|
-
May 29th, 2003, 03:33 AM
#41
Is there anything that the other members can do to help out? Those of us who can't program. 
"Never give in-never, never, never, in nothing great or small, large or petty, never give in to convictions of honor and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy!" - Winston Churchill
-
May 29th, 2003, 02:24 PM
#42
Originally posted here by an0n
You're right, Florida has no anti-SPAM laws. However, bballad, Cap [John Draper, who I'll heretofore respectfully refer to as 'Mr. Draper'] isn't in Florida, which works out perfect. One thing Florida *does* have is an obligation to Federal mandates, which tend to frown upon interstate computerized breaking and entering. Check the link out. I'm going to post this in another forum so other people read it, too....
Required Reading: http://www.usdoj.gov/criminal/cybercrime/1030_anal.html (No, I didn't put the "Anal" in there, but.... if the shoe fits!)
This is very true but unfortunately irrelevant... New York is getting better about fallowing these mandates but Florida isn't. If any one is serious about fighting spam I would suggest looking into the lawsuit brought agenst spamhouss (sp?) and SPEWS by the Florida spammers, also look into the MAPS lawsuits. You are launching into a realm where a number of people with a lot of money have local and state officials on their side. You will be sued; you will probably win the suit but be prepared to go to court.
-
May 29th, 2003, 08:36 PM
#43
I've been on hiatus from AO due to company in town. I come back and find Captain Crunch is a member of AO..... WOW.. I'm awestruck.. Anyways that's the end of my gushing.
The idea of fighting spam is great but it's never going to be a reality. It's no different from your mailbox or your telephone. We've got a big sign on our mailbox that says "No Junk Mail or Fliers" but it's still all we get. The telemarkets call us regularly. I've told our Local newspaper to stop calling about 10 times this month alone and they still keep calling back. I've seen how they work, if you say please don't call, they take you off their list and pass you on to another office, if you say you only wanna be contacted by someone inside the actual company, they pass it to the head office to call you. It's recirculated forever. Hell you can even put a sign on your door that says no soliciting please and people will still knock on your door. The downfall of email is that it's cheaper and easier than any past method. It almost makes the idea of charging for email enticing (I believe someone mentioned this in a previous thread). If the cost was 1/100 of a cent it would be rather minimal for an every day user. However for someone sending out thousands of emails every day, it'd get to be rather costly. Sure people will say hey, I pay for the internet why should I pay for email.. and I agree, but you pay for your phone line and still pay for long distance calls on top of it. I'd never want to pay to send emails, but I think it might be the only viable solution to combat spam.
Anyways Mr. Draper I wish you the best of luck and I am more than willing to offer any assistance I can in your quest for a Spam-Free Internet.
-
May 29th, 2003, 10:16 PM
#44
HTRegz - This is great. As I had mentioned earlier, we are looking for some good Python programmers. But the idea here is to make it cost the spammer so much they won't be inclined to spam anymore.
All it takes is for a spammer to get tracked down by using a honeypot.
Email me privately (crunch at shopip dot com)
-
May 29th, 2003, 11:12 PM
#45
weee what a fun thread.
The good ol' days of hackers and phreakers are gone. No more will we see the likes of Cap'n Crunch, Bernie S., Emmanuel Goldstein, The_triad, Phiber Optik, Doc Holiday, Zer0cool, Acid_Burn, Weevil, or even P4NTz + H4G1S.
Cap'n Crunch is obviously still around. Bernie S is working in NYC. Emmanuel Goldstein still runs 2600. The_triad is on yahoo like you said. Phiber is doing security work in NYC (*cough cough*) Don't know about doc holiday. Zer0cool and acid_burn, I think you watched Hackers to much. ewevil I am not sure about. H4G1S is still around under a different name. LoD runs an ISP out of (I think) Texas. Not sure who is running Prack now, but I am sure that route wouldn't have let it go to some lamers. Many of the old people are still around, they just change their name and hide better. No longer giving a **** about making a name for themself and defacing as much as possible, they are hacking and writing exploits but not doing it to make everyone else see their name (well not always... fluffy bunny )
And like cap'n said, they are all just normal people. They just took the time to learn and use their knowledge. Yeah, Draper knew electronics so he was able to make a blue box. Others specialized in something else. But all it takes is persistance and a willingness to learn and you can achive the same things if you want to.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
May 30th, 2003, 12:08 AM
#46
Junior Member
Heh, someone picked up on the cheesy movie reference. Believe it or not, though, Zer0cool was also the name of a hacker, prior to the movie. Acid Burn, however, was (as far as I know) made up for the role, though. If I'm wrong, someone is more than welcome to correct me.
----
If you knew my name, it would give away the fun and mystery. Sure, you\'d believe every word I said then, because you know who I am.... but what would be the fun in that?
-
June 3rd, 2003, 03:08 AM
#47
I knew someone who called himself that, wasn`t too hot though so I`m failry sure the movie wasn`t based on him, (unless of course there was another zer0cool) and yes those were the days indeed...
Quis custodiet ipsos custodes
-
March 5th, 2004, 10:24 PM
#48
Junior Member
Yeah, that's just great.... of all things I get mentioned for, it's in line with assisting identity theft. 
Cap, I like your idea a lot, but I'm compelled to ask what exactly would be done to follow-up on the honeypot idea. They work great in theory, but in practice it still comes down to how lazy your sysop is. I'd really be interested in seeing some material, though, if you have it. Case studies, et al, if available.
I was perusing CNN's Technical area just a few moments ago and was reading Bill Gates' ideas on slowing SPAM'ers down a bit. I was a little shocked to find that he's not jumping right on the bandwagon to charge monetary amounts for it, but rather that he wants to institute the necessity of 'devoting maybe 10 seconds of computing time to solve a math puzzle.' (Source: CNN )
The concept is a good one, but still flawed. First of all, for my business, I send approximately 20-30 emails a day --- sometimes as many as one-hundred or more. And my work is often critical, so I cannot really excuse a ten second delay for each message I send.
What would be the feedback for a unified messaging system that will only accept messages from acceptable PGP keys? We're aware that these prove authenticity, but why not use it to the fullest --- not just for security means, but for general application. The likelihood that you will be able to not only forge the PGP/GPG signature but also hit the exact target that accepts that message would be one in an exponential amount. The problem isn't even getting it started, used, or anything.... but there are always drawbacks.
Does anyone have any thoughts on this?
-
March 6th, 2004, 05:53 AM
#49
Spam reductioin
the_triad - in answer to your question.... we are fighting spam on many levels, including setting up
honeypots designed to suck in the stupid people who try and control the infected zombies they
so easily control.
Other tools easily analyse the data, figure out the protocol, and because we own the honeypots,
we can also look at the un-encrypted parts of the protocol, and sniff the keys they use.
Then we write a snort rule for it, so when any of it comes down through the net, we can detect
it and shut it down without the user even knowing whats going on. The firewall just drops any
packets it tries to send to the infected host, logs the IP address and notifies the ISP so they can
tell the user to clean their machinel.
We do this at the network level of course, without the need to "break into" the infected machine.
Re: Bill Gates' idea of stopping spam, I think it sucks. There are so many flaws and instances
where there is little to no control, and spammers will just laugh on the way to the bank.
The only way to stop this crap is to not only filter spam, but also to report it to the ISP. Until our
SpamCrunchers product is ready, the next best thing is spamcop. Although if you have a lot of
spam to report, it can take some time using spamcop. The only real good way to stop spam is
to somehow convince the people who buy this crap to keep their credit cards in their wallets.
Crunch
-
March 6th, 2004, 06:22 AM
#50
I honestly don't think it will ever end. Everytime an advance is made in defense, the opposition matches it. It is a good battle that you are fighting, but a losing one so far. The only hope IMHO lies in strong, universal legislation against unsolicited emails.
On a side note, the authentication idea is a good one, but I have doubts about whether it could be a reality. I am interested in seeing more. It definitely has promise.
OK, time for me to go "groupie". Wow, I'm in the same thread as Captain Crunch. w00t. Nice to meet you, Mr. Draper.
Alright, the groupie crap is done.
Real security doesn't come with an installer.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
