RSS
Twitter
Washington Post Story Convinces Service Providers To Pull The Plug On Major Spam Enabler
from the but-where-do-they-go dept
We're seeing a bunch of folks pointing out that evidence collected by the Washington Post's computer security writer, Brian Krebs, is basically responsible for getting that company kicked off the internet. Krebs is a fantastic reporter, so I don't doubt the story -- but I'm always a little skeptical of stories claiming that a huge percentage of spammers have been knocked offline. We see such stories every few months, and it never seems to have any real impact on the amount of spam out there. Just last month there was a report claiming that the world's largest spam operation was shut down, but the actual amount of spam flowing across the network did not decrease.
This case is a little different, in that it didn't shut down the spammers themselves, but rather a hosting company that apparently many of the largest zombie botnets relied on. However, it seems quite likely that they'll find some other hosting company that will gladly take them on and everything will be up and running again. That's not to say it's bad that these guys get taken down -- but at some point people should realize this seems like a big game of whack-a-mole, and there may be better, more efficient ways to tackle the problem.
Reader Comments
(Flattened / Threaded)
Significant results so far
This http://www.spamcop.net/spamgraph.shtml?spamweek says it all.
A 75% drop in spam. Amazing.
(reply to this comment) (link to this comment)
Aha! So that's what happened... Wow.
I can definitely say this is the first time I've actually seen a difference, and what a big one it was. Today, I woke up to only one (1!) e-mail in my Spam folder, where I usually see 10 to 20. With that big a difference, I knew something had to be up.
(reply to this comment) (link to this comment)
Traffic Drop
Picture, 1,000 words, blah blah blah.
http://www.dslreports.com/r0/download/1368730~af0d17d2c90ea0591df6b6f9fb98d636/spam.gif
(reply to this comment) (link to this comment)
It's nice that security flaws are addressed by those people who are exposing them to the world - even without the spam problem, it's a good thing. However, there will only ever be one truly effective solution to the spam problem - get the idiots who are handing money over to the scammers to stop doing so. I fear there's too many morons out there for this to be realistic, sadly.
(reply to this comment) (link to this comment)
zombie botnets need brains
(reply to this comment) (link to this comment)
This is the second time
When the first of this sort was cut off, my spam dropped from 6000 to 4000 a day. Today it seems to have dropped another 25% to 3000. I am pleased.
(reply to this comment) (link to this comment)
Re: This is the second time
If I got that much spam every day I'd have stopped using email a long time ago.... Sorry to hear it. Hope it improves more still, for your sake.
(reply to this comment) (link to this comment)
What are they?
Mike wrote: "there may be better, more efficient ways to tackle the problem"
Agreed this is whack-a-mole, but what are those better, more efficient ways? I can't think of anything practical that would work.
(reply to this comment) (link to this comment)
But for how long
I see posters above say spam is down today. OK, but for how long will it be down? Mike is right, these guys will find other ISPs before long.
(reply to this comment) (link to this comment)
better ways
"and there may be better, more efficient ways to tackle the problem."
such as....................?
personal data point: Canadian pharmacies seemed to disappeared of late.
(reply to this comment) (link to this comment)
I find it interesting that NY AG Cuomo can spend months pretending that newsgroups are bastions of evil and getting ISPs to sign deals that have them do nothing differently..... yet a major crime syndicate host in business for years despite ample evidence from researchers just slips out of his grasp...
(reply to this comment) (link to this comment)
The Best Anti-Spam Solution
... was Blue Frog by Blue Security Inc. I wish someone else would develop something similar.
(reply to this comment) (link to this comment)
Re: The Best Anti-Spam Solution
This is nonsense, of course, which is why the first people to condemn what the spammers at Blue Frog were doing were the world's most experienced anti-spammers.
(reply to this comment) (link to this comment)
Tank you Google! i see no spam in the inbox on either my gmail account or my Google apps account. The best spam filter out there.
(reply to this comment) (link to this comment)
Not just whack-a-mole
Going after the ISPs is actually very efficient. You predict that the criminals will "find some other hosting company that will gladly take them on", but when an ISP or host knows it might get kicked off the Internet for doing so it will be much more reluctant to do that.
The ISPs and hosts are certainly the most equipped party to monitor what is happening on their own networks, they just need the proper incentives to do it.
(reply to this comment) (link to this comment)
too bad they'll recover too soon
My major concern is about security experts now having tons more work to do to track the same spammers on other servers belonging to some other hosting company. It looks like with every situation like this they need to start afresh and I don't think that reducing the volume of spam for a day is really worth it.
(reply to this comment) (link to this comment)
I'd have a different attitude toward this. In absence of a better and more efficient method (which nobody has suggested), I applaud this effort even if spammers will find a new host - at the very least this serves as a warning to potential host. It's very easy to say that there should be a better method without suggesting one.
(reply to this comment) (link to this comment)
Re: Not just whack-a-mole
> The ISPs and hosts are certainly the most equipped party to monitor what is happening on their own networks, they just need the proper incentives to do it.
Let's see ...
ISP's monitoring network data to prevent copyright infringment - bad.
ISP's monitoring network data to prevent spamming - good?
I fail to see how you can have it both ways.
While I hate spam as much as anyone else, ISPs should not be required to police their network to prevent illegal activity - not for any reason.
(reply to this comment) (link to this comment)
Re: Re: Not just whack-a-mole
Well, it's actually quite simple. Copyright infringement is merely a legal issue to ISPs - there's no reason for them to care about it until people get lawyered up. Spam, on the other hand, is something with actual *effects* on them. If we could eliminate all spam in an instant, the effects on network congestion would be IMMENSE. Thus, ISPs have a good reason to police themselves and each other for spam - it's for their own survival.
(reply to this comment) (link to this comment)
Spam
Figures could well be true. There`s a hell of a lot less spam in my G-Mail spam box over the last few days.
(reply to this comment) (link to this comment)
Add Your Comment