Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×

Next Generation Spam Zombies Will Use Data Mining 133

branewashd writes "The Globe and Mail is covering some new research on the future of spam. The paper 'Spam Zombies from Outer Space', from researchers at the University of Calgary, will be presented on Sunday at the European Institute for Computer Anti-Virus Research conference. According to the paper, the next generation of spam zombies will employ 'sophisticated data mining of their victims saved email'. When a computer is turned into a spam zombie, it will first be mined of its address book, mail client configuration, and mail archives. Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent. The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it."
This discussion has been archived. No new comments can be posted.

Next Generation Spam Zombies Will Use Data Mining

Comments Filter:
  • by chriss ( 26574 ) * <chriss@memomo.net> on Friday April 28, 2006 @01:49PM (#15222785) Homepage
    Technical advances
    Better tricks to fool spam filters, like the examination of text the user has written mentioned in TFA. This is close to impossible to stop, the only way is to try to be faster in developing better anti spam tools.
    Lack of security
    Most spam today is send from captured machines, and in the future these machines will not only be used to send but also to improve spam. This could be helped by better educated users, better default system security or easier to understand security configurations. At least there is hope.
    Response
    The only reason for all this spam is that it still pays. Even though it is a very small number of people, it is enough to finance the whole illegal business of building bot nets, stealing addresses etc. If there was a way to stop people to buy that stuff, the other two points would be irrelevant. Unfortunately this is not going to happen, which is the most frustrating part.
    • Explain all the dictionary phrase spam, that has no valid message then?

      just jumbles of phrases- and nothing advertised?
      • by Anonymous Coward
        It's being used to disable the Bayesian-style filters that tend to work on keywords. Basically the idea is to flood the filter with a lot of junk messages that give false positives, thus making the filters less effective as the user attempts to tag all these junk messages as spam.
      • Explain all the dictionary phrase spam, that has no valid message then? just jumbles of phrases- and nothing advertised?

        I'm astonished by those all the time. My Thunderbird is throwing out about 2000 mails a day, and I am often confused about those it didn't catch. I could not recognize them as spam either, since they contain no product names, no links, nothing.

        But since I believe that nothing that can be explained with stupidity should be explained by conspiracy theories, I assume these are accidents.

        • Well poisoners... (Score:4, Interesting)

          by mengel ( 13619 ) <mengel&users,sourceforge,net> on Friday April 28, 2006 @02:17PM (#15222998) Homepage Journal
          These are attempts to poison word-based beysian(sp?) spam filters.

          If you mark enough of these random collection of useful word messages as spam, your beysian spam filer will start filing real, useful email as spam, and you will eventually decide the filter doesn't work and turn it off...

          Of course, if you feed your filter just the headers and stuff that actually looks like spam, and not the blocks of random words, it can still learn useful things.

          • Re:Well poisoners... (Score:2, Interesting)

            by coaxeus ( 911103 ) *
            Correct you are. I admin systems that process close to a half million messages a day average, the vast majority of that is spam. Bayesian classification is one of the 5-10 layers that contributes to a spamassassin score on these sysetms.

            Bayesian is probably the most useful part of the anti-spam system, but also the most annoying to administer because of this poisoning. I can't even count the number different methods I've tried to keep an accurate bayesian database since the poisoning started, and number of

            • by chriss ( 26574 ) * <chriss@memomo.net> on Friday April 28, 2006 @03:20PM (#15223483) Homepage
              If evolution wasn't broken and stupid people did less breeding and more dying ...

              I think this would be an universal solution to almost all of mankinds problems.

              • Even though I wrote it myself, I am somewhat scared about the moderation. A couple of hour ago it was 3-Funny. It was intended to be funny. Now it is 4-Insightful.

                I will not assume that a lot of slashdot users will support the idea of solving problems by removing the part of the population that causes the problem. Most will be aware that a) even idiots usually have positive sides, b) an idiot in one area may be a genius in another, c) trying to fix something complex like society with a hammer will most like

                • This brings a thought to my head... while still avoiding Godwin's Law.

                  I'd say it could be a practical solution, but every implementation of it will be Very Bad. Because: we humans value life highly (most of us at least (I hope)), and especially one's own life.

                  But consider a society where the common good is always regarded much higher by any individual, than the same individual's own life. In this case, it would be perfectly reasonable for the society to decide on the best traits (such as intelligence), and

        • Those that get through are not spam. Its the internet becoming aware and trying to communicate with you. You are the chosen one.
    • by Arandir ( 19206 ) on Friday April 28, 2006 @02:32PM (#15223096) Homepage Journal
      The only reason for all this spam is that it still pays.

      Here's the funny thing. Joe will receive a spam that has been carefully constructed as to appear to be coming from his mother. Why the fsck would he believe it? Is he so stupid that he would buy viagra and hoodia from his mother? The answer, unfortunately, is yes...

      "Dear Son,

      I am so sorry to hear about your injury. Have you considered **Ci@L15**? My arthritis is acting up, I think I will LAST ALL WEEKEND! When will you come down next, because PLEASE THE CHICAS!

      Love,
      Mum"
      • Seriously, since you know Mom wouldn't send you that, it's obvious that Mom's machine has been infected.

        So you either go over and fix Mom's machine or (if you're less technically competent) you tell Mom you'll take her computer to one of the computer cleaning companies.

        Problem solved. Maybe solved forever if Mom gets a different email client (fix email client exploits) or firewall (fix worms) or some education (maybe fix trojans).

      • Great... now I'll get emails from my parents wondering if I'm shy because of my "short gun."

        I'm sure they'll write me with their solutions too.
    • The only reason for all this spam is that it still pays.

      You have clearly identified the problem. Disrupt the money stream and spam would go away. The best way to disrupt the money stream is at the source, the idiots that actually buy the crap pushed in spam.

      How do you stop the idiots from buying spam crap? Easy, send email to all users, those that click on the contents and attempt to buy the bait are identified, tracked down, computers are confiscated, and they are barred from the Internet for lif
    • As I commented earlier on spam and adware companies: Flagrant copyright violations of the products that they are offering is the only way to root them out. The only way to get them to come out of the shadows is to try to get you to stop. Once they go to Law Enforcement about it, you can tell them exactly why you are infringing on their 'copyrights'. Like any of the slimy bastards are going to try to get you to stop breaking the law so they can continue to. Another idea would be to punish the individuals who
  • by Anonymous Coward
    Or... the world of 1998? Didn't pretty much all Outlook worms do this?
  • by eldavojohn ( 898314 ) * <eldavojohn&gmail,com> on Friday April 28, 2006 @01:50PM (#15222795) Journal
    Damn, I hope they don't abuse the hell out of the Weka Project [waikato.ac.nz], that's one slick open source engine I've used time and again. It'd be a crying shame to see it put to use of ill repute!
    The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.
    Like what? Capital punishment for spammers?
  • Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent.
    Do they make money on that? (1. Re-send mail 2. ??? 3. Profit!)?
  • The spammers don't innovate, they just use existing technology for their own ends. This would definitely qualify as innovation, so it's not going to happen.
    • Past performance does not indicate future returns.

      Just that the idea is there, and there's a big market, makes it prudent to get ready for whatever we can reasonably see coming at us.
    • Never underestimate spammers. It may give you a warm and fuzzy feeling to assume that "spammers are stupid," but some of them are surprisingly sophisticated.

      One reason we're still in an arms race against spammers is that some of them -- just enough -- have the expertise (or can hire a less than scrupulous developer to provide it) to counteract just about every technological measure we've thrown at them so far.

      To assume that spammers are too stupid to work around something is to fall into the trap of being
  • by Progman3K ( 515744 ) on Friday April 28, 2006 @01:53PM (#15222824)
    There will be some people who will get pop-ups from the zombie virus requesting that they upgrade their machine to be able to run the virus properly.

    That's sure to be a dead giveaway...
  • by brxndxn ( 461473 ) on Friday April 28, 2006 @01:53PM (#15222825)
    1. This is Microsoft's fault.. Microsoft should fix their operating system to ask for a password any time a program is installed, registry settings are changed, key files are modified, etc.. Also, 'install on demand' should be eliminated from Internet Explorer. Ever notice how spyware pretty much didn't exist before Microsoft gave the developers complete control over a person's PC? The end user is stupid. The whole premise of Windows assumes that.. So then why did Microsoft decide that the end user should be able to have his system completely compromised with ONE SINGLE GODDAMN FUCKING WRONG CLICK WHEN BROWSING A SHADY SITE?

    2. This is the fault of the legal system. Spyware is ALREADY illegal. Congress has talked about making it 'illegaler.' Someone needs to jump forth and realize the moneymaking potential that it is to sue the pants off the incessant spammers.

    Again.. 99.9% of spyware problems can be fixed by just running in limited user mode. Ubuntu has the right idea..
    • Most of them are a) annonymous and b) not in the US. Jurisdiction's a bitch.
    • by Anonymous Coward
      Having seen a preview of Windows Vista, Microsoft seems to be heading in the right direction. In Vista, everything you do will run as a "standard user", even if you are an administrator. If you attempt to do something that requires elevated priviledges, you will need to go through a system controlled dialog that confirms this. There are visual cues on these activities that are consistent from the browser through to the end-user applications.

      While I'm not a Microsoft advocate, I feel that are trying to im
    • Microsoft should fix their operating system to ask for a password any time a program is installed, registry settings are changed, key files are modified, etc. You obviously have no idea Windows works.

      First, you are prompted before running any program from the net. It even prompts you twice, once to confirm to run, a second to confirm publisher info.

      Second, if you've ever seen a program like RegMon, you know that registry keys are being changed all the time. I watched the closing of one window and t
    • We don't necessarily need MORE linux distributions, we need BETTER linux distributions. We also need to get the ones that are out there a little more unified. Things like the Linux Standard Base http://www.freestandards.org/en/LSB [freestandards.org] while although not the end-all solution is a step in the right direction. We don't need boocoos of distros, choice is great, but something like 5-10 GREAT distros would provide good competition yet also unify some of the effort against who you said is the number 1 problem (micr
      • My sig is entirely sarcastic. The amount of linux distros and the stupid forking pisses me off. IMO, if there were fewer better FREE distros, then more would adopt linux faster and we could finally get commercial software (games) ported to it..

        So I agree with you.
    • Microsoft should fix their operating system to ask for a password any time a program is installed, registry settings are changed, key files are modified, etc..

      If you've used a Linux machine, you'd know not to run anything as root unless necessary. On Windows machines, running as an Administrator is basically the same thing. Why ask for a password when you already have COMPLETE SYSTEM-WIDE ACCESS? Fortunately, the ability to create resticted users is already there, and has been there since at least Wind
  • by Qzukk ( 229616 ) on Friday April 28, 2006 @01:54PM (#15222831) Journal
    "Hi mom, I'm coming home this weekend, and I'll have a load of laundry. I'll also need some money because I can get P3NNY ST0X GO WILD OVER OTCBB FFFF! and some C1AL1S CHEAP AT HTTP //CHEAPERDR00GZ.MX/ !! Could you just transfer the funds to my account, it's easy to do, just go to 12.51.53.21/htedit/upload/pics/boa_rip/index.htm [bankofamerica.com]!"
    • This will make it even more difficult to have an affair!

      "Hey Honey!

      I hope to see you this weekend. I've increased my pen15! I've made sure the kids are 'spending the night' over at their friend's houses, and my wife's out. Now we'll get to celebrate our anniversary with those new nippl3 clamps I bought you!

      Love and V1agra,
      Hermie."
  • How to kill a zombie (Score:3, Informative)

    by Ohreally_factor ( 593551 ) on Friday April 28, 2006 @01:54PM (#15222833) Journal
    The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.

    You have to destroy its brain, of course [portlandmercury.com].
    • Nah, just the original one. There's no need to go decapitating zombies left and right.

      What I want to know is: Why are so many people using Worcestershire Sauce as embalming fluid?
    • by Anonymous Coward
      I love how a post that consists entirely of a joke referring to the horror movie genre is moderated Informative -- twice -- rather than something more accurate like, I don't know, FUNNY?

      Gotta love slashdot.
  • Data Mining? (Score:2, Interesting)

    by ericlondaits ( 32714 )
    That doesn't sound like data mining, nor complicated data mining even... just a simple markoff-chain driven text generator would do. Anything more complicated than that wouldn't be data mining either, but rather computer linguistics.
    • Yeah, when I read this I thought it meant they'd robotically research me a little to send me better spam. So far I can't even view the text! [linuxvirus.net]

      But no, this is pretty boring stuff. Instead of refining their target selection, they're working on increasing their dishonesty technology. Spam programmers are evil.

    • I agree, this article is useless as it can be, the stuff they say will be done in fact already exist, as for looking for mailbox content and adress book. Now for making up human looking sentances, no need for this, just need to study human habit a bit, i think they d get way more powerfull spam if they were paying a psy or something to write it. NDR like spam was to my taste a very good idea when i first time received one. And if spam stille exist in 10 years i think it'll get evolved enougth to use the te
  • by GillBates0 ( 664202 ) on Friday April 28, 2006 @01:55PM (#15222844) Homepage Journal
    ...is that they fail to mention the fact that _most_ (if not all) of these "spam zombies" happen to be Windows based machines. Agreed, most of the machines in the world run Windows, but shouldn't the news article atleast mention the fact that the 'zombification' is attributable (most of the time) to Windows vulnerabilities? Don't know if the UCalgary research team mentioned it in their paper.
    • Bonus points for spelling "pique" correctly!

      Too bad there's no +1 Good Spelling mod...
    • No, the problem isn't Windows vulnerabilities, it's uneducated users. My Windows PC is on all the time, connected to the internet, and it's behind a firewall. It hasn't ever been hit by any of these problems that slashdotters ever claim "just happen" to Windows PCs.

      Look at it this way. If Linux was the dominant platform, the issue would still exist. Let's assume for a second that Linux is 100% secure. The user will still see something online that says "Click here for free screensavers!" and guess wh
      • Ooooo, looks pro-Windows to me. You're gonna get modded down now. :-P
      • > The user will still see something online that says "Click here for free screensavers!" and > guess what, they'll click there for free screensavers.

        If I compile an application, say: main(){system("rm -rf /");},
        then put it online, call it coolscreensaver, then have a link like you said,
        saying "Click here for free screensavers!".

        If a user clicks on that in Linux, using firefox, or thunderbird, what happens?
        Nothing. Save to disk where?

        If your were able to find examples in Linux where an uninformed user
  • With rising concerns about spam and viruses sent by e-mail, we shall return days when mail was secure because it was written on paper. Riders on horseback would race across the expansive west with only the worry of Indians and dehydration.

    I mean seriously, after scalping the rider would the Indian then send a slightly reworded copy of each letter?
    • I mean seriously, after scalping the rider would the Indian then send a slightly reworded copy of each letter?

      The scalping angle get overplayed. Just as often, whites were taken captive into the tribe. With some tribes, having a slave was a status symbol. Or, in the case of those captured letters, the tribe might keep a white man as translator. (This was a common practice in the ancient Old World, as well.)

      Then there's "Indianization" -- the surprisingly common event of white people voluntarily aban
  • ...yes, yes - Mac OSX and Linux.

    But besides that, maybe an ISP should by default block all but a few outbound ports unless the user requests them specifically (either via a web interface @ the ISP or by phone)?

    Or for those who recoil under privacy threats by such a thing, maybe offer a locked-all-to-hell ISP service for $x.00 (web, mail, maybe some game port ranges, and that's it) and a "we'll assume you have a clue about what you're doing" service that leaves ports as they are now for $x+y.00 (nominal e

    • But besides that, maybe an ISP should by default block all but a few outbound ports unless the user requests them specifically (either via a web interface @ the ISP or by phone)?

      Two problems with that:

      1) While blocking access to port 25 outside of the ISP's network is one thing, you can't block port 80 or 443 (or some others) without seriously disrupting your customers' experience. So you have to let some traffic out. And there's nothing saying a zombie can't be programmed to connect on either of those port
      • 1) While blocking access to port 25 outside of the ISP's network is one thing, you can't block port 80 or 443 (or some others) without seriously disrupting your customers' experience. So you have to let some traffic out. And there's nothing saying a zombie can't be programmed to connect on either of those ports even if it doesn't use HTTP.

        Of course, not too many target mail servers are going to be listening for incoming mail on ports 80 and 443. Somewhere along the line, some machine under the spammer's co
    • Um, why? You don't need root to send mail, and Firefox has had its fair share of instant execution vulnerabilities. You can trivially hook yourself into the shell or session manager on Linux or MacOS X so you are always loaded at startup, and hax0ring Safari to steal encrypted form data is likewise scarily easy.

      Techniques like SELinux or AppArmor can stop this but they aren't integrated with most distros, it's still experimental stuff, and MacOS doesn't have anything like it.

      So, I don't see any logical

    • "But besides that, maybe an ISP should by default block all but a few outbound ports unless the user requests them specifically..."

      I certainly don't think ISP's should be the one's responsible for trying to secure the internet. IMHO, ISP's should not block any ports and should only provide connectivity services...all of them.

      Where's Mr. Internet (Al Gore) when you need him? We need a law passed that requires anyone connecting to the internet is required to received a state license, and an internatio
    • Or for those who recoil under privacy threats by such a thing, maybe offer a locked-all-to-hell ISP service for $x.00 (web, mail, maybe some game port ranges, and that's it) and a "we'll assume you have a clue about what you're doing" service that leaves ports as they are now for $x+y.00 (nominal enough to scare off the average users, but low enough to prevent gouging and such).

      This is how DSL service is sold today, with home vs business accounts. Home account is like $20-30/month, has a roaming IP, port 25
  • by etully ( 158824 ) on Friday April 28, 2006 @02:01PM (#15222883)
    Pet Peeve: Data mining is about making statistical inferences based on a large group of data and extracting patterns that nobody saw before.
    Examining someone's address book, copying an email in the Outbox, and inserting junk in the middle of that is no more than low tech vandalism.
    • ...if you call it "low-tech vandalism" rather than "data mining", you don't get to use big shiny buzzwords. So "data mining" it is, even though, well, it isn't.
    • Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent.


      Unless you mean that "Natural Language Processing techniques" is no more than "low tech" vandalism, I would say the post is right on the money.
  • Wasn't that on Sci-Fi last Thursday at 3am? I think they were From Beyond...
  • Isn't it fun to imagine spammers being sentenced to a couple hours in the stocks in the village square?

    Sigh.
  • Research firms figure spam accounts for about 40 per cent of the billions of e-mails sent each day.

    It's more like 70-80% as my spam firewall allows 22% of email.
  • "What we want to do in our research at the University of Calgary is get out of the cycle of just reacting to new problems we see."

    Change the spammer's email environment before it changes you.
    Have an email option solely for communication and not for commercial transfer or for selling things.
    I guess people/business wouldn't go for that.
  • I'm waiting for someone to come up with an expert system /AI that looks for new securtity exploits and then uses them to spread it's own code to other systems. Try filtering that out.

  • As much as I would like to see everyone drop all the Windows, Outlook, Internet Explorer crap so we can all move on from things such as spam and worms, I doubt that this is going to happen to any good degree in the next 5 years. But who knows?

    What I'm sure will happen, sadly, is that Microsoft will push Vista, and it will contain some half-assed attempts at curbing these horrible, large-scale problems of zombies, worms, etc, etc. How effective these attempts will be (if at all) remains to be seen.

    So,
    • Mac OS X: Installer for SketchySharewareApp needs to run a script to determine where it should be installed. Please enter your root password. (PUT HACKING HERE)

      Linux: See above in the event that the user wants to install applications outside the walled garden of a distribution's software repository.

      I'm not saying that Windows is perfect, but the user represents a very weak link in the security process.
    • it's not even "more secure than what windows doeslol!"
      By default in linux:
        - Permissions tend to be inheireted
        - You tend to do everything as a single "user" with a single set of permissions.
        - Attempting to extend this scheme into something more realistic is, at the very least, non-trivial.
    • In regards to the child posts pointing out that MacOS and Linux won't magically solve these problems... no argument there! In my parent post I said "less stupid", not "magic bullet for all problems". Not to mention the problem of stupid users.

      However, I think we can all agree that Microsoft's track record is terrible in regards to solving these problems (problems that they played a part in causing to begin with, with their low-quality software.) Their response over the previous 6 or 7 years to the spam/z
  • Harman Hamburgaz HAHAHAH
  • researchers at the University of Calgary, will be presented on Sunday at the European Institute for Computer Anti-Virus Research conference. According to the paper, the next generation of spam zombies will employ 'sophisticated data mining of their victims saved email'.

    Nice, so even if most spammers don't have the intelligence or resources to do the research for more sophisticated spamming (beyond finding yet another exploit for IE), a bunch of researchers do it for them and publish the papers.

    How helpful o
    • Ok... I vote for "incorrect" moderation.
      Knowing more about a problem helps solving it, more, than it helps people causing problems. Spamming is work now. They do research too - and not once in a while, but everyday.

      Would you be more secure, if algorithms used by SSL were secret?
      Would you get less spam, if only IT research guys and spammers knew how to spam "properly"?
      We don't need another "keep it silent - it's not a problem" and "don't allow to export it to other countries - even if they know 1000 of
      • Knowing more about a problem helps solving it, more, than it helps people causing problems...
        Would you get less spam, if only IT research guys and spammers knew how to spam "properly"?
        We don't need another "keep it silent - it's not a problem"


        Good, good, I'm happy you're such an idealist and protector of the "information wants to be free" movement.

        Now let me tell you how it works in real world: every tiny friggin' advantage counts, and it adds up with the other tiny friggin' advantages. Is it legal or ok to
    • Researchers rely, like the open-source movement, on the relatively free and unfettered exchange of information. Its the whole "standing on the shoulders of giants" things.

      Yeah, this means that the bad people that would spend the most effort and resources to find out dangerous ideas often get them for free, the same as the good people that wouldn't spend the effort and resources, and would otherwise not know anything about how to defend against them if they weren't published.

      I think its a worthwhile trad

  • Oh, really? (Score:5, Funny)

    by aardvarkjoe ( 156801 ) on Friday April 28, 2006 @02:25PM (#15223045)
    Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent. The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.
    For instance, before sending someone your credit card number, take a moment to ask yourself whether or not your mother is likely to be offering to sell you penis enlargement pills.

    Somehow, I don't think it is going to be difficult to tell the difference, simply because my friends are not trying to peddle things to me.

    • Maybe not penis enlargement pills, but you could still get these...

      Hey, check this site out, just came across it and thought of you [insert spoofed site name]

      Or
      Hey, did you go to high-school with this guy? [insert spoofed site name]

      Then you thought you were going to youtoob or myspace or some other "friendly" site, but you were really getting redirected back to a site that exploits ActiveX, and boom, gotta virus. Maybe not you, since hopefully your running Firefox, but its those other 85% that wil
  • I regularly recieve emails of exactly this nature to several addresses I use to deal with shady/or poorly managed state agencies. I noticed address mining of this sort at least 16 months ago. I typically know that a given shop will be calling for some sort of aid when I start getting my own (slightly modified and links added) back with own signature attached(once again slightly mispelled).
  • by Donjo ( 797935 ) on Friday April 28, 2006 @02:53PM (#15223266) Homepage Journal
    Then I won't be in anybody's contact list.
  • * Make every sending entity register rDNS MXPTR records that state IPs allowed to send mail for the domain.
    * Don't accept mail that doesn't have properly registered rDNS MXPTR entries.
    * Profit from ending site spoofing in spam, making the only outlets open relays and subverted real mail servers, which is considerably less than the whole of home systems worldwide

    It's easy. It's distributed. It recognizes the frequent difference between Sending and Receiving MTAs. There are no new control structures to dea
    • MXPTR, SPF, Sender-ID, RMX, whatever, these schemes don't help stop spam -- they help stop (or at least identify) forgery. As it happens, a lot of spam today uses forged sender addresses. , so blocking mail that actively fails such a check does stop spam. Experience with SPF has shown us that spammers are perfectly willing to adopt this kind of record and just authorize the entire internet to send for their own domain. (On the plus side, since their SPF record says the domain is correct, you can safely b
      • I see what you mean, they could buy a few legit addresses and have their rDNS say it is ok to mail whatever domain they want from their IP. Easy to track down the person that way of course, but I agree with the flaw.

        Modifying a bit, perhaps DNS rDNS pairs. The rDNS MXPTR records have to have a matching MXSNDR record pointing at the system, or they are false and vice versa. That should make it appropriately difficult to forge.

        example.com MXSNDR 10.93.13.43

        mx1.example.com.43.13.93.10.in-addr.arpa MXPTR

        It w
  • My wife was sent an email from a trusted friend of hers, which recommended she go to a particular website, and fill out a survey to receive a $25US gift card to Target (a major US retailer). As this email had come from a trusted friend, my wife, who is very computer savvy, went to the site to fill out the survey.

    Once the survey posted, she noticed that her browser began acting very unusual. The website apparently hijacked her browser, backed up into her email, and proceeded to send emails to every person
    • Get yourself a digital signature so you can sign all your emails so people will know when email from you is faked or not. And then educate your social network to do the same so you know when to trust their emails. In about seven steps the whole world will be safer.
  • Ditch windows.
  • To end SPAM, it seems like it's safer for internet users in general if some of us volunteer to automatically load those SPAM URL's. I.e. DDOS. Someone needs to hack up a cute little tray application to grab URLs from a central site and grab them a few thousand times... it won't end spam directly, but it might (finally) make the economics poor.
  • I RTFpdf and I don't see any mention of the single gaping hole in this proposed spam method, which renders it highly unattractive to spammers : the zombies will be short lived. Currently, zombies can only be identified by IP address (for those who can be bothered to dig through the spam email headers), but all that lets the target do is complain to the owner of the netblock on which the zombie lives - there is no way to contact the owner of the infected machine directly, via email. Netblock owners (typic

"Help Mr. Wizard!" -- Tennessee Tuxedo

Working...