Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Spam Filter Service

__/ [ catherine yronwode ] on Monday 07 August 2006 03:49 \__

> Spam filtering is something that must be effectively addressed in email
> before we can convince google to deal with the content-spam pages that
> have all but crippled their search engine's usefulness.

The two are very separable, actually. Plagiarism and SPAM are very different.
Spam comment, on the other hand, is similar to SPAM.

In most cases, in order to generate SPAM and spam comments (among other
attacks, e.g. automated forums posts, subscriptions with links, Wiki spam)
the attacker uses a network of bots. This ways the attacker attacks in
proxy. Neither the victim nor the hijacker can be trivially caught. The ISP
and the vendor or the faulty software are often on the clear, too.

These bots are essentially Microsoft Windows boxes that have been hijacked to
become an army of thousands, or tens of thousands (sometimes nearing a
million, given enough botmaster, AKA 'Windows puppeteers') connected
machines that can be run concurrently and be used for brute-force floods of
SPAM (DDOS attacks included). Everyone is affected. Your address needn't
even be public. If a friend of your has got your address in his/her
addressbook in Outlook or Outlook Express, the address will leak upon
hijacking. See, for example, some interesting statistics.

More than 95% of e-mail is 'junk'

,----[ Quote ]
| More than 95% of e-mail is junk, be it spam, error messages or
| viruses, report mail monitoring firms.
| [...]
| Further work has shown that most of this junk mail is originating
| on hijacked home computers.
| E-mail security firm Return Path said 99% of the computers it monitors
| that send mail have been taken over by spammers or virus writers.


The Internet is doomed unless something gets changed. I actually wrote about
it 2 days ago, in case you are interested and have some spare time.


I'm sorry to sound so bitter, but the state of the Net is extrely miserable.
Even Google has come to Microsoft's rescue, ironically enough...

Google puts up 'Beware of malware' signs

,----[ Quote ]
| Google has started warning people when search results could potentially
| lead them to malicious code.


And Windows Vista might be even worse. Appended is a list that backs this
statement, FWIW:

Black Hat Takes Vista to Task 

,----[ Quote ]
| She demonstrated two potential attack vectors. One could allow unsigned
| code to be loaded into the Vista kernel. The second vector involved
| taking advantage of AMD's Pacific Hardware Virtualization to inject a
| new form of super malware that Rutkowska claimed to be undetectable.


Also see:

Symantec highlights Windows Vista user vulnerabilities

,----[ Quote ]
| Symantec has shed more light on potential vulnerabilities in Windows
| Vista that could circumvent new security measures and leave users
| vulnerable to attack.


Symantec continues Vista bug hunt

,----[ Quote ]
| After poking around the Windows Vista networking stack, Symantec
| researchers have tried out privilege-escalation attacks on an early
| version of the Windows XP successor.
| "We discovered a number of implementation flaws that continued to allow
| a full machine compromise to occur," Matthew Conover, principal
| security researcher at Symantec, wrote in the report titled "Attacks
| against Windows Vista's Security Model." The report was made available
| to Symantec customers last week and is scheduled for public release
| sometime before Vista ships, a Symantec representative said Monday.


Symantec Finds Flaws In Vista's Network Stack

,----[ Quote ]
| Researchers with Symantec's advanced threat team poked through
| Vista's new network stack in several recent builds of the
| still-under-construction operating system, and found several bugs
| -- some of which have been fixed, including a few in  Monday's
| release -- as well as broader evidence that the rewrite of the
| networking code could easily lead to problems.
| [...]
| Among Newsham's and Hoagland's conclusions: "The amount of new
| code present in Windows Vista provides many opportunities for
| new defects."
| "It's true that some of the things we found were 'low-hanging
| fruit,' and that some are getting fixed in later builds,"
| said Friedrichs. "But that begs the question of what else
| is in there?" 


Symantec Says Windows Vista Will be Less Secure than XP

,----[ Snippet ]
| Symantec said earlier last week that there were no viruses for Apple's
| OS X.


Symantec sees an Achilles' heel in Vista

,----[ Quote ]
| Some of Microsoft's efforts to make Windows Vista its most stable and
| secure operating system ever could cause instability and new security
| flaws, according to a Symantec report.
| [...]
| "Microsoft has removed a large body of tried and tested code and
| replaced it with freshly written code, complete with new corner cases
| and defects," the researchers wrote in the report, scheduled for 
| publication Tuesday.


> I recently found out from one of my web hosts (sonic.net) that my
> husband and i are notorious for generating the most spam email they
> handle out of their thousands of accounts. Apparently we get millions of
> spam emails per month. <g> This is probably a byproduct of being #1 at
> accessible google --
> http://labs.google.com/accessible
> -- for the keyword sex :-) </g>.

The heaps of SPAM are rising (not linearly) as quickly as the bandwidth
volume/capacity is increased. The ISP's can either employ more mail servers
or try to help the people, whose human capacity can no longer cope with the
load of 'noise'. I am not sure if you should be proud or ashamed about these
millions of E-mails per month (I use SpamAssassin too; no false-positive
that I found in over a year). But it's not your fault. The ISP cannot blame
you either. The DDOS/SPAM conundrum is one which ought to have some fingers
pointed somewhere. If the problem is not solved, expect things to get worse.
And I am not being pessimistic. It's realism. And a lot of genuine mail is
already being intercepted, which puts the whole state of equilibrium in

> Sonic uses SpamAssassin to clean email, which is a pretty good program,
> but we still get dozens of spam mails per day to our various email
> boxes. So tonight i learned about a three-tier spam filter service
> called
> http://www.junkemailfilter.com
> -- which combines a bunch of spam filter technology into one package,
> more than just what Sonic is using -- and that John Dvorak endorses it
> under the title "I Get No Spam."

Dvorak is an idiot. He is a self-admitted troll. He ridicules anything that
moves in IT and absorbs the flames for attention. He admitted this. His "I
Get No Spam" statement referred to a simple Apache rule that is used in
tandem with a WordPress blog. It only says that blog comment require that
the user does not hop directly onto the function that is open to automated
spamming. Personally, I disabled comments in my blogs when the level of spam
was reaching about a thousand a day. It was too much. Even the CAPTCHA
filter did not help.

> Well, to make a long story short, we have signed up with this spam
> filter service, and if it does what it says it will, i will let y'all
> know.  I am not tech-minded, but i understand good, logical thinking
> when i see it described, and i think this spam filter combines both
> content-monitoring and pattern tracking to good effect.
> Stay tuned ...

It's BS. Don't bother. As long as spammers have the vehicles to drive SPAM,
nothing will be better than SpamAssassin. You will only get void promises.
Much like that vapourware that Microsoft calls Windows Vista. They called it
the "most secure O/S ever" and it's already being cracked on a weekly basis.
It's not even known when it'll be released. Guesses point at a premature
release in March or April. The high hardware requirements are good news to
spammers. Greater brute force for targetted attacks.

> cat yronwode
> Lucky Mojo Curio Co. http://www.luckymojo.com/catalogue.html
> hoodoo supplies and amulets

Good luck with the Web site. You and John B. have been inspiring as far as
traffic is concerned. And thanks for the nice gesture in that other post. I
won't proofread this post because it's long. But if you have reached this
far without plonking, then it was at least worth my trouble.

With kind regards,


Roy S. Schestowitz  
http://Schestowitz.com  |  GNU is Not UNIX  |     PGP-Key: 0x74572E8E
roy      pts/4                         Sun Aug  6 06:24 - 06:24  (00:00)    
      http://iuron.com - proposing a non-profit search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index