you aren't going to be responsible, then you really think you have the need for a car.

Re:ISPs have to be the solution (2, Insightful)

Richard W.M. Jones (591125) | more than 6 years ago | (#19112725)

Even if they have been charged multiple times with drunk driving, they are able to get their license back, because it's something they "need". In some situations a car is needed, but if you continually show that you aren't going to be responsible, then you really think you have the need for a car.

I'm not sure I'd compare this to drunk driving. If you drive drunk then you had a choice, and clear responsibility not to do that. On the other hand grandmothers buy Windoze computers to type out emails to their dear beloved grandchildren. It's hardly the grandmother's fault that the computers are built so badly that they easily get infected through ordinary daily use. The responsibility and liability should be with the manufacturers of the software who ignore (what should be) standard practice.

Rich.

Re:ISPs have to be the solution (2, Insightful)

CastrTroy (595695) | more than 6 years ago | (#19112785)

But MS gets very little grief to fix it, because the users don't experience any direct problems. Those who know what they're doing, including Computer savvy people and network admins for large companies will put the proper measures in place to protect against potential problems, just as their would with any OS. But as long as grandma is still able to send email, then she is happy. It might be a little show if her computer is part of a botnet, but she's still able to do her work. If the ISPs start to cut enough people off, and telling them why, then maybe MS will start to have to make home machines without any ports open by default.

Re:ISPs have to be the solution (2, Insightful)

@madeus (24818) | more than 6 years ago | (#19112927)

I agree that software companies should be more responsible than they presently are (and that software doesn't do what it could to keep users safe), but it's ultimately a toss up between an OS thats horrible and frustrating to use (e.g. Vista style constant nagging whenever you try to do anything) and just relying on users common sense. When you do get to the stage of having constant blocking and / or popups during normal use, those messages lose their effectiveness, because users click right through them (power users and novice users alike).

When users get infected with malware, it's because they invariably did something foolish (like downloading something clearly dodgy, or being lazy and not keeping their computer up to date and dismissing all those 'it's time to upgrade!' dialogs it keeps bringing up).

I think it's impractical to have an OS with the flexbility of a Mac OS, Windows or Linux desktop and have the computer to be able to tell what's harmful behaviour and what isn't. That's the sort of thing advocates DRM in the hardware and the OS tout (quite reasonably) as one advantage of signed software. Personally, I'd rather not go down that route, and would rather expect people to exercise some common sense. They will soon learn if you restrict their net access when they misbehave.

As I mentioned though, that's not to say desktop OS's couldn't strike a much better balance without being too disruptive (or in the case of Vista, less disruptive).

Re:ISPs have to be the solution (1)

CastrTroy (595695) | more than 6 years ago | (#19113185)

I can think of a few instances where it's not the user's fault. If you install windows xp, no service packs, because that's what came with your computer, and you aren't behind a router or any other firewall, then the computer will become infected before you can even download the updates. Even if the only thing you do is go to the windows update site to do the updating. That's a pretty sad state of affairs. It's something MS needs to fix. There should be no open ports by default on any machine they sell, even the servers. It should be something that explicitly needs to be turned on.

Re:ISPs have to be the solution (1)

mpe (36238) | more than 6 years ago | (#19113011)

It's much like trying to take someone's drivers license away. Even if they have been charged multiple times with drunk driving, they are able to get their license back, because it's something they "need".

IIRC it is also possible, in the US, for people to lose their license for reasons unrelated to driving...

In some situations a car is needed, but if you continually show that you aren't going to be responsible, then you really think you have the need for a car.

Even in the US there are plenty of places where a need for someone to have their own car is hard to demonstrate.
One way in which this analogy fails is that no-one has to pass even the most basic of tests before connecting a computer to the Internet.

Re:ISPs have to be the solution (3, Insightful)

PeeAitchPee (712652) | more than 6 years ago | (#19112381)

People who keep getting blocked every 3 months will quickly learn to take better care of their computers.

It's a great theory, but in practice, I'm afraid that your average lazy consumer will simply switch to another (non-blocking) ISP who will happily take their money. 99% of the computer users out there don't even know what a spam bot is (unless they can regurgitate some buzzword from a commercial they saw), let alone how to fix a crippled PC. Your strategy only works if all the ISPs agree to it, and that ain't gonna happen.

Let's face it -- it's time for a new and improved mail protocol.

Re:ISPs have to be the solution (4, Informative)

asninn (1071320) | more than 6 years ago | (#19112715)

I'm not so sure about that. Yes, people are lazy, but switching to a different ISP is more of a hassle than running a virus/malware scanner; even if you're really computer-unsavvy, you'll probably have a child, sibling, cousin or friend who knows a bit more about computers and can do it for you.

And I still haven't seen any mail protocol proposals that would both cut down on spam in an effective fashion as well as not interfere with legitimate mail and not violating non-technical requirements like privacy etc.

Seriously, spam is a semantic problem, in a way; something that is spam for one person or in one situation need not be spam for someone else or in another situation. I'm signed up for a handful of company newsletters informing me about special offers etc., for example, and those aren't spam (since I signed up for them), but if I received them without having signed up, I'd definitely consider them spam. How is a mail delivery protocol supposed to be able to distinguish between these situations?

Re:ISPs have to be the solution (1)

TheRaven64 (641858) | more than 6 years ago | (#19112761)

Then make it a legal requirement (either via a new law or ideally as part of every peering agreement) that the ISP will take action to prevent spam and malware being sent over their network. Then start cutting off the ISPs that host the botnets from the backbones for violating their peering agreements. The average lazy customer who can be bothered to switch to an ISP which doesn't block them for being in a botnet will find that their ISP no longer provides access to the Internet.

Re:ISPs have to be the solution (2, Insightful)

PeeAitchPee (712652) | more than 6 years ago | (#19113123)

Then make it a legal requirement

Yeah, that's what we need -- more laws regulating the Internet. You know, 'cuz the ones we have already work so well.

Re:ISPs have to be the solution (0)

Anonymous Coward | more than 6 years ago | (#19113005)

Good. Let them all flock to the reducing number of non-blocking ISP's. Then everyone else can block them with much fewer rules. Sort of like when AGIS got majorly blackholed for hosting Spamford and Walt.

Re:ISPs have to be the solution (1)

master5o1 (1068594) | more than 6 years ago | (#19112481)

This might be against privacy laws and/or privacy policies. This will make it hard for ISPs to actually do anything. I do suppose they can monitor the traffic through their system and determine spam and kill it.

Wrong answer. (-1)

Anonymous Coward | more than 6 years ago | (#19112493)

Home systems running Windows, run by morons, aren't the problem.

Go look at some blackhole lists and see where the real problem is - ask yourself why entire datacenters are blacklisted.

Clueless fools failing to update Windows on a DSL connection do shit with regard to the output of spam. The real problem comes from clueless fools failing to update Linux on an actual pipe.

If you're a spammer, who do you go after? The idiot with 128K up running XP, or the idiot with 100M up who hasn't patched PHP in about three months?

Re:ISPs have to be the solution (5, Informative)

TeXMaster (593524) | more than 6 years ago | (#19112509)

Oh I'll just love it when my ISP blocks my internet connection because I just sent a patchset by email to a *-devel list for peer review.

I know the good intentions and all that, but seriously, I'm already pissed enough at my ISP (Tiscali.it) that doesn't allow me to send more than 3 consecutive emails.

So either implement this kind of stuff with a proper way to tell spam sending from acceptable mass mailing, or be ready to handle hordes of very angry customers.

Re:ISPs have to be the solution (1)

SolemnLord (775377) | more than 6 years ago | (#19113151)

Why not offer an opt-out option for the scan? The user calls (not emails, obviously) the ISP, explains/justifies their need to mass mail, and gets on a white list. Of course, I can see a couple pretty big flaws in my suggestion (before anyone posts that spam-fighter's checklist):

1. Joe Pwnedcomputer finds out about this feature, and bitches and moans until the ISP relents.
2. Bob Callcenter really doesn't care, and will whitelist any user who calls in.
3. Some third thing.

Re:ISPs have to be the solution (-1, Troll)

Anonymous Coward | more than 6 years ago | (#19112541)

There is an easier way that doesn't punish responsible users: Simply drop all outgoing SMTP traffic from windows computers.

Re:ISPs have to be the solution (2, Interesting)

liledevil (1012601) | more than 6 years ago | (#19112563)

XS4all, one of the first and biggest ISP's in the netherlands, allready does this but not once every 3 months, but every single day.
as soon as they find your internet connection is scanning or sending spam you will get blocked from having full access to the internet.
Instead you can browse via a proxy, and once you have take serious measures so no more scans/spams are started from your connection you will be unblocked.

Faced this issues several times now when people didnt secure their machines enough, no anti-vir, anti-mal etc, but must say it works smoothly, you get a proper page when you are trying to browse without the proxy informing your connection has been "filtered" and that you need to take measures to prevent this in the future.
It all comes with a good helpdesk offcourse, where the technicians are able to judge whether the measures taken really have effect.

Re:ISPs have to be the solution (1)

Anonymous Cowpat (788193) | more than 6 years ago | (#19112611)

Which will work beautifully until month 6, at which point disgruntled customers will instruct their banks not to honour any further direct debit mandates from the ISP and organise paying ONLY for the days during which they received service. Between the lost income and the insane administrative headache of dealing with cancelled direct debits and partial payment of bills, it'll cost the ISP's big time.

Any policy which tries to penalise average customers for what someone else illegally does with their computer will go down like a lead balloon inflated with osmium.

Re:ISPs have to be the solution (1)

thomasdn (800430) | more than 6 years ago | (#19112689)

Time for ISPs to stop being so nicey-nice about this. ... Bam problem solved....
Nope. Many ISPs are not so nice. Most ISPs in my country simply blocks all outgoing TCP traffic on port 25. If customers want to send e-mail they can use the ISPs smtp server; use webmail; or use some custom smtp-server with SSL (different port). ISPs in my country do this because they do not want to get blacklisted on spamhaus or lists like that. Hmm... But then the problem should be solved, right? Nope. Because my country is not the problem. My country has a well developed IT business. The IT business in my country makes a lot of money. Also they loose a lot of money on spam. Thus it is in their interest (and our government's interest) to stop spam. So not much spam is coming from my country. The problem is other contries. Countries who do not have an established IT business -- and thus a government that does not care much about the problem. This is where most spam is coming from.

Maybe governments can give ISPs a little financial help for doing this?
Hmm... Nope. The government in the countries the spam is coming from does not have benefits from stopping spam. Thus, they do not want to pay companies for doing this. In the more IT-focused contries the government does not need to help the ISPs financially. The ISPs are already loosing too much money on spam; so they are trying to stop it.

Re:ISPs have to be the solution (5, Funny)

powermacx (887715) | more than 6 years ago | (#19112691)

Well, here in Argentina the first answer when you call tech support to complain your connection isn't working is: "You've got spyware. Reinstall Windows and install an up to date antivirus+antyspyware".

Of course, when I answer: "Er... I have a Mac" the answer is "Uh... I don't know... did you try restarting?"

Re:ISPs have to be the solution (1)

klubar (591384) | more than 6 years ago | (#19112817)

Actually a fair number of employer now require that employees install anti-virus software on home machines if employees are accessing work resources. Most corporate anti-virus subscriptions include home use, so it's all bundled in the employer's package. Typically these are installed as part of the VPN software so enforcement is easy. It really does cut down on the crap on home computers and could be considered an employee benefit.

Minor problem is that macs are typically not included in corporate VPNs, so evil corporate IT departments have another reason to exclude supporting macs.

that would help for about 1% (0)

Anonymous Coward | more than 6 years ago | (#19112863)

Sure, ISPs here blocking out email from their clients would be useful, but really not for a very large portion of the spam that traverses the internet. Most spam originates overseas. And good luck selling your idea to an ISP that doesn't speak English (or doesn't want to admit to speaking English).

It's a business (1)

harry666t (1062422) | more than 6 years ago | (#19112883)

We should THINK for a while.

Why are these spammers investing in creating spam bots, fighting each other, keeping their botnets alive and well, etc?

Because IT PAYS OFF.

Someone actually *does read* this fsckin' spam and clicks these damn links, and possibly even *buys the products they're advertising*.

Else, there would be no point in collecting a DB of email addresses, maintaining botnets, and so on.

It's a business, and I guess it brings *much* money.

Re:ISPs have to be the solution (1)

WhiteWolf666 (145211) | more than 6 years ago | (#19113081)

Why every 3 months?

Why not daily? Why not constantly?

You should not be permitted to spam people from your hardware, regardless of whether or not you actively installed the spamware. If your computer is polluting the internet, it should be disconnected. End of story.

If this bothers you, a) stop getting infected, or b) switch to an OS that doesn't get infected.

Let's have ... (4, Funny)

WrongSizeGlass (838941) | more than 6 years ago | (#19112233)

... Botnet Wars! They can infect systems and fight it out in the process table.
"Watch out! They just spawned a thread that has access to your virtual address space! Protect your data registers!"

Re:Let's have ... (1)

jonwil (467024) | more than 6 years ago | (#19112445)

For some reason your post made me think of TRON. I can almost picture different bots fighting it out on the Game Grid...

Where will there HQs be? (4, Funny)

master5o1 (1068594) | more than 6 years ago | (#19112245)

Will they be in the typical Pizza shop website? something like www.donluigi-pizza.com (and donluigi-pizza.org for eGangster login)

Cash Rules Everything Around Me (3, Interesting)

packetmon (977047) | more than 6 years ago | (#19112275)

Browsing through some of the posts here, I'm seeing how people tend to forget the financial aspect of botnets. Spam, malware is big business (obviously) so its no surprise that can become the online equivalent to a Columbian drug war without the murders and guns. There is huge business in bots and whats sad is, the low man on the totem pole is often some American company who's advertisements are being spammed (for the spammers). Vint Cerf stated there are millions of infected machines, I don't know about those numbers, but I can tell you that if I was involved in (dis)organized crime, why should I re-invent the wheel when I could re-program my own bots to take over others' cruddily created bots. This falls in line with a document I wrong (Ubuntu and the Destruction of the Internet [infiltrated.net]) where my logic is, "are you sure you want grandma using Linux"?... With e-Criminals getting savvier, how long will it be before the Internet truly becomes the Wild West... Some may think its not a big deal, but when there are finances involved, that can escalate to physical crimes (shootings, murder, etc.) and its happened a few times where (dis)organized idjits stealing e-money from games were caught up in real life incidents for stepping over "turf".

Re:Cash Rules Everything Around Me (0)

hometoast (114833) | more than 6 years ago | (#19112673)

[blockquote]This falls in line with a document I wrong[/blockquote]

appropos typo?

Re:Cash Rules Everything Around Me (0)

Anonymous Coward | more than 6 years ago | (#19112709)

I just read your article, and it's horse poo. Yeah, you can typically fuck up a system pretty badly when you're using the administrator's account. But it's actually gaining access to that account that's problematic.

In your article, you speak of a grandma using Ubuntu. Let me just say, there's no reason for grandma to ever have to manually run anything from the root account. Never. When it comes to installing applications, for instance, it's very easy to get APT to install them to a hierarchy within her home directory, rather than under /usr. It's probably best not to even tell her the root password. So your little add-an-account-send-some-spam plan won't work that way.

Of course, we wouldn't set grandma up with an Ubuntu system. We'd go with OpenBSD. It offers essentially the same functionality as Ubuntu, but with a far higher level of security. It's extremely, extremely, extremely rare for an OpenBSD system to be rooted.

Wellll PR of Kaspersky again? (0)

Anonymous Coward | more than 6 years ago | (#19112291)

give me a break...

We're doomed (4, Funny)

giafly (926567) | more than 6 years ago | (#19112311)

The really organised criminals will be using exactly the same techniques to evade capture and to protect the business of criminality as is seen in the drugs war. You can be sure that while sacrificial lambs get jail time, the gang bosses and the real botnet builders will continue to prosper. Until, that is, law enforcement, the judiciary and governments around the world start to take the spam problem as seriously as they do the drugs one.
We're doomed

The Same Solution for Both Gangs (0, Flamebait)

flyneye (84093) | more than 6 years ago | (#19112337)

The same solution for both gangs will work.
(the obvious first choice is to shoot them in the head)
Incarcerate cheaply,hard manual labor(road gangs)to ease the burden of incarceration on the taxpayer.
No early parole,10 years.1st offence.

Oh noes! There goes my megahurtz. (0)

Anonymous Coward | more than 6 years ago | (#19112345)

As long as they don't steal my megahurtz, let them duke it out.

I guess they could hack into the military and play some global thermonuclear war.

Actually I wonder how long it will take before someone gets 'shutdown' in real life.

biggest botnet.. (-1, Troll)

Anonymous Coward | more than 6 years ago | (#19112467)

of them all is SETI@home, it has been set up by Aliens themselves ;)

I did spam myself once... (1)

master5o1 (1068594) | more than 6 years ago | (#19112529)

But that was an accident when I was learning how to use the mail function in php .. using my Ubuntu desktop with LAMP. Oh the sexness of the 183 emails from "jason@iam5o1" to my gmail ... and they kept coming for 2 days (while gmail processed?).

Botnets blowing each other up? (2, Funny)

Arancaytar (966377) | more than 6 years ago | (#19112631)

Yay! I'll get popcorn!

Oh wait, that also means the tubes get clogged. Dang it.

Oh Noes! (1)

AltGrendel (175092) | more than 6 years ago | (#19112723)

I hope this doesn't spill over to any MMORPGs. Things could get really ugly if that happens.

Re:Oh Noes! (1)

CFBMoo1 (157453) | more than 6 years ago | (#19113121)

Hate to tell you but thats already happening with in game currency sails. Blizzard Entertainment I heard by word of mouth is fixing their trial accounts to prevent spamming more. Trial accounts won't get whisper and mail features in game. I didn't check the latest patch notes for WoW, but thats the latest I heard. Not sure whats happening in other games cause I can only justify paying to play one MMORPG at a time.

Re:Oh Noes! (1)

Sobrique (543255) | more than 6 years ago | (#19113177)

Erm. Actually, 'farming cash' in MMOs is a pretty big business. I don't think there's a single one out there that doesn't have 'macros' and 'farmers' who basically make in game cash, and sell it on their websites for RL cash.

In the MMOs where it's possible to interfere with the other guys operations, then you'd better believe it's happening. Of course, you've also got a very high prevalence of 'account hacking' going on - an MMO character can be suprisingly valuable if resold on ebay, as can in game 'assets'.

Of course, the games in question have their weapons against it, banning accounts and IPs and stuff, but ... well, much like spam - if there's someone prepared to buy, then there's someone else prepared to sell. Especially in places where the 'average wage' doesn't compare very well to the amount of money generated in a few hours of 'work' on the MMO in question.

PGP is your friend (4, Insightful)

oliverthered (187439) | more than 6 years ago | (#19112727)

If people actually started using the tools that have been available for years and signed their emails it would be a lot easier to spot the ones sent out by spam bots.

It's amazing how hard it is to get a company to send you a signed email to prove who they are and even harder to send an encrypted email containing personal information to them even though everyone knows how insecure email it.

Lazy Government,
Lazy Companies,
Lazy Consumers.
The tools are there for free and have been for years.

End the War On Botnets (3, Funny)

Cyryathorn (6591) | more than 6 years ago | (#19112743)

Obviously, the War On Botnets has failed. All the War On Botnets has done is created a lucrative enterprise for organized crime. We need to legalize botnets, so that botnet operators can finally come out of the shadows. Also, once legalized, we can tax botnets -- this way, botnets become an income generator for the government, rather than a black hole of enforcement dollars. The police can then better spend their time tracking down *real* criminals.

Sadly, I am out of mod points (0)

Anonymous Coward | more than 6 years ago | (#19113191)

Consider this a poor substitue for a (+1, Funny) mod.

fix the cause not the symptom (0)

TTL0 (546351) | more than 6 years ago | (#19112861)

Until, that is, law enforcement, the judiciary and governments around the world start to take the spam problem as seriously as they do the drugs one.
a) The war on drugs is a miserable failure. So please find another parable.

b) the whole enviroment that these people thrive in is made possible by MS Windows and its' horrible security. why don't we start screaming about fixing the root cause of the problem ?

This will eventually be solved on its own (3, Interesting)

gunnarstahl (95240) | more than 6 years ago | (#19112921)

Relax and wait. Over time, ISPs will start to get seriously annoyed by this waste of bandwidth. As soon as customers start calling and complain about their crawling download speed, ISPs will have to start to act.

And ISPs who act against it will finally gain a reputation for providing being spam-free services. Just regularly call your ISP and complain about that they don't filter the spam.

For me having about 20-30 junk mails in my inbox per day isn't really much trouble. T'Bird does a fairly good job detecting them. And if it really starts to bug me I will install something like spamassassin on my server. So, who cares.

Don't get me wrong: I just hate this stuff like everyone else. But even wasting thoughts on it is useless.

Yt,

Gunnar
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...