typodupeerror

## NYT Reports Porn Spam Hijacking Network497

Posted by michael
from the fit-to-print dept.
twitter writes "This NYT story describes how thousands of PCs have been used as porn spambots and reverse proxy servers, and mentions that they could be used for kiddie porn. Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."
This discussion has been archived. No new comments can be posted.

## NYT Reports Porn Spam Hijacking Network

• #### Whew! (Score:5, Funny)

on Friday July 11, 2003 @10:33AM (#6414679) Homepage Journal
Now I've got a great new excuse when the wife stumbles onto things...
• #### But is it worth giving up Linux? (Score:4, Funny)

on Friday July 11, 2003 @10:59AM (#6414952)
But is it worth giving up Linux to run Windows so you can claim to have been vulnerable?
• #### Monoculture it is, but... (Score:5, Interesting)

on Friday July 11, 2003 @10:34AM (#6414685) Homepage Journal
Isn't there also a responsibility that computer users need to take, given their connectivity these days? If we need certification to operate potentially dangerous complex machinery, why not some minor courses on basic security so you don't have Cleatus and Grandma saturating the world in spam?

I guess that's pretty authoritarian, and there are better ways to beat spam. Still... the elimination of the luser is a shining grail for us all, no? ;)

• #### Re:Monoculture it is, but... (Score:2, Interesting)

I don't think that requiring certifications in network security for everyone who wants to use the internet will ever fly with the companies that run the lines. Mainly because it won't fly with the users.

However, putting users in tightly controlled segments of the internet (filtering inbound/outbound of most unnecessary garbage and attack vectors) by default would cut down on this problem greatly. The first to complain will be those with esoteric needs and "power users." Require them to read/pass some ba
• #### Re:Monoculture it is, but... (Score:3, Insightful)

• why not some minor courses on basic security so you don't have Cleatus and Grandma saturating the world in spam?

But they passed the driver's exam so it's safe for them to drive a car? Just because they have a basic class in it, doesn't make them safer.

What, you mean you've never seen Grandma swerving across the road?

• #### Re:Monoculture it is, but... (Score:2)

I've had my fill of lusers, certainly. But Cleatus and Grandma won't have the mental capacity to appreciate network security or even take basic precautions. (As evidenced by the number of emails I get from my own grandma that read "This is a really clever animation; it's not a virus, I ran it and my computer's still fine.) More likely Internet Service Providers will strongly restrict all IP traffic and make just about the only destination port you can reach be 80, and forget any incoming traffic. Those
• #### Re:Monoculture it is, but... (Score:4, Insightful)

on Friday July 11, 2003 @10:54AM (#6414901) Homepage Journal
As a matter of fact, that strikes me as the way things are going to go on the Internet; the conversion of conventional access into a television-like medium. Port 80, plus IM and email service would largely restrict power users and pirates (not that they're in the same league at all), thereby satisfying the media giants.

The general populace might never see the difference. Increasing site-operation costs (thereby eliminating small niche sites), government regulation of our activities on the Net, and other factors seem to be dooming us to a repeat of the ClearChannel experience. Maybe I should get out the tinfoil, but I don't see how the powers that be could possibly want us to have unrestricted access to such an empowering (hate that word) medium as the Internet.

• #### Re:Monoculture it is, but... (Score:5, Insightful)

on Friday July 11, 2003 @10:47AM (#6414835) Homepage

I agree with you: if 90% of the world were running UNIX instead of Windows, we'd still have heaps of insecure, obsolete old RedHat 6.2 boxen sitting around on the Net because users just do not take security seriously and it doesn't matter what the underlying OS is.

I've pointed out before that the rise in popularity of Linux will not make the Internet more secure; it will merely result in poorly-configured Windows boxes being replaced with equally poorly-configured Linux boxes.

• #### Excuse me? (Score:5, Insightful)

on Friday July 11, 2003 @10:34AM (#6414686) Homepage
Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."

Umm, no they won't. First of all, very few people would notice the article in the first place. Second, people who did notice wouldn't know what to do to protect themselves (not supporting MS isn't an option for 90% of the computer users in the world). Third, was the comment necessary?
• #### Re:Excuse me? (Score:2, Funny)

by Anonymous Coward
Dear:

[ ] Clueless Newbie [ ] Lamer [ ] Flamer
[ ] Loser [ ] Spammer [ ] Troller
[ ] "Me too" er [ ] Pervert [ ] Geek
[ ] Freak [ ] Nerd [ ] Elvis
[ ] Racist [ ] Fed [ ] Freak
[ ] Fundamentalist [ ] Satanist [ ] Homeopath
[ ] Unbearably self-righteous person

I took exception to your recent:

[ ] Email [ ] Post to ____________________.
(newsgroup)

It was (check all that apply):

[ ] Lame [ ] Stupid [ ] Abusive
[ ] Clueless [ ] Idiotic [ ] Brain-da
• #### Indeed (Score:5, Insightful)

on Friday July 11, 2003 @10:45AM (#6414814) Homepage
There are three types of people:

(1) Those that recognize Microsoft's influence and approve of it.
(2) Those that recognize Microsoft's influence and disapprove of it.
(3) Those that are oblivious to Microsoft's influence and wouldn't care even if someone told them.

Groups 1 and 2 are not going to have very many people switching from one to the other. Group 3 is going to have even fewer people leaving it. So the whole "people might start to understand" bit is, quite simply, B.S. It reflects the submitter's membership in Group 2 more than anything else.
• #### Re:Excuse me? I think he implies Linux... (Score:2)

Apparently, /. rules out the possibility ow world MS domination. Give the HERD mentality in the IT industry, the entire momentum could now switch to Linux.

In which case, the author feels a world of insecure Linux systems could be a kiddie-porn-peddlers dream. But then, that should be a nice problem for the Linux folks :-)

Peace
• #### Convenient Excuse (Score:2)

This could make for an excellent convenient excuse... "I'm serius honey, I have no idea how that Jill Kelly lesbian porn AVI got on our computer. Our computer must be being used as one of those porn bots we heard about on the news last night. Damn those hackers!"
• #### is it me, or is it crazy? (Score:4, Funny)

on Friday July 11, 2003 @10:34AM (#6414693) Homepage
"The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system."

so um, not to Microsoft bash or anything, but what OS does this 'sploit attack then?
• #### Re:is it me, or is it crazy? (Score:3, Insightful)

You'd be an idiot to write something like this for Macs or Unix/Linux computers - there's far less of them.

It'd be like sending your spam e-mails to just 5% of people - not very effective.
• #### FUD (Score:5, Insightful)

on Friday July 11, 2003 @10:34AM (#6414697) Homepage
That's gotta be one of the most FUDaliscious articles I have ever wasted my time on.
"Some random guy says grillions of computers are infected with an undetectable virus and is going to distribute kiddie porn!!"

P.S. I'm not saying it's not possible, but for fuck's sake, get a few details before bothering to blather on about it for pages at a time.
• #### Re:FUD (Score:5, Funny)

<surak@maCOFFEEil ... m minus caffeine> on Friday July 11, 2003 @10:48AM (#6414848) Homepage Journal
Some random guy says grillions of computers are infected with an undetectable virus and is going to distribute kiddie porn!!"

Is that some sort of new grilled onion sandwich at Burger King? ;)

• #### Re:FUD (Score:2)

Its the NYT!
Who needs proof when the old grey lady can just waggle her tongue and someone posts it to slashdot?

It seems that the percentage of slashdot articles referencing the NYT is definately increasing.

• #### Re:FUD (Score:5, Interesting)

on Friday July 11, 2003 @11:03AM (#6414982) Homepage
Unfortunately, it's not FUD. Recently I've been receiving *huge* amounts of spam, vastly more than normal, and decided to take a closer look at what was being filtered out. There are some very obvious patterns in the extra spam:
• It's pretty much all pornographic or for "enhancement" products.
• The content is very similar - it's clearly the same small set of spams run through a hack to "randomise" the sender and basic subject/content details.
• The originating IPs are *all* assigned to Windows boxes where I could sufficiently NMAP them.
• WHOIS records almost always point to home/SOHO networks; I only found one corporate IP block in around 100 IP lookups.
• There are no SMTP smarthosts being used - it's going direct from a Windows box to my SMTP gateways. Outlook *cannot* do this, so it's coming from malware with a dedicated SMTP engine.
• I've also been seeing a huge increase in the amount of macro viruses inbound - just a guess, but it's probably the bot trying to propogate itself.
Couple this with the 500Mb/s DDoS attack on SpamCop over the last few days and the picture is fairly clear. Someone is thumbing their nose at the US/EU attempts to legislate against spam and sending a message loud and clear. If the antispam community cannot find and nail the person or persons responsible for this, then the eventual legislation is going to have no effect what-so-ever.

So. We have 500Mb/s+ of bandwidth being used in a DDoS, anyone's guess going on the actual spam, kids undoubtably seeing hardcore porn and computers being deliberately compromised and abused. Tell me again that spammers have a right to free speech and it's a victimless crime that doesn't cost anyone anything? They have a right to be force fed Hormel products until they explode like the Glutton in Seven if you ask me.

• #### Re:FUD (Score:3, Insightful)

Same here... Went from about 100 spams a day being 100% blocked by blacklists (primarily relays.osirusoft.com and the lists it contains) with zero spam making it through to 2-5 per day.

All email is:
- Sent directly (no relays)
- Usually from always-on internet accounts at cable/DSL companies.
- Either ads for Viagra, email virii, or strangely email with no payload

All the email has forged return addresses and the content (if and ad) is using HTML obfuscation.

The problem with this new technique is because the
• #### Re:FUD (Score:3, Interesting)

Same here. However, while most of the mail I'm getting is directly sent and from DSL/cable accounts, none of the boxes have been Windows boxes.

I've examined some of the boxes (by either NMAP, SSH, or telneting into them) and there were a couple routers (Linksys or similar home routers) but many of the boxes are actually Linux.

This seems to suggest one of two things to me: Either Linux boxes are getting hacked, or the spammers are using (multiple?) DSL accounts and Linux to send out their spam (this seems
• #### Re:FUD (Score:4, Funny)

on Friday July 11, 2003 @11:04AM (#6414989) Homepage
It's not FUD. You have to realize the concept of a reverse-proxy is not something most NY Times readers are going to understand, so those details get left out a lot. But this really is what's happening. More technical details are here:

http://www.lurhq.com/migmaf.html [lurhq.com]

Also search Google Groups for "onlycoredomains.com"

• #### Another link (Score:5, Informative)

on Friday July 11, 2003 @10:35AM (#6414702)
• #### Total flamebait! (Score:3, Insightful)

<amurray AT stage11 DOT ca> on Friday July 11, 2003 @10:35AM (#6414705) Homepage
Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."

Why do the Slash Editors(ha!) put this drivel up? We can bash Microsoft enough in the comments without the extra crap in the article itself.

• #### distributed webserver (Score:2)

if it was legal, i bet it could be quite useful. it would make /.ing alot harder of a job.
• #### Just say Microsoft. (Score:2, Insightful)

The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

What is it with the mass media not wanting to say that a given worm or trojan affects only systems running Microsoft Windows?

• #### Re:Just say Microsoft. (Score:4, Insightful)

<surak@maCOFFEEil ... m minus caffeine> on Friday July 11, 2003 @10:56AM (#6414920) Homepage Journal
The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

What is it with the mass media not wanting to say that a given worm or trojan affects only systems running Microsoft Windows?

In fact, the statement is wildly inaccurate. It doesn't affect VAX computers running VMS. It doesn't affect computers running AmigaOS. It doesn't affect IBM AS/400s running OS/400. It doesn't affect computers running OS/2. It doesn't affect computers running BeOS. It doesn't affect computers running MS-DOS.

I mean, it's patently ridiculous, quite honestly. None of those OSes are Apple Macintoshes nor are they UNIX variants. Actually, for that matter neither is Linux, technically. It's an original from the ground up POSIX-compliant OS (unless you believe SCO ;)
• #### Re:Just say Microsoft. (Score:3, Interesting)

What is it with the mass media not wanting to say that a given worm or trojan affects only systems running Microsoft Windows?

Well, this [nowthis.com] explains the NYT article (they don't want to piss off Gates), and I suppose you could assume something similar for the other media outlets.
• #### Erm... (Score:5, Insightful)

on Friday July 11, 2003 @10:37AM (#6414721) Journal
"...though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."

"... though Microsoft is not mentioned, we thought we might use this as an excuse to attack them anyway."
I mean I understand MS doesnt exactly have a large fanbase here but that is frankly ridiculous.
• #### Re:Erm... (Score:5, Insightful)

on Friday July 11, 2003 @10:50AM (#6414871)
Indeed. There's nothing in the article to indicate that this is anything but a run-of-the-mill, end user problem (e.g. running a virus). Mr. Smith thinks it may be a particular virus, and that virus may (I don't know enough about it to comment one way or another) exploit a common hole in Windows, but to indicate that this is a symptom of Windows insecurity with insufficent evidence is unethical.

Certainly it may only infect Win32, but that is by design. There have never been rootkits for Linux? Trojaned apps?
• #### ha ha! (Score:3, Interesting)

There's nothing in the article to indicate that this is anything but a run-of-the-mill, end user problem (e.g. running a virus).

Someone else has provide technical details [slashdot.org]. This is not run of the mill.

exploit a common hole in Windows, but to indicate that this is a symptom of Windows insecurity with insufficent evidence is unethical.

You can say that wihout laughing? I love you too!

• #### reg free partner link (Score:3, Informative)

on Friday July 11, 2003 @10:37AM (#6414723) Homepage Journal
here you go [yahoo.com]

on Friday July 11, 2003 @10:38AM (#6414737) Homepage
Having worked the abuse@ email address for a DSL provider, I've been seeing this for a couple of years. It's interesting that the mainstream news is finally giving lip service to the problem, though. I heard a commentator on the ABC radio network mention open relays on mail servers the other day during morning rush hour.
Someone (by someone, I mean companies that put out SMTP servers with a large share of the market) should strike while the iron is hot and take it a step further by airing some simple PSA's during a small assortment of shows. Maybe some must see TV "The More You Know" type thing...

on Friday July 11, 2003 @11:18AM (#6415118) Journal
Someone (by someone, I mean companies that put out SMTP servers with a large share of the market) should strike while the iron is hot and take it a step further by airing some simple PSA's during a small assortment of shows. Maybe some must see TV "The More You Know" type thing...

[Fade in on dim interior of grimy trailer packed with disused computer equipment and swimsuit calendars. Greasy-looking SPAMMER puts down a half-eaten slice of cold pizza and starts dialing the phone.]

SPAMMER: Hello, is this Ms. Smith? I was wondering, would you mind if I used your computer to put some pirated pornography on the Web? [click, dial tone in background] Hello? Ms. Smith?

[Cut among views of SPAMMER on the phone, sleazy as ever.]

SPAMMER: Could I borrow your computer to send millions of spam emails? [click]

SPAMMER: ... just want to use it to run a quick scam -- [click]

SPAMMER: Uh, Mr. Jones, could I steal passwords -- [click]

SPAMMER: ... I want to crack into eBay and rip people off, could I use your computer for that? [click]

[SPAMMER looks sweatier and nervous, impatient and guilty.]

SPAMMER: [click] Hello? Hello?

[SPAMMER puts the phone down and starts typing, face illuminated by the screen.]

JAMES EARL JONES VOICEOVER: In the real world, spammers and Internet criminals don't ask your permission. They use viruses and insecure computers world-wide to steal from people. To find out what you can do to protect yourself and your family from crime on the Internet, log on to computer security dot gov.

http://computersecurity.gov/
Take a byte out of crime.

JAMES EARL JONES VOICEOVER: Brought to you by the FBI and the SANS Institute.

• #### Recommended Daily Allowance (Score:5, Funny)

on Friday July 11, 2003 @10:38AM (#6414744) Homepage
Finally, though Microsoft is not mentioned,

Oh, but we'll take care of that.
• #### translation (Score:5, Funny)

on Friday July 11, 2003 @10:40AM (#6414759) Journal
Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables.

Translation:

Finally, though Microsoft is not mentioned, I felt the need to work some shrill anti-Microsoft propaganda into this post, so Fuck Bill! And Free Kevin!
• #### Great. (Score:3, Funny)

<unknown_poltroon1sp@myahoo.com> on Friday July 11, 2003 @10:40AM (#6414764)
I needed a new place to store/share mp3s.
• #### A little late (Score:5, Funny)

on Friday July 11, 2003 @10:41AM (#6414769) Journal
• #### Microsoft not mentioned? (Score:2, Interesting)

Maybe they didn't come out and say Windows for legal reasons. But get real, Macs and variants of Unix are not affected? If you were going to write this and you write it for those two, and you obviously want it on a lot of machines, what platform would you hack?

Not to mention the obviousness of using such a widespread and vulnerable platform. I think this is what everyone's getting at.

And to think of how many NT4 machines are out there with a root RPC vulnerability that MS refuses to fix. If someone's ru

• #### It's not a bug--It's a feature (Score:4, Funny)

on Friday July 11, 2003 @12:00PM (#6415751) Journal
Ever hear of load balancing? Microsoft allows users to load balance over many hundreds of machines? Can your precious Linux do that?
• #### Why don't they just say "Windows"?! (Score:2)

The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

According to that statement, my Amiga and Commodore 64 might be affected. 1000 computers affected one the net? That seems like the right number of those computers left in the world. I guess I'll have to spent days and nights wondering if mine are affected.

• #### "The rogue program ..." (Score:2)

The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

Gosh, I wonder who it does affect? I mean, who's left?

Serious question: So why is the NY Times being so purposefully evasive?

• #### Broadband providers are partially at fault (Score:5, Interesting)

on Friday July 11, 2003 @10:43AM (#6414789)
In my experience, end-users who are not tech-savvy have little real understanding of online security practices: they tend to ignore basic things such as updating antivirus dat files because they don't know or don't understand. And from my own experience, I know that broadband providers are more interested in pitching all their cool features than they are in educating users how to be safe. Seriously, how hard would it have been for my ISP to have included a Sygate or ZoneAlarm trial on the install CD they had to send out anyway?
What kills me is that it's in the ISP's best interests to encourage safe computer habits, and they don't really emphasize that.
• #### Re:Broadband providers are partially at fault (Score:3, Interesting)

My provider (Optimum Online in New York) decideed to take this initiative by blocking port 139 inbound and outbound, blocking ports for VNC, Terminal Services and NetMeeting, in addition to a lot of others that I happen to use. FTP and HTTP are somewhat understandable, but this shit is ridiculous. I work for a web host and I used to RDP to my computer at home all the time to run diagnostics against our network, and being able to access the SMB share for my website really helped eliminate the trouble of cons

I worked tech support for an ISP for several years a while ago, and when products like ZoneAlarm started making their way around it was no help.

Even other tech support people came to me everytime a port was scanned, or anything showed up on it. Then those tech support people recommended it to their callers, and the problem got worse.

Of course, 99.9999% of these scans/hits/etc were not attacks and were just routine net traffic. The personal firewalls just builds paranoia of something they don't understand.
• #### These things really are problems (Score:5, Interesting)

on Friday July 11, 2003 @10:44AM (#6414806) Homepage
I deal with Starband (Satellite Internet for those unfamiliar), and Have seen problems with spambots/pornbots like this. People get infected with them, and they start spamming.

Here's the thing though, with StarBand, they have an auto-imposed limit of around 500mb/week upload, and if you go over it, you are automagically shut off for a few days. The problem with this, and I have seen it happen, is that the Spam/Pornbots can infect a Starband Customers computer, and easilly make them go over their weekly 500mb upload limit. Thus causing them to lose their internet connection.

This poses a real problem, not only for the end user (The people I deal with are all in the far reaches of Northern Minnesota where Satellite Internet is the ONLY broadband option) but also for the ISP's. Its viruses/bots like this that make it even more necessary for legislation to fight spam.

The writers of the Bots would be the spammers, not the owners of the infected systems. Just because I borrow your car to deliver the paper, does that mean that in reality, you delivered the paper because it was YOUR car?

-I may not me amish, but I am a geek!-

• #### Oh, he's not biased... *grin* (Score:2)

The web of front machines hides the identity of the true server computer so "there's no individual computer to shut down," Mr. Smith said. "We're dealing with somebody here who is very clever."

Mr Smith:

For the sake of my sanity, I respectfully request that you not label these 2-bit punks as "clever", as you are giving them far more credit than they deserve. The folks who deserve the clever label work in marketing for Microsoft, because while they regularly advertise a secure operating system (that seems
• #### It's about time... (Score:2, Interesting)

Someone went to jail for running Microsoft Windows.

This isn't as far-fetched as you might think. For instance, the federal child-porn laws are strict-liability laws, which means that if someone is found in possession of child porn, they are guilty, regardless of how it got to their machine. So when these viruses start delivering child porn, some clueless windows user could literally get 5 to 10 years for running their machine without a firewall.

I say this is a good thing. When computer virus victi

<moc.oohay' ta' `dlonrasg'> on Friday July 11, 2003 @10:54AM (#6414902) Homepage Journal

So you're saying all I have to do is install one of those screensavers shrouded in four web-site redirections and I can sit back and wait for some pirate in The Phillipines to jack all the 1337 w4r3z and pr0n for me?

Dude! This is better than PointCast **AND** Kazaa -- The stuff just shows up! It's like subscribing to the FBI files-you-shouldn't-have mailing list!

Spyware and viruses r0ck!

• #### Technical details (Score:5, Informative)

on Friday July 11, 2003 @10:54AM (#6414904) Homepage
There is a technical writeup here:
http://www.lurhq.com/migmaf.html [lurhq.com]
Mirror: http://www.joestewart.org/migmaf.html [joestewart.org]

• #### Terrible (Score:5, Funny)

on Friday July 11, 2003 @10:54AM (#6414906) Journal
This is terrible.

They put all that porn on my computer, and I don't even get to see it?
• #### Microsoft is mentioned...by ommision (Score:4, Interesting)

on Friday July 11, 2003 @10:58AM (#6414944)
Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."

The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

OK, so that leaves what? Windows, OS/2, and a few oddities. And the only likely one of those, the only possible one is Windows.

So, Windows is there, but the NYT went out of their way to *avoid* mentioning it.

• #### Re:Microsoft is mentioned...by ommision (Score:3, Interesting)

I wrote the article. I didn't go out of my way to avoid mentioning it. I didn't scream it, either. I simply wrote that the other systems are not affected.

I have written specifically about the problems of the software monoculture in many, many stories, and thought that I laid it out in this one as well. If I didn't hit MSFT with a ball-peen hammer, no, and obviously many slashdotters expect to see that at every possible opportunity.

Sorry that I'm not the advocate that you want me to be,
• #### Wow! (Score:5, Insightful)

on Friday July 11, 2003 @11:04AM (#6414993) Journal
This NYT story describes how thousands of PCs have been used as porn spambots and reverse proxy servers, and mentions that they could be used for kiddie porn.

So instead of their normal scare-mongering by involving terrorism in any way possible, they are now suddenly switching into scaring everyone by mentioning kiddie porn instead? Wow, such diversity! Next thing you know NYT actually becomes a good source of news with facts and interesting content without a "we will spam your ass off" scheme! Maybe right after DNF is released...

• #### Average users can help control SPAM (Score:5, Informative)

<bigberk@users.pc9.org> on Friday July 11, 2003 @11:05AM (#6415001)
The article makes a good point about unwitting hosts participating in world-wide spamming. A host that is insecure can become compromised by an automated worm or mailicous attacker and then configured to relay junk mail.

As a system administrator this worries me. Typically we use blocklists for netblocks that are known to be sources of spam. But when a random internet host is compromised and used as a mail relay, this slips past our blocklists (for a while).

The moral of the story is that computer security and spam fighting go together. Though average users don't get the point, it is every internet user's responsibility to keep their host secure both for their own good, and to be a good neighbour.
• #### The real blame... (Score:3, Funny)

on Friday July 11, 2003 @11:08AM (#6415028)
Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables.

I blame K & R for writing such a fundamentially broken language in the first place.
• #### So what does this mean? (Score:3, Insightful)

on Friday July 11, 2003 @11:12AM (#6415068)
So if someone is caught with p0rn on their PC (ie: kiddie porn), does this mean that the virus could *potentially* provide a "reasonable doubt" about that person's guilt? Sure seems like it could...

Items like this seem to be happening more and more frequently (spyware, viruses, etc) and I am wondering what the impact will be on the legalities involved. I mean, in the old days, I controlled EVERYTHING that came into and out of my PC -- now, that has changed and there may well be things hiding on my PC that I am not aware of. I do my best to administrate properly but I don't know everything and I am certain that Joe Sixpack knows even less than me about his machines.

Food for thought...
• #### Slashdot as an extortion tool? (Score:3, Funny)

on Friday July 11, 2003 @11:43AM (#6415452)
Hackers from the former Soviet Union have been linked to several schemes, including extortion attempts in which they threaten to shut down online casinos through Internet attacks unless the companies pay them off.

\begin{sinister Slavic voice}
You must pay one gazillion dollars to my PayPal account immediately, or I will post a link to your site on Slashdot.
\end{sinister Slavic voice}

P.S. I happen to be a hacker from the former Soviet Union.
• #### It's not always the end user who is at fault.... (Score:4, Informative)

on Friday July 11, 2003 @11:44AM (#6415465) Homepage Journal
One of the sites I created a while back was a mod site for NwN [morbidgames.com], I had it hosted by a company Called XO Communications [xo.com] since I didn't have a fast connection at my house. After getting a little notice from the NwN community I of course started getting spam - however I also started getting these weird emails from people saying they would sue me for sending them spam. I didn't know what was going on until I got 15 bounced emails from yahoo saying my messages were undeliverable. I hadn't sent the message and I had no idea who the recipients were. I contacted XO and they told me "Yeah this happens occasionally there really isn't anything you can do, but we have proof that it's not from you so don't worry about getting sued."

Well I didn't appreciate that responce so I changed hosts I tried icestorm [icestorm.com] and I tried globalhost [globalhost.com] it would be fine for awhile then it would start again - the more traffic I got the more of a pain in the ass it became to explain to people that I was sorry for something I wasn't doing.

In the end I just stopped caring, unless I ever get a fast enough connection at home to host the site myself it looks like this is somethign that will just happen. And as an end-user I have no control over the security of the website since it is my hosting companies responsibility to lock there shit down. And everyone I've tried seems to have the same responce "well its easy to fake where email comes from, sorry your shit out of luck in having people confuse you with ass holes"
• #### Re:It's not always the end user who is at fault... (Score:5, Informative)

on Friday July 11, 2003 @01:44PM (#6417176) Homepage Journal
Is the problem just one of your e-mail being harvested off the webpage(s)? If so, try this:

<script language="JavaScript">

document.write('<a href="mailto:' + name + '@' + domain + '">');
document.write(msg);
document.writeln('</a>');
}

</script>

Blah blah blah

<script language="JavaScript">
</script>

Now you've produced a document which displays links to e-mail addresses, without specifying any easily-harvested e-mail addresses in the source of the document.
• #### So I'm curious (Score:3, Insightful)

on Friday July 11, 2003 @12:12PM (#6415933) Homepage
There's a ton of people on here bitching about how there was no point in adding MS to the blurb except to encourage MS bashing in the comments.

What I want to know is what can we do about it aside from choosing another site to get our news from? How can we get our issues to the people they need to. Does CmdrTaco really care if there was MS Flaming in the summary? No, he probably likes it, because guess what, it means more comments. Which in turn means more eyeballs on the ads, which in turn means more money from advertisers.

The quality of this site has been going to hell lately, and everybody bitches and moans about it in the comments, but guess what, NOTHING gets done about it. How can we change that?

• #### The Sun at my old work was used as a pr0n FTP (Score:3)

on Friday July 11, 2003 @01:57PM (#6417351) Homepage Journal
Back in '97 I worked for a now non-existant dot com. Back in those days I was a pretty hard core MS evangelist (hallalugha i've seen the linux light now)

I really wanted to implement some sort of firewall at my work, MS proxy server. Most of our executive and administrative staff was on windows, but our developers were all mac people, and they resisted hard..

One paticular dev was a mac/sun junkie. He went around like a drone (well, I was a MS drone so I guess it's like the pot calling the kettle black) telling everyone that my MS proxy plan was evil and how it would interfere with product development. Eventually he got my plan to implement MS proxy shot down, so there we were on a nice fat n juicy T1 line with absolutely no firewall or protection of any kind.

What goes around, comes around.

We started getting calls and e-mails complaining about us sending out pr0n spam. Turned out someone had been using the open relay on this dev's sparc II to send out his e-mail. Worse yet this hacker had somehow managed to root the box and in addition to using it as a spam relay, he had used it as a FTP site for his porn. The root account was renamed, and our entire directory structure had been copied to a subfolder under /dummies. So whenever we logged into the sun we would be chrooted to /dummies and had no idea that we had been hacked. In the folder level above /dummies was his pr0n ftp site. It took the dev weeks to figure out that one. He would log in, try and try to make changes to the /dummies/etc directory which wouldn't stick because it wasn't the real /etc directory.

Everything was fixed by dropping into single user mode and fixing the real /etc directory, but by that time the damage had been done. Our T1 and sun had sent out over a million spams and served over 20 gigs of porn. Our company got owned.

The executive team realized that the dev team would never let me implement anything. So they hired another admin with more of a unix background and he put in those little red fireboxes at each of our locations. After that we never had a problem again.

#### Related LinksTop of the: day, week, month.

"Love is an ideal thing, marriage a real thing; a confusion of the real with the ideal never goes unpunished." -- Goethe

Working...