Techdirt has an article this morning that discusses how
Lycos Europe is encouraging their users to run a screensaver
that constantly "pings servers suspected to be used by
spammers" and also suggests that "In other words, it's a
distributed denial of service attack against spammers by
Lycos."
The Techdirt article referenced is on Heise Online:
Although I generally like spamcop (one of the sources for determining spamvertised websites) for use with SpamAssassin in scoring, its not the most conservative list e.g. http://www.spamcop.net/w3m?action=blcheck&ip=198.108.1.41
list Merit as a spam source...) and the accidental listing or potential for abuse could be nasty.
What about the case where the spammer gets black listed, traffic starts pounding the rouge site and then the spammer changes the A record to be www.example.com instead. Now all of a sudden www.example.com is being pounded by all those screen savers.
Already noted as unbelievably stupid and dissected on Spam-L, but:
getting into a bandwidth contest with spammers is a guaranteed loss, as
they have an [essentially] infinite amount available to them for free.
Apparently Lycos is unaware of zombies (including those hosting web
sites), HTTP redirectors, rapidly-updating DNS, throwaway domains,
and other facts of life in the spam sewer.
Already noted as unbelievably stupid and dissected on Spam-L,
I'm inclined to agree...
but: getting into a bandwidth contest with spammers is a guaranteed
loss, as they have an [essentially] infinite amount available to
them for free. Apparently Lycos is unaware of zombies (including
those hosting web sites), HTTP redirectors, rapidly-updating DNS,
throwaway domains, and other facts of life in the spam sewer.
... but this screensaver means that Lycos *also* have a botnet
available to them.
For residential users on cable-modem, the plan will deplete a scarce resource:
upstream transmit opportunities. The DOCSIS MAC layer imposes an upper limit
on the quantity of upstream transmissions (essentially PPS limitation, unless
concatenation is employed, and concatenation is probably moot if standard
ping with 1-second minimum transmit intervals is the upstream payload).
If the load actually causes a problem in upstream operation, then folks using TCP
for downstream service (e.g. surfing) will see their throughput cut.
Regardless, the cable companies will probably try to disable this service,
so they can avoid the financial impact of improving their infrastructure.
They need to conserve the money in order to launch new unsolicited bids for Disney...
The point behind the initiative is not to attack the email senders,
but the source of money. If the spam websites are never up, then the
recipients cannot buy products advertised. Without the sales, there
are not finances to support the spamming. If spammers can't make
money sending email, then they will find something else profitable to
do . . . . like phishing
