Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Spam and the Law Conference Report

Posted by CowboyNeal on Thu Apr 08, 2004 07:39 PM
from the frank-and-open-exchanges dept.
Spam Government The Courts News
Cowards Anonymous writes "The Guardian has a story about a spam and law conference, recently held by the Institute for Spam and Internet Public Policy, in San Francisco. The conferences are usually attended by anti-spammers, from the major ISPs, and spammers; and are an attempt to bring the two sides together. The article's author notes 'It's oddly intimate, watching the spammers and the anti-spammers mill around each other like this. It feels like a temporary ceasefire in a vicious war that to most of us seems to be a stalemate.' Also in attendance was infamous spammer Scott Richter, or 'high volume email deployer' as he wished to be called on his recent Daily Show appearance. Surprisingly the anti-spammers didn't tear Richter to pieces with their bare hands."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Spam and the Law Conference Report 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • I've got lots of ammo.... (Score:5, Funny)

    by Jason Straight (58248) on Thursday April 08 2004, @07:41PM (#8810751) Homepage
    And I'm waiting for spammer season! :)

  • Have any ideas to share? (Score:2, Funny)

    by Anonymous Coward
    Scott wants to hear from you. Drop him a note [mailto]!

  • "High Volume Email Deployer" (Score:4, Funny)

    by Slashdot Hivemind (763065) on Thursday April 08 2004, @07:43PM (#8810767)
    Wow. Spam AND bullshit management speak. How many reasons to kill(sorry, terminate with extreme prejudice) him do we need?
  • i let it gather to about 100 emails in my inbox, then i forward each of them individually to every address that sent it.

    • Re:What i do with spam (Score:5, Informative)

      by ObjetDart (700355) on Thursday April 08 2004, @07:57PM (#8810884)
      I don't understand...what good does this do? Virtually all reply-to email addresses in spam are bogus. The only thing in the entire message that is real is the link to the site they are promoting. If you want to DOS the spammer, go after the site, not the bogus email address.

      • Re:What I do with spam (Score:4, Insightful)

        by azav (469988) on Thursday April 08 2004, @08:08PM (#8810952) Homepage Journal
        As long as SOME reply-to addresses are bogus, it means that the method is useless.

        Also, since these spammers are proceeding with illegal activities in the first place, why would we even THINK that they would obey the new opt out rules and not resort to "they replied so it's a valid address to spam"?

    • i let it gather to about 100 emails in my inbox, then i forward each of them individually to every address that sent it.

      No you don't. You don't know the address that sent your spams.

      All you can do is reply to some forged address that the spammer wants you to think the email is from.
    • its funny that i wrote this hoping to get a funny mod point...and so far its got 70% Insightful 30% Interesting anyone with a mod point want to achieve a goal of funny,interesting,and insightful?
    • if the return addresses were actually valid and the person who's e-mail address you just blasted had any possible means to prevent someone from "spoofing" their e-mail address.

      Ben

        • If nobody has access to your email address then they by defanition cannot spam you

          Also by definition, nobody can email you. Not a great solution. And if you think you can keep it private by only giving it to select friend, you had better make sure none of them ever touches a Windows box, uses a CC instead of a BCC, ever uses a mail portal to check their messages, or does any number of things that can potentially put your email out in the wild. Anyone with a real solution to spam should be able to giv

    • What you need to do is forward all of them to uce@ftc.gov. If you live in the US, let your taxes work for you. They have filed charges against some spammers.
          • No, no they don't. They can forge the address easily, it doesn't require any access to anyones system, nor does it even require the forged address to exist. I have gotten spam from forged non-existant users on my system, and I, on rare occasions, also get bounces from spam sent with forged headers claiming my address, yet my mail server and home computers are quite secure, and have not been compromised.
  • I'd be interested in still pics or short video clips of Richter and his buddies. Did anybody snap any?

  • Scott Richter: A "Good" Spammer? (Score:5, Interesting)

    by LostCluster (625375) * on Thursday April 08 2004, @07:46PM (#8810796) Homepage
    Well, true, spammers are among the lowest forms of human life and deserve the status. However, at least Scott Richter is willing to do something that most other spammers won't... admit that he does it and is willing to talk about it.

    Let's face it, he's willing to explain his motivations and disclose his tactics. Most spammers take great lengths to hide their identity, and are scared to even tell their family what they do for a living. Even if we don't like what he does, at least he's willing to help us attempt to understand the problem. If anybody proposes an anti-spam system, he'll at least do us the favor of pointing out how it's not going to work before we waste our time on it.

    • Re:Scott Richter: A "Good" Spammer? (Score:4, Funny)

      by Naffer (720686) on Thursday April 08 2004, @07:50PM (#8810829) Homepage Journal
      Yesterday I received 144 pieces of Spam. Taking into account that there are 1440 minutes in every day, I get a piece of spam every 10 minutes.
      My current total is 18,212 pieces since 11/19/2002. 8,000 of which arrived just since the begining of January. If it wasn't for SpamBayes, I probably would have abandoned email altogether by now. These guys are rubish.
    • Ok they need to be able to send spam... Make them pay for it... fire up a mail hub that spammers user to relay mail from... charge them for bandwidth and "remote" storage of their mail to be givin to ISP's that do not reject spam in general (Wanting it to stop because it takes up significant resources rather than for customer service reasons)... Right now its a Screw the ISP deal for sending Spam... ISP's loose out in the spam war from costs to "deal" with it.. Would he object to this rational? Probably bec
    • However, at least Scott Richter is willing to do something that most other spammers won't... admit that he does it and is willing to talk about it.

      What are you talking about? Lots of spammers are willing to admit what they do, to an extent. They admit that they send unsolicited email advertising. They won't admit, however, that they break a number of laws when doing it, because they don't care that they're breaking the law. They won't admit that they deliberately circumvent spam filters so that people
      • I don't like spammers anymore then you do, but are you sure you want to make a death threat? That just opens you up to a huge host of problems that you might not want to deal with. If I was Scott Richter, and I read this, then I would not take a death threat lightly. It wouldn't matter how many I got, I would still report it to the cops, just in case. If he died, how would you like the cops knocking on your door the next day?

        Think carefully about what you post, this will stay around for a long time.
        • I'm sick of pussying around with spammers. They've enraged me to the point where I will make serious statements like that. I mean it. I do believe that he and all other email spammers deserve to die. However, I am not going to actively seek out Mr. Richter, Alan Ralsky or any other known spammer. I have better things to do with my life.

          Yes, I'm a little psychotic about it. I have my reasons.

          As for what happens if he dies tomorrow, I'm never in a situation where I wouldn't be able to show that I was
    • In some ways (SOME!) I actually see spam as something that could be useful ... in a weird way. See, I classify spam as good, bad, and ugly. Ugly is easy, it's the viruses and phishers. Bad is the stuff with forged headers, misleading subject lines (account canceled, your resume). These two deserve no sympathy whatsoever. They are fraudulent and ought to be dropped in the ocean and fed to the fish.

      But the other spam, well, calling it good is pretty optimistic. I would say only that it is not as bad as
    • Most spammers take great lengths to hide their identity, and are scared to even tell their family what they do for a living.
      <<Cue violins>>

      Man: Mom... I... I'm sorry. I can't hide it anymore. I... I'm a spammer.

      Mom: I... was afraid of that. I mean, I suspected but... I just didn't want to find out. Didn't want to be sure. I had hoped... it would never come to this. I'm sorry.

      <<She reaches into her handbag, pulls out a revolver>>

      Man: Mom! No! NO!

      <<BANG>>

  • Oh Scott Richter (Score:4, Funny)

    by hambonewilkins (739531) on Thursday April 08 2004, @07:46PM (#8810798)
    Scott Richter, or 'high volume email deployer' as he wished to be called on his recent Daily Show appearance.

    Where, it might be noted, it became clear he didn't have a whole lot of experience with the "clitorious."

    The best was hearing Rob Corddry say "clitorious" back to him, and Richter not batting an eye. Perhaps the solution to getting this guy to stop spamming is to get him some lovin'? Preferably human?

    • I think money is his main motivation... and he's realized that there's more money in the anti-spam industry than the actual spamming industry. He's willing to go turncoat if there's money in it... being a spammer is already lower than being a turncoat. :)
  • I don't think I could possibly control myself at such a conference. I'd love to serve court papers at a gig like that. :)
      • I'm surprised that no email spammer has been killed yet.

        We might be fed up with spam, but we have not yet reached the point where we can simply take action and consequences be damned. Killing a spammer will get you in prison. I don't think a court would admit it as legitimate defense or buy a story of temporary insanity on account of spamming.

        So, the most we will do is yell, bitch and blacklist, until a solution is reached. We will not succeed in convincing spammers to stop spamming. In the end, we

  • The first step to getting rid of spam (Score:5, Interesting)

    by Slashdot Hivemind (763065) on Thursday April 08 2004, @07:49PM (#8810822)
    Is admitting it comes from America. A quick glance at any spammer blacklist shows a clear majority of them live in Florida, but American politicians and lawmakers still push the line that it's an African and Asian problem.

    • Re:The first step to getting rid of spam (Score:5, Interesting)

      by LostCluster (625375) * on Thursday April 08 2004, @08:05PM (#8810943) Homepage
      Florida has an interesting power of attracting rich-yet-lowlife characters who have managed to be declared scum yet have avoided being put in jail.

      The key is that unlike other states, Florida has no value limit on what you can claim has your "homestead" [lawoffice.com] when you are claiming bankruptcy. That is to say, you could own a multi-million dollar home and have billions in unpaid debt. You won't be able to own much else in your own name, but you can keep your homestead. With only a few exceptions, creditors simply can't force you to sell your homestead in that state.

      That's why spammers live in Florida. Pass all the civil liabity laws you want... you can't touch anything they have. You have to make spamming a crime in order for them to be worried.

  • Where's the fuzz? (Score:4, Insightful)

    by k4_pacific (736911) <k4_pacific.yahoo@com> on Thursday April 08 2004, @07:52PM (#8810841) Homepage Journal
    If spammers have connections to virus writers and do all these malicious things, why weren't there cops waiting to arrest them when they showed up? Were they granted immunity to visit the conference or something?

    • Unless the virus takes down a major website, like Yahoo or CNN.com or a government website, the feds could care less. They don't care if a known criminal hijacks your computer and uses it for criminal activity, so long as no businesses or government agencies are inconvenienced.

      Think I'm joking? Look up reports from people who have reported known computer breakins to the FBI. The FBI ignores them, the police ignore them.

  • Richter is a funny guy. (Score:3, Funny)

    by stecoop (759508) on Thursday April 08 2004, @07:54PM (#8810860) Journal
    Surprisingly the anti-spammers didn't tear Richter to pieces with their bare hands

    I wonder if Richter is bigger than they expected or will there be a mysterious freak mishap in San Francisco involving rapidly expanding gases in a container when he start his car? All in all he is funny for going ya know...

  • Sometimes... (Score:4, Insightful)

    by Bishop, Martin (695163) on Thursday April 08 2004, @07:57PM (#8810892)
    Sometimes I wonder just how much money these spammers really make from the spam. I've never even looked at a piece of spam in serious contemplation of buying whatever "product" they are selling
    • Spam now falls into two categories:

      A: To sell something illegal/immoral. Any doctor who is writing any perscription for somebody who has never been to his office is on the wrong side of the ethical line, and in most cases steps over the legal one as well. Scammers love the lack of tracablity.

      B: Lead generation. There's no actual product, but they collect the list of signups to send direct mail or phone marketers your way from more-legit companies. Of course, the more-legit companies don't want leads creat

  • Next time (Score:5, Interesting)

    by azav (469988) on Thursday April 08 2004, @08:12PM (#8810987) Homepage Journal
    Next time we know a meeting like this is coming up, we send a representative and photograph each of the spammers and post a "Most wanted" web page with each spammer's photograph and address.

    Then put up forms that can be printed out ala "wanted poster" style and have volunteers post the wanted posters all over the spammers' towns.

    Expose them and run them out of where they live. Make their lives as hard as they make ours.

  • Well? (Score:3, Funny)

    by Chris Acheson (263308) on Thursday April 08 2004, @08:16PM (#8811014) Homepage
    Surprisingly the anti-spammers didn't tear Richter to pieces with their bare hands.

    Well, what kind of weapons did they use, then?
  • Byond the typical laundry list starting with "opt in," and ending it "don't sell illegal items" I'd like to suggest "clean house".

    I've opted in to some spam and had to opt back out again.

    Let me make myself perfictly clear. UCE* is what we are bitching about. With the huge volume of UCE the few items of SCE* are lost in the wake.
    I have to set up filters for each type of S?E* and a few UPE*.

    The fact of the matter is UCE is hurting SCE by flooding it out of existence.

    Back in the start Spamford made a play

  • Making it expensive for spammers (Score:5, Interesting)

    by KalvinB (205500) on Thursday April 08 2004, @08:20PM (#8811042) Homepage
    Aside from from the bandwidth (which who knows what kind of bulk rates they get on that) the most expensive part of spamming is buying domains.

    And the kicker is that HTML doesn't allow you to obfuscate an URL. The best you can do is character codes but that's one to one so not effective.

    What I do is harvest URLs from spams and then add them to the rule file for my mail server. It's a mostly automated process to avoid accidently filtering out non spam domains like w3c.org or yahoo or whatever that occasionally end up in spam e-mails along with real spam domains.

    You can click the link on my sig and then there's a link from there to see the current rule file my server uses. Since I added in web-mail with spam reporting, this is going to be even easier since spams will have a unique subject line and a to address that has no legitimate uses.

    Instead of trying to sort out which e-mails to my real addresses were spam or not, I just log in, report them and then it's a simple sort by to address to find all the spam to filter links out of. There's probably around a thousand filtered domains which equals several thousand dollars worth of domains.

    If you're worried about people snooping around on your connection, OpenSSL is comming soon for web-access.

    If you have a fully TLS enabled e-mail client you can do secure POP3 and SMTP already. Thunderbird has TLS capabilities for SMTP but not POP3 for some reason. Pegasus Mail is fully compatible. Apparently there's no clear standard as to whether the client should just use the standard 110,25 ports with encyption (what my server supports) or use alternate ports. Thunderbird is quite convinced you absolutely must use a fixed alternate port for POP3.

    For most people, it'll probably end up that the web access is the most secure way to use Indie-Mail.

    Ben
    • Even better: Have a domain. When you own a domain, you can forward all mail not addressed to a valid email address into a common mailbox. I give email addresses based on who I am giving them too, for example: yahoo-list@... microsoft-seminars@... symantec@... When/if I get spam to an address, it is much easier to figure where the leak was. Once an address is completely compromised, I create an actual mailbox for that address, set a size limit of 1, and let the messages bounce.
    • I only maintain two post offices. I have one that I don't care about that I give out to people who run MS Outlook/Express, since I know that their address books are going to get heisted on a fairly routine basis. Then I have another one that I give out to fellow Linux users. The former is constantly full of get-rich-quick penis-pill mortgage contest car job ads, while the latter remains virtually empty except for the occasional message conveying worthwhile information from people I care about. I'm almos

    • Re:Jesus Christ People. (Score:5, Informative)

      by shostiru (708862) on Thursday April 08 2004, @11:26PM (#8812333)
      The first amendment does not guarantee that I have the right to say what I wish to you and make you pay for it. The cost of junk mail, telemarketing, etc. is paid by the sender. The cost of email is paid primarily by the recipient (and her or his ISP). And, of course, there is substantial precedent that limiting commercial speech is constitutional.

      Oh, and your estimates of the waste of energy involved in spam are off by several orders of magnitude. Back of envelope calculations based on incoming mail volume, power consumption (which I've measured), and cluster size has 100,000 emails per day costing at least 10KWhr, and that's just on the receiving mail server cluster (it would be lower without redundancy, of course). Once you add in the sender and all intermediate hops I wouldn't be surprised if that figure doubled. And that's just the beginning; of all network services we run, email is by far the greatest suck of money, brains, and time.

      Before you claim free speech in defense of spam again, perhaps you should spend some quality time with systems and network engineers, and see how un-free this "free speech" really is. I'd be glad to do so myself over the telephone ... I assume given your argument you do take collect calls from everyone, right?

    • Re:Jesus Christ People. (Score:4, Insightful)

      by jfengel (409917) on Friday April 09 2004, @12:17AM (#8812645) Homepage Journal
      Spamming is very impolite. The objections aren't really about electricity, or even bandwidth and disk space (for which the costs do begin to mount up) or even the time it takes (which can be a serious imposition.)

      The core objection is about impoliteness. Spammers are _very_ impolite on am immense scale. A little bit of impoliteness annoys you. A person pumping out a million pieces of impoliteness an hour...well, that adds up to genuine rage. Especially when it is clear that he knows he is annoying you and hopes you don't care, which is the case with the guy hoping that v1@gr@ will slip past your spam filter.

      There's a limit to how loud one is allowed to speak. Beyond that, one is disturbing the peace. A violation of politeness becomes a crime. It's unfortunate when we have to regulate politeness, and it's unfortunate that you can't play your stereo as loud as you'd like, but that's how we live together.

      "Courtesy is the lubricant of social interaction," Heinlein said. Spammers are sand in those gears, and that grit is annoying out of proportion to how much actual damage it does.

      Is violence justified? No, but I do have to keep reminding myself of that.
    • THis seems stupid to me. It's just like the current throwaway accounts. Get on a mailing list. You UNC key becomes visible. Spammers grab it and start spamming you with it. Back to point one. That doesn't solve anything at all.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.