Blue Security "Blue Frog"

[CrYpTiC_MauleR]

http://wired.com/news/technology/0,70913-0.html?tw=wn_index_1 has this been confirmed? I can't access their site due to the DDoS, so can't get official company statement.

[rdivilbiss]

Probably true...too bad.

If the service was distributed among many hosts maybe it would have been more difficult to attack.

Hope they release their code, maybe others will pick it up and put it on a distributed network.

[VGR]

I still wonder why it is so easy to pollute the DNS system without being thrown away yourself from Internet or to launch DDoD attacks without having the FBI behidn you in the minute...

there are theoretically protections against such misbehaviours. Especially for the DNS. It's scary that one person suceeded in stopping operations AND ACCESS to someone else's site so easily.

[rdivilbiss]

...without having the FBI...

How about the French investigate, or the Isralies for that matter, (since that is the home of the BlueSecurity operation.)  In the latter case, should the attacker be non-jewish, maybe they will hunt him down and ....

there are theoretically protections against such misbehaviours. Especially for the DNS. It's scary that one person suceeded in stopping operations AND ACCESS to someone else's site so easily.

I agree, but WIRED says it was a vulnerability in CISCO routers which the attacker exploited, not the DNS system per se. FWIW. I really don't know.

[VGR]

yes, and ther's also the supposed bribery to a person able to tamper with backbone routers... scary

what's also very surprising is that no one succeeded in locating banned_worder because I thought ISP would collaborate to "climb up" the chain of hosts he probably used to hide himself, even russian ISPs, and concurrently using a reward posting and/or social engineering to indentify him (or her, but it's probably "him")

I would like to see him shot one bullet in the head rear. I can send some money to the hitman ;-)

[RQuadling]

BlueSecurity is ceasing its activities it seems. Reported in many sites worldwide.

Shame. I liked it.

[VGR]

I still think there are ways if defending legally against DDoS attacks while researching the originator...

http://www.madjic.net/wiki/pmwiki.php?n=Main.DDOSMitigationTechniques

[COBOLdinosaur]

Blue Frog had one of the right target with the wrong weapons and wsa bound to get smashed.

The step out to fight a duel with a hand gun with out understanding that their opponent would be bringing macine guns and wa backed by an armoured regiment.

The real problem is law enforcement and the laws themselves. There are solutions but there is no real will on the part of geovernments and lwa enforcement to do what needs to be done.

• The companies that advertise via spam supply the money that makes spamming profitable.  In jurisdictions where spamming is a crime the the advertisers are identifable and should be charged.
• The spam servers and the routing of spam is facilitated because the internet is full of unsecured servers operated by sloppy, fly-by-night ISPs who don't care what goes on as they make money from it. Spam servers are generally detected and listed within hours; but they operate for months and ISPs ignored abuse reports. So when one is detected they get a warning and if they have not fixed the problem within 24 hours charge them with spamming. Require all ISP to block all addresses identified as spamming within one hour of listing of charge them.
• Some jurisdictions do not have laws against spamming so, in countries that do, require ISP to block traffic to and from countries where spam is not being addressed.

Drastic steps?... yep, but it will do more for internet security, and security in general, than most of the "homeland security" crap that reduces individual freedom.  Governments need to attack the source... That is part of what governments are for.  Spying on phone calls and personal emails is not part of their job, and does virtually zero to improve security. But attacking the little guy is typical of the kind of gutless governments that most democracies in the world have at the moment.

IMO :^)

[VGR]

I would even add That is what supranational organisations are here for

we have a lot of orgs that could do things at the country/state level, like pushing Russia to pass laws that force Russian ISPs to take anti-spammers measures :D

I'm thinking "European Commission", "Interpol", "Organisation des Nations-Unies" etc

BTW, spamming is illegal here and is punished relatively severely :
1) phishing http://www.clubic.com/actualite-18344-premiere-condamnation-pourphishing-en-france.html
one year jail with sursis + fine of 8500 euros/U$D
Was student, had abused 12 clients of a bank and stole 20 000 euros.

Apparently, the APWG (Anti-Phishing Working Group) ranks ountries by the % of phishing sites they host ; the ranks are :
1) USA États-Unis = 32%
2) China = 12%
3) South Korea = 11%
4) dunno
5) France = 2.7%


2) Microsoft and AOL against a spammer :
http://www.cnil.fr/index.php?id=1587&news%5Buid%5D=163&cHash=ee5b697ecf
http://www.01net.com/article/231585.html
10 000 + 12 000 euros + 1000 euros/spam if he continues to send unsollicited messages

3) current state of law :
http://www.foruminternet.org/actualites/lire.phtml?id=1037

[RQuadling]

I sent a letter to my MP asking her what the government are doing to combat international internet abuse?

Still waiting for a reply.

I got a postcard from the her office saying that the email had been received.

But no reply.

Ho hum!

Oh, here is the letter I sent. I sent if via http://www.writetothem.com

Dear Linda Gilroy,

As you are aware, the internet is now a major component to conducting business and personal communication world wide.

Something that, in recent years, has increased is the amount on unsolicited commercial email (UCE) or SPAM that now invades are emailboxes. Whilst we have had similar junk mail through our letter boxes, we have the ability to block these using services provided by the Post Office. No such service exists for our email.

At the beginning of the month, I received around 1000 junk emails.

I have additional software to block them. Most of the time it is effective. Sometimes it is not. Of course, the real issue is to stop the junk email.

Here comes the "what is the government doing about" bit.

What solutions do the government suggest in order to truly combat the complete abuse of the internet by spammers.

I understand that most spammers are NOT in the UK or even Europe. I understand that convicting a spammer is NOT easy, especially when they are outside of the UK, but the amount of spam being generated world wide by just a few people needs to be addressed. And it needs to be addresses by states with the power to do so. Eventually the amount of spam will become a security issue. As the spammers get more and more sophisticated and users become more and more dependent upon the spam filters, the likelihood that systems will be compromised increases.

I'm not simply talking about sending more money to a software company for a better sticky plaster, but a proper solution to stop the spammers from constantly stabbing me! (Please excuse the metaphor, but this was the best way of explaining the problem). Whilst my personal accounts only received around 1000 spam emails at the beginning of the month, I know that from other friends and colleagues and our own spam filter reporting that this is a truly tiny amount. And the world wide issue of SPAM is horrendous.

There are online communities attempting to provide a community response - community action, when supported by the state, is often a better solution that purely state intervention. Your recent attendance to the meeting which took place last Thursday in Plymouth regarding the constant assault our property is under concluded with this basic idea.

One such community is BlueSecurity. See http://www.bluesecurity.com They provide a Do Not Disturb registry which allows legitimate mass emailers to wash their own mailing lists and remove those that do not want to receive the email. Community action at its best.

Would the government be prepared to become a partner in some way with this sort of organisation? The solution to the problem requires international cooperation.

Your comments would be appreciated.

I am NOT in any way associated with BlueSecurity or any of their activities in any way other than being a member of the community. I hold no position of authority within the community.

Yours sincerely,

Richard Quadling.

[VGR]

all professional politicians are only incompetent people having matched Peter's Law.

You'll never receive a meaningful answer from them. They don't even read letters or emails. They don't even know how to use email themselves. They are old chaps completely disconnected from the reality.

This said, in young & small countries (like the Baltic states) things work A LOT better.

"tous pourris!"

[nicholassolutions]

First news I got after returning back to 'civilization' after my trip. A real bummer. Roy's right -- it seems they just didn't know what they were up against...I was worried they might be done for after it was taking them so long to recover from the first attack. It seems they also may have taken some missteps in dealing with the attacks, which may have opened them up to lawsuits (baseless or not). Either way, it sets some terrible precedents:

1) Don't mess with the Spam Gang, they'll burn down your house and beat up your mother. Didn't anyone tell you about Blue Frog when you were little?

2) Spammers can do whatever they want, including messing with the internet backbone. The government will do nothing to stop them.

3) If the Spam Gang targets you, it's your fault. If you try to sidestep the attack or fight back, you're responsible for any sray bullets, even the ones you didn't fire.

4) The internet is still poorly regulated. The solution is for the government to track everything you do, and to make everyone provide their home address and phone number before doing anything (New Jersey is quite a pioneering state!).

I can only hope that BF is just getting it's sh*t together, and that they'll be back, but that sounds like a fairy tail. Part of the problem is that I don't think a strictly commercial site can necessarily succeed at this. What they need, it seems to me, is a wide-based community effort with thousands of cooperating server..but that takes money too.

One thing's for certain: we're not putting those secret CIA prisons in Eastern Europe to nearly good enough use.

[VGR]

100% agree, especially about the NSA's "security camps" in eastern Europe :D

but shouldn't it be "fairy tale" 'cause I don't see the beginning of a tail in that story, except perhaps it comes to an end or by comparing the Spam Gang to a Dragon (allusion to triads and maffia also)
;-)

What I hope now is that BS will be back with backbone operators all behind them so that nobody could black hole them again.

[nicholassolutions]

Oh no! I just had my English corrected by a Frenchman! In public!  :oops:   :D  :D

[VGR]

tout arrive à point à qui sait attendre ;-)