[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Off topic: developers/project manager needed

To: misc@openbsd.org
Subject: Re: Off topic: developers/project manager needed
From: Brian Keefer <chort@amaunetsgothique.com>
Date: 04 Feb 2004 01:59:32 -0800
References: <20040203044403.28b269d8.vex555@gmx.net> <20040203204459.GB16957@snew.com> <20040203132731.6ebc6c6d.garycg@angryrhino.com> <20040203222403.GA21982@snew.com> <20040203151628.1a998f5f.vex555@gmx.net> <401FD6DB.4381D024@interbaun.com> <20040203222424.4653dd14.vex555@gmx.net>

On Tue, 2004-02-03 at 22:24, Gary wrote:
> A Karmic flood ( ???) is the millions of people who have been sent an
> unwanted spam email requesting that they visit a website actually doing
> so (even though they might not actually read the site) = legal and
> moral.
> 
> I would only want the karmic client to visit each website a limited
> number of times perhaps lets say 5 times per hour or less? At present
> the maths all work in the favour of the spammer. If he sends 100 million
> e-mails and he gets 1000 web-site visits then by definition those
> visitors are motivated customers. As you know corporations invest
> millions of dollars to "target" customer demographics. Those people who
> respond to spam are already now targeted. This means that the spammer
> does not have to pay for bandwidth for un-targeted visits. By
> significantly diluting the quality (as well as increasing the number) of
> web-site hits, his business model is instantly destroyed.

Well that sounds all well and good... until you realize that the vast
majority of "call to action" URLs don't point to machines owned by the
actual spammers, they point to machines that are "owned" by the
spammers.

The subtle difference is that these days spammers operate mainly through
rooted boxes on broadband.  Their spiders initiate from rooted boxes,
their spam is sent from rooted boxes, and their web pages are served
from rooted boxes.  The spammer himself only has to collect the stats
perdiodically and send his zombie army an updated mailing list
(actually, the zombies do this automatically by "phoning home").

All your "moral DDoS" will do is blow poor idiots off the Internet who
were dumb enough to not protect their workstations.  It's like the sound
of millions of Windows users crying out at once, and then suddenly
falling silent...

I understand that most people don't like spam, and lots of smart people
are trying to come up with solutions, but they really do need to be
thought through better and examined by many third parties for flaws.  No
offense, but it seems like you're trying to come up with the FUSSP
without really grasping the entire situation.

-- 
Brian Keefer, CISSP
Systems Engineer
CipherTrust Inc, www.CipherTrust.com

Follow-Ups:
- Re: Off topic: developers/project manager needed
  - From: Gary <vex555@gmx.net>

References:
- Off topic: developers/project manager needed
  - From: Gary <vex555@gmx.net>
- Re: Off topic: developers/project manager needed
  - From: Chuck Yerkes <chuck+obsd@2004.snew.com>
- Re: Off topic: developers/project manager needed
  - From: Gary <vex555@gmx.net>
- Re: Off topic: developers/project manager needed
  - From: David Richardson <DRichardson@interbaun.com>
- Re: Off topic: developers/project manager needed
  - From: Gary <vex555@gmx.net>

Prev by Date: Re: DNS for beginners?
Next by Date: Re: DNS for beginners?
Prev by thread: Re: Off topic: developers/project manager needed
Next by thread: Re: Off topic: developers/project manager needed
Index(es):
- Date
- Thread