Michelle Bachmann campaign -- spammers

An article from the Iowa Republican: Bachmann Campaign In Hot Water Over Misuse of Homeschooler Email List

In a nutshell, the Bachman campaign downloaded the email contact list of the Network of Iowa Christian Home Educators (NICHE) without NICHE's knowledge or permission and used to to send political spam to its members.

Interestingly, campaign laws may now require NICHE to make its mailing list available to any other political candidate that wants to use it.

Shout out to "MainSleaze" anti-spam web site

Just a quick pointer to a new blog run by Catherine Jefferson: MainSleeze

The title pretty much says it all, it's a blog devoted to naming and shaming mainstream companies that use Spam in their advertising.

Name and shame: CDR Outlet sells me out

A tagged address I gave only to CDR Outlet has just received spam, ostensibly for some McDonald's coupons, but probably really a virus.

Now, whether CDR Outlet deliberately sold my email address, or a rogue employee sold a copy of the email list, or a rogue email service provider sold it, it's impossible to tell, but whichever it was, shame on CDR Outlet for not protecting my email better.

Quick news from the E360 case

(via usenet)

The audio transcript of the damages hearing in the E360 case is available as an mp3 file: http://www.ca7.uscourts.gov/tmp/8K0VUL4K.mp3

The money quote at 19:20 into the recording:

I have never seen such an incompetent presentation of a damages case, it's not only incompetent, it's grotesque. You've got damages jumping around from 11 million to 130 million to 122 million to 33 million. In fact the damages are probably zero

A true Final Ultimate Solution to the Spam Problem?

A common acronym in spam-fighting is FUSSP — Final Ultimate Solution to the Spam Problem. It's used (usually derisively) to describe the latest proposed scheme to end spam once and for all. Usually these schemes are based on false assumptions or have already been tried with no results.

This time — be still, my beating heart — it looks like some researchers at the University of California might really be on to something.

According to the New York Times, researchers have discovered that 95% of drug and herbal remedy credit card transactions are handled through just three financial companies in Azerbaijan, Denmark and the West Indies. Presumably, if these companies could be persuaded to stop supporting spammers, then the money supply which drives spam would dry up, and the spammers would be forced to close shop.

The UC paper is available here (pdf).

I've said before that spam exists because ISPs tolerate it. This seems to hold true for financial institutions as well. If the financial institutions stopped abetting spammers, the theory goes, then spam would be significantly curtailed.

Of course, I don't have any illusions that this is the final solution to the spam problem. There will always be spam as the spammers find ways around the shut-down of their credit card processing suppliers. But as the shut-downs of major botnet command-and-contol centers in the past have shown, you can fight spam, if you're just willing to do it.

Shame on Waiter.com for giving my email address to spammers

And as a follow-up to my previous post, the "Thank you for buying iTunes Gift Certificate!" virus spam I received yesterday was sent to a tagged address I created for use with waiter.com.

So shame on waiter.com for either selling my email address to spammers, or at the very least, for having sloppy security.

Just to be clear, no you didn't buy an iTunes gift certificate and forget

I've gotten a couple of these in the last couple days. "Thank you for buying iTunes Gift Certificate!" followed by the usual yada-yada telling you to open the enclosed zip file.

The only thing in the zip file is a .exe file, and I don't think I need to warn you about running .exe files from strangers.

y'all be careful out there.

Big win for California spam law

Big news from California:

Court Holds Recipients of Unlawful “Spam” Are Entitled to $1,000 Per Email

Last week, Superior Court judge Marie Weiner ruled that Dan Balsam was entitled to $7000 damages plus attorneys' fees and costs from Trancos Inc., of Redwood City.

This is huge news for two reasons: First, it's the first time an anti-spam case has been won by an individual instead of a major ISP.

But more importantly, the judge has ruled that the CAN-SPAM act does not pre-empt the California anti-spam law, California Business & Professions Code § 17529.5.

The judge ruled that the use of generic words in the From: line such as "Paid Survey" and "Your Business" were deceptive, along with their use of multiple domain names, the use of unregistered fictitious business names, and a box at the UPS store were intentionally misleading.

Full details at http://www.DanHatesSpam.com/trancos.html (pdf).

More coverage can be found at the San Francisco Chronicle: SF lawyer awarded $7,000 from email spammer, and SlashDot: 1st Trial Under California Spam Law Slams Spammer.

Waledac botnet goes down

Another triumph in the "yes, you can fight spam" category: Kaspersky lab's Thread Post newsletter is reporting that the Waledac botnet has been knocked nearly completely off line and is sending almost zero spam.

I briefly mentioned the Waledac botnet in an earlier post in which I reported that Microsoft had significantly damaged the botnet's command-and-control servers via court order.

More details can be found on Microsoft's security blog in the article What we know (and learned) from the Waledac takedown.

And another botnet goes down

Via Slashdot: IT World reports that the Zeus botnet was partially knocked offline when its supporting ISPs, Troyak and Group 3, were disconnected by their upstream servers. IT World is reporting that the Zeus botnet lost a third of its command-and-control servers overnight.

According to IT World, the Zeus botnet was responsible for a wave of financial fraud that caused hundreds of millions in losses over the past year.

The first and most effective such takedown ocurred just over a year ago when McColo was taken down by its upstream providers. The Rustock and other botnets were knocked offline, resulting in a 60-70% drop in spam overnight.

More problems for Cryptome

Last week, I wrote about the whistle-blowing website Cryptome, which was shut down by Network Solutions after a DMCA complaint from Microsoft. Microsoft relented under the bad publicity and withdrew their complaint and Cryptome is now back on the air.

Today, it seems that Cryptome's problems are not over yet. As reported by SlashDot, Paypal has taken it upon themselves to freeze Cryptome's accounts in preparation for dropping them completely.

I guess the moral of the story is: if your site is at all controversial, don't depend on Paypal.

Another spammer in the slammer: Alan Ralsky

Long-time spammer Alan Ralsky reported to the Morgantown federal pen yesterday. He was sentenced to more than four years last November.

Always unrepentant, Ralsky may or may not re-evaluate his career choice, but at least we'll be free of his spam for the next few years.

Another botnet goes down

Via Associated Press and other sources, three alleged ringleaders of the Mariposa botnet (aka W32.Pilleuz) have been arrested, with more arrests expected soon. The arrests were of three Spanish citizens with no previous records. Their names have not yet been released. They face up to six years in prison.

The Mariposa botnet is reported to have infected upwards of 12.7 million computers, including those belonging to 40 major banks and half of the Fortune 100.

The infection vectors included instant messaging of malicous links to contacts found on compromised computers, various P2P protocols, and one of my old favorites: infected thumb drives.

Much more detail can be found in Symantec's security blog.

Update: worth reading: two weeks ago Microsoft was able take down the "Waledac" botnet which was responsible for 1.5 billion spams/day. See PC Pro article Microsoft secretly beheads notorious botnet.

Don't register or host your domain in the U.S. if it's controversial — part 3

I wrote about this issue previously in 2008 and again in 2009. If your web site is at all controversial, have it both registered and hosted offshore. Whistle-blowing site Wikileaks learned this the hard way in 2008 when Swiss Bank Julius Baer, was able to seize their domain registration in court after Wikileaks published information that was embarassing to the bank.

This week, Microsoft and Network Solutions locked the domain name of another whistle-blower site, Cryptome.org. Cryptome had published some embarassing Microsoft documents. Microsoft retaliated by filing a DMCA case against Cryptome. By law, Cryptome is allowed to file a counter-claim, at which point the service provider is required to restore the controversial material and the case needs to go to court to be settled. But when Cryptome filed their counter-claim, Network Solutions shut down their domain.

For the full story, see Site Leaks Microsoft Online Surveillance Guide, MS Demands Takedown Under Copyright Law.

For now, the forbidden documents are hosted at WikiLeaks.

Who's the worst source of spam? It's a horse race now

It used to be that you could always count on the U.S. to be the worst source of spam in the world, with maybe China or Brazil coming in a distant second.

But things seem to be changing. In early December, a number of articles were published in eSecurity Planet and other sources about a report from Cisco that Brazil had finally overtaken the U.S. as the spam leader. The U.S. had a peak of 8.3 trillion spam messages (more than one thousand for every man, woman, and child on the planet) in 2008. But thanks to U.S. ISPs finally getting at least a little bit serious about the spam problem, as in the takedown of McColo last year, the number declined to a mere 6.6 trillion in 2009.

Meanwhile, Brazil managed to climb to 7.7 trillion, edging out the U.S. as the spam king of the planet.

But wait, there's more. According to a Network Box article in 2009, Vietnam had become the world spam leader, producing 10.9% of all spam worldwide, with Brazil in second place at 8.3%. CircleId has also picked up the story, although Business Week has Vietnam in 16th place at 1.7% of all spam.

So who's really in first place? Perhaps Network Box and Cisco are counting in different ways (Network Box seems to be counting spam separately from phishing and viruses, while perhaps Cisco is combining them. And where is China in all this? And what can the U.S. do to regain its preeminent position?

There's one more point to ponder: Vietnam, China, and Brazil may be the places where most of the spam is delivered from, but I think if you follow the trails (and follow the money), you'll find that it all leads back to the U.S.

Don't register or host your domain in the U.S. if it's controversial — part 2

Last year, I wrote that you should never host or register your web site in the U.S. if it's at all controversial.

The problem is this: someone who wants to shut you down — whether it's someone whose business you interfere with, or the government itself — can usually find a judge somewhere who will be happy to issue a court order seizing your domain name or ordering your hosting provider to shut you down. Hosting your domain and servers overseas gives you a considerable amount of cushion against such abuses of the legal system.

In this week's news, we learn of a judge in New Jersey who has ordered three web sites shut down [ComputerWorld] because they oppose the H-1B visa system.

Judge James Hurley has ordered the three web sites shut down because of a lawsuit by Apex Technology Group Inc., which is suing the three sites for libel, based apparently on anonymous comments left on the sites.

In addition, there is some brouhaha about leaked documents. The leakers should have known to send the documents to wikileaks, who have a history of surviving such legal challenges. (Although, when I just now checked their web site, they've suspended operations while they look for more funding. I think they're a good cause, you might consider contributing.)

You can also read more at vdare.com, another anti-immigrant website.

Related news: According to SlashDot, political parody group "The Yes Men" have had their parody site pulled off line by the Canadian Government.

New anti-slapp law under consideration

Thanks to commenter Samantha J. Brown, Legislative Director of the Federal Anti-SLAPP Project, I've learned about proposed federal law H.R.4364 which was introduced last week by Rep. Steve Cohen.

The importance of a good anti-SLAPP law to free speech cannot be stressed enough. For decades, bad actors with deep pockets have abused the legal system to stifle free speech. While there are individual states with anti-SLAPP laws, the lack of a federal law has allowed the abusers to "venue shop" for a court that would be friendly to their brand of harassment.

I've already said enough about my own experiences with the legal system, so I'll simply urge you to read the news item about H.R.4364 for yourselves.

Tactera vs MAAWG

The other day, I wrote about Tactera, the snowshoe spammer which had finally earned its place in the Spamhaus ROKSO list. More stories about Tactera have been brought to my attention recently. Today's interesting tidbit is that on their "about us" page, Tactera strongly tries to imply that they are members of the Messaging Anti-Abuse Working Group (MAAWG) and the Email Sender & Provider Coalition (ESPC).

A little checking has shown that Tactera is a member of neither group. You can read a little more about it in this usenet post. It should be interesting to see what happens when MAAWG's lawyers see this.

Woman sues Burger King over text message spam

At the Miami Times is a report of a woman who is trying to file a class-action lawsuit against Burger King over spam texts sent to her cell phone (and presumably to thousands or millions of other cell phones.)

Unlike email spam, text message spam is very clearly forbidden under USC 47, so it looks like she may have a strong case. Especially since she contacted them and asked them to stop spamming her.

Tactera added to SpamHaus

Here's one for the record books — or the patent office anyway. Long-time snowshoe spammer Tactera has finally been added to the Spamhaus Registry Of Known Spamming Operations (ROKSO). Because you need to be kicked off by three internet providers to join ROKSO, and Tactera usually operates under assumed names, it took a long time for them to qualify.

Why do I mention the patent office? Because in reading the ROKSO record, I was surprised to see that Tactera actually has a U.S. patent on showshoe spamming: 7,594,035