Re: Why can't ISPs stop spam/virus ?!
From: Jim (james.l.scott_at_att.net)
Date: 09/22/03
- Next message: Lew Pitcher: "Re: how to let new touched file have executable attribute without using chmod"
- Previous message: Vampire at Wicked Empire: "screenshot with [Print Screen] key in Mandrake 9.1 Gnome doesn't work."
- In reply to: Paul Lutus: "Re: Why can't ISPs stop spam/virus ?!"
- Next in thread: Ed Murphy: "Re: Why can't ISPs stop spam/virus ?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 22 Sep 2003 05:15:09 GMT
Paul Lutus wrote:
> easy-lab@absamail.co.za wrote:
>
>
>> Am I unreasonable to give my ISP 2 days to fix my spam/virus email
>> of > 10Mb/hr ? Why can't they route my (and other reporting victims)
>> mail, through a filter . There are several possible criteria for such a
>> filter (if the ISP can't see then I can provide the filtering parameters)
>> which would remove most of the recent disasterous spam/virus
>> which fills up our mailboxes in one hour, and blocks most valid
>> posts.
>
>
> Apart from the fact that all your suggestions are naive nonsense, there are
> some issues here you (and most people) do not understand. It has to do with
> the connection between virus writers and spammers.
>
> In the early days of spam, spammers would acquire an Internet account and
> spam until they were thrown off the site. Some would get a 30-day trial
> account under an assumed name (without paying for it), and spam until they
> were thrown out.
>
> As spammers became more powerful, they would find ISPs that would tolerate
> their presence, but this meant that the entire site would eventually be
> blacklisted. As a result, fewer and fewer sites allowed spam. The spammers
> had to think of some new way to distribute their crap. Call this "problem
> 1".
>
> Turning now to virus and worm writers. They started out as amateurs of
> limited cleverness and sense of ethics. Some were inexperienced copycats
> that just downloaded scripts created by others and ran them, hence the term
> "script kiddies."
>
> Also, since I was a commercial programmer in the early 1980s the business of
> programming has changed totally. It was once possible for an individual to
> become a millionaire by designing and writing software (as I did). Now most
> commercial software is written by large, anonymous (underpaid) teams who
> work for corporations. Many programming jobs have been exported to places
> like India, where there are many very skilled, diligent, hardworking
> programmers willing to work for small fees. Call this "problem 2".
>
> Problem 1: desperate spammers. Problem 2: desperate programmers. Are you
> getting this? They've formed an alliance and are now creating virii and
> worms of unprecedented sophistication. The purpose? To take over as many
> *individual* Windows machines as possible, where they silently await a
> signal to begin spamming. The present crop of virii and worms are written
> very cleverly and are regularly updated to evade the filtering methods used
> by the anti-virus companies. This means that existing virus filtering
> methods *cannot* *possibly* *succeed*.
>
> That takes care of the origin of the messages -- for all practical purposes
> there isn't one that can be identified and controlled. As to the content of
> spam messages including reply addressed and place of origin, it is trivial
> to vary the language in an e-mail so that existing e-mail filtering methods
> *cannot* *possibly* *succeed*.
>
> Here is a list of reasons spam cannot be stopped:
>
> 1. The method of distribution is now thousands of Windows computers,
> everywhere in the world, that are sending spam without the knowledge or
> consent of their owners. Result? You cannot filter by place of origin.
>
> 2. The content is constantly varying, to avoid filtering methods. Result?
> You cannot filter by content.
>
> Because of the above points, you cannot stop spam, you cannot easily trace
> it, and if someone goes to the trouble to locate a particular spamming
> computer, it is *by* *design* a single, expendable cell in a worldwide
> distributed network of the smallest possible cells -- end-user computers
> running Windows.
>
> Now think. What do Al Quaida and spammers have in common? Simple -- Al
> Quaida relies on small, distributed cells of undercover loyal operatives,
> ready to act when they receive a prearranged signal. In the same way, the
> computers taken over by the new crop of viruses and worms are the computer
> equivalent of terrorist cells and operatives -- they are hidden but deadly,
> and they await a signal to begin spamming. The computers are the
> footsoldiers of cyber-terrorists: the virus writers and spammers.
>
> The new virus programs have a huge internal list of Internet addresses they
> regularly poll for a message. The list is long obviously to make it more
> difificult to shut down all the sending sites, and perhaps to disguise the
> true trigger addresses. In the same way, an Al Quaida operative will have a
> phone book with a long list of phone numbers -- I mean, assuming the
> operative doesn't use encrypted e-mails for communication with his
> controllers.
>
> Make no mistake. In both cases, for both the concealed Al Quaida operative
> and the infected computer, we are talking about terrorist cells.
>
> According to a story I read yesterday, on Friday afternoon a teacher in a
> large public school in the southern US received one of the spam/virus
> e-mails disguised to seem to be a security alert from Microsoft, and,
> impressed by the thoughtfulness of MS, gratefully clicked the attachment.
> Fifteen minutes later the school was closed and the staff were gone for the
> weekend. It turns out the school's machines have fulltime, fast Internet
> access. This combination of factors has made the school a primary
> distribution center for the virus, issuing tens of thousands of copies per
> hour (using the large address books teachers are famous for compiling). Did
> I add that no one seems have a key to the building?
>
> Now, let's return to the first line in your message:
>
>
>> Am I unreasonable to give my ISP 2 days to fix my spam/virus email
>> of > 10Mb/hr ?
>
>
> Don't you understand this is not a nuisance, it is a war? It will not stop
> until the spammers begin to take heavy casualties.
>
> Wake up and smell the capuccino. Once there is a death penalty for spammers
> and virus writers, the problem will begin to abate, *BUT* *NOT* *BEFORE*.
>
> Go ahead and laugh. Then start counting the days until such a seemingly
> ludicrous, off-the-wall suggestion begins to seem reasonable.
>
> As I write this, over half of the Internet's bandwidth is taken up
> distributing either viruses or spam messages. And in the new twist
> described here, once they take over some hapless user's machine, the
> viruses are designed to emit spam as well as copies of themselves.
>
I agree with all of these conclusions. Is there any penalty direr than
death? Perhaps we could reinstitute public hangings after a week in the
stocks in Silicon Valley.
Jim
- Next message: Lew Pitcher: "Re: how to let new touched file have executable attribute without using chmod"
- Previous message: Vampire at Wicked Empire: "screenshot with [Print Screen] key in Mandrake 9.1 Gnome doesn't work."
- In reply to: Paul Lutus: "Re: Why can't ISPs stop spam/virus ?!"
- Next in thread: Ed Murphy: "Re: Why can't ISPs stop spam/virus ?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
