Forgot your password?
typodupeerror
Spam The Internet Your Rights Online

Lycos Anti-Spam Screensaver Brings Down Spam Sites 715

Posted by CowboyNeal
from the online-vigilantes dept.
ChairmanMeow writes "According to BBC News, the screensaver released by Lycos Europe that targets spam websites has been a bit too successful at targeting spam sites, bringing down two sites, with a third responding intermittently, and raising concerns that the screensaver amounts to a DDoS attack against spam sites. Of course, spammers deserve to be punished, but will DDoS attacks against spam websites help to curb the problem of spam?" While the screensaver allegedly throttles back when a site slows, it would seem it's being a bit overzealous.
This discussion has been archived. No new comments can be posted.

Lycos Anti-Spam Screensaver Brings Down Spam Sites

Comments Filter:
  • by Malevolyn (776946) * <signedlongint@[ ]il.com ['gma' in gap]> on Thursday December 02, 2004 @07:05PM (#10979975) Homepage
    It's nothing illegal. Just packet spam.
    • Re:Bad? No way. (Score:5, Insightful)

      by networkBoy (774728) on Thursday December 02, 2004 @07:07PM (#10980007) Homepage Journal
      Really,
      Is there anything legally wrong with this?
      It's not a "bot" army in that the owners of the PC's opted in to do this.
      -nB

      --
      Damn 2 min between posts BS has got to go. Should be limited to within topics or something :grrr:
      • Re:Bad? No way. (Score:5, Insightful)

        by neitzsche (520188) * on Thursday December 02, 2004 @07:21PM (#10980205) Journal
        Vigilantism (sp? Is that even a word?) is legally risky at best. I would love to see lawmakers specifically exempt Lycos in the specific anti-spam effort. I'd also like to see lawmakers pass laws that increase spam penalties to death by slow and painful torture. Maybe that's just me.

        But there's a big problem with the concept of legalizing even such specific vigilante acts. Where does the line in the sand get drawn? My USA Lawmakers seem ignorant (at best) when it comes to technology issues. Furthermore, making an exception for spam only would likely open the door to tremendous abuse. Would GWB authorize DDOS against non-Republican affiliated endeavors?

        It's a slippery slope. As much as I like the concept, my doubts are not being assuaged.

        • Berman tried that (Score:5, Informative)

          by www.sorehands.com (142825) on Thursday December 02, 2004 @07:28PM (#10980298) Homepage
          Last year, Berman tried to pass a copyright measure [com.com] which would immunize a copyright holder's efforts to stop someone from violating their copyright -- hacking into their system to remove the material, take it off the network, or shut it down.
          • by Anonymous Coward on Thursday December 02, 2004 @08:19PM (#10980886)
            *blink* oh, yeah, really clever law.
            RIAA hacks into someone's computer.
            Person has no legal recourse against RIAA
            Person hacks back and knocks the RIAA off the internet / nukes their network / whatever
            The point is that when there's no peaceful resolution (i.e. a court settlement), then everything descends into a non-peaceful solution, i.e. a free for all. And, simply, the RIAA wouldn't have much of a case in the courts against someone for the counter-hack - IANAL but if the person hacked CANNOT defend themselves against it in the courts (particularly if nothing infringing was found) then to hack back to prevent yourself from being attacked is self defence, defence of property not person, but nontheless self defence.

            The other possibility is that with all the hacking and counter hacking going on, firewall and other defensive technology should improve no end, which is good. Eventually the computers will all be locked up so tight that it ends in a stalemate, with a situation identical to that today, except that it'll be because no-one can get into the other's computers, rather than because it's illegal.

            Quite simply, if the law refuses to protect something or someone then the law can't complain when someone or something protects itself. That's got to be written down somewhere.

            Although I'm probably entirely wrong because IANAL at all, in any way, shape, or form.
            • by dgatwood (11270) on Thursday December 02, 2004 @08:42PM (#10981118) Journal
              The point is that when there's no peaceful resolution (i.e. a court settlement), then everything descends into a non-peaceful solution, i.e. a free for all.

              Welcome to the Internet. :-)

              No, seriously, the 'net was founded on principles of consensual anarchy. That's the way it has always been, and the way it always should remain. By signing onto the Internet, the spamming companies agreed to join a transnational network that was effectively above the laws of any one nation. If someone wants a protected little world, they should wall themselves off from the 'net behind eight firewalls and never communicate with the rest of the universe. If a whiny, crybaby spam business wants to fight against it, let them try. Next time, the 'net's tendency towards autocorrection will ensure that they get BGP blackholed for all eternity.

              The right solution for solving spam is not one of government. We don't need laws to make DOS attacks on spammers legal because they were never illegal to begin with. They agreed implicitly to accept whatever the Internet threw at them when they signed on. This is the way the Internet has always worked---when polite discourse fails to correct the error of one's ways, the 'net's response is to isolate the problem in the harshest possible manner to serve as an example to others who might choose to also act in ways that are harmful to the best interests of the 'net.

              There's simply no other mechanism for solving this sort of problem other than everyone giving up on unsigned SMTP, and since too many people aren't willing to do that, the only alternative is to simply packet-spam the spammers into oblivion. I say, let their routers burn.

              • by Anonymous Coward
                I *really* like the sound of the phrase let their routers burn. Beautiful. Thank you.
              • by neitzsche (520188) * on Thursday December 02, 2004 @09:09PM (#10981388) Journal
                The right solution for solving spam is not one of government. We don't need laws to make DOS attacks on spammers legal because they were never illegal to begin with.

                Dude, that is like, what, +500 insightful? I wish I could un-post so that I could mod you up.
              • by gokeln (601584)
                Big problem here. The most powerful win, at everyone else's expense. It seems fine when applied to spammers, but if somebody powerful decides they don't like you anymore, you're off the net, or worse. There has to be some kind of legal protection, as the ubiquitous network becomes a necessity of living, both for the powerful and for the average-joe.
              • by Mant (578427)

                The net was founded by the military to make a distributed system that could withstand a nuclear attack. It was then used by academia to exchange information. Then the geeks and techie types outside those groups got in on it, finally the rest of the world, including big business and so government attention.

                It certainly went through anarchic times, and is still pretty anarchic, but I think it is a stretch to say it was founded on it. As for above national law, why? Because it wasn't enforced for a while? Wh

          • Two great examples (Score:3, Insightful)

            by poptones (653660)
            of why we need to further evolve the internet. Back when it was limited to academics and fringe kooks the server/client model was valid, but as its becoming a broadcast medium it needs to evolve past antiquated notions.

            Universal broadband - even constrained geographically (ie we are all broadband peers in our neighborhood/block/town whatever) will make both ddos attacks and hacking individual machines ineffective. Imagine how popular radio would have been all those decades ago if more listeners caused the

        • Re:Bad? No way. (Score:5, Informative)

          by pcmanjon (735165) on Thursday December 02, 2004 @07:29PM (#10980309)
          One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos.

          Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

          If it does execute code, (which would be a security hole vuln.) then I suggest they just do a get on www.moretgage.info/fakepage -- which isn't apparently blocked.
          • Re:Bad? No way. (Score:3, Informative)

            by LiquidCoooled (634315)
            The screensaver isn't doing everything though.

            All the news sites covering the DOS attack are spreading word of the attack.

            They are loading the site themselves because of a link in the news report or a forum comment.
          • Re:Bad? No way. (Score:4, Insightful)

            by oexeo (816786) on Thursday December 02, 2004 @07:46PM (#10980526)
            Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

            It depends how the redirect is implemented, a META refresh would probably not work, but a HTTP "Location:" header might.

            • Re:Bad? No way. (Score:3, Insightful)

              by Eric Savage (28245)
              Only if it's a "real" HTTP client and actually follows them, which I doubt it does.

              Now a CNAME on the other hand...

              >:)
          • Re:Bad? No way. (Score:5, Informative)

            by vacuum_tuber (707626) * on Thursday December 02, 2004 @07:48PM (#10980542) Journal
            One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos. Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

            Right. Pretty much all of the recent news stories about this got it 100% wrong. In fact, from a sample HTTP request someone posted in one of these Lycos threads here, the screen saver doesn't even request a valid file. It generates a GET or POST intentionally formulated to generate a web server error response. Very clever. Not so clever are all the whiners and speculators who erroneously presume things like the imagened vulnerability of the Lycos tool to HTTP redirection.

        • by severoon (536737) on Thursday December 02, 2004 @07:31PM (#10980349) Journal

          Well, wait a minute. It's clearly unethical if the screensaver sends random data to these spammers web sites--that's clearly a DDoS attack. On the other hand, if it's not random data and it's, say, business opportunities and offers of various useful products that the spam sites might want to know about, I'd say this screensaver is providing a valuable service to them!

          • by Jim_Maryland (718224) on Thursday December 02, 2004 @08:34PM (#10981046)
            It's clearly unethical if the screensaver sends random data to these spammers web sites--that's clearly a DDoS attack

            Wouldn't the fact that we've all gotten spam from a site constitute a previous business interaction (of course initiated by the spammer)? Maybe the screensaver just needs to send a unsubscribe link to another spammers site. Lycos could claim that the unsubscribe link was coded in error.
          • by ArcticCelt (660351) on Thursday December 02, 2004 @10:36PM (#10982062)
            I think we are on something here! The screen saver should send something through the GET like:
            http://www.spamersite.com/?do_you_want_to_increa se_you_bandwich_by_three_full_gb
        • Re:Bad? No way. (Score:3, Insightful)

          by museumpeace (735109)
          What if we frame it this way:
          Lycos did not itself or via its employees directly take this action. they gave the victims of the spammers a way to fight back. The people who have not asked to have their inbox crambed with unwanted, often fraudulent emails have the feckless help of a few antispam laws and not much else except to change addresses often. I am sure the spammer didn't ask for all those pings or whatever the Lycos spammerjammer does...turnabout is fair play.
        • Re:Bad? No way. (Score:3, Insightful)

          by Simonetta (207550)
          But there's a big problem with the concept of legalizing even such specific vigilante acts. Where does the line in the sand get drawn?

          Thank you for your interesting comment.

          The spam problem has been inadvertently created by the internet designers and should be addressed and eventually solved by the web designers. This is not an area where legislators need concern themselves. They don't have to pass laws about everything. After all, that would only perpetuate the illusion that technical problems c
    • by name773 (696972) on Thursday December 02, 2004 @07:09PM (#10980035)
      Spam is a bit harsh; the lycos screensaver is a legitimate bulk packet sender.
    • by Rei (128717) on Thursday December 02, 2004 @07:17PM (#10980151) Homepage
      I can just picture the packets now. They try to send to every destination port on the target machine, the control bits are always set to "Urgent!" (URG), the source IP is deliberately set incorrectly, the data segment is malformed and contains a fake "opt out" message at the end...
    • Re:Bad? No way. (Score:4, Interesting)

      by Geminus (602334) on Thursday December 02, 2004 @08:38PM (#10981091)
      The really bad people are the ISPs. I know some folks at MCI and AT&T... they know their customers are spammers, but as one MCI rep said, "They pay." Some ISPs would be shut down due to a lack of revenue if it weren't for these little providers harboring these SMDs (Spams of Mass Dissemination) I say we should call nato and organize a fact finding investigation. Now let's liberate some servers!
    • by PetoskeyGuy (648788) on Thursday December 02, 2004 @10:02PM (#10981770)
      When someone sends a SYN, you don't have to respond with an ACK. If they don't like it, they should delete those packets and get on with their day.

      Whiners
  • Actually... (Score:5, Informative)

    by Anonymous Coward on Thursday December 02, 2004 @07:05PM (#10979976)
    It's according to Netcraft [netcraft.com]. Their story is Spam Sites Crippled by Lycos Screensaver DDoS [netcraft.com], followed by Lycos Screensaver Site Blocked by Internet Backbones [netcraft.com] and Lycos Screensaver Site Changed, Now Says "Stay Tuned" [netcraft.com]. F-Secure also says spammers are beginning to fight back [f-secure.com] by redirecting traffic back to Lycos.

    Come on people, primary sources! This isn't elementary school.
  • Quick! (Score:5, Funny)

    by powerlinekid (442532) on Thursday December 02, 2004 @07:05PM (#10979980)
    Post the links to the sites it targetted, we can finish them off!
  • Hmm. (Score:5, Insightful)

    by digitalgiblet (530309) on Thursday December 02, 2004 @07:05PM (#10979985) Homepage Journal
    Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer...
    • Re:Hmm. (Score:5, Insightful)

      by colman77 (689696) on Thursday December 02, 2004 @07:10PM (#10980043)
      No, it's not- it's fighting back. This should serve as a lesson to those spyware kiddies, too. It's about time these malware losers got a taste of their own medicine.
      • Re:Hmm. (Score:3, Insightful)

        by discord5 (798235)
        No, it's not- it's fighting back

        Let's take this to the non-geek world, and compare this to advertising folders that get shoved down your mailbox every day. This is basicly the same thing as going to the companies that distribute those folders, and shoving their mailbox full of folders untill their hallway is full.

        While it might be funny to do this, it's definatly more of a crime than shoving one folder down a mailbox that says "No commercial print".

        • Re:Hmm. (Score:4, Interesting)

          by HybridJeff (717521) on Thursday December 02, 2004 @08:35PM (#10981057) Homepage
          No, its like telling evreyone on your street to take their own ads and drop them in the mailslot of the advertising company. If I drop off off one add it isnt my probalem that 200 other people did the same thing too. Or 2000, or 200,000 other people.
        • Re:Hmm. (Score:3, Insightful)

          While it might be funny to do this, it's definatly more of a crime than shoving one folder down a mailbox that says "No commercial print".

          Crime? What crime?! "Return to sender" is a crime now?! When did you become so slavishly subservient to corporate idiocies like "direct mail campaigns" which deforest the planet that you would even dream of this being illegal!?

          And by the way, "no commercial print" is going to get you nowhere. In most places you do not own the space within your mailbox, it belongs to the

        • Re:Hmm. (Score:3, Funny)

          by djdavetrouble (442175)
          It's only funny til someone gets hurt.......... then it's hilarious !
        • Re:Hmm. (Score:3, Insightful)

          by Kris_J (10111) *
          I think it's more like tens of thousands of people sending the occasional fax to the main reception number of a company that never respects your "no junk mail" sticker on your mailbox.

          Sounds like fun.

        • Re:Hmm. (Score:3, Insightful)

          by tzanger (1575)

          Let's take this to the non-geek world, and compare this to advertising folders that get shoved down your mailbox every day. This is basicly the same thing as going to the companies that distribute those folders, and shoving their mailbox full of folders untill their hallway is full.

          While it might be funny to do this, it's definatly more of a crime than shoving one folder down a mailbox that says "No commercial print".

          Why is it "definitely more of a crime"? Maybe I'm just thick but I have as much of a

    • Re:Hmm. (Score:4, Interesting)

      by k98sven (324383) on Thursday December 02, 2004 @07:18PM (#10980160) Journal
      Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer...

      Yes, but you'd have to make that mass-murderer. Which means all the difference, I'd say.

      A spammer targets millions of people who have to put up with their junk in their mailboxes and on their networks.

      A DDOS attack is thousands of people targeting a single individual.

      Besides, if thousands of people are independently of each other voluntarily accessing these particular sites, then there's no crime in that. (AFAIK, you can't be convicted of 'conspiracy to disable an internet server through requests')

      I don't generally condone vigilante justice, but this is no more criminal behaviour than what thousands of Slashdotters engage in every day. Only with a different aim.
    • Re:Hmm. (Score:4, Insightful)

      by iphayd (170761) on Thursday December 02, 2004 @07:19PM (#10980180) Homepage Journal
      Isn't this more like having the entire neighborhood join the neighborhood watch, then post everyone around the perimiter of a pedophile's property?
      • online lynchings (Score:3, Informative)

        by Random_Goblin (781985)
        Isn't this more like having the entire neighborhood join the neighborhood watch, then post everyone around the perimiter of a pedophile's property?

        the trouble with mobs and vigilanes though is they are not very just, and can't be relied on not to attack the pediatrician [madbadorsad.org] by mistake.

        lynchings are generally considered bad things for a reason, and this is what this screensaver amounts to online lynchings.
    • by raehl (609729) <raehl311@yFREEBSDahoo.com minus bsd> on Thursday December 02, 2004 @07:21PM (#10980210) Homepage
      ... as least until one of your arsonists accidentally burns down the murderer's neighbor's house.
    • Re:Hmm. (Score:5, Insightful)

      by drinkypoo (153816) <martin.espinoza@gmail.com> on Thursday December 02, 2004 @07:22PM (#10980223) Homepage Journal

      Look, they can send you spam for any kind of tenuous "business relationship". Why can't I send them packets under the same terms? If they send me an email, then we have a business relationship, right? I'm just visiting their website... 20349875029375 times.

    • Re:Hmm. (Score:5, Funny)

      by legirons (809082) on Thursday December 02, 2004 @07:30PM (#10980332)
      "Using a DDOS on spammers is kind of like sending an arsonist to burn down the house of a murderer..."

      except without the fires and dead people...
    • Re:Hmm. (Score:5, Insightful)

      by NetFu (155538) on Thursday December 02, 2004 @08:49PM (#10981193) Homepage Journal
      No, no, no. You're looking at it in the wrong scale.

      What we're talking about here is like everyone in a neighborhood going to the house of their local Jehovah's witness or door-to-door salesman and constantly knocking on their doors to try to sell THEM something.

      Or an even closer equivalent would be a screensaver that would call telemarketers over and over and over again to "inform" THEM that you don't want anything they want to try to sell you.

      It's an disruptive, pre-emptive attack against people who do the same thing to all of us every day. To equate either act to murder or arson is insane!
  • by stecoop (759508) on Thursday December 02, 2004 @07:06PM (#10979997) Journal
    Instead of using Adblock we need Ad-Double-Block. With Ad-Double-Block you wouldn't not only block the image but use spare bandwidth to repeatedly click on add banners behind the scenes. If I understand the article correctly, the software reads your email and sends clicks through to the web sites listed that are in a spam box(?) while the screen saver is on throttling back when the site slows. Of course you should be able to configure the pain threshold for the sites.
  • by rackhamh (217889) on Thursday December 02, 2004 @07:06PM (#10979998)
    What a horrible thing to do to those friendly neighborhood spammers. :(
  • by dtfinch (661405) * on Thursday December 02, 2004 @07:07PM (#10980003) Journal
    How do we know that the spammers didn't just take their servers offline in response to the attack?
  • by nzgeek (232346) * on Thursday December 02, 2004 @07:07PM (#10980016) Homepage Journal
    I don't care if the spammers' servers are DDoSed. They can take their fucked-up business model and shove it, as far as I am concerned.

    Good on Lycos for finally having the balls to stand up to these guys. The spammers have been stealing bandwidth off all of us for far too long now.
  • by rubberband (731966) on Thursday December 02, 2004 @07:09PM (#10980036)
    As the admin of my mail system's spam filter, I would like to see nothing more than "drag a spammer in to the street and beat them with a keyboard until they repent day" but I worry about this system.

    Who controls the list of "spam sites"? What are the criteria for becomming a victim? I would personally like this process to be transparent before I encourage anyone to participate - I do think they have the best intentions, but the potential for abuse is a bit scary.

    That's what sucks about the spam war.. the good guys have to be careful how they deal with the problem to avoid accidentally screwing someone innocent. The bad guys just double their output.

  • by xgamer04 (248962) <xgamer04.yahoo@com> on Thursday December 02, 2004 @07:11PM (#10980061)
    Spammers will hire scumware authors to write apps that packet sites who target spammers, making the circle complete. Then, the masses (tm) will get infected with the scumware. It isn't that hard to figure out.
  • Worrying (Score:5, Insightful)

    by jmorris42 (1458) * <jmorris@bea u . org> on Thursday December 02, 2004 @07:12PM (#10980084)
    Yes, spammers are evil scum who need a standard NATO round square in the forehead. But this sort of rough and ready justice worries me. An attack on the network is an attack on the network, period. If this sort of thing becomes respectable where does it end?

    If it is OK to DDoS spamers, who else is it ok to knock off of the net?

    Kiddie Porn?

    Regular Porn?

    Nazi/Skinhead sites?

    Anything YOU think is a 'hate site'?

    Anything ANYONE things is a 'hate site'?

    Anything anyone objects to for any reason?

    Business competitors?

    Political opponents?

    Anyone applauding Lycos for this had better be ready to draw the line somewhere on that list above and defend why their line is the absolute correct one in language all can agree on or that line will creep down at Internet speed.
    • Re:Worrying (Score:3, Insightful)

      by k98sven (324383)
      If it is OK to DDoS spamers, who else is it ok to knock off of the net?

      "News for nerds, stuff that matters"?
    • Re:Worrying (Score:5, Funny)

      by raehl (609729) <raehl311@yFREEBSDahoo.com minus bsd> on Thursday December 02, 2004 @07:25PM (#10980255) Homepage
      line will creep down at Internet speed.

      African internet speed or European internet speed?
    • Re:Worrying (Score:3, Interesting)

      by ookabooka (731013)
      You are absolutely right. Drawing a line will become a problem. I personally hope that Lycos continues this program, and that someone eventually sues. The government needs to step in and solve the spam issue. With lycos going all vigilante, it forces the government to address what it has long ignored. In my opinion, if the government sees a certain site protected under the law such as freedom of speech, then you cannot spam it. If it finds a site's business practices unethical and/or tries to shut it down,
    • Re:Worrying (Score:3, Insightful)

      by rackhamh (217889)
      Poor comparisons. Kiddie porn is illegal, and in many countries so is hate speech. If a user *seeks* those sites, then the user is breaking the law, even if the site itself may not be (depending on where the server is located). But for the most part, those sites don't go out of their way to make unsolicited offers to users.

      On the other hand, if a site is targeting users in a region where the content is illegal (as is the case with spam), and no method can be found to enforce the law effectively (as is
    • Re:Worrying (Score:3, Insightful)

      by hackstraw (262471) *
      An attack on the network is an attack on the network, period. If this sort of thing becomes respectable where does it end?

      It begins and ends when these people contact me without my prior consent or knowledge.

      Forgive those that trespass? Fuck that. Put up a warning sign, and shoot all violators. Plain, fair, and simple.
    • Re:Worrying (Score:4, Insightful)

      by sheetsda (230887) <[doug.sheets] [at] [gmail.com]> on Thursday December 02, 2004 @07:55PM (#10980622)
      Kiddie Porn?
      You have to look this up, it doesn't come to you.

      Regular Porn?
      You have to look this up, it doesn't come to you.

      Nazi/Skinhead sites?
      You have to look this up, it doesn't come to you.

      Anything YOU think is a 'hate site'?
      You have to look this up, it doesn't come to you.

      Anything ANYONE things is a 'hate site'?
      You have to look this up, it doesn't come to you.

      Anything anyone objects to for any reason?
      You have to look this up, it doesn't come to you.

      Business competitors?
      You have to look them up, they don't come to you.

      Political opponents?
      You have to look them up, they don't come to you.

      I draw the line at: If it's actively pestering you without any sort of provocation and without any way for you to stop it by other means, you have my support to knock it off our internet. This is my intuition on where the line is, please poke holes in it so we can move toward the correct solution. Spam is the only thing that readily comes to mind that falls on the other side of this line.

      Spam itself is a form of DDoS attack: when you get enough of them email will become worthless to you, which is exactly how any DDoS attack works at some level.
  • Not a DDOS (Score:5, Interesting)

    by renehollan (138013) <rhollan.clearwire@net> on Thursday December 02, 2004 @07:13PM (#10980092) Homepage Journal
    People voluntarily chose to run this, no? It isn't like there's one person using a bunch of machines (with or without their owner's permission) to launch a coordinated attack.

    Rather, it's a bunch of people coordinating their requests for information. At worst, it's civil disobedience (though not directed at government) or an organized, peaceful protest.

    I had a similar idea a while back, where people supportive of a cause could voluntarily elect to permit their computers to engage in simultaneous activity coordinated from a single point. It's cool to see this.

    • Re:Not a DDOS (Score:3, Insightful)

      by Anonymous Coward
      DDoS is not defined by the willingness of the parties involved. DDoS is a distributed denial of service attack. Denial of service means that ones service is being denied by another party. Distributed means it comes from multiple sources... just because people are willing to let it happen has NOTHING to do with it.

      If me and 100 people on an IRC channel willingly installed something similar and used it to attack government websites or servers would they call it civil disobedience? I think not.

      Get it rig
  • Quick! (Score:4, Funny)

    by UberOogie (464002) on Thursday December 02, 2004 @07:17PM (#10980149)
    Someone get the world's smallest violin immediately!
  • I love spam (Score:5, Funny)

    by sparks (7204) <acrawford@laetabi[ ].com ['lis' in gap]> on Thursday December 02, 2004 @07:21PM (#10980213) Homepage
    I am always interested in novel commercial propositions. There's nothing I love more than seeing what exciting offers are available in the way of bodily enhancement, alternative medicines, and high-return investment opportunities.

    Don't you feel the same? I'm sure you do.

    Wouldn't it be great if someone would create a screensaver that would automatically visit the websites of the vendors of these enticing offers and display them on my screen? I'm a fast reader so it would be great if it could show a few each second.

    That way, I'd be able to read all about their exciting products without having to do anything at all.

    If there was such a screensaver, maybe lots of people would download it. After all, I'm sure we're all interested in the products on offer. And what e-entrepeneur wouldn't want to have thousands of interested potential customers visit his web site every second?

  • by discord5 (798235) on Thursday December 02, 2004 @07:22PM (#10980217)

    Hey, I like the idea of punishing spammers, but Lycos is playing a game that's very dangerous. They're doing DOS-attacks (by proxy) on servers, and where I live that's actually a crime. While sending lots of unwanted e-mail will get you a slap on the wrist, DOS'ing a machine without written consent actually gets you jailtime. Where is the liability here when someone installs this screensaver? Is the end-user responsible for the DOS, or is Lycos responsible?

    Another point on this is that this only brings more traffic to the Internet. I know, what's a few measily packets when people are leeching torrents like mad, but still. While this effectively disables spammers for a while, remember that you can't fight fire with fire (or SYN with SYN in this case).

    And what about machines that accidentally get on the list of machines to be abused? Hey, I know that in theory only bad guys get on the list, but I've had enough customers actually get on an RBL while they don't spam.

    This is dangerous ground we're walking here, and sooner or later someone is going to call their lawyer. The ISP that provides internet access for the spammer perhaps, or perhaps even the spammer who knows that where he lives sending spam is nothing compared to DOS.

    • Hey, I like the idea of punishing spammers, but Lycos is playing a game that's very dangerous. They're doing DOS-attacks (by proxy) on servers, and where I live that's actually a crime.

      On the original website for this tool, you were asked to select your country from a list in order to download the tool. The list was quite limited -- only some European countries were listed.

      I'm guessing this is because Lycos did their research to determine in which countries potential users wouldn't get into trouble if

    • Are the ones who decided to do that attacks. Lycos just had an idea, it takes computer users to implement it (or not).

  • A few bits of info.. (Score:5, Interesting)

    by BawbBitchen (456931) on Thursday December 02, 2004 @07:27PM (#10980296) Homepage
    Lycos is not auto-grabing the urls from the spam. It is having someone open the spam, verify it is spam, verify the end link url for the Viagra or such. Only then is the site added to the target list. Lycos has said that they are not trying to take down the site but cost it money. Seems that they did not write their software right to take into account that everyone and their grandmother hates the spammers and would install it. So a few spam sites went down. I am of the opinion that this is a good thing. They should change their software so it does DoS the site. Having been/worked on large networks I can say that a DoS will 99% of the time only affect the hosting company and the people that sell them the pipe and most likely only at that pipes termination. (Also it is not a true DoS in the sense that the software request the page and completes the transaction!) And I say so the fuck what!?! The hosting company should get screwed for hosting the spammer.

    It is about time we (the collective geeks) do something real about spam. Sure I have SA and all that installed but it is a pain, cost us money (time and hardware). Spammers should be shot. Spammers website should be hacked and cracked and trashed. The companys that knowingly host them should get the same. Their are no laws or police that can fix this chaos we call the Internet. It is up the the users to handle the shitheads.

    It is time to declare ALL OUT WAR SPAMMERS. Let our motto be "Victory or....NO CARRIER!!!"
    • by jmorris42 (1458) *
      > It is about time we (the collective geeks) do something real about spam.

      The only people who can 'do' something about spam are the ones who run the backbone. When they decide doing the "wink wink nudge nudge" game of loudly proclaiming their hatred of spam and signing pink contracts with the spammers isn't profitable anymore spam will end. If all of the major providers started enforcing their published AUP/TOS against their downstream customers spam would vanish in short order. Yes a few examples wo
  • by geekbruin (628580) on Thursday December 02, 2004 @08:20PM (#10980900) Homepage Journal
    i'm so confused. isn't this the same lycos that has their sidesearch spyware (http://www3.ca.com/securityadvisor/pest/pest.aspx ?id=453078521 [ca.com])? and if so, isn't this a bit disingenuous to be a anti-spam patriot while perpetuating their own brand of spyware? i mean, really, now.
  • But sir.... (Score:5, Funny)

    by krbvroc1 (725200) on Thursday December 02, 2004 @08:41PM (#10981105)
    Dear Spammer,

    I hope you enjoy the packets we are sending you. This is a not SPAM. Previously you opted-in for these packets. If you would like to be removed from our packet list, please turn off your machine. Thank you.

  • One question (Score:5, Insightful)

    by ScrewMaster (602015) on Thursday December 02, 2004 @08:54PM (#10981243)
    How does taking down a spammer's Web site stem the flow of spam? The two aren't related, and in fact all that's happening is that a hosting company somewhere is getting blasted (not that that bothers me ... host a spammer's Web site and you can just take your lumps.) However, actual spam is sent using open relays and other bits of misdirection and likely isn't even on the same pipe as the Web site. Sure, this sends the spammers the message that we don't like what they're doing ... but one has to assume that they already know that. I guess I don't see what practical purpose this is serving.
    • Re:One question (Score:5, Insightful)

      by Fjornir (516960) on Thursday December 02, 2004 @09:08PM (#10981378)
      Simple. Economics! Spam is an attractive massmarketing tool simply because it it so SO cheap. If it becomes common for sites selling through spamvertising to be protested in these virtual sit-ins then two things happen:

      a) Their bandwidth bills go up from all of these bots reloading them, increasing the cost of using spam a LOT.

      b) The people who would want to buy their product are discouraged by long pageloads and sporadic outages, decreasing their revenues.

  • OVERZEALOUS? (Score:3, Insightful)

    by alizard (107678) <alizard@noSpAM.ecis.com> on Thursday December 02, 2004 @09:31PM (#10981565) Homepage
    WMDs would be overzealous, since most spam hosts are physically surrounded by companies who not only don't do soam, but are spam victims like the rest of us.

    If your site shares a network with a spammer, time to complain to your feed site. Anyone who puts their customers at risk by tolerating known spammers on their network deserves to lose business or to get sued by their customers. (something along the lines of tolerating a public nuisance which is interfering with your business, I suppose)

Computers are unreliable, but humans are even more unreliable. Any system which depends on human reliability is unreliable. -- Gilb

Working...