Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Security Government Spam The Courts News

NY Times On Spam Zombies 166

Posted by Zonk
from the creddiiiiit-caaaaaardssss dept.
A discreetly valorous slashdotter writes "The NY Times is featuring a story about the growing armies of spam zombies. It focuses on New Jersey teen spammer Jasmine Singh. Choice quote: 'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'"
This discussion has been archived. No new comments can be posted.

NY Times On Spam Zombies

Comments Filter:
  • by Anonymous Coward on Friday June 24, 2005 @04:55PM (#12905036)
    "A discreetly valorous slashdotter writes"

    From dictionary.com: valorous - Marked by or possessing great personal bravery; valiant

    From the same: discreetly - Marked by, exercising, or showing prudence and wise self-restraint in speech and behavior; circumspect.

    Meaning an anonymous coward?

    Don't you love sales/marketing speak?
  • by Anonymous Coward
    Is it me or something ? Slashdot is featuring more and more stories against/about indians. First the credit card fraud, ibm transfers job overseas, and now this.

    May be we should call this section It is what Indian Technology is.

  • "Hacking in its pure form is to show what you can do.'"

    Alright then, given enough time, you can do anything, so there is no need to try. ;-)
  • ISP's should be held accountable if their users are using windows and using no firewalls.

    If ISP's were to be fined then you would see change.

    But they aren't so who cares, right .
    • If the SBL can shot down an entire group of blocks because of one spammer on one IP, then someone should be able to shut down an entire ISP (say, AOL, Earthlink, etc) if they have just one spam-sending zombie. Period.

      I mean, what's good for one group is good for the other, right?
    • All responsible ISPs have terms of service agreements that strictly prohibit abusive practices such as phishing, spamming, warez and media trading. They reserve the right to terminate anyone's service who is violating these agreements. Beyond that, it's not reasonable to expect the ISPs to be punished for other people's irresponsible or illegal behavior, any more than the car dealer should be punished for selling a car that is used in a bank robbery or the hunting goods store for selling ammo. You can't
      • This is more like a gun dealer who continues to sell bullets to someone when he knows the previous bullets he sold the guy were used for a robbery.

        That's beyond being a service provider and closer to being an accessory.
      • >>
        Eventually it will be a lot harder for a 17-year-old to command an army of zombie PCs. In the 1970s, it was incredibly easy to hack into sites via a modem, using easily guessed passwords (guest/guest) because it was such a rare thing even to have a computer and a modem. The teen hackers of that era would be clueless today, just as these punks will be clueless 5-10 years from now.

        Are you kidding? They are probably tomorrow's managers. :)
      • In the 1970s, it was incredibly easy to hack into sites via a modem, using easily guessed passwords (guest/guest) because it was such a rare thing even to have a computer and a modem. The teen hackers of that era would be clueless today, just as these punks will be clueless 5-10 years from now.

        Some of those teen hackers from the '70s are today's senior programmers, lead engineers, etc. Yours truly included. No, I never did anything malicous, I only hacked to see what I could do! And sometimes those sk1
    • I think everyone is better off when ISPs stay out of the business of controlling customers based upon the type of traffic they're sending or even worse what type of equipment they have. Consider the following two scenarios:

      SnoopyISP has a 'we can shut you down based upon the traffic you send' policy. After doing so, they could be set upon to offer this service to RIAA, MPAA, etc, etc. After all, they can't say they can't/won't do it.

      SnoopyISP says, "sorry, we don't let anyone who isn't running XP with o
      • so, what's wrong with JoeISP who implements firewall devices into the DSL/cable modem equipment? Seems to be the easiest fix, though it's costly to the ISP, and I can see where only companies like SBC, Comcast, et al would be able to afford it. In the end, though, it will thwart this type of zombie nonsense. I see it everyday. Joe Luser hooks his XP SP1 pc to the internet, wonders why it performs slow and keeps throwing popups in his face, but lives with the problem because he doesn't want to pay the ex
      • I think you are a little late on your opinions.

        ComCast is well known for shutting down port 25 for the subnets that they provide for consumer use. This is done as a move to block Spammers from sending directly.

        Now Spammers send through the ComCast ISP mail servers directly. So the ISP response is to limit the number of emails you can send in a period of time.

        These two approach the model of we can shut you down based upon the traffic you send

        Regarding your assumption that ISP's consider Linux to be th

  • Its purest form? (Score:3, Interesting)

    by bmomjian (195858) on Friday June 24, 2005 @05:00PM (#12905074) Homepage
    Hacking in its purest form is showing how you can go to jail. :-)
  • Register? (Score:2, Funny)

    by comzen (830240)
    Today, a pure form of hacking would be to read the article without actually being a registered user.
  • From BugMeNot.com (Score:3, Informative)

    by Silverlancer (786390) on Friday June 24, 2005 @05:00PM (#12905079)
    Username: loser1234
    Password: loser123
  • by dancpsu (822623) on Friday June 24, 2005 @05:01PM (#12905089) Journal
    In one recent case, a small British online payment processing company, Protx, was shut down after being bombarded in a zombie attack and warned that problems would continue unless a $10,000 payment was made, the company said. It is not known whether the authorities ever arrested anyone in that case.

    Where would they send the money? This is like a kidnapping scheme. There is far too much involved when you actually want something back from the person you commit the crime against. You would think they would be easier to catch.
    • by Beryllium Sphere(tm) (193358) on Friday June 24, 2005 @05:12PM (#12905175) Homepage Journal
      >Where would they send the money?

      A Western Union office in Belarus, in one recent case. Once Western Union hands over the cash the transaction is irreversible and the victim's only recourse is local law enforcement. Extortionists can pick whatever country has the most cheaply bribable cops. And sometimes cops will ignore foreigners for free.
      • Except in that case, the criminals got caught anyway.
      • Good ol' Western Union -- they used to have an advertising poster in my local supermarket that offered a discount on money transfers to Nigeria. Its background graphic was a blank map of Africa with Nigeria colored in. This was in the Denver area, and there is no unusual concentration of Nigerian immigrants here, so it's not as if people were sending money to the home folks.

        Incidentally, the fine print said that while the transfer fee was discounted, the customer would get less than the going exchange rate
  • 'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'

    Oh, good. So she'll be delighted when law enforcement shows her what they can do.....
  • was how much money there is to be made in selling sports jerseys

    the rest of the article, technology-wise, is boilerplate: it should be obvious to any typical slashdotter what zombie computers are, how they are made, and how they are used

    perhaps what this article should mean to the average slashdotter then is that awareness of zombie computers has moved into popular culture

    that, and that there's a lot of money to be made in sports jerseys
  • No Registration! (Score:3, Insightful)

    by Anonymous Coward on Friday June 24, 2005 @05:05PM (#12905128)
    Would Slashdot please quit posting stories
    that you have to register for to read.

    Thank You.
    • not just that, but sites that have you register and then plaster ads on anything..
      then, from what I gather is going on, the ads your mouse hovers over your email gets added to the lists for those advertisers to spam you..

      yay for sites like bugmenot and mailinator.com

      but remember you can always pay for slashdot if you want... maybe that is how you get links without registration required? hrm

      no.. probably get added to the "willing to pay for stuff that is free anyway.." lists.

      bah.. screw the article, not
    • Who needs registration, we're Slashdotters, just hack your way in. Oops cover blown!
    • As has been mentioned several times already, you can get a login and pw combo to view the article from here:

      http://bugmenot.com/view.php?url=http%3A%2F%2Fwww. nytimes.com [bugmenot.com]

      There has also been a registration-free link posted:
      http://www.nytimes.com/2005/06/24/technology/24zom bie.html?ei=5090&en=c003ced33d1adfcf&ex=1277265600 &partner=rssuserland&pagewanted=print [nytimes.com]
    • Quitcher bitchin' (Score:5, Insightful)

      by jfengel (409917) on Friday June 24, 2005 @05:55PM (#12905475) Homepage Journal
      I'm afraid you're kinda screwed on this point. Slashdot is a news aggregator. This story is effectively a dupe of one that came before, but the "news" is that it's the New York Times publishing it, which has a far more important readership than PC World.

      In other words, the news isn't that there are zombies, but that a very important mainstream newspaper is telling people that there are zombies, and lots of 'em. You can't get this story from any other source, because the source is the story.

      And because the New York Times is so important, they get to charge for content. In this case the charge is cheap: you just let them know who you are, so that they can better sell ad space. That's not free, but it's pretty cheap.

      So basically I doubt Slashdot is ever going to "quit posting stories taht you have to register for to read", because that's where the good news is. If you'd like to establish an open source news gathering organization and make it available for free without registration, feel free.

      That's news "gathering" like the Times, not "aggregating", like Slashdot. News gathering is usually considered pretty expensive. You have to have a lot of reporters, and editors. And it takes time to establish the reputation that the Times has. And like software, news depends on trust.

      But hey, news, like software, is free to distribute once it's created, so maybe the open source model will apply. Go for it.

      Alternatively, stop bitching about what people are giving you for free (Slashdot summaries) or cheap (New York Times articles for the price of some trivial and easily lied about demographics). Your choice.
      • by rmm4pi8 (680224)
        I don't understand why Slashdot, unlike ever other blog in existence, doesn't use the RSS-feed-links to the stories, as these are no-reg.
    • Why? Its not like anyone on /. bothers to RTFA before getting on their soapbox anyways.
    • Sorry, nobody is going to bend over backwards to make sure you don't have to log in to view an article.

      You can always search on the subject in Google News and get alternate stories that may or may not be about the same subject.

      You can wait for somebody to copy/paste the text as a comment, or find the workaround for the log-in system for that particular site.

      You can choose not to read the story if you want. If you really want to, ignore the stories that link to reg-required sites.

      Slashdot, please continu
    • 1) Install Firefox
      2) Install "BugMeNot" plug-in
      3) Profit!
  • And to think, all they wanted was a little J-lo booty.
  • George A. Romero's Internet of the Dead
  • by Omega (1602) on Friday June 24, 2005 @05:06PM (#12905139) Homepage
    'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'
    That's it exactly. Hacking is about putting your skills and knowledge to the test. Such as kernel hacking or writing a device driver without any specs.

    Cracking is about breaking into a system. It might require some hacking, but it can also be done by script kiddies.

    • A new term is needed, that is somewhat between hacking and cracking.

      Crackery is about putting your skills and knowledge to the test by breaking into a system.


    • I don't believe that Hackers do what we do to prove a point, or to get one up on someone else. We do it to satisfy curiosity.
      • Not to speak for you, but most Hackers I know are always out to prove a point, and espically like to one up each other. In a competitive way.
        "Ha! that took you 27 lines of Code? I can do it in 17"

        Certianly curiosity is a drive as well.
        • You had lines of code? Why back in my day, we had to wire the connections up and then read the connections to see what we had written!

          Darned kids rassum fassum mumble grumble get off of my lawn!
    • by Anonymous Coward on Friday June 24, 2005 @05:40PM (#12905364)
      It's not right in any meaningful sense.

      There are a crapload of people who for over 20 years have been using the term "hacker" in conjunction with words like "phreaker," which were the terms used by everyone in the 80s BBS scene. When people like you tell them "the word you've been using for two decades doesn't actually mean that," they will pat you on your cute little head and say "ok, whatever, run along now." Because ya know what? You don't own the word or its meaning. If I start calling my car a puppy and act condescending when people correct me then I'm an asshole, but if I've been using 'hacker' along with a huge community of others to self-identify for over 20 years then that's another story.

      The long and short of it is you don't control the word and it escaped your definition a long time ago. The word spawned another meaning a LONG time ago and although you might not like it you're powerless to make it go away. That's how language works.

      I'm sorry it annoys you, but thems the brakes, kiddo.

      • I've been saying that for years!
        Nice to see that somebody else feels the same way...
      • by Anonymous Coward
        I dunno why people make a big deal out of what you say anyway. Using words the "right" way doesn't make you any smarter. Like when I want to download my pictures to gmail, and someone says "you mean upload." Who cares?

        And when I email people and say ur instead of "you are" or cul8r instead of "see you later" and they give me shit about it.
        • by TheOtherChimeraTwin (697085) on Friday June 24, 2005 @07:26PM (#12906114)
          Using words the "right" way doesn't make you any smarter. Like when I want to download my pictures to gmail, and someone says "you mean upload." Who cares?

          Sarflicks! I couldn't agree with you mosby! Why haggleby when the low-rider don't know blatz about the snoozer?

        • You're quite correct. It doesn't make you any smarter. However, it does have a few positive effects:

          You don't sound like a 15-year old who slept through elementary school English class, which in turn gains the respect of other people, which in turn helps you to do a lot of things, among others, get a job.

          Other people understand what you mean. It is true that in most cases it is fairly trivial to infer the meaning, but there are cases in which both the phrasing which was actually used and the phrasing
      • Eh, I'd say the media drove the "newer" definition, and it is therefore the definition "normal" people buy into. That doesn't mean the old definition is invalid by any means.

        Actually, wikipedia has a pretty damn good entry [wikipedia.org] for the word.

      • For a guy who goes on for two paragraphs about the meaning of a word, you'd think you'd have a better grasp on the meaning of the word "brakes."

        p
      • You mean, kinda like the way the young-earth creationists have spent 20 years denigrating the scientific term 'theory'? You're right, it's time for the researchers to give up the word 'theory', which used to mean 'a tested hypothesis', but now means 'a wild-eyed idea perpetrated by liberals and/or darwinists'.
    • Cracking is about breaking into a system

      Only to a small minority of geeks. Everyone knows that geeks like to make up standards and then castigate people who don't follow them. Whether it's about interpreting CSS correctly or placing your braces on the right line geeks just love to bitch and moan about this stuff. And the whole cracker/hacker distinction is just another one of these issues that some minority group has made up so they can bitch and moan every time someone uses the word hacker. The fact

  • Ok Article.... (Score:2, Insightful)

    by thesnarky1 (846799)
    but I don't think they really got to the real news here. The article doesn't mention how users can protect themselves at all. And it only focuses on the one case, when I think there could have been bigger name cases that would display the same message better. Is this article going to make the average user care at all, not in my opinion. The underlying theme I got from the article is that hackers are these crafty people who are sneaking onto your system, not something you can stop *coughfirewallscough*. Ok,
  • by CyricZ (887944) on Friday June 24, 2005 @05:10PM (#12905158)
    Okay, so this teen treats crackery like it was a sport. To show his or her proverbial "balls", as it were. This would be a prefect opportunity for some older, social-concious geeks to get together and set up a crackery league for these youth. Let them perform their crackery against each other. Each youth could set up a system, and then they would go head-to-head to crack the other youth's system. Indeed, it would be an intellectual junior soccer- or baseball-style league.
  • by tktk (540564)
    I smell a cross-licensing agreement with George A. Romero.

    • Night of the Living Dead
    • Day of the Dead
    • Land of the Dead
    • Spam of the Dead
  • From TFA... (Score:5, Insightful)

    by andreMA (643885) on Friday June 24, 2005 @05:25PM (#12905263)
    Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems.
    Um, no. The vulnerabilities exposed are most often in Microsoft products, which allow the user to be owned. Someone needs to thwap the "Officials at the F.B.I. and the Justice Department" upside the head with a clue by four.
    • Um, no. The vulnerabilities exposed are most often in Microsoft products, which allow the user to be owned. Someone needs to thwap the "Officials at the F.B.I. and the Justice Department" upside the head with a clue by four.

      Unfortunately you can't do that any more. It's now a PATRIOT act violation, plus the TSA no longer allows clue by fours in carry on luggage.

  • by jpmkm (160526)
    Could this open some eyes and increase interest in alternative (Linux, Mac) offerings?
  • by caudron (466327) on Friday June 24, 2005 @05:44PM (#12905387) Homepage
    ...but "Jasmine" is a dude? Really?

    I'm sure it's a cultural thing, but seriously, when I was in school (cue old-timey phonograph and creaky rocking chair sound) he'd have been hating life if he had the balls to show up to school with a name like Jasmine!

    The times they are a changin'. (That's a good thing, I think)
  • "Hacking in its pure form is to show what you can do."

    May I please have a spammer and an axe? I'd like to show what I can do.
  • "Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do."

    Translation: Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to compensate for being such an empty shell of a person that one must scrape around for any sort of recognition and attention.

    Sorry, kid. Despite your delusions, you just ain't that cool.

  • by vaith (875639) on Friday June 24, 2005 @07:43PM (#12906226)
    Next: NYTimes advises that zombie-spammers can be dealt with by "removing the head or destroying the brain".
  • 'Hacking in its purest form is not about compensation or about wrecking a Web site. Hacking in its pure form is to show what you can do.'" ...much like the art of breaking an entering a home residence and rifling though the owners belongings. Just to show you can do it.

    Please, stop trying to justify hacking in this manner. It displays mental bankruptsy and severe denial unbecoming of anybody claiming to have half a brain in their skull.

"It's ten o'clock... Do you know where your AI programs are?" -- Peter Oakley

Working...