News for nerds, stuff that matters
Sections
About
Slashdot Log In
The Famous Brett Wat (12688)
(email not shown publicly)
http://www.nutters.org/user/famous
Born: Australia, 1970; residing in Sydney. The title "The Famous" comes from the late Spike Milligan's misguided idiot character "Eccles" in The Goon Show (see www.goon.org) who often introduced himself as "The Famous Eccles" for undisclosed or incomprehensible reasons.
Journal of The Famous Brett Wat (12688)
Their PR guy sent me a Final Notice
At 2003-03-22 11:42:45 +1100, my mail server received another note from the PR department. The usual copy-and-paste job follows.
Return-path: <ueffiu99645@yahoo.com>
Received: from web13301.mail.yahoo.com ([216.136.175.37]) by
        perfect.epsilon.com.au with smtp (Exim 3.35 #1 (Debian)) id
        18wX5x-0001gU-00 for <famous@nutters.org>; Sat, 22 Mar 2003 11:42:45 +1100
Message-ID: <20030322004243.46484.qmail@web13301.mail.yahoo.com>
Received: from [61.219.36.9] by web13301.mail.yahoo.com via HTTP; Fri, 21
        Mar 2003 16:42:43 PST
Date: Fri, 21 Mar 2003 16:42:43 -0800 (PST)
From: General Kolok <ueffiu99645@yahoo.com>
Subject: Your Recent SPAM Problems
To: spamfraud-1@epsilon.com.au
Cc: famous@nutters.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Evolution-Source: imap://famous@perfect.epsilon.com.au/
Brett
It has come to our attention that you may be blocking
certain IP's in the chain of proxies we use to
communicate, and therefore may have not gotten our
previous communications.
To recap, I am an intelligence officer with the United
Email Freedom Front.
You have been targeted for Violations of the UEFF code
of ethics and are considered a threat to freedom on
the Net.
In short, you should have been contacted earlier by
commanding officer of the enforcement unit with a list
of demands. I have attached the demands at the bottom
of this email.
The UEFF, and organization of almost 700, has already
fired a small warning shot to get your
attention...obviously it has, a small outage and
blatant Spam apologies have been reported on your site
by our intelligence units showing that you "got the
message".
It is my job to convince you to submit to the
General's requests and save you lots of grief. Please
consider the changes...YOU NOW HAVE ONLY THREE HOURS
to comply. If not a major offensive will begin, ten
times that of which you've seen already. The "warning
shot" was undertaken by two units for twenty minutes.
a real offensive will last eternally and be assigned
to twelve units...you get the picture.
Nobody (WEBSITE) has ever survived a confrontation
with the Unit. Please for all that is good in the
world, take my advice and make the changes, life is to
short to let your pride get in the way. Once
compliance has been verified by intelligence, we will
retreat fully (although you will be on our monitoring
list forever).
Attached is the General's last email.
CO Special Intelligence Unit - Gen.Kolok
===========================================
Guten Tag,
As you may know, you have been targeted by the
Enforcement Unit of the UEFF (United Email Freedom
Front). you should have been contacted last night by
an intelligence officer.
You have exactly 24(now 3) hours to effect the
following
changes or we will consider it an act of engagement.
In the event of engagement all units will be mobilized
against you, your site, and associated ISP's until the
changes are made, or you no longer exist. In the event
of a full cooperation, we will withdraw and ceasefire
immediately.
1-In Article "Make Money Fast!"  the text " If ever I
encounter one that's in my local area, I will
seriously try to resist the urge to go and break all
their fingers, satisfying myself with reporting them
to the police only. What percentage of these would-be
millionaires do you suppose are merely underage and
insufficiently wise in the ways of the world? And what
percentage need a damn good working over with a large
clue-stick?" Must be removed. - In violation of
violence toward emailers rule
2-In Article "Spam, Email, Innovation" the text "I
haven't given up the notion of designing and
implementing a new mail protocol that is designed to
be rather more hostile to spammers" must be removed. -
In violation of violence toward emailers rule
3-The Article "Spam: MonsterHut" must be removed. In
violation of Defamatory Remarks rule
4-All Articles referencing Richard Stallman be
removed, Or Replaced with "A certain writer we all
know" or something like that.  - In violation of
Defamatory Remarks rule
5-In the Article "Selling Spam Lists Respectably" The
article must be removed, or the company
"marketsharerecovery.com" replaced with a generic term
like "list reseller" etc. Any links to that firm
removed.  - In violation of Defamatory Remarks rule
6-All text regarding "TFBW Advocates Slow Torture For
Spammers" must be removed.
You may leave you current spammer message. DO NOT
MENTION THE UAFF.
Our judgment is final, we would expect full
cooperation within the deadline.
Commanding Officer - Xio-King
UEFF
__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com
So, the PR guy was obliged to use a genuine Yahoo! webmail account because he thought my spam defences might have blocked him? Well, I'd actually turned off most of my spam defences, since I wanted to receive complaint messages where at all possible, rather than blocking or bouncing them. But that's neither here nor there: I can understand that my silence would be vexing, and I like it that way. I am resolved to make no response to their coercive demands.
The "outage" mentioned in this message was probably when I shut down Zope in order to do a backup of Nutters.org. I forgot to bring it up again for a while after that, and they probably got "proxy not responding" messages as a consequence of this. Sorry guys -- my bad.
My Zope setup allowed me to add a spam disclaimer at the top of every single page by modifying one file, and so I thought it only sensible to do that. I don't want to try to play "chase the link" as they send out new spams with new URLs, so I just blanketed the whole damn lot.
I also note that the size of their organisation has grown from "over 600 members" to "almost 700" since their last press release. I wonder if they're counting the owners of the open relays and proxies that they exploit as de facto members? Still just looks like a couple of script kiddies to me.
I wrestled with how I ought to respond
It was pretty clear that my Internet setup, being a smallish box on a smallish ADSL link situated at my home, was easy prey. It doesn't take too much knowledge to figure that one out. Withstanding a serious onslaught was out of the question.
So do I prefer to stick to my guns and face the conequences squarely, or wuss out and keep my Internet connection? Bear in mind that I'm not the only user of this connection. I pay for it, but I share it, so it would impact other people I know as well. It would, for example, deprive several people of their personal email, if the link were to go down for one reason or another.
Well, I gave the other users fair warning that the service may go down and stay down, and that they should have their own contingency plans if that happened. So now it was down to me: am I to be pragmatic and back off at least until I have a better chance to fight, or take the attitude that if they want my right to free expression, they're going to have to take it off me by force.
It's popular in cartoons to depict persons facing a moral dilemma as having miniature angel and demon versions of themselves hovering over opposite shoulders and giving "good" and "evil" advice on the subject, respectively. I'm a little stranger than that. If I were to depict my own dilemma, I would have an avatar called "pragma", who looks like a roughly-cut miniature statue of myself, floating on one side, and on the other, an avatar called "princip", who is a non-corporeal mini-me, floating in misty wisps, and radiant with inner light. They argue like so.
Princip: "We must not capitulate to the demands of these extortionists!"Pragma "I tend to agree. We don't want to encourage that kind of behaviour."
Princip: "Our right to free speech is an intrinsic good. We must not surrender it."
Pragma: "Yeah, but a right to free speech isn't of much practical value when your platform has been denied. Maybe we should try to find a compromise."
Princip: "I will not enter into negotiation with terrorists. I do not consider them rational actors. I would just as soon try to have a reasonable discussion with a rabid Alsatian."
Pragma: "Yeah, well, these guys don't strike me as being on a quest for truth and fairness, so trying to be reasonable with them is probably a waste of time. That wasn't what I meant by a compromise."
Princip: "You want me to compromise on principles?"
Pragma: "Look, a right to free speech isn't of any practical value if you've got no platform on which to use it. I'm suggesting that we modify our speech to the minimum extent which will cause them to withdraw their threat, whilst expressing our damnation of their coercion in the strongest possible terms."
Princip: "We most certainly shall exercise our right of free speech to damn these actions! But I suspect that any sufficiently spirited statement would be objectionable to these censors."
Pragma: "I hate to say it, but you're probably right. We'd just be encouraging them to micromanage the site content. Giving them a mandate to govern us."
Princip: "Need I say more?"
Pragma: "We could take the whole site down and replace it with a black protest page detailing the outrage."
Princip: "Thus demonstrating the effect their actions would have had, more or less, without causing us the inconvenience of an actual attack?"
Pragma: "Exactly. It might encourage feedback. Get people asking about it. We couldn't do that if the site were completely down."
Princip: "I'd still feel like I wasn't sufficiently performing my duty to resist despotism."
Pragma: "But isn't the only alternative to face an attack which you have little or no chance to survive?"
Princip: "I would not be abandoning my duty in any way if I were to face such an attack, but I would be compromising my duty out of cowardly self-interest in your scenario."
Pragma: "Do you really want to be a martyr?"
Princip: "I want to do my duty. If the consequences are martyrdom, then a martyr I shall be."
Pragma: "And what of the consequent inconvenience to the others that use the system?"
Princip: "I refuse to compromise my rights for the sake of convenience; even for the sake of someone else's convenience. We will do our best to minimise the inconvenience to others."
Pragma: "I'm starting to agree with you. If we want people to be sympathetic to our cause, then an outrageous attack against a defenseless target is likely to attract greater condemnation for the attacker and sympathy for the victim. If we were to opt for the 'capitulate under protest' approach, we'd just be a whiner who won't stand up for himself."
Princip: "My goal is not to gain sympathy."
Pragma: "I know. I was just observing that your approach has the side-effect that it is likely to gain the most sympathy. Assuming anyone notices or cares at all, that is. It's not like too many people would notice our departure."
Princip: "Better to vanish in obscurity than to live in oppression."
Pragma: "I don't know about that, but I will agree for now that our best course of action is to defy the extortionists and face whatever attacks may come."
Princip: "Excellent."
I notified the Australian Federal Police
But several people, having read the threat letters, suggest I contact the feds. I have a close friend with a relative in the AFP, and he was able to provide clear instructions on how to go about it. I think it makes sense to contact the police over a matter like this, even if you don't think they'll help immediately, because it means they have something on record.
And since I think it makes sense to have it on an even wider record than that, I'll reproduce here (by hand, alas, so there may be errors) the body of my first letter to the Australian Federal Police. Enjoy.
Date: Friday, 21st March, 2003
Re: Reporting receipt of extortionate demands via email.To the Australian Federal Police,
My name is Brett Watson, and I am employed in the field of Internet technology and software engineering. In addition to my professional interests, I also maintain an Internet presence at home as a hobby and means of self-education. This service has recently come under attack.
The incident was first brought to my attention on 16/03/03 when I noted an increase in activity on my system. At first I was unable to determine the cause of the increase, but by early 18/03/03 I determined that an unknown party (or parties) was generating massive amounts of email, forged so as to appear to come from me, inviting people to visit my website.
People generally take rather badly to this form of advertising (spamming), and in the interests of protecting my reputation and preserving my service, I was obliged to take a number of precautionary measures against this attack of unknown motives and origin. Such precautionary measures were to be on-going over the next several days as the attackers adjusted their techniques to suit my shift in defence.
Earlier today (21/03/03) I finally received two email messages which claim responsibility for this attack, and threaten to scale up the attack against me, my site, and my Internet service providers, until I meet their extortionate demands, or I "no longer exist".
I have attached, as attachments #1 and #2, the two emails I received, which claim responsibility for the attack, and which set out the extortionate demands. The demands are for censorship of the site, so that it conforms with their standards, rather than demands for money. As attachment #3, I provide a more detailed report of my experiences detecting and dealing with the initial attack, written on 19/03/03 (prior to receiving the extortionate demands). Attachment #3 also serves as a not-atypical example of the content of the site that they are threatening.
The tone of the letters of demand (attachments #1 and #2) paint a picture of immature teenage boys playing Internet war games, rather than serious, professional extortionists. Even so, if they wish to take hostile action against my site, they will find it ridiculously easy to do so. My site is a hobby, and I cannot afford the employment of full-time staff and high-capacity network connections that would allow a business-oriented site to ride out this kind of storm. I may be obliged to shut down certain services just to avoid the expense associated with an attack.
I request that the police view this matter with the same seriousness that they would were it physical damage to private property and associated extortionate behaviour, and I will be only too happy to assist in your enquiries where requested to do so.
I have not attempted to make contact with the offending parties, nor do I intend to do so.
Regards,
Brett Watson
They sent me their list of demands
This is a copy-and-paste from my mail store. Some headers were generated locally, like the message-ID. (Irony: an "email marketing professional" who doesn't know how to construct a valid Internet mail message.)
Return-path: <CO-XIO-KINGCO-XIO-KING@yahoo.com>
Received: from [65.199.174.82] (helo=yahoo.com) by perfect.epsilon.com.au
        with smtp (Exim 3.35 #1 (Debian)) id 18wBIo-0000oc-00 for
        <spamfraud-1@epsilon.com.au>; Fri, 21 Mar 2003 12:26:35 +1100
From: "CO-XIO-KING" <CO-XIO-KINGCO-XIO-KING@yahoo.com>
To: <spamfraud-1@epsilon.com.au>
Subject: Your Current Spam Problem
Sender: "CO-XIO-KING" <CO-XIO-KINGCO-XIO-KING@yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Date: Thu, 20 Mar 2003 20:29:06 -0500
Reply-To: "CO-XIO-KING" <CO-XIO-KINGCO-XIO-KING@itgo.com>
X-Priority: 1 (Highest)
Content-Transfer-Encoding: 8bit
Message-Id: <E18wBIo-0000oc-00@perfect.epsilon.com.au>
X-Evolution-Source: imap://famous@perfect.epsilon.com.au/
Guten Tag,
As you may know, you have been targeted by the Enforcement Unit of the
UEFF (United Email Freedom Front). you should have been contacted last
night by an intelligence officer.
You have exactly 24 hours to effect the following changes or we will
consider it an act of engagement. In the event of engagement all units
will be mobilized against you, your site, and associated ISP's until the
changes are made, or you no longer exist. In the event of a full
cooperation, we will withdraw and ceasefire immediately.
1-In Article "Make Money Fast!"  the text " If ever I encounter one
that's in my local area, I will seriously try to resist the urge to go
and break all their fingers, satisfying myself with reporting them to the
police only. What percentage of these would-be millionaires do you
suppose are merely underage and insufficiently wise in the ways of the
world? And what percentage need a damn good working over with a large
clue-stick?" Must be removed. - In violation of violence toward emailers
rule
2-In Article "Spam, Email, Innovation" the text "I haven't given up the
notion of designing and implementing a new mail protocol that is designed
to be rather more hostile to spammers" must be removed. - In violation of
violence toward emailers rule
3-The Article "Spam: MonsterHut" must be removed. In violation of
Defamatory Remarks rule
4-All Articles referencing Richard Stallman be removed, Or Replaced with
"A certain writer we all know" or something like that.  - In violation of
Defamatory Remarks rule
5-In the Article "Selling Spam Lists Respectably" The article must be
removed, or the company "marketsharerecovery.com" replaced with a generic
term like "list reseller" etc. Any links to that firm removed.  - In
violation of Defamatory Remarks rule
6-All text regarding "TFBW Advocates Slow Torture For Spammers" must be
removed.
You may leave you current spammer message. DO NOT MENTION THE UAFF.
Our judgment is final, we would expect full cooperation within the
deadline.
Commanding Officer - Xio-King
UEFF
I was contacted by their PR department
Return-path: <forgetabouteventrying@another.com>
Received: from host60-39.pool212171.interbusiness.it ([212.171.39.60]
        helo=another.com) by perfect.epsilon.com.au with smtp (Exim 3.35 #1
        (Debian)) id 18w5tN-0000Vp-00 for <famous@nutters.org>; Fri, 21 Mar 2003
        06:39:59 +1100
From: "Special Enforcement Unit - Gen.Xio-King" <forgetabouteventrying@another.com>
To: <famous@nutters.org>
Subject: Your Recent SPAM Problem
Sender: "Special Enforcement Unit - Gen.Xio-King"
        <forgetabouteventrying@another.com>
Mime-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Date: Thu, 20 Mar 2003 14:29:05 -0500
Reply-To: "Special Enforcement Unit - Gen.Xio-King" <forgetabouteventrying@another.com>
Content-Transfer-Encoding: 8bit
Message-Id: <E18w5tN-0000Vp-00@perfect.epsilon.com.au>
X-Evolution-Source: imap://famous@perfect.epsilon.com.au/
Brett,
I am writing you in reference to Your recent spam problem.
You have been targeted by a group called the UEFF (United Email Freedom Front), and organization of over 600 members globally.
I am a liaison officer, between the organization and it's targets. my job is to try to settle the disputes peacefully and without much damage.
The UEFF Has, and will continue to target anyone who:
1-Promotes the use of Blacklists.
2-Names Companies and websites as spammers without identifying proof.
3-Approves of radical action against those who legally engage in direct email marketing.
The UEFF is obviously against scams, child porn, etc. But will stop at no lengths to completely cripple those who violate the above rules, and consider it a threat to global freedom.
It appears that your site(s) violate those objectives and the UAFF has in essence fired a warning shot at you to get your attention. It was.001% of their capabilities.
You will be contacted by a special opps officer within 24 hours with a list of demanded changes.
Brett, Life is too short. Do not let your pride get in the way. Every single site that has defied the organization is no longer online. My assumption is that there are a few offensive articles on your
site, and that you name a few names.
I am your friend. I do not want to see your years of work destroyed, but let's face it...how many complaints, hack attempts, mailbombs etc. will your ISP's allow before they refuse you as a client. The
UAFF is absolutely tireless and unlimited in their resources.
Once you receive the requests, make the changes unconditionally, and it will all just go away. You can save face by not mentioning our communications and just quietly making the changes.
If you wish to contact me directly, place a link entitled Kolok at the bottom of your homepage at Nutters.org linking to a page with your message.
Thank you for your understanding in this matter,
CO Special Intelligence Unit - Gen.Kolok
