Jump to content

Lycos Europe's awful new idea


Guest art101

Recommended Posts

Cruising around Slashdot tonight looking at spam articles and found this little ditty:

"Lycos Declares War on spam Servers"

http://it.slashdot.org/it/04/11/26/2129238...?tid=111&tid=95

A quote... "Psychotext writes 'The Register' have posted a story about a new screensaver from Lycos that targets known spam servers (taken from spamcop and verified by hand) with traffic in order to raise their bandwidth costs and hopefully price them out of the game. Lycos state that this is not a DDOS as Lycos monitors the site's responsiveness and throttles back when the site starts to falter."

The article links to a download for the screensaver but, more importantly, to the original "Register" (in the UK) news item:

http://www.theregister.co.uk/2004/11/26/ly...ope_spam_blitz/

As the article points out, "A spokesman for Lycos in Germany told The Register he believed that the tool could generate 3.4MB in traffic on a daily basis. When 10m screensavers are downloaded and used, the numbers quickly add up, to 33TB of 'useless' IP traffic. Seems Lycos may hurt not just spammers."

Am I missing something here or is this a truly awful idea? Why burden the net with even more spam-related traffic? I can certainly appreciate the goal... but bandwidth theft to stop bandwidth theft seems as bad a 'cure' as the disease.

Now, if it was a screensaver "Spammer's Hall of Shame" or something like that... listing ISPs or domains to avoid like the plague (you know, like maybe including Eddy Marin's police mug shot from that drug bust - publicly available at Mugshots.com - heh), I might download it for a lark. But not this.

So, am I missing something? Opinions anyone?

Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply

Thanks. I was reading that one earlier, when your reply to this arrived.

Related info... Google the phrase "Dan Balsam" for an interesting legal approach. As of 29 July 2003, the guy has 17 court wins against spammers under his belt. Well done. I'm planning on dropping his attorney a line on Monday to see how things are going since lobbyists from the DMA shoved “Can spam” at the planet. My attorney’s interested too.

Link to comment
Share on other sites

Update: It's possible that Lycos Europe has seen the light.

See this article at CNET News.com... "Lycos Europe's antispam tool no longer available"...

http://news.com.com/Lycos+Europes+antispam..._3-5476451.html

A quote from the article...

"You can't break into a thief's house just because he breaks into yours. We don't support this or recommend this practice. Directing traffic is part of the degradation of the Internet we are trying to stop," said Steve Linford, director of Spamhaus (http://www.spamhaus.org), a nonprofit antispam organization.

Let's just hope this whole nasty episode is truly over. Maybe Lycos will aim its considerable resources at a truly effective response to the spam avalanche... and not just a publicity stunt that makes the avalanche worse. CAN-spam already did a great job of making the avalanche worse.

Link to comment
Share on other sites

I have to concur with art that it would make more sense for ISPs like Lycos to direct their resources at encouraging users to dump the spam to blocklists and implement a more widespread use of blocklists to filter the junkmail.

Unfortunately, the public at large is rather uneducated in matters of spam and/or are unwilling to fight back, and ISPs are reluctant to get into the anti-spam fight wholeheartedly.

It would take a critical mass for any anti-spam action to have a widspread impact and take the spammers out of business. As it stands now, a small community like us, puts only a minor dent and has not reduced the ammount of spam we get on a daily basis.

In my case, I could simply ignore most of it and leave it in the junkmail boxes. However, I don't think that would accomplish much, so I report as much as I get. Spammers constantly find ways to bypass any type of filters, including IP blocks.

Link to comment
Share on other sites

I just see this as an evolution in spam fighting. First, there were tools like Spamcop which reported the abusive sites the ISP so they could take them down. But now, there are sites catering to spammers and refuse to acknowledge they are being used for abusive and purposes to defraud people. So, the next obviously step is to simply take the site down manually.

I think if this wasn't a corporate effort, it written by an open source community it wouldn't have so much criticism against it.

Another good step would be to constantly make requests to the proxies and unsecure mail servers that allow spam to pass through it, so as to shut them off as well. I hope Lycos brings their screensaver back online soon, I will definintely continue to run it.

Link to comment
Share on other sites

Another good step would be to constantly make requests to the proxies and unsecure mail servers that allow spam to pass through it, so as to shut them off as well.  I hope Lycos brings their screensaver back online soon, I will definintely continue to run it.

I wholeheartedly agree: this is not some fair's fair tea-party.

For Lycos to have caved in as they have is tantamount to saying that it's OK for us to have to put up with the hundreds or thousands of emails every day but it's not OK to take them at their word and visit the sites they so strenuously advertise and invite us to.

It also calls into question how many times it's OK to visit Amazon or Google: should I refrain from sending friends and colleagues the URL of a book I like for fear that they repeatedly send it to their friends and we all go to Amazon at once? I do know what a (D)DoS attack is, I really do.

If it's one rule for the spammers (which CANSPAM has effectively made it - and there is a political, anti-capitalist subtext here), then it's OK for us to go to their sites. After all they have sent out ten million messages, they should prepare themselves for ten million visitors.

I eagerly await child of MLNS - soon!

Link to comment
Share on other sites

Since many hosted sites are with black-hat companies, would chewing up a site's BW really matter? Also, if the spammer set up an account with fraudulent credit info, chances are they're not too concerned with the cost. I just don't see what Lycos thought would happen with this waste of time/energy

Link to comment
Share on other sites

One should NEVER fight abuse with abuse. That is stooping to their level and making you as bad as they are.

What you are endorsing is: possibly infringing on some innocent persons access to a legitimate site because an upstream to either one is overloaded while YOU and many others are not using your machines (so it does not matter whether you are able to get there or not) but all these machines are actively using internet bandwidth for no good reason.

The spammers are making email unusable and you are making the www unbrowsable....how is that any better?

I've seen one looping email (with large attachment) nearly fill a T1 line and bring an entire company to a crawl. I can't imaging what 1000 client machines all running this poorly conceived program would do the the few people who actually need to use the internet over night at my company.

If you want to manually browse to the sites presented by the spam, that is up to you. Keep in mind, however, you are not necessarily hurting the spammer who may be paid by either the number of messages he sends out or by the number of hits he generates. You may actually be making the spamming more profitable while hurting the company that hired (or maybe didn't) the spammer to send the spam.

Link to comment
Share on other sites

One should NEVER fight abuse with abuse.  That is stooping to their level and making you as bad as they are.

Why is it abuse: they send out these requests; we're responding to them? Do they not want us to visit their viagra and rolex sites, after all? I'm confused!

Sorry - but what else is to be done? What does work?

Link to comment
Share on other sites

Why is it abuse: they send out these requests; we're responding to them? Do they not want us to visit their viagra and rolex sites, after all? I'm confused!

Sorry - but what else is to be done? What does work?

20929[/snapback]

I am as frustrated as you are, indeed nothing seems to stop their abuse, but I also understand Steven's argument why this will hurt the product manufacturer rather than the spammer.

On the other hand, most of the things spammers try to sell are either <<snake oil>>, fraudulent or illegal. One has to wonder why and how long this will be allowed. There is also the question on the ethics of unsoliceted advertizing which soaks up so many of our time and resources. Given those arguments I see no reason why not accepting the concept of fighting <<fire with fire>>! I too am waiting for Lycos to get this thing going again, I have already installed the screen saver and it's ready to go at a moment's notice.

Link to comment
Share on other sites

I too am waiting for Lycos to get this thing going again, I have already installed the screen saver and it's ready to go at a moment's notice.

Thanks. Agreed, although it's hardly even 'fire with fire', is it?

They have solicited our attention and we've finally seen the errors of our ways in complaining and are giving them our attention. Isn't that what they want?

If they send out requests, isn't it reasonable to expect them to be ready for our responses?

I see the real value in what Lycos has done lying in whatever comes next :-)))

Link to comment
Share on other sites

Why is it abuse

Because the internet is a shared set of networks. Your packets are travelling on many different networks, incurring costs along the way to the owners of that equipment and causing their customers (innocent users like yourself) possible dropped connections or slow response.

If you could concentrate the attack so it only affected the spamvertized site and not the rest of the internet, I would be more in favor of the concept, but that is not how the internet works.

Professionally, I am against them because they are using my companies resources causing the bill for internet access to be higher, meaning I have less of a budget to fix the things that really need to be fixed. It is the same reason we have banned weatherbug and other similiar software. One user installed one of the music download programs on their machine "but only ran it at night". He was surprised when HR presented him with a bill for the bandwidth it cost the company over the month before it was noticed. He was filling his hard drive every night and I guess spent the day burning them to cd-rom (another illegal add-on to his system).

Link to comment
Share on other sites

Because the internet is a shared set of networks.  Your packets are travelling on many different networks, incurring costs along the way to the owners of that equipment and causing their customers (innocent users like yourself) possible dropped connections or slow response.

If you could concentrate the attack so it only affected the spamvertized site and not the rest of the internet, I would be more in favor of the concept, but that is not how the internet works.

Yes, well put. I understand you completely and - I repeat - I do not want to find myself advocating doing anything counterproductive. But these people send out millions of invitations and we respond. They send us a URL and we go to it.

What's the difference (taking tongue out of cheek) between that and friends of friends of friends passing round details of a new bestseller book which we all go to look up on Amazon?

(That's only half rhetorical since I have to trust that the way Lycos/MLNS/Starring wrote the s/w was only analogous to the way any other portal arranges for clickthroughs to be routed. Let them even use Akamai if they wish!)

Link to comment
Share on other sites

Yes, well put. I understand you completely and - I repeat - I do not want to find myself advocating doing anything counterproductive. But these people send out millions of invitations and we respond. They send us a URL and we go to it.

What's the difference (taking tongue out of cheek) between that and friends of friends of friends passing round details of a new bestseller book which we all go to look up on Amazon?<snip>

20941[/snapback]

...This last question seems to me to belie the assertion you make in the first paragraph that you understand StevenUnderwood's point. The difference is that automated software (the Lycos screensaver) can issue many, many packets in seconds but a human can not. There's nothing wrong, IMHO, with you personally (as well as your friends) navigating to the URLs in the spams you receive (although I wouldn't recommend it because it may be a good way to accidentally become infected with malware) but there is something wrong with your running automated software that interfere's with others' use of the internet.
Link to comment
Share on other sites

Thank you Steve, I gave up. ;)

20991[/snapback]

...No problem, Steven. I can relate to being so enamoured with an idea for revenge that I needed to be beaten about the face and arms several times by several different people before I understood that I might be hurting others besides the target of that revenge. :) <g>
Link to comment
Share on other sites

I can relate to being so enamoured with an idea for revenge that I needed to be beaten about the face and arms several times by several different people before I understood that I might be hurting others besides the target of that revenge. :)

Thank you for your view: what is the answer?

Link to comment
Share on other sites

Thank you for your view: what is the answer?

If we want the internet to be a usuable, friendly place, then we need to know our 'netiquette' which is based on offline etiquette/manners.

One is never rude to others - even if others are rude to us. There are other ways of preventing people from imposing on us. Blocklists are the online version of the offline 'cut direct' (or the butler who says we are not at home to unknown visitors).

It is not polite to hammer on someone's door (except possibly in an emergency). Therefore, it is not polite to repeatedly access a website for no purpose other than to annoy - especially if the hammering also annoys others in the vicinity (such as those who are kicked offline because of the excess traffic).

And that is the answer.

Miss Betsy

Link to comment
Share on other sites

One is never rude to others - even if others are rude to us.

Couldn't agree more :-)

There are other ways of preventing people from imposing on us.  Blocklists are the online version of the offline 'cut direct'

And do they work for you?

... it is not polite to repeatedly access a website for no purpose other than to annoy

I agree - annoying achieves nothing, But I don't see annoyance as being what MLNS was about.

I see it more in terms of concerted Direct Action to take back the internet: spam is one logical conclusion of capitalism.

Expecting governments to regulate this abuse is futile. Look at what Tenet said today; the only kind of 'regulation' which this government understands is censorship of what it does not agree with.

such as those who are kicked offline because of the excess traffic.

If I really felt that that was happening - as the sole result of such initiatives - I'd agree. And please believe me, I *have* read your arguments carefully... and considered them :)

As it is, MLNS has made at least those spammers targetted show their hand. This is not a fair fight - if such experiments don't at least try (revenge is not what it's about), then those who effectively acquiesce to spam are themselves indirectly contributing to congested backbones.

Link to comment
Share on other sites

And do they work for you?

21006[/snapback]

Speaking personally, I find blocklists work exceedingly well for me. If I get three unsolicted Emails in my mailbox in a month I consider it a bad month. Mind you my held mail gets hundreds of messages piled up.

<_<

Andrew

Link to comment
Share on other sites

I agree - annoying achieves nothing, But I don't see annoyance as being what MLNS was about.

I see it more in terms of concerted Direct Action to take back the internet: spam is one logical conclusion of capitalism.

Expecting governments to regulate this abuse is futile. Look at what Tenet said today; the only kind of 'regulation' which this government understands is censorship of what it does not agree with.........

......As it is, MLNS has made at least those spammers targetted show their hand. This is not a fair fight - if such experiments don't at least try (revenge is not what it's about), then those who effectively acquiesce to spam are themselves indirectly contributing to congested backbones.

If spam (not spam which is the meat product) is a logical conclusion of capitalism, then so are the congested backbones who are 'directly' involved and benefit from increased traffic so do nothing about spam or retaliation.

I never said anything about governments doing anything. It all comes down to whether there are enough 'polite' individuals on the internet to make it work. Whenever, anyone 'attacks' or 'forces' another person, the internet loses. The only way to create a free and friendly internet is to ignore those who behave badly. (and also to be prudent so that you don't do the equivalent of leaving one's keys in the car).

It also means that you don't interfere with whoever /wants/ to buy what the spammers are advertising. If it were possible to identify incoming spam by content, ISP's could charge by the incoming spam. That would change a lot of people's habits in a hurry! I think it could be done by blocking all email that declared itself bulk except for what people whitelisted and blocking all IP addresses that did not make its customers use a bulk identifier for bulk email. However, we are back to capitalism again and until the consumer starts to demand that ISP's /do/ something so that customers do not have to go to great lengths to protect themselves or be subject to the censorship of the content filter, we won't get anything.

And no, I don't get any benefit from blocklists because I don't have a server and don't use a filter that uses them. I preferred to change my email address and be prudent. On a couple of email addresses that I keep for one reason or another, I do still get spam so that I do have spam to report.

Miss Betsy

Link to comment
Share on other sites

The only thing missing from the last argument is that some of us do not have the option to change the e-mail address.

21024[/snapback]

Whilst I understand this point, what isn't clear is how using this screensaver will have any effect whatsoever on the junk you receive in your mailbox.

You can busy up a website and the surrounding cables that go nearby and thereby slow the site down and possibly inconvenience a whole bunch of bystanders, innocent or not, but there is no evidence that using this screensaver thingy will have any effect whatsoever on the quantity of spam you receive.

Of course you can change Email addresses but why should you have to be inconvenienced in this way. What you need is a means of blocking the incoming spam via a filtered Email account using a blocklist.

Slowing the website down may make you feel like you've done something but if I was a betting man I'd wager that it will have absolutely zero impact on the amount of spam arriving with you.

Andrew

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...