http://www.circleid.com/ Postings from Terry Zink on CircleID en Copyright 2008, unless where otherwise noted. 2008-11-11T16:28:00-08:00 http://www.circleid.com/posts/20081111_wall_street_bailout_botnet_lesson http://www.circleid.com/posts/20081111_wall_street_bailout_botnet_lesson More...]]> 2008-11-11T16:28:00-08:00 http://www.circleid.com/posts/88184_cnn_spam_outbreak http://www.circleid.com/posts/88184_cnn_spam_outbreak More...]]> 2008-08-10T15:05:00-08:00 http://www.circleid.com/posts/coders_crackers_bots http://www.circleid.com/posts/coders_crackers_bots Stratfor with some commentary by myself... Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers... More...]]> 2008-05-07T08:11:00-08:00 http://www.circleid.com/posts/black_hats_white_hats_crackers_bots http://www.circleid.com/posts/black_hats_white_hats_crackers_bots Stratfor. It's a global intelligence website and doesn't really have much to do with spam. But I like politics so I read it. They have some articles which you can get for free, but the better stuff you have to pay for. About two weeks ago, they ran a three-part series on Cyberwarfare. The first article was the title of this post, which you can access here (requires registration). In the article they described different types of cybercriminals and not-so-criminals which they referred to under the umbrella as "hackers." More...]]> 2008-05-07T07:45:00-08:00 http://www.circleid.com/posts/82225_ip_addresses_personally_identifiable_information http://www.circleid.com/posts/82225_ip_addresses_personally_identifiable_information posted to their Public Policy Blog that IP addresses shouldn't be considered Personally Identifiable Information (PII). This is not a problem in the United States but it is in the EU, and if the EU actually were to legislate this it would most definitely affect Microsoft and Google's business functionality in the EU... More...]]> 2008-02-22T17:16:00-08:00 http://www.circleid.com/posts/82169_yahoo_captcha_broken_spam http://www.circleid.com/posts/82169_yahoo_captcha_broken_spam article on Yahoo that some outfit in Russia claimed to have broken Yahoo's CAPTCHA for creation of new email accounts. Another blogger wrote that it was unlikely that the spamming outfit had achieved 100% success at breaking the CAPTCHA. Yet, in the past couple of weeks, I have noticed something that would seem to confirm the theory... More...]]> 2008-02-16T08:30:00-08:00 http://www.circleid.com/posts/82311_microsoft_yahoo_buyout_anti_span http://www.circleid.com/posts/82311_microsoft_yahoo_buyout_anti_span More...]]> 2008-02-03T22:58:00-08:00 http://www.circleid.com/posts/711269_spam_kings_book_review_2 http://www.circleid.com/posts/711269_spam_kings_book_review_2 part 1) and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools. I was never a participant on NANAE (news.admin.net-abuse.email; a USENET newsgroup which discusses e-mail spamming), that was before my antispam time. But I was intrigued by its history. People would gather together and discuss spammers and tools for stopping them, and sometimes spammers would stop by and the flame wars would ensue. More...]]> 2007-11-26T09:56:00-08:00 http://www.circleid.com/posts/711269_spam_kings_book_review_1 http://www.circleid.com/posts/711269_spam_kings_book_review_1 Spam Kings, but only recently managed to get around to reading and finishing it. In case you've never read it, it chronicles the stories of some spammers and the anti-spammers who fought them. These anti-spammers are not people like myself in industry; rather, they are users who have received spam who hunt down the source of the spam and work to bring them down. More...]]> 2007-11-26T09:45:00-08:00 http://www.circleid.com/posts/7101914_spammers_tactics_recipient_verification http://www.circleid.com/posts/7101914_spammers_tactics_recipient_verification post on a publicly available spam tool, and I mentioned that I came across a page that allowed people to verify whether or not an email address is actually live. The question naturally arises: do spammers clean up their email contact lists based upon whether or not the address is legitimate? Spammers would have an incentive to do this... Do we actually observe spammers changing their sending patterns? I believe that we have evidence that they do. More...]]> 2007-10-19T14:39:00-08:00 http://www.circleid.com/posts/782012_spammer_get_around_spf http://www.circleid.com/posts/782012_spammer_get_around_spf SPF) stops novice spammers but not the professionals, says Spammer-X, a retired spammer who has gone into a lot of the details in his book, "Inside the Spam Cartel". The best way to beat SPF is to join it... First, Joe Spammer rents a dedicated spam host in a spammer-friendly location, like China. Next, he registers 100 domain names, and each domain is registered under a fake name and address. Next, DNS entries for each of the hosts are set up, including a valid pointer record (PTR), an MX record and reverse DNS entries for each domain... More...]]> 2007-08-20T12:36:00-08:00