How the spammers almost nuked Rosetta@home

Message boards : Cafe Rosetta : How the spammers almost nuked Rosetta@home

To post messages, you must log in.

AuthorMessage
Profile shanen
Avatar

Send message
Joined: 16 Apr 14
Posts: 195
Credit: 12,662,308
RAC: 0
Message 81294 - Posted: 10 Mar 2017, 21:40:00 UTC

Not that they meant to. Just more of their collateral damage. Let me explain:

It seems that the DNS problem was ultimately due to increased security for domain registrations. The driver for making the domain registration process more secure is that spammers and various other cyber-criminals need domains to abuse. I'm going to lump all of them under the tag "spammers" because the spammers were the first cyber-criminals and because I really HATE spam. Also, I believe that spamming was the entry point (gateway drug?) for most of them, the first step in losing their souls, so to speak, as well as the source of most of their seed capital.

The abuse their domains in MANY ways. You probably know that 419 spammers like to use bulletproof domains to harvest their suckers. The anti-google PageRank attackers want vast networks of controllable domains for the links they can create.

However, in the case of BOINC the threat of a hijacked domain for ANY project is vastly greater. I know it's hard, but imagine there is a bug in the BOINC client. Imagine that bug allows a downloaded work unit to hijack (AKA pwn) the computer. Now imagine that the spammer hijacks the project's domain and captures ALL of the client computers for his zombie network. This spammer now "owns" the most powerful spam-generation system in the world and could probably DDoS attack the Pentagon with his spare cycles.

As a sort of sick joke, I sort of blame Al Gore. If he hadn't been so competent and effective in giving the nice creators of the Internet all that nice money, then maybe they would have considered real-world economics in the design. SMTP didn't have to assume the world is full of nice people who deserve "free" email. (No such thing, per my sig.)

Solution time? Really hard to get all of the worms and cats back into the bag now, but focusing just on email, I think there are two basic approaches. I used to advocate for a non-SMTP-based email system with tracking that would automatically slow down the spammers so their marginal costs would rise to infinity from the present zero, but now I think it's too much trouble.

Instead, what I would like now is an anti-spammer tool that would let nice volunteers donate bits of their human time towards breaking the spammers' economic models. Actually the same tool could be extended to fight against most kinds of cyber-crime, and I still think most people are nice, notwithstanding how much the spammers seem to outnumber us. One implementation would be as a "Fight spam" button added to an online email system (such as Gmail).

If you choose to be a good Samaritan, then it would parse your suspected spam and let you confirm the analysis in a webform. There would probably be several rounds of iteration, where you would adjust and correct the analysis and help select the best countermeasures and their priorities.

As the joke goes, lots of details available upon polite request. Even better if you have a stronger and more constructive alternative.
#1 Freedom = (Meaningful - Constrained) Choice{5} != (Beer^3 | Speech)
ID: 81294 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile shanen
Avatar

Send message
Joined: 16 Apr 14
Posts: 195
Credit: 12,662,308
RAC: 0
Message 81297 - Posted: 11 Mar 2017, 1:23:02 UTC

No comments? I can't believe I write so clearly. Everything really is so intuitively obvious to the most casual observers, and everyone has become so detached as to be perfectly casual observers? (The idiomatic reading is deeply misleading in this case, me thinks.)
#1 Freedom = (Meaningful - Constrained) Choice{5} != (Beer^3 | Speech)
ID: 81297 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Duce-HK

Send message
Joined: 25 Apr 15
Posts: 3
Credit: 3,572,556
RAC: 0
Message 81318 - Posted: 12 Mar 2017, 10:39:46 UTC
Last modified: 12 Mar 2017, 10:40:09 UTC

No comments?
The first msg in this topic consists of such amount of letters that is probably hard (for those who still not left this board for e.g. TWitter) to find where is the quintessence or a main question=). So I just can say, as my grandma used to say, all's well that ends well.
ID: 81318 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote

Message boards : Cafe Rosetta : How the spammers almost nuked Rosetta@home



©2024 University of Washington
https://www.bakerlab.org