Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Spam The Internet

Lycos Declares War on Spam Servers 567

Psychotext writes "The Register have posted a story about a new screensaver from Lycos that targets known spam servers (taken from spamcop and verified by hand) with traffic in order to raise their bandwidth costs and hopefully price them out of the game. Lycos state that this is not a DDOS as Lycos monitors the site's responsiveness and throttles back when the site starts to falter. The screensaver is available here for Mac OSX, Mac OS9 and Windows, though you might need to lie about what country you are from." Reader JohnGrahamCumming writes "As part of preparing for the MIT Spam Conference I've put together a survey on what people are experiencing out there with spam, what they are doing about and followed it up with a test of different views of an inbox filled with spam and ham. You can take the test and be part of the survey results in January."
This discussion has been archived. No new comments can be posted.

Lycos Declares War on Spam Servers

Comments Filter:
  • Lycos? (Score:5, Funny)

    by Saeger ( 456549 ) <farrellj&gmail,com> on Friday November 26, 2004 @09:09PM (#10928703) Homepage
    I can barely hear what Lycos is saying... but it sounds like... "I'm not dead yet!"

    --

  • Lame (Score:2, Insightful)

    by Anonymous Coward
    ...too bad this also wastes bandwidth across the net.
    • Re:Lame (Score:5, Insightful)

      by anagama ( 611277 ) <obamaisaneocon@nothingchanged.org> on Friday November 26, 2004 @09:16PM (#10928744) Homepage

      • ...too bad this also wastes bandwidth across the net.

      It's like investing in the future. If it works and makes it too expensive to run a spam destination site, spam destination sites will fade into history. This may be wishful thinking but the other option is to do nothing until 98% of internet traffic is spam related. I say "yeah" - if for no other reason than because it feels good. Of course, I'll have to wait for the linux equivalent - or maybe I'll go google for some ready made scripts - failing that, using this list and wget, I'll make my own. Sounds like a fun and righteously vindictive activity!

      • How long will it be before we see an open source clone of that on sourceforge?

        Of course it will do nothing for zombie sites that are hosted on trojan/worm/virus hacked machines. That would just punish the technically incompetent victim of spammers. ...and script kiddies will try to annoy sites they don't like. Perhaps the teletubby site and Barney can be screensaved out of existence? (-;
      • Re:Lame (Score:3, Insightful)

        by Amiga Lover ( 708890 )
        Waste of bandwidth is all relative anyway. So far the count looks to be close to 100GB since the project started, and has climbed 0.1GB in the 40 minutes since I've been reading about it.

        Currently, it's a completely miniscule undetectable amount of traffic when compared to whatever else is banging around the net. 100MB in 40 minutes across everyone running it currently? That's less than the speed of a 512kbps DSL connection, for just under 10,000 screen savers they have installed & running at the momen
    • How much bandwidth is already taken up by spam?

      Besides, IN THE ARTICLE they say that the tool uses about 3.4Mb per day. Big deal.

      • Re:Lame (Score:3, Interesting)

        How much bandwidth is already taken up by spam?

        The estimates I saw just a day or so back were about 65%. This is NOT trivial. I'm reminded of the Mouse that Roared. I think its time we mice roared loud enough to be heard. Each one of us is a trivial squeek, but if 40 million did it, that would be a roar that no regulatory agency on the planet would dare touch with a 1000 foot pole.

        If 10% of the planet jumped on this particular bandwagon, the problem would be self solveing within a week. Then we woul
  • Horrible Idea (Score:5, Insightful)

    by Anonymous Coward on Friday November 26, 2004 @09:10PM (#10928708)
    I'm sure Lycos will love it when the spammer updates their DNS to point to Lycos.
    • Given that Lycos seems to have the ability to reduce traffic when the site is getting too slow, I suspect that they also have the ability to stop it altogether. As a side-effect, the spammer has made his own money-making inavailable, which helps anyway.
    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Friday November 26, 2004 @10:50PM (#10929075)
      Comment removed based on user account deletion
      • Re:Horrible Idea (Score:4, Informative)

        by Mycroft_VIII ( 572950 ) on Friday November 26, 2004 @11:25PM (#10929193) Journal
        Not all spammers get $$ by people buying somthing from them. Sometimes the site linked to in the email has a referer in it and leads to some site other than the e-mailer's and they get paid based onthat reffer id being assosiated with a particular non-acredited mortage loan for penis enlargement pills.
        There are other ways they make money, and some is just random guessing to find valid emails (via various mechanism) for re-sale to other spammers.
        I'd swear some of this spam is pure bs to entertain the spammer who could care less about making $$ than simply seeing how many people he piss off with idiot e-mails and chain letters(AOL in conjuction with microsoft and the fda are tracking this e-mail, send it to 183 close friends in the next 27.34 minutes or we kill a kitten and you'll come down with warts!).

        Mycroft
    • Re:Horrible Idea (Score:3, Informative)

      by Eric Damron ( 553630 )
      The spammer's DNS will never come into it. All the screen saver has to do is to send a request directly to the spammer's IP address. No lookup, no DNS.
  • by jerw134 ( 409531 ) on Friday November 26, 2004 @09:10PM (#10928709)
    Seems like they're just sinking down to the level of the spammers in order to try and fight them. As much as I hate spam, I cannot get behind this kind of activity. They're just adding more useless traffic, in the name of justice. Sorry, nice idea in theory, but I sincerely hope it never takes off.
    • Fight fire with fire...

    • by account_deleted ( 4530225 ) on Friday November 26, 2004 @09:17PM (#10928749)
      Comment removed based on user account deletion
    • Sorry, nice idea in theory, but I sincerely hope it never takes off.

      Second that. Producing more crap to fight crap leaves only losers.

      Knowing how sneaky spam operations work (zombie networks etc.), I think that filtering/counter measures will never truly solve the spam problem, and that an effective solution will be economics-based.

      One reason for the huge amounts of spam is that each single message has on average very little value for the recipient, and IMHO a good approach would be to increase that v

      • by 1u3hr ( 530656 )
        help spammers to reach an interested audience in a more targeted, specific way.

        It wouldn't help. We'd just have this targetted spam PLUS the shotgun spam we have now. As long as sendng spam is virtually free, in cost and penalty, there will be plenty of assholes willing to use it to the fullest extent possible.

    • by node 3 ( 115640 ) on Friday November 26, 2004 @10:55PM (#10929092)
      Seems like they're just sinking down to the level of the spammers in order to try and fight them. As much as I hate spam, I cannot get behind this kind of activity. They're just adding more useless traffic, in the name of justice. Sorry, nice idea in theory, but I sincerely hope it never takes off.

      There's a sort of hierarchy of ways to deal with people. At the base is physical force, and the top is reason.

      If someone won't listen to reason, the only way to deal with them is to go down the list of ways to respond. How far down the list you go depends on the morality and importance of the problem (for example, if someone is wearing white after labor day, you might try to reason with them, or convince them with emotional arguments, but you probably won't pass a law or (going to the very bottom of the list) threaten to kill them for it).

      Spammers won't listen to reason or laws, so you have to either go down the list (in this case, meet them at their level), or let 'em be. For example, I wouldn't advocate violence against a spammer (except prison time, but just barely, like 6 months max or something), but wasting their money (like they do to me?), count me in!
  • This is NOT A DDOS!! (Score:5, Interesting)

    by Eric(b0mb)Dennis ( 629047 ) on Friday November 26, 2004 @09:11PM (#10928714)
    I like how they state, even though that this screensaver overwhelms the server with requests, and can from many different sources, IT IS NOT A DDOS!

    Actually, it's a great idea, now only if a cool Open source dev would make an open version of this and take away that whole throttling thing.. who would they sue?

    It would be the gnutella of ddos's!
    • To be a DDOS, it must deny service.

      They explicitly state that they will not overwhelm the servers to the point of service denial, simply force the servers to expend more bandwidth, and in the process, money.

      It's certainly distributed, but it's not a Denial of Service.
      • by pyrros ( 324803 ) on Friday November 26, 2004 @09:54PM (#10928885)
        Let's call it Distributed Reduction-Degradion Of Service: DR-DOS

        /me ducks for cover
      • by JWSmythe ( 446288 ) <jwsmythe@jwsmyth ... inus threevowels> on Friday November 26, 2004 @09:57PM (#10928896) Homepage Journal

        No, to be a DoS attack, they must attempt to deny service.

        If I take an extra 100Mb/s on a 1Gb/s line, does it slow down my network? No. Was it an attempt to do so? Yes.

        Several years ago, Some kid got on two boxes at his university. They had a T3. We had a T3 (like I said, several years ago). They were pushing 30Mb/s constantly at my one box for two days. It started on a Saturday night. It wasn't enough to knock my box down.

        I sent a nice email over to the school with all the information I had. Needless to say, there was hell to pay over at the school. They were terribly concerned why *THEIR* network was having problems all weekend. They were very thankful that I informed them.

        Now, was that an attempt at a DoS? Yes.

        Was it enough traffic to actually break anything? No.

        Did the kid get expelled from the school? Yes.

        Now the bigger question, if the school hadn't handled it, where do I go next? To their ISP. Well, actually my ISP, who would contact their ISP, and threaten to block whatever block size necessary to stop it. a /8 should be sufficent, I'd think.

        "Sorry, we're going to null route your /8 until you can contain the problem on your end."

        That'd go over really freakin' well, I'm sure, especially if my provider is big enough. :)

        If they're on the same provider, someone's service is getting immediately disconnected. Yes, I've been in on those calls, both for DoS attacks, and for spam.

        ISP: "There's a customer on x line that's spamming"
        Me: "Well, not that my opinion matters, but I would have already shut them off."
        ISP: "We did about 5 minutes ago."

        But hey, however they want to play the game. It's their company.

    • by logic hack ( 800754 ) on Friday November 26, 2004 @10:01PM (#10928915) Homepage
      Actually, it's a great idea, now only if a cool Open source dev would make an open version of this and take away that whole throttling thing
      I believe it's called a slashdotting.
  • LAW SUIT (Score:5, Insightful)

    by drsmack1 ( 698392 ) * on Friday November 26, 2004 @09:12PM (#10928716)
    This will never survive the legal challenges it will face. At least some of these companies can claim to be "legitimate" businesses. Of course if they just produce the list of addresses we can surely work out something involving wget for ourselves.
    • Re:LAW SUIT (Score:5, Interesting)

      by Anonymous Coward on Friday November 26, 2004 @09:46PM (#10928851)
      This will never survive the legal challenges it will face.
      It doesn't matter. What Lycos is doing here is showing an idea to the world, and rather selflessly opening themselves up to legal issues in the process.

      Now, they aren't the first to come up with this sort of attack against spam. Lots of geeks (myself included) have run continuous wget fetch sessions against particularly annoying spammer sites. There's a program called "Spam Commando" or something similar which fills out spammers' web forms with bogus but real-looking inquiries, thus wasting the spammers' time. I've thought several times about writing a little win32 app to do what Lycos' screensaver is doing, but couldn't get past the obstacle of "why would people trust my list of spam sites and use the program?" I should have thought of partnering with Spamcop ;)

      In any case, this is the first time that a company, as opposed to some guy in his spare time, has stepped up and said "Hey, we think this is a good idea." And that's all it takes. This sort of thing generates press. The press will probably lead to lawsuits, as you point out. The lawsuits will inevitably lead to Lycos disabling the screen saver.

      But here comes the beautiful part:

      That's where a few geeks step in and take over.

      Look at Gnutella. Nullsoft got bitch-slapped by AOL and told "you can't do that." The rest of the internet replied, "maybe you can't, but we sure as hell can."

      Mark my words, if legal action shuts down Lycos' screensaver, a free, open-source, anonymously distributed alternative (or three) will take their place.

      Thanks, Lycos, for shouldering the initial risk.
      • Re:LAW SUIT (Score:5, Interesting)

        by JWSmythe ( 446288 ) <jwsmythe@jwsmyth ... inus threevowels> on Friday November 26, 2004 @10:10PM (#10928953) Homepage Journal

        I wrote a proof of concept once, similiar to your form filling script.

        Someone said that you can't spam and hide it.

        I wrote a script to prove you could. It took about 20 minutes to put together to my satisfaction.

        I had 3 files. A names file, a domains file, and a words file.

        It would take one to three words from the "names" file, and generate a name. It would take some combination of those, sometimes with a random character or two, and then take a random domain from the "domains" file, to form an Email address.

        I'd then take the "words" file, and make a subject line 2 to 15 words long, and a message body that was between 10 and 100 words long.

        To some of the messages, I attached arbitrary length attachments (generated as it ran), with filenames from the 'words' file, and I think 8 common extensions (.doc, .txt, .zip ....)

        I then used a common misconfiguration in web proxy servers (allowing CONNECT), and set it up to randomly select proxy servers to mail through, all over the world.

        Then I said "are you sure about what you said 20 minutes ago?"

        He said "yes".

        I ran the script. He was receiving about 1000 messages per minute, and couldn't tell what was real and what wasn't. They only thing he knew is that he saw text scrolling by on my screen (a little status information for myself), and me laughing my ass off.

        There was absolutely nothing consistant with the messages. Different senders, different bodies, different attachments (if they existed at all), and all coming from different "mail servers". The receiving mail server assumes the IP it received from is the previous mail server, so those proxies showed up in the header.

        I never did run it against a spammer. It wasn't worth it. You know the 'from' address is bogus anyways. Any address they may list on their site is probably bogus ( remove_me@bad.spammer.com ? ha!). It was proof of the concept that anything can come from anywhere. He couldn't identify that it was me, because the was nothing to identify that it was me. The only way he could have possibly found out that it was me (other than my laughing), was to try to contact these ISP's with misconfigured proxy's, and ask them to give him the IP who sent it through. Good luck. I don't speak any Chinese, and at least 100 of those proxy servers were over there.
    • Re:LAW SUIT (Score:4, Insightful)

      by node 3 ( 115640 ) on Friday November 26, 2004 @10:59PM (#10929107)
      What law suits? You have to be from England, France, Germany, Italy, Spain, Sweden or the Netherlands to download the program. I imagine Lycos chose these countries for a reason, legal advice being my #1 guess.
  • by Ben Jackson ( 30284 ) on Friday November 26, 2004 @09:13PM (#10928723) Homepage
    With all the blackhole lists, private IP filters and now screensaver-based DDOS, large parts of the IPv4 address space are becoming wastelands that won't be inhabitable even after spammers are driven out. Heck, a friend of mine just heard that a few class A blocks were just assigned to APNIC and immediately firewalled them off. There's got to be a better solution!
    • Which is a good thing to drive IPv4 out and introduce IPv6 without problematic "solutions" like NAT
    • a friend of mine just heard that a few class A blocks were just assigned to APNIC and immediately firewalled them off

      APNIC is the authority for 62 countries [arin.net] in the Asia-Pacific region including Australia, China, India, Indonesia, Korea, Malaysia, New Zealand, and Singapore. Obviously his actions were totally reasonable.

      • APNIC is the authority for 62 countries in the Asia-Pacific region including Australia, China, India, Indonesia, Korea, Malaysia, New Zealand, and Singapore. Obviously his actions were totally reasonable.

        TONS of spam comes from them and enforcement of complaints to Abuse@ is nil. What, of use to a Westerner, could they offer to counter that?
        • by 1u3hr ( 530656 ) on Friday November 26, 2004 @11:21PM (#10929182)
          >APNIC is the authority for 62 countries in the Asia-Pacific region including Australia, China, India, Indonesia, Korea, Malaysia, New Zealand, and Singapore. Obviously his actions were totally reasonable.
          TONS of spam comes from them and enforcement of complaints to Abuse@ is nil. What, of use to a Westerner, could they offer to counter that?

          What do you mean "them"? A billion people live in "APNIC", dozens of countries. A few thousand spammers. As for "Westerners"; I happen to be a white Caucasian male born in Australia, living in Hong Kong.

          Because of attitudes like yours I have to use devious methods to email people on AOL, as they've blocked my normal domain for reasons they don't even deign to explain. Most of the world's spam originates in Florida. Do somethng about that first.

  • by Daath ( 225404 ) <lpNO@SPAMcoder.dk> on Friday November 26, 2004 @09:13PM (#10928724) Homepage Journal
    We all know: This is NOT spam!!

    Now we got: This is NOT a DDOS!!

    Oh well, we gotta try a few things to try and bring the spam down ;)
    • Just tell all the P2P networks that the last piece of the lastest song by Boy_Band or Stacked_17 is at that IP address. They'll get a not a DDoS and maybe a visit from the RIAA as a bonus.
  • What a move... (Score:5, Insightful)

    by NiTr|c ( 130325 ) <hackop.inumbrate@net> on Friday November 26, 2004 @09:14PM (#10928726) Homepage
    This doesn't seem like a very constructive solution. Hiking up bandwidth costs of spammers will certainly not solve any portion of the problem, as we've seen how much these people rake in. Not to mention the questionable ethics in a process like this. Lycos would be better off trying to work with other companies to try and somehow blacklist or filter all this garbage traffic instead of adding to it. As it stands, this is just some pathetic pissing match. Nice going, Lycos.
  • Moral ambiguity (Score:3, Interesting)

    by DiveX ( 322721 ) <slashdotnewcontact@oasisofficepark.com> on Friday November 26, 2004 @09:16PM (#10928740) Homepage
    "Lycos state that this is not a DDOS"
    "though you might need to lie about what country you are from."

    While I'm all for taking down the illegal scammers, making this a battle of dirty tactics doens't really seem to have an upside. Seems like it is too easy to backfire as spammers have already showing lack of morals in pairing with virus and trojan writers. This is like two armies of zombies fighting each other as the master's watch from afar. I think I have seen this on a TV show one. The side of evil believes the conflict makes is stronger while the side of light also manipulates the lessers. How will this all end? "In fire!"
  • Even though it's not DDoS, it's an attack on people's sites, which is probably illegal. The spammers could sue them. I mean, DDoSing SCO must have seemed like a good idea too, at least to the people who did it, but it was illegal!
  • by miyako ( 632510 ) <miyakoNO@SPAMgmail.com> on Friday November 26, 2004 @09:17PM (#10928747) Homepage Journal
    they can call it "NOT a DDOS" all they want, but it doesn't really change the facts. Technically speaking, they are right, because they are not trying to cause a Denial of Service, but I think that really in spirit it's not much different enough. While I certainly have no sympathy for spammers, I know that this is certainly not something that I'm going to be installing, as someone living in the US, because it seems to me that it's certainly possible for someone to win a lawsuit against the company or the people running this software.
    • Look at it this way.

      There are hundreds of thousands of mail servers out there, and many of them are overwhelmed by the sheer volume of spam which they recieve. Some of them to the point of being denied service.

      If any of these spammers cry foul... they either lose the lawsuit and are screwed because their cost of operations will skyrocket, or they win AND MAIL SERVER ADMINS WILL SUE THE SPAMMERS.

      Either way, the rest of the internet is doing to spammers what spammers have been doing to the rest of the i
    • While your argument sometimes makes sense (like the claim that Iraq had ties to al Qaida--sure, if you count al Qaida asking Iraq for help, and Iraq telling al Qaida to sod off, which is not the "spirit" of the term "ties" in this context), but in this case, it's not an accurate argument.

      No matter how you cut it, this is not a DDOS, because the goal isn't to deny service (which is the spirit of the term you refer to). The idea is to make it unprofitable to spam. Similar? Absolutely. Essentially equivalent?
  • it seems to me ... (Score:5, Insightful)

    by Rev.LoveJoy ( 136856 ) on Friday November 26, 2004 @09:19PM (#10928755) Homepage Journal
    Tools whose purpose is to waste bandwidth will have a good deal of collateral damage. When pipes need to be upgraded to account for more traffic (regardless of said traffic being "good" or "bad") we all pay the price. That is, unless one of you out there owns a major backbone carrier (in which case, I'm single).

    Bad idea, Lycos - nobody (no human, anyhow) likes spam - but the rest of us have so far refrained from crap flooding the net to stop it.

    -- Cheers,
    -- RLJ

    • I'm not sure.

      If the collateral damage goes up exponentially, maybe people will start paying more attention to the _source_ of the problem. Get rid of the spammers, and all of the enormous energy, bandwidth, and time that goes into fighting them will be dropped. That's a theory, at least.

      I don't know if it'll work--I don't think anyone will, until it's been tried.
    • So raising the spammer's bandwidth a little bit, but not completely hosing the connection, causing the spammer to fund the ISP's installation of new network infrastructure... All of this is bad for everyone?

      If so, then Slashdottings are equally evil, no? The recipient pays for infrastracture upgrades for everyone, but it's definitely definitely evil.

    • by node 3 ( 115640 )
      It specifically *doesn't* take down the net. When the responses slow down (either the server has overloaded, or the pipe between the screensaver'd PC and the server is overloaded, which is what you are worried about), the client throttles.

      Regardless, you have a choice: use a little extra bandwidth to fight spam, come up with a better idea, or keep the status quo. In lieu of a better idea, and in response to the failings of the status quo, you gotta pay the price to get what you want. In this case, it's usi
  • A modest proposal? (Score:5, Insightful)

    by krbvroc1 ( 725200 ) on Friday November 26, 2004 @09:20PM (#10928758)
    Lycos is wrong on this one. Part of the problem with SPAM is that despite the appearance of email being free, there are hidden costs (Kind of like environmental impact costs). In the case of SPAM the costs are bourne by the ISP / bandwidth providers and the recipients time, energy, and money. Lycos makes the problem worse for the ISP.

    Hell, if I were a SPAMMER, why not add some third party advertisements to my SPAM page. Perhaps each hit from these screensavers would generate revenue for me!

    I'm also having trouble seeing how they claim this is not a DDOS attempts. Obviously by increasing the number of screensavers in use, the load increases on the target sites. Perhaps a new concept--the DDOP--distributed denial of performance? Keep flooding until ping time of site is > 30 seconds. Still sounds illegal to me.
  • This is a straight carbon-copy of a system that a Swedish ISP launched a couple of months ago.

    The campaign goes under the name "Make Love Not Spam", and you can find it here [spray.se].
  • Don't sign me up (Score:5, Insightful)

    by scott9676 ( 808984 ) on Friday November 26, 2004 @09:22PM (#10928765)
    What is to stop the spammers from doing a reverse DDOS on you? They would have your IP address, and would enjoy wasting your bandwidth too. My guess is they have a lot more bandwidth than most of us do. They aren't exactly people I want to mess with. If nobody buys their stuff, they would go away. Unfortunately that's the only solution I see to 'fix' the problem.
  • I'm probably being stupid, but if Lycos already knows who the bad hosts are, why is it necessary to (not) DDOS them, instead of just blocking mail from those hosts?

    It seems to me that any problem with blacklisting certain hosts would translate to a similar problem with the (not) DDOS approach (for instance, spammers changing hosts or compromising more machines).

    Not to mention, this creates yet more traffic for the internet to handle. I'm sure it's up to the task, but it seems like there's no need to creat
    • I think the idea is, 'you can run but you can't hide.' Furthermore, there's no official way turn a spammer into a smoking ruin, so fighting dirty with criminals might be the only answer.

      I'm not sure it's a good answer, but it's better than filters.
  • aa419.arg anyone? (Score:5, Interesting)

    by whoever57 ( 658626 ) on Friday November 26, 2004 @09:23PM (#10928774) Journal
    Isn't this the same as the "Artists against 419" [aa419.org] site is doing?
  • This is likely responding to a crime wave by using artillery or carpet bombing on the city. The innocents get hurt, and the spammers just find another ISP to use.
  • Zombies (Score:5, Insightful)

    by ZeroExistenZ ( 721849 ) on Friday November 26, 2004 @09:29PM (#10928791)
    I don't want my IP in the hands of someone with the morale of a spammer [server logs].
    Let alone any "carefully picked host", certainly not at times I'm not there to observe what happends with my machine[screensaver].
    Nah-uh.
    • Re:Zombies (Score:3, Funny)

      by MrNemesis ( 587188 )
      Spamming units typically have a morale of 9 or more, while most ISP's have only an average morale of 7 - and this screensaver only gives a +1 boost to leadership. I know who I'd rather roll my 2D6 against... ;)
  • Clairify ... (Score:5, Insightful)

    by SuperDuG ( 134989 ) <be@NOSpam.eclec.tk> on Friday November 26, 2004 @09:30PM (#10928795) Homepage Journal
    This _IS_ a DDoS (Distributed Denial of Service) attack program. While they may verify that the site does not "stop", this will clog the servers with requests. While it may be a PR move to not call this a DDoS, it most certianly is. The only way it may not be is if your definition of DDoS implies that the server will eventually stop responding to all non "client that creates multiple connections" IP's.

    Note also that this is for Europe only. While there is nothing from stopping you from downloading and running this program outside the US, it is technically for europe only.

    Even if you check the site, it explains how site it "targets" are slowing response times.

    Is this shady, yes.

    Question? If you are being harmed by something and want it to stop and there is no other recourse but to take the matter into your own hands, is that wrong?

    Answer: It's up for debate.

    If someone was on a daily basis causing me to sift through hundreds of emails, losing important messages, having the spam filter delete it accidentally, or having to wait for everything to update in order to assure that I have all my mail, then yeah this is justified.

    They care not about your resources, time, or anoyance levels, why the hell should you?

    Vigilante justice is not pretty, but it does get the job done.

  • by Zerbey ( 15536 ) * on Friday November 26, 2004 @09:32PM (#10928798) Homepage Journal
    This is a stupid idea and will only serve to irritate the rest of the Internet. As much as they'd like to think it's not a DDos, it most certainly is, and they're just sinking to the spammer's own level.

    I hope Lycos rethinks their plans, or I fear the retributions will be far more damaging. Any net user who downloads this software is going to leave themselves open to prosecution.
  • Lycos DDoS (Score:5, Insightful)

    by JWSmythe ( 446288 ) <jwsmythe@jwsmyth ... inus threevowels> on Friday November 26, 2004 @09:33PM (#10928805) Homepage Journal
    Oooohh, this is such a bad idea on so many fronts.

    1) They're going to get sued. Not just sued, sued a whole lot. Asses in a sling kinda sued. Spammers that are making good money have the budget to sue, and really Lycos is completely in the wrong here. Morally, sure spam sucks. But you can't do it this way.

    2) It's against so many different TOS's that isn't even funny. With very very very few execptions, users can't legally run it (check your provider's TOS). They're opening every user up for:

    a) federal charges.

    b) lost ISP connection.

    c) Lawsuit for damages from the spammers.

    3) So you flood a facility with an OC3. Now not only have to screwed up one guy's day, you've screwed up everyone's day at that facility. Or worse, the screen savers send such a load to knock down a server, that they inadvertantly overload a few major peerings instead.

    How about this for a proof of the point. I have a GigE connection in 3 different cities. My provider has multiple OC192's heading all over the place.

    I rig up something that can handle a 1Gb/s through it, that can take the abuse, and still appear to be functional. Come on, think creatively, it's not that hard to do. I can serve 1Gb/s of web traffic with 6 machines. Actually, I do with 15 machines, at a very low percentage of their capability. So no matter what they throw at me, they can't take the servers or my line down.

    Or worse yet, they attack me, so I flood them back with 3Gb/s. I'd bet I can swamp lycos.com. Sure, they'll bitch. They'll moan. They'll threaten lawsuits, but I returned exactly what they were doing. More than likely they'll lose in court.

    Isn't there a rule for iptables to redirect traffic coming into one IP, into another one? a one-liner, if I remember right.

    Lycos DDoS's me. I set up machines to redirect the abusive traffic to say whitehouse.gov, ftc.gov, or lycos.com. Ah, lets play nice here, lets redirect the traffic to google.com, and watch the lawsuits really fly. So Lycos makes a valiant attempt to knock Google offline. That'll go over really well in court.

    Or, as one comment in here already said, if they do it by DNS names, just change the DNS record.

    bad.spammer.com. IN CNAME lycos.com.

    or

    bad.spammer.com. IN A 209.202.248.202
    bad.spammer.com. IN A 209.202.216.27

    (That's what Lycos resolves as for me)

    or just negate it entirely.

    bad.spammer.com. IN A 127.0.0.1

    or have a little fun.

    bad.spammer.com. IN A 255.255.255.255

    And [insert deity here] forbid, someone compromises the machine which controls this action. If I were an evil hacker (hush you people in the crowd), that'd be a great play toy. Wanna knock off some competition, just point Lycos to them, and turn off their ability to throttle.

    I'd be *REALLY* pissed if I was hosting one, or there was a compromised box somewhere off in a corner that I didn't know about, and they decided to knock one of my networks offline.

    Most spammers move around so frequently, attacking a particular hostname or provider really doesn't freakin' matter. They change the domain the links go to, and start sending again. The usable age of a spam is only 3 days. Spammers consider if it hasn't been read in 3 days, it's not going to be read.

    I wish them luck, and hope they have a big enough budget to keep their executives who came up with this brilliant scheme out of federal prison. I sure as hell hope they don't accidently point at me for being a target, 'cause sure as hell they won't be on line long.

    Actually, with an announcement like this, they've opened themselves up for being the blame of almost any DDoS attack.
  • Fun toy bit no dice (Score:3, Interesting)

    by l0ungeb0y ( 442022 ) on Friday November 26, 2004 @09:36PM (#10928815) Homepage Journal
    Hey I ran it for about 2 minutes, had my fun and threw it in the trash. While a quick zap it to ya spammer might be fun, fact is this will do very little.

    I mean, most hard core spammers are using malware to get clueless users to spam for them and the rest are being hosted by companies who are either offshore or just don't care about what their users do with their bandwidth.

    For me, a locked down sendmail server+procmail loaded with SpamAssasin+Razor and to top it off, a Bayesian enabled POP3 Clients all come together to eliminate approx 99% of my spam, so I only see a few per week.
    That to me is what the world needs -- every sendmail server not allowed to relay, inboxes protected and every email client using filters.

    Then and only then will the spammers be truly hurt -- when clueless idjits don't get those emails in the first place and thus, can't click those f*cking links.

    Considering AOL, Earthling and other ISP's are starting to put all this in, that day may soon be at hand.
  • How ironic (Score:4, Interesting)

    by Realistic_Dragon ( 655151 ) on Friday November 26, 2004 @09:37PM (#10928819) Homepage
    Have you noticed how makelovenotspam opens in a new window even in tabbed browsers then loads in the page hidden behind the new window "Our offers" from Lycos.

    Perhaps we should DDoS the goits for pushing adverts to people without their consent in an underhand fashion? Oh, no, if WE tried that they would airdrpo a million lawyers on us in a heartbeat :\
  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Friday November 26, 2004 @09:45PM (#10928850)
    Comment removed based on user account deletion
  • This is my first troll. Yet I must do it.

    I'll do almost anything to stop spammers.

    I don't care if I am reducing myself to their levels.
    They did not care, neither shall I. They have gone too far. Expect no mercy.

    Fight!
    Adolfo
  • Now the virus writers can check for the existance of the lycos screensaver and modify the site to be whacked. And the folks who run them won't deinstall because they put it in in the first place and trust Lycos to give them the correct information. A little hosts mod and I can provide world wide sites to be pseudo-DDOSed. And with a tiny nudge from the other minions, the site will go down.

    Brilliant!

    [John]

  • um...Wonderful... (Score:2, Interesting)

    by MrFreshly ( 650369 )
    So, they've written an app whose purpose is to perform a DDOS...How long before a trojan or a virus takes control of this app and make it go after someone else?

    If the app is trusted by your local firewall, getting a connection out to wherever you want it to go wont be an issue...
  • Lycos is notorious for distributing a spyware program called SideSearch.
  • This may be a hoax (Score:5, Interesting)

    by Animats ( 122034 ) on Friday November 26, 2004 @10:02PM (#10928921) Homepage
    Look up the "whois" info for "makelovenotspam.com".
    • Starring Ltd AB

    • Kungsgatan 6
      Stockholm, 111 43
      SE


      [Administrative contact] Brockman, Didde
      Starring Ltd AB
      Kungsgatan 6
      111 43 Stockholm
      SE

      Email: technical@starring.se
      Phone: +46 8 6144600
      Fax: +46 8 6144610

    The sites use Lycos logos, but it's not at all clear that Lycos has anything to do with this. While these sites link to Lycos, there's no obvious link to it from the Lycos main page.

    • This was my first reaction too. I downloaded the s/w to analyse it, the MacOS-X version is not a standard bundle, just a carbonised ppc executable.
      strings reveals some blowfish setups, in a screensaver?
      some filecopywithcompression, which might be just sloppy compilation...
      chmod 777 hmmm, /Users/john/Library/SWF Desktop/SWF Desktop.app ??
      and buried in one section of binary Shakespeare's monkeys have inserted amongst the other bits & bytes .biz .ezybrzy africa bigger lonely & buyherb

      Anybody with a sa
    • by Sebastian Jansson ( 823395 ) on Saturday November 27, 2004 @08:00AM (#10930305) Homepage
      Interesting lead, I followed it trough some more and checked their site [starring.se]

      Luckily, that explained the situation, starring is a marketing company [starring.se], that were contacted by spray(a Lycos company in Sweden) to Get more people to start using Spray's e-mail service. [starring.se]

      There you have it, it is all a marketing campaign to attract more users to Spray(and Lycos) mail. I guess they made it quite well, mentioned on slashdot and all...
  • So they're creating a service designed to cost spammers money. It seems to me that computer crime generally gets classified as using computer resources in a way not intended by the provider and in a way that costs the provider money. Lycos isn't just opening themselves up to lawsuits, they're inviting criminal prosecution. Anyone using the client would be subject to the same kind of risk.
  • Sue file sharing my ass, bitch. Modify this sucka to hurl an endless stream of billions of big frames at the RIAA.
  • by cortana ( 588495 ) <sam AT robots DOT org DOT uk> on Friday November 26, 2004 @10:15PM (#10928977) Homepage
    Actually filling this one in was harder than I thought it would be. I guess because I'm too lazy to think up new catagories that consicely summarise the objections we've seen. Nevertheless...

    Your post advocates a

    ( ) technical ( ) legislative ( ) market-based (x) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    (x) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop spam for two weeks and then we'll be stuck with it
    (x) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    (x) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    ( ) Requires immediate total cooperation from everybody at once
    ( ) Many email users cannot afford to lose business or alienate potential employers
    ( ) Spammers don't care about invalid addresses in their lists
    (x) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    (x) Laws expressly prohibiting it [well, we'll find out if this is illegal once Ralsky et al. sue]
    ( ) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    ( ) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    ( ) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    ( ) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    (x) Extreme profitability of spam [providing Ralsky et al. with enough funds to make the court case long and bloody]
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with spammers
    ( ) Dishonesty on the part of spammers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    (x) Inethicality of slowing the entire Internet down, when a handful of spammers are responsible for 99% of our spam
    ( ) Outlook

    and the following philosophical objections may also apply:

    ( ) Ideas similar to yours are easy to come up with, yet none have ever
    been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    (x) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    (x) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    (x) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    ( ) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    (x) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (x) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your
    house down!
  • False Positives (Score:3, Insightful)

    by PktLoss ( 647983 ) * on Friday November 26, 2004 @10:18PM (#10928986) Homepage Journal
    Having been on the wrong end of a spam cop report several times, I feel for the innocents who are about to start having their mail blocked AND get bombarded with extra traffic. Just how many lawsuits will ensue?

    Will anyone win but the laywers?
  • Everyone pays for the bandwidth of the Internet, not just spammers to their ISPs. Why are you paying for waste bandwidth on the Net from Lycos, which won't kill spammers, but mutate them to some more resistant form? How about just distributing free address book email/messaging software, as open source, that lets us filter out message from people we don't know, who aren't introduced by someone within our "web of trust"? This kind of stupid shit is why Lycos is a loser, an also-ran from the popped bubble with
  • Brilliant (Score:4, Insightful)

    by nsingapu ( 658028 ) on Friday November 26, 2004 @10:21PM (#10928999) Homepage
    I like the idea because its grounded in destroying the economics that make spam profitable. Why not make it hurt more:

    For example take a piece of spam advertising a site which provides no contact information and which replys on form submsissions to promote a product. Take random (but meaningful) data, such as fortune strings, delimited to smallish lengths for each field, and wget form submissions every few hours | minutes | seconds. Any legitimate inquiries are lost in (likly literally) an unceasing email bomb sponsored by lycos.The destinction here, is that rather then costing them more you are litterally losing them the tiny fraction of respondents which make spam profitable, this renders the model unprofitable and makes any attempt to offset the cost ineffective.

    I take great satisfaction in ensuring that a spammers time is wasted to a greater degree then my own. Given the products that are often peddaled via spam a quick forward can often ensure this, for instance forwards to enforcement@sec.gov have resulted in six lawsuits [sec.gov] (and counting) this month alone. There is a great forward for almost any ware, but medication, promotional stock tips, and cheap (generally pirated or edu version) software are some of the most fun - despite my dislike of Microsoft and the Government I relish the thought of their respective legal teams gunning down a newbie floridian who mistakenly purchased my address.
  • by slashname3 ( 739398 ) on Friday November 26, 2004 @11:22PM (#10929184)
    While this is an appealing idea, swamping the spammers web site to increase their bandwidth costs is not going to really work. Like another poster indicated they would need to enter random data into the order pages to make it difficult to extract legit orders. Remember most spammers are probably buying their bandwidth at fixed cost rates. So while this may use a lot of their bandwidth it is not going to prevent legit orders getting through.

    What should really be done to curb spammers is to have all major ISPs implement the following:

    1. block SMTP for all users and force them to route thier email through the ISPs email servers. Permit users to request port 25 be opened up. This would block all the spam generated by zombie machines (probably greater than 90% of spam comes from such machines.)

    2. Implement greylisting on the ISPs email servers. This blocks better than 90% of spam being sent today since it mostly comes from zombie machines.

    3. Utilize the block lists that contain the web sites the spam sends people to to block those IP addresses at the main routers on the back bone.

    By implementing these items across all major ISPs, virtually none of the spammers messages would get through to the dupes that actually buy the crap. If you can dry up the responses to spam then the business model should fall apart and die. At least one can hope.

    Many people apparently don't really understand that this new screensaver is not going to punish the zombie machines owners by using up their bandwidth. It is aimed at costing the owners of the web sites that collect the orders. Which kind of the right idea. But I figure most of those sites are not using metered service but have ordered at minimum full T1's and probably have more than that dedicated. So trying to run up their bandwidth costs is probably not going to impact them that much.

    Impementing the three items outlined above is guaranteed to have a major impact on spam.
  • This is PR (Score:3, Insightful)

    by mattr ( 78516 ) <mattr @ t e l e b o d y . com> on Saturday November 27, 2004 @08:27AM (#10930362) Homepage Journal
    This is really hilarious. They are expressly trying to use up the portion of bandwidth spammers *aren't using*, and getting everybody to install a Lycos screensaver! And they aren't even addressing the fact that a spam-serving network is undoubtedly well-resourced and has more heads than medusa. Hah! Too funny. Well except for anybody who happens to actually need bandwidth for non-spam purposes. It's like setting fire to a spider web, you just burn yourself out.

    This is not a DoS (well it would be if it worked). It is just PR. Suddenly it got everbody saying "Lycos", front page on slashdot, etc., and it probably isn't even aimed at people who could figure out the problem. Most people will say great Lycos is taking a courageous stand, etc.

    If Lycos was really serious about stopping spam, they should put the technical, managerial, and public relations resources they are dumping into this and go after the spammers one at a time. There are a finite number of people doing this in the world, and a corporation that wants to hunt them down can do it. Just follow the money, maybe buy some spam from these guys to confirm it. Then decide what to do about it. They might even consider posting a list of spammers, companies that profit from spam, and spam purchasers, on the net. Though that might make it hard to do subsequent investigations into spammers.

    Well that's one thing they ought to do instead of this. Personally I think it would be better PR if they actually made some positive results in reducing spamming (with scientific proof) and publicized *that*. So this could maybe be called a half-assed DoS and a half-assed attempt at PR for mainstream technophiles, but on the whole it is just silly and wasteful. Thank god my fiber connection is nowhere near them.

"If it's not loud, it doesn't work!" -- Blank Reg, from "Max Headroom"

Working...