SpamCop security breach

[Miss Betsy]

Your point that spamcop (who is Julian) should have posted something on the website 'as advertised' is well taken. Since he was probably stressed (from embarrassment that it happened, from anger because the author didn't try to notify him before publication, from the hurry to write a 'fix'), he probably did not remember. Those who are very honest have a hard time remembering to do those things that are defenses against the dishonest. I know, I have a really hard time remembering to lock doors even though I know better.)

Unfortunately, Julian's expertise in written communication is not nearly what his expertise is in writing code. I don't know why he has never accepted the offers of many people who do have expertise in written communication to lend a hand.

Miss Betsy

[clytie]

Your point that spamcop (who is Julian) should have posted something on the website 'as advertised' is well taken.  Since he was probably stressed (from embarrassment that it happened, from anger because the author didn't try to notify him before publication, from the hurry to write a 'fix'), he probably did not remember.  Those who are very honest have a hard time remembering to do those things that are defenses against the dishonest.  I know, I have a really hard time remembering to lock doors even though I know better.

Yes, it's much more of a challenge to build than to destroy: sand castles or dream castles. As long as we can see that Julian (is he the Commissioner of SpamCops? You have to have a Commissioner: someone who looks impressive and can give the media a lot of hogwash, um, statistics ) is trying to do his best, that's all anyone can do. I think more than anything else, most of the posters in this thread were, and certainly I was looking for more information.

Unfortunately, Julian's expertise in written communication is not nearly what his expertise is in writing code.

It's often the way: different audience. However, you still need to present the information in a way the audience can understand.

I don't know why he has never accepted the offers of many people who do have expertise in written communication to lend a hand.

Miss Betsy

15316[/snapback]

Most likely in too much of a hurry, but at least we can offer. It's particularly useful to have someone proof something for you, because every piece of text needs checking, and that way, providing the meaning is clear in the original, the writer doesn't have to hash it over.

Thanks for the response.

from Clytie

[TXWalrus]

Q: What will my email address be used for?

A: We can't know the intentions of the attackers.  A few possibilities

have been suggested:

1) To remove you from spam lists, so as to avoid being reported.

2) To "take revenge" for reporting spam by using your address for the

      return-address on spam, or simply by sending you huge amounts of

      mail (mail bombing). 

So far, we have seen no reports indicating how or if the addresses will

be used, but many of them are controlled by us, so we should be able to

keep track of the situation and will do what we can to mitigate the

problems (for example by using many of the compromised accounts as spam

traps.)

[ since I wrote that, one user has said he is getting many bounces, so the

  return-path revenge theory is looking likely ]

Well it looks like #2 is a likely scenario - my address was exposed and now I am getting bounces with my spamcop email address used as the return address - dang....

The walrus....

[Wazoo]

Well it looks like #2 is a likely scenario - my address was exposed and now I am getting bounces with my spamcop email address used as the return address - dang....

As this was goin on before the "security breach" also, I'm not so easily convinced that things are that cut and dried. That there aren't hundreds out of the thousands that fell into the exposed "range" raising this complaint kind of suggests that a concerted effort has not actually been attempted against all those addresses.