Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

+ - Public Mailing Lists are used for Flooding Attacks 2

Submitted by Tom Li
Tom Li writes: In last 24 hours, I have received more than 40k subscription confirmation emails from FOSS projects mailing lists (OpenBSD, GNU, Ubuntu, CentOS, etc). My mail have already stopped operating. "Subscribers" are from multiple IP addresses. After I shared my experience, I have found more than 10 victims from the same attack, included a well-known Chinese tech-blog writer (tweet in Chinese).

Since thousands of lists exist, flooding is easy. This is not the first attack. Last year, The GNOME foundation (FreeDesktop.org) faced the same problem, they solved it by adding reCAPTCHA by themselves.There are still no protection for most lists, e.g Fedora. If this method is used widely, such low-cost attacks will serious affects many users and developers.

Comment: Re: Ideally (Score 1) 76

by Kevin Hu (#48338513) Attached to: Worldwide Aaron Swartz Day Memorial Hackathons This Weekend
A little tough talk? From Wikipedia, and I quote: "federal prosecutors filed a superseding indictment adding nine more felony counts, which increased Swartz's maximum criminal exposure to 50 years of imprisonment and $1 million in fines." Anyone could be crushed by this sort of injust lawsuit.

"You're a creature of the night, Michael. Wait'll Mom hears about this." -- from the movie "The Lost Boys"

Working...