Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Screensaver tackles spam websites

  • 30-11-2004 11:37am
    #1
    Registered Users, Registered Users 2 Posts: 1,531 ✭✭✭


    (not entirely sure if this is the correct board, but I figure it's of interest to security minded people for the ethical issues at least)

    Lycos have developed a screensaver (like SETI et al), which goes through a list of recognised spammers and makes webpage requests. Each screensaver user only does around 3mb per spammer, but obviously this adds up. The theory is that this would result in a large increase in the spammer's hosting costs, winning a rare victory for the regular internet user. It's definately an interesting idea, I'm surprised however that Lycos isn't afraid of getting sued for what could end up being regarded as orchastrating a DOS attack if the software became popular enough.
    http://news.bbc.co.uk/1/hi/technology/4051553.stm
    http://makelovenotspam.com/intl/


Comments

  • Closed Accounts Posts: 19,080 ✭✭✭✭Random


    Sounds like a sound idea... if I didn't hate screensavers so much I'd signup.. I may make an exception even :)


  • Registered Users, Registered Users 2 Posts: 13,016 ✭✭✭✭vibe666


    yeah, I was playing with it yesterday. they have a thing on their site that allows you to manually send requests to spammers sites too. not really practical, but fun none the less.

    again though, not sure about the legality of it all, but then would it not be like robbing robbers?

    "hello, is that the internet police? I'm a spammer, and I am a major contributor to junk on the net, and I'd like to report lycos for doing to me for free what I make a living out of doing to other people."

    click....

    "hello?"


  • Registered Users, Registered Users 2 Posts: 1,531 ✭✭✭Drakar


    I think it would more go like:
    "Hi, I'm the CEO of a large internet based medical company that helps people enlarge .... things. My business is entirely internet based, and this company l'eyekos or whatever seems to written a system that prevents customers accessing my website. I've lost thousands of <your local currency here>, and the transgressors are refusing to remove my name from their automatic attack lists. I want to see something done about it! Sargent Murphy, this is also delaying your delivery..."


  • Closed Accounts Posts: 143 ✭✭Zonko


    I really don't understand how they expect to get away with a publisised (sp?) DDoS though, but I do like the idea. :)


  • Registered Users, Registered Users 2 Posts: 7,581 ✭✭✭uberwolf


    I'd a thought the idea that it was distributed such as it is would make it very hard to combat...


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,531 ✭✭✭Drakar


    It's definately very hard to combat. That's why nefarious programs that do this kind of thing are so effective. I think it's more interesting from the ethical/legal side of things. Should a company (or anyone) be allowed to promote what is essentially vigilantisism, and in this case for their own publicity(=profit)?


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,596 Mod ✭✭✭✭Capt'n Midnight


    fragile wrote:
    As was pointed out on the Open (webnet.ie) mailing list yesterday:
    http://www.boards.ie/vbulletin/newreply.php?do=newreply&p=2134863
    It all sounds lovely (in a 2 wrongs DO make a right kinda way) until you look a little further (slashdot) and discover that the makelovenotspam.com domain is registered to Starring Ltd AB (starring.se) - a Swedish Marketing company. Apparently Starring were contacted by Spray (a Lycos company in Sweden) to get more people to start using Spray’s e-mail service.

    The makelovenotspam.com domain opens in a new window even in tabbed browsers then loads in a page hidden behind the new window "Our offers" from Lycos. Correct me if I'm wrong but isn't pushing adverts to people without their consent in an underhand fashion like this considered Spam?


  • Registered Users, Registered Users 2 Posts: 380 ✭✭dogs


    This is a horribly bad idea.
    BBC wrote:
    Mr Pollmann said there was no intention to stop the spam websites working by subjecting them with too much data to cope with.

    He said the screensaver had been carefully written to ensure that the amount of traffic it generated from each user did not overload the web.

    ...so they just want to run up bandwidth bills, not DDoS websites...
    BBC wrote:
    Early results show that response times of some sites have deteriorated by up to 85%.


    How many other non-spammy sites are hosted on those boxes ?
    You could argue, I suppose, that this will discourage hosting companies from taking on companies that sell spam advertised products; but then you have one company (Lycos) censoring others in a forceful way...

    I haven't downloaded or run the Lycos software but unleashing something like this would take a lot of special care, I'd conservatively estimate that 50% of all deployed software is never updated, never patched or almost certainly forgotten about.

    There's also the chance that users may not own the bandwidth they're using -- running it in work, for example. People have been fired for installing SETI screensavers (admittedly this was on a corporate-wide network of desktops).

    Bad idea, two wrongs don't make a right, if you really wanted to put spammers out of business get people to stop buying from them, etc.


  • Closed Accounts Posts: 345 ✭✭tck


    Lycos Anti-Spam Site Compromised

    doesn't look like they got off to a good start

    :rolleyes:


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,596 Mod ✭✭✭✭Capt'n Midnight


    SANS NewsBites Vol. 6 Num. 48
    (Schultz): Nobody likes spam, but the approach Lycos is taking is a
    best borderline from an ethical standpoint. Not only is Lycos "striking
    back," but in doing so it is generating a substantial increase in
    network traffic, the consequences of which will affect many others
    besides the spammers. Furthermore, malicious users can now readily slow
    down non-spam-related web sites by simply sending email messages that
    contain URLs for these sites.
    Lycos has in effect opened Pandora's Box.]


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,531 ✭✭✭Drakar


    tck wrote:
    It appears that this "comprimising" was a hoax.


  • Registered Users, Registered Users 2 Posts: 380 ✭✭dogs


    This will end well...
    Virus writers have begun distributing their wares in emails that pose as Lycos's abandoned "Make love not spam" screensaver.

    The fake screensaver emails contain an attachment with a RAR SFX archive that has embedded key logger Trojan inside...

    Full story here.


Advertisement