Blue Security "Blue Frog"

[seandelaney]

[Edited by Matt to fix the typo in Rod's name]

A few months ago I signed up to Blue Security.

(I found out about it on Rod's site - rodsdot.com)

I registered a few email addresses and my domain name, plus my girlfriends domain name hoping to stop :scratch: minimise SPAM...

At the beginning I recieved no more SPAM emails.

But yesterday, I got this email soposely from Blue Security.

After I opened it, I noticed it wasnt!  I continued to read the email and to short a long story short, it basically said, "I'm XYZ, and i've got access to all the Blue Security email addresses in the Blue Security database and that XYZ will be sending me 20-40 spam emails everyday as im a members.... blah blah blah...

I though it was a joke, ignored the email and deleted it, but today, when I checked my email.. guess what....?

Kinda thinking XYZ is telling the truth now?

Is anybody else a member of Blue Security and got this email?

[seandelaney]

And i've just noticed that the Blue Security site is down at the moment...

[rdivilbiss]

It is Rod not Rob, and therefore rodsdot.com not robsdot.com.

That being said, there is an active lounge thread about BlueSecurity including some info about their web site being under constant DDOS attack by some spammers.

Lounge Post: http://www.suspendedexpert.com/forum/forum_posts.asp?TID=871&PN=1

[seandelaney]

Yes i did notice the typos. I would have fixed it but can edit.

OK i will take a look...

[nicholassolutions]

If I'm not mistaken, there is a large percentage of fakes in the email database (there might be ways to get around this), and if so, it's fairly likely that whomever is doing this will be tracked closely and caught.

I'll tell you what though: this kind of crap makes me almost violent with rage. I keep meaning to sign up for that, and this only bolsters that urge. As soon as their site is back up I'm getting it.

[CrYpTiC_MauleR]

Have we though of using PGP/GnuPG for emails from ERT? So can be signed and be authenticated so less likely to be a fake ERT email from admin saying such and such. Have a page on site showing PGP keys for various admins and one key that the site itself uses to send emails.

Fake emails from sites makes the real site look bad, as you can see from the Blue Frog site's fake emails making Sean not know if its real message or not. Can really hurt in my opinion, especially if someone sends emails out saying site is being discontinued and all accounts have been removed. People will likely just not come back to site again thinking the email was true.

Just my 2 cents. =oP

[nicholassolutions]

I'm certainly not against it, although the average user probably doesn't know how to use PGP or have it installed. I'm not exactly sure how we'd implement it either, but none of that means we can't or shouldn't do it. If you'd be interested in working on it, let me know. I'm fooling around with the phpBB mailing code, so it would probably have to wait until after that, but it's definitely worth exploring.

On a related note, I was mistaken when I said the host offers free SSL certs (you have to buy them, they won't install self-signed ones). Right now I'm not willing to spend the extra money to get on (~$50), but if there's a need in the future we can talk about it again.

[rdivilbiss]

Also you have three domains (if you include the forum) to deal with.

[VGR]

all valid points above.

1) the SSL certificate files could perhaps be uploaded ?  :-#

2) PGP has greatly evolved towards better user-frendship since 1996 and the time I started using it on 2048 bits keys  :oops:  
Now people use "WinPGP" if I'm not mistaken. It also incorporates easily in any real email client, like my Eudora. It's simply clicking here and there to get the emails signed and/or encrypted, and the handfling of the key rings is a lot easier than with the original DOS version :D :D :D

I think this could be considered. An other solution is to add a "verification" link in each email sent by ERT, that validates the email against the database and answers "genuine" or "forged". This could even be a web service. This could even be an AJAX/JScript call from the HTML of the email (1) in an IMG tag, that would read "genuine" or "forged" directly in the email, after having vaidated at ERT's server. This can be worked around, though. There is no perfect solution.

The first step would be to recommend ERT users to use an "anti-phishing" browser and email client, like Firefox+Thunderbird, Firefox+Eudora (as I do) or  - claimed - the new IE 7 beta2 + Outlook+some security add-on


(1) yes, I know this isn't active for everybody, but I guess people that deactivate JScript and/or HTML in their email client know better than the others how to handle suspicious emails and won't be phished as easily, so let's go on with this

[seandelaney]

http://www.realtechnews.com/posts/3011

[Batalf]

Hi all,

I've also registered at Blue Security and installed the Blue Frog extension.

However, I had to uninstall Blue Frog because it seems that it disabled the Javascript error reporting in IE. We develop web applications for both IE and FF, so JS reporting is nescessary.

So, if someone have experienced the same kind of behaviour, it could be because of Bluefrog.

[rdivilbiss]

I haven't seen that problem.

[Batalf]

Strange

I installed Blue Frog both on my work computer and at home. JS error reporting in IE stopped working on both of them. I uninstalled Blue Frog from my work computer earlier today and that solved the problem.

[rdivilbiss]

I certainly was not doubting what you said happened.

I was just not seeing the same behavior here. BlueFrog does claim to have a web mail reporting feature, but I don't use web mail. Possibly the browser helper is the problem.

Note in the picture above I have BHODemon installed and can disable any IE browser helpers, such as "BluefrogBho.IEHelper.1."

I do not have that browser helper disabled, but did make sure the options to enable script debugging were correct in the IE Options before testing it.

[rdivilbiss]

I do not have that browser helper (BluefrogBho.IEHelper.1) disabled ...

But I am going to disable it because I do not use web mail interfaces. I'll let you know if that causes and issue.