B
Premium,MVM
join:2000-10-28
1 edit | BlueSecurity No Angels?
Hi folks; just stopping by quickly for this. I hope everyone's doing well.
There was a Slashdot discussion at »it.slashdot.org/it/06/05/08/142229.shtml yesterday in which much sympathy was garnered for "BlueSecurity" in their reported battles with evil DDoSing spammers, including the tantalizing notion of "tampering with the Internet backbone using a technique called 'Blackhole Filtering'".
Amid much hay being made and "well then I'm signing up with BlueSecurity" talk therein, I followed a malformed link to a blog post that pretty effectively takes apart that "Blackhole Filtering" claim (innuendo that a UUnet admin was bribed) and casts some doubt on the technical proficiency and intentions of BlueSecurity.
»www.renesys.com/blog/
I know nothing first hand about either of these organizations but I thought it worth posting for discussion lest the contrarian analysis slips through the cracks.
Of course this may not be news any more as Renesys includes several press reports that have already linked back to their piece.
Best to everyone in the forum...
-- B |
|
ZZZZZZZ
Premium
join:2001-05-27
PARADISE |  All they succeeded in doing was doubling my spam over a 2 week tryout!
Blue frog is gone...never to return!
--
Go Sens Go! |
|
KyeU
join:2003-12-31
Canada | reply to B
I don't like the idea of these "Do-Not-Spam" lists. |
|
sheiny
join:2005-03-13
Turlock, CA
1 edit | reply to B
said by »techweb.com/showArticle.jhtml?ar···87200448 :
The denial-of-service attack that crashed TypePad and LiveJournal this week was caused by anti-spam company Blue Security, which pinned the target on the blog in an attempt to save its own servers, analysts said Thursday. Blue Security denied that it knew the attack would crash its blog host.
How common a technique is this? Shunting the DoS aimed at you towards innocent third-parties doesn't seem very gallant. They even took down Cuteoverload -someone has to pay. |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire | reply to B
another critic
»weblog.johnlevine.com/
and Blue Security forum
»castlecops.com/f230-Blue_Security.html
Cudni |
|
Just Bob
Premium
join:2000-08-13
Spring Hill, FL | reply to sheiny
The rest of the story...
»www.wired.com/news/technology/0,···ss.index |
|
N O Y B
St. John 3.16
join:2005-12-15
Forest Grove, OR
| reply to B
They Can’t DoS Me, Nah, nah, nah, nah, nah.
I think they should have continued and let the bits fall where they may. Best way to get this problem resolved is to get it exposed in a way that demonstrates just how serious of a problem it is. The ISPs, network and computer equipment manufactures, governments, etc. will be forced to deal with it head on. |
|
sheiny
join:2005-03-13
Turlock, CA
| reply to Just Bob
Thanks for the update. A quote from Underwood at washingtonpost.com summarizes the issue nicely.
said by »www.washingtonpost.com/wp-dyn/co···873.html :
"When the company's founders first approached the broader anti-spam community and asked them what they thought of the idea, everyone said this was a terrible idea and that they would eventually cause a lot of collateral damage," Underwood said. "But it's also extremely unfortunate, because it shows how much the spammers are winning this battle."
A post from Zoverlord discussed DNS attacks:
»ICANN Releases Reports on Alternative TLD Systems and DDoS
and linked to a good report:
»www.icann.org/committees/securit···ar06.pdf
It will be interesting to learn if ICANN's recommendations either did not work or were not implemented.
trpted touched on a related issue here:
»NA Spoofer Project |
|
