Spam / Recently Commented

Serious Gmail Flaw: Security Group Demonstrates Sending Unlimited Spam Using Google's Own Servers

Researchers at Information Security Research Team (INSERT) have dissevered a serious flaw in Google's Gmail service. The group demonstrates how anyone with no special Internet access privileges other than being able to connect to SMTP (TCP port 25) and HTTP (TCP port 80) servers is able to exploit a single Gmail account in order to be granted nearly unrestricted access to Google's massive whitelisted SMTP relay infrastructure. Read more from the report... more»

Coders, Crackers and Bots, Oh My!

There are more than just blue, black and white hat hackers. There are a few more types of folks out there that don't fit into the above categories. This article is taken from Stratfor with some commentary by myself... Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers... more»

Black Hats, White Hats, Crackers and Bots

One of the other web sites I subscribe to is Stratfor. It's a global intelligence website and doesn't really have much to do with spam. But I like politics so I read it. They have some articles which you can get for free, but the better stuff you have to pay for. About two weeks ago, they ran a three-part series on Cyberwarfare. The first article was the title of this post, which you can access here (requires registration). In the article they described different types of cybercriminals and not-so-criminals which they referred to under the umbrella as "hackers." more»

Significant Chunk of IP Address Space Hijacked by Notorious Mass Emailing Company

Internet address space long ago issued to San Francisco Bay Packet Radio, an organization that was involved way back in the 1970s in testing ARPANET, a predecessor to the global commercial Internet that we all use today. That organization was given the rights to do whatever it wanted with address block. That entire swath of Internet space is now registered to an entity in Westminster, Colo., called SF Bay Packet Radio LLC, but except for a similar name, this company has no relation to San Francisco Bay Packet Radio... ? more»

Colorado Has a New Spam Law

The governor of Colorado recently signed a new anti-spam law [PDF] into effect. Since CAN SPAM draws a tight line around what states can do, this law is mostly interesting for the way that it pushes as firmly against that line as it can. Other observers have already done a legal analysis of the way it's worded to avoid being tossed out as the Oklahoma law was in Mummagraphics, and to make it as easy as possible for suits to meet the falsity or deception limits in CAN SPAM. To me the most interesting part of this law is its one-way fee recovery language... more»

Comcast 1, E360 0

The judge in E360 vs. Comcast filed his order yesterday (read previous postings here and here), and to put it mildly, he agreed with Comcast. It starts: "Plaintiff e360Insight, LLC is a marketer. It refers to itself as an Internet marketing company. Some, perhaps even a majority of people in this country, would call it a spammer." ...and from E360's viewpoint, goes downhill from there. more»

Whose Network Is It?

A reader sent me a link last week to a piece that doesn't speak highly of net neutrality. Clyde Wayne Crews wrote an article called "Dumb Pipes, a Dumb Idea: Net Neutrality as 21st Century Socialism" that calls for legislators to reject "nut" neutrality. "Elevating the principle of mandatory net neutrality above the principle of investor ownership and wealth creation in pipes and spectrum deflects market forces away from the infrastructure development that we need..." Did anyone else see a touch of irony in a letter to the editor... more»

A Third, More Interesting Round in E360 vs. Comcast

In the past week, Comcast filed an answer, denying all of E360's charges, and attached to it a motion to file a most impressive counterclaim. The court granted the motion on Monday so the counterclaim has been filed. At about the same time, E360 filed its response to Comcast's previous motion to dismiss the suit due to its utter lack of legal merit. more»

A Flurry of CAN-SPAM Activity: Is It Meaningful?

Our four-year old oft maligned anti-spam legislation in this country, the CAN-SPAM act, has seen an uptick of activity this past week. Melinda Krueger sums up the sentiments of many in the anti-spam community in her Email Insider column today when she says, "there is no provision in the act against sending unsolicited email as long as you comply with the rest of the act. The motivation of the act was more to make voters feel politicians were doing something about this annoying problem." more»

Robert Soloway Pleads Guilty

Large scale spammer Robert Soloway, whose criminal trial was scheduled to start in a week and a half pled guilty to most of the charges against him. The indictment made three categories of charges. Counts 1-10 were mail fraud, due to Soloway delivering his spamware through the mail, and the product egregiously failing to be what he said it was, notably including 30 million addresses purported to be opt-in. Counts 11-17 seven were wire fraud, sending spam making false claims about the product, support, guarantee... more»

Comcast Fires Back at E360

Back in January, bulk mailer E360 filed a suit against giant cable ISP Comcast. This week Comcast responded with a withering response... Their memorandum of law wastes no time getting down to business: "Plaintiff is a spammer who refers to itself as a "internet marketing company," and is in the business of sending email solicitations and advertisements to millions of Internet users, including many of Comcast's subscribers." Comcast's analysis is similar to but even stronger than the one I made in January... more»

Virginia Supreme Court Rejects First Amendment Challenge to Spam Statute

Thanks to Prof. Goldman I see that the Virginia Supreme Court issued its opinion in Jaynes, the state-law criminal spam case that has wound its way through the courts there. It affirms the conviction and rejects the various challenges to Virginia's spam statute... As a side note I should say that it's not often one is actually excited to read an order in a case you're not involved with. This is definitely one of those instances where the excitement is palpable... The news reports billed the case as the first felony conviction for sending spam. more»

Domain Pulse 2008: Day 2 Focuses on DNS Security

Day two of Domain Pulse 2008 last Friday (see review of day one) focused on online security issues giving the techies amongst us details of security issues, and the more policy-orientated amongst us something to chew on in a few other presentations. Kieren McCarthy, these days of ICANN, also gave some insights into the drawn out drama with more twists and turns than the average soap opera has in a year! And Randy Bush outlined the problems with IPv6. Among other presentations... more»

Russia Becoming a Spam Superpower

Russia might be a country trying to regain superpower status, but it has already reached it in one less welcome area -- the amount of spam it sends to the world. According to Sophos's Q4 2007 spam report, the country now deserves the moniker of 'spam superpower' having seen its share of total volumes rise dramatically over the last year, to put it in firmly in second place behind arch-rival, the US. more»

Ralsky Indicted, CAN-SPAM is Still Useless

Well, I read the indictment (available here from Spamhaus.) It's a long litany of criminal behavior, primarily pump and dump stock fraud of a long list of penny stocks from the US and China. Ralsky is described as the "chief executive officer and overall leader" of the scheme... The thing that strikes me about this indictment is that although it includes a lot of CAN SPAM charges, everything Ralsky and Co. did was already illegal under conventional fraud and computer tampering laws. more»