dslreports logo
U.S. Still Top Spam Exporter
Sophos: Secure your @#$! PC!
Security firm Sophos has released their spammer dirty dozen list, and the United States remains at the top. Not only that, the firm notes that for the first time ever, the United States has failed to make inroads into the problem of spam-relays (frequently infected PCs on residential broadband connections). "Given the number of arrests, and the huge fines dished out to guilty spammers, it's hard to criticise the US for failing to take action," opines Sophos analyst Graham Cluley. "Perhaps the reality is that the statistics can't be reduced any further unless US home users take action to secure their computers and put a halt to the zombie PC problem."
view:
topics flat nest 
Shark_615
join:2006-01-17
Pickering, ON

Shark_615

Member

Lies

This can't be! It has to be Bush's fault.

Swindle
Shattered Dreams
join:2006-07-24
Tampa, FL

Swindle

Member

Re: Lies

Whew Whoo! We're #1!

I Don't Want Government Intervention. They Are Already Neck High In "Protecting The Good 'Ole USA" And Invading Our Privacy. I Say, It's Up To Broadband Users To Take Control Of Their Connections. Only Way That'll Happen Is Through Education, Which Has Been Around Forever.

Unfortunately, I Think We're Stuck With Spam, Period.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Re: Lies

said by Swindle:

Whew Whoo! We're #1!

I Don't Want Government Intervention. They Are Already Neck High In "Protecting The Good 'Ole USA" And Invading Our Privacy. I Say, It's Up To Broadband Users To Take Control Of Their Connections. Only Way That'll Happen Is Through Education, Which Has Been Around Forever.

Unfortunately, I Think We're Stuck With Spam, Period.
One solution would be if all the major ISP's disconnected any user whose PC became a spam-relay and wouldn't let them back on the network until they took their PC to a 3rd party company that would clean it and then make them take a class in net security. All at the customers expense, of course.

peter_m
Premium Member
join:2005-07-13
Canada, QC

peter_m

Premium Member

Re: Lies

or post a GOOD malware prevention page... oh crap then they couldn't sell their crappy firewalls/spyware blockers.

Swindle
Shattered Dreams
join:2006-07-24
Tampa, FL

Swindle to FFH5

Member

to FFH5
I Could See ISPs Disconnecting A Zombie PC ... My Only Fear Would Be ISPs Disconnecting People Who Use Alot Of Bandwidth Without Checking Into How That Bandwidth Was Used (lazyness on the ISP part I guess). But As Longs As They Check Via Software Or What Not, I Couldn't Agree More.
Rhanlav
Dook?
join:2005-01-28
Jacksonville, FL

Rhanlav

Member

Re: Lies

Agreed. It couldn't be that hard to see if 99.9% of a home user's traffic is over SMTP ports. But alas, I doubt it'll happen any time soon, since "software costs money" and "support costs money" and big ISPs hate losing money.

heels_fan
1.20.09 The start of Socialism
Premium Member
join:2003-02-07
Columbia, TN

1 recommendation

heels_fan to FFH5

Premium Member

to FFH5
That is exactly what I am doing.

I get a list of customers that send spam from their zombie machines. I send them an email or call them with anti-spyware/anti-virus information. I give them 5 business days to get cleaned up, if I still see signs of spam, off with their modems. Then they would have to show proof on paper from a computer shop that they we cleaned. Kind of like a clean bill of health.
Call me drastic, I don't care.
Expand your moderator at work

Cheese
Premium Member
join:2003-10-26
Naples, FL

Cheese to FFH5

Premium Member

to FFH5
said by FFH5:

said by Swindle:

Whew Whoo! We're #1!

I Don't Want Government Intervention. They Are Already Neck High In "Protecting The Good 'Ole USA" And Invading Our Privacy. I Say, It's Up To Broadband Users To Take Control Of Their Connections. Only Way That'll Happen Is Through Education, Which Has Been Around Forever.

Unfortunately, I Think We're Stuck With Spam, Period.
One solution would be if all the major ISP's disconnected any user whose PC became a spam-relay and wouldn't let them back on the network until they took their PC to a 3rd party company that would clean it and then make them take a class in net security. All at the customers expense, of course.
Nope, just have a nice little questionnaire on the PC before it loads Windows, if you can't answer a certain percentage of the questions, the PC shuts down with a message explaining why and what to do. Or we can just create computer licenses the way you would get one for driving a vehicle.

cableties
Premium Member
join:2005-01-27

cableties

Premium Member

Re: Lies

This goes with my "You must show proof of PC certification prior to purchasing this computer". Just cuz you own one, doesn't mean you (or your family) know what they are doing.

Case: PC owner's daughter puts on Kazaa. Her girlfriends told her it was "cool". Weeks later, she has all these popups and her computer is slow (uses excuse as she fails to get mid-term out). Took a weekend to remove rootkit, malware, recover files, wipe and restore. Then explain to parents the "cause & effect". She now has her own laptop, uses Avast! and MS Defender. And no Kazaa. She buys iTunes now (on Daddy's Credit card).

Should their ISP have notified them of issues by redirecting to a page for help? Sure. But keep dreaming. I wouldn't be surprised if some ISPs (even big ones) allow this for traffic or gasp...revenue! You never know...

heels_fan
1.20.09 The start of Socialism
Premium Member
join:2003-02-07
Columbia, TN

heels_fan

Premium Member

Re: Lies

cableties See Profile
We also, in conjunction with a community agency, offer PC classes.
The classes are offered free to our customers, and a very small fee to anyone else.
The instructors spend a good bit of time with "security issues" (anti-virus/spyware, firewalls, p2p apps, ect)

The funny thing about the classes, the majority of the students are older folks, mostly older women
wvcaver
Premium Member
join:2005-04-17
Millersburg, OH

wvcaver to Shark_615

Premium Member

to Shark_615
Al Gore's fault ! he inveted the internet !

a
@prkcorp.com

a

Anon

Ignorant users are part of the problem

I think the article brings up a good point. There are far too many users that simply don't have proper protection. Personally, I blame it on ignorance. People, especially educated, but non-technical users, need to be educated on the dangers posed by the Internet and the tools available to them to protect themselves as well as others.

It's scary, but I talk with a number of people all the time at work that don't even have anti-virus protection on their computer. Many of them just assume they don't need it because they've never had a problem, or I should say that's apparent to them. I tell people all the time that when they buy or upgrade their computer that they must budget for a certain amount of security software as well - unfortunately that's just a fact of life now.

Perhaps because anti-virus/firewall/anti-spyware doesn't come standard on new computers, or expires after a short trial, users just think it's entirely optional for them to have and it's no big deal if they don't. I'm not sure of the exact reason, but people in this country definitely need to be more proactive in protecting their computers.

TechyDad
Premium Member
join:2001-07-13
USA

TechyDad

Premium Member

Re: Ignorant users are part of the problem

said by a :

Many of them just assume they don't need it because they've never had a problem
Too true. Yet these same people will then turn around and curse Windows for being so slow and crashing so often. Of course, in reality, it's the 20 spyware programs, 15 viruses, and 7 spambot trojans running on their system that is making it unstable. But since no giant "Hey you have a virus!" message popped onto their screen, they assume that they don't have any problems and it must be Microsoft's fault.
said by a :

I tell people all the time that when they buy or upgrade their computer that they must budget for a certain amount of security software as well - unfortunately that's just a fact of life now.
Actually, you can get quite a lot of good security software for free. Firewalls (ZoneAlarm), Anti-Spyware programs (Ad-Aware and Spybot), and even anti-virus programs (Grisoft AVG and Avast) have freeware versions for home users.

Even once you add in a decent router (about $30 from NewEgg) and a copy of a decent Anti-Trojan scanner ($40 for BOClean), you're not talking about a lot of money ($70 in this case).

Glaice
Brutal Video Vault
Premium Member
join:2002-10-01
North Babylon, NY

Glaice to a

Premium Member

to a
I blame Florida for harboring the spamming scumbags there.
SD6
join:2005-03-26
Pittsburgh, PA

SD6

Member

Re: Ignorant users are part of the problem

said by Glaice:

I blame Florida for harboring the spamming scumbags there.
What is it in Florida that attracts spammers? The homestead exemption is in Texas too.

leXicon5
Pelosi, SHUT YOUR Fing Pie Hole
Premium Member
join:2000-12-27
Saint Louis, MO

leXicon5

Premium Member

Re: Ignorant users are part of the problem

said by SD6:
said by Glaice:

I blame Florida for harboring the spamming scumbags there.
What is it in Florida that attracts spammers? The homestead exemption is in Texas too.
Ummm....you're kidding right? Have you ever been to Texas and then Florida? If I had to choose between living in the lap of luxury in Texas or Florida....sheeit man....Texas wouldn't even come in second. Florida hands down.
Fun, sun and babes...
amungus
Premium Member
join:2004-11-26
America

1 edit

amungus

Premium Member

couple things...

1st, all cable internet users should be REQUIRED to use a router/firewall upon initial setup. If the cableco's don't want to do that, perhaps they should consider modem/router combo units or something. It's irresponsible to just hook up people to a plagued network and let people's computers become infected within what... 5 minutes?

Cox gives out an ok suite of programs, but people must download them. Last I knew, their fancy (useless?) install cd does NOT include these programs. It should. The setup cd should not only configure your email, it should automatically install a software firewall, whatever anti-spy/anti-spam/anti-virus (don't know if it includes antivirus..).

One should have to have some software protection, and a hardware router/firewall before even considering plugging in the cable modem.

From what I know, most DSL users aren't automatically plagued with a firestorm of nasties upon connection. That, and many of the newer modems are already a mini-router of sorts thus protecting people.... maybe I'm wrong, I don't know...

I partially blame the cable companies on this kind of news. They could do much better, that's all.

EUS
Kill cancer
Premium Member
join:2002-09-10
canada

EUS

Premium Member

Re: couple things...

[Devil's advocate]There is NO WAY I should be forced to pay for SW/HW because some a$$hole has performed an illegal action against my property. Keeping sytems clean is almost a full time job these days. Who has time/effort to stay on top of all the patching required?
Make the OS creators, or the people doing the damage responsable. Can't find them? Too hard to enforce? Not my problem, I have done nothing wrong.[/Devil's advocate]

battleop
join:2005-09-28
00000

battleop to amungus

Member

to amungus
I work for a small ISP. In 2000 we started offering DSL and about 6 weeks after we started offering DSL we had several customers churn out spam non stop because they had a virus.

I went to my boss and told him I had decided that our AUP would make a change. From that day forward customers are not allowed to connect a PC directly to our network. They must use some type of router/firewall/linuxbox. While I can't stop it, if I find someone has connected their winderz box directly to the net and it's infected I nuke their connection. If they have some type of router/firewall/linuxbox, etc then they get 3 days to fix it.

Some people think the policy is too strict, but I rarely get abuse reports or complaints because of zombies or other types of junk running on our network.
ccsdnoc
join:2005-06-16
Meadville, PA

ccsdnoc to amungus

Member

to amungus
I think the ISP should just go with something like the SBG900 SURFBOARD. It has firewall/routing/modem abilities not to mention it can do wireless too. It seems like a good piece of equipment. I'd also like to see the ISP pre-configure this item allowing ONLY 21,25,53,80,110,123,443,3389 outbound. BUT, allow users to add/remove ports. By making this the default, networks would probably clear up really fast!

Just my $0.02
itguy05
join:2005-06-17
Carlisle, PA

itguy05

Member

simple

Stop using a PC and the problem will be greatly diminished....

www.apple.com
www.redhat.com
www.ubuntu.com
Shark_615
join:2006-01-17
Pickering, ON

1 recommendation

Shark_615

Member

Re: simple

People can mess those OSs up just as quickly as they mess up Windows. You obviously have no clue about the real world and how it operates.
DMWCincy
join:2004-04-27
Fairfield, OH

DMWCincy to itguy05

Member

to itguy05
Hey, that is a great idea. Lets not educate the masses but just get rid of Windows. Then a few years later when worms and trojans writers find a way to get their hooks on Apple we throw that away and get redhat. After Linux becomes a problem, get rid of it and start somewhere else???

Don't kid yourself. All systems can be broken. Yes some systems are easier then others but in the end where there is a will there is a way.

As mentioned before lets educate the people. Basic concepts like running a firewall or not running programs you are unsure of are true no matter what system you run. Education will go a lot further then simply throwing away Windows.

Anonymous88
Premium Member
join:2004-06-01
IA

Anonymous88 to itguy05

Premium Member

to itguy05
said by itguy05:

Stop using a PC and the problem will be greatly diminished....

www.apple.com
www.redhat.com
www.ubuntu.com
Apple is simply overpriced. Average user will buy $500 Dell with a 19" LCD instead of iMac for $1299. Apple needs to lower prices in order to compete (Mac Mini is a rip off considering it comes with no monitor).

After that we need to deal with software, many users have no idea that Apple exists and they would have major problems finding software they need that will run on Mac.

Linux is a geek OS. I have tried many versions of SuSE, Redhat (Fedora), Mandrake and few more. Currently I have Ubuntu installed with Win XP Pro but I can't make flash work and I can't watch .mpg files. I have tried several things and talked to other Linux users but it did not work.

If they continue to improve Linux at this rate maybe, but just maybe in about 10 years it will be user friendly enough to compete on the desktop market.
itguy05
join:2005-06-17
Carlisle, PA

itguy05

Member

Re: simple

quote:
Apple is simply overpriced. Average user will buy $500 Dell with a 19" LCD instead of iMac for $1299. Apple needs to lower prices in order to compete (Mac Mini is a rip off considering it comes with no monitor).
Actually, IIRC the average computer price is still around $900. You see, that $500 Dell is very hard to buy and almost impossible to find on their website. I beleive Dell has gotten busted for this practice.
quote:
After that we need to deal with software, many users have no idea that Apple exists and they would have major problems finding software they need that will run on Mac.
As I tell people, it just means mail order, which most do anyway. About the only software that is really purchased retail is games.
quote:
Don't kid yourself. All systems can be broken. Yes some systems are easier then others but in the end where there is a will there is a way.
But why use a system that is a bright neon yellow TARGET? You wouldn't lock your house with one of those cheapo luggage locks, would you? If course not. Yet, you will use the most insecure and most unreliable platform for your personal data. Makes perfect sense to me.....
Shark_615
join:2006-01-17
Pickering, ON

Shark_615

Member

Re: simple

My computer runs perfectly fine, it never crashes and never gets infected with anything. Nor is it unreliable. Strange how only idiots have problems with their PC's. It HAS to be Windows fault. Never a buggy driver or silly user...

Now if Apple had to run on 1000 different platforms and deal with the most stupid of stupid then I would bet my house it would be as fucked up as Windows is.
Necronomikro
join:2005-09-01

Necronomikro to itguy05

Member

to itguy05
said by itguy05:

quote:
Apple is simply overpriced. Average user will buy $500 Dell with a 19" LCD instead of iMac for $1299. Apple needs to lower prices in order to compete (Mac Mini is a rip off considering it comes with no monitor).
Actually, IIRC the average computer price is still around $900. You see, that $500 Dell is very hard to buy and almost impossible to find on their website. I beleive Dell has gotten busted for this practice.
»www.dell.com/content/pro ··· en&s=dhs

Uhh, yeah. whatever.
Ahrenl
join:2004-10-26
North Andover, MA

Ahrenl to itguy05

Member

to itguy05
Why would I pay twice as much (or more, since I can build a system for ~$300) for a computer that can only do half the things I want? (No Games, Very little Open source, No DirectX)

There is nothing appealing about a Mac to me at all. Not to mention everywhere I've worked uses PCs; and because of my extra knowledge of the clone systems I've been able to move up faster than most. And I don't even work in technology.

Plus I LIKE to build my own systems. Pre-built boxes are trash.

Stefania
Jezu Chryste, Kubi
Premium Member
join:2003-03-17
Chicago, IL

Stefania to Anonymous88

Premium Member

to Anonymous88
said by Anonymous88:

Apple is simply overpriced. Average user will buy $500 Dell with a 19" LCD instead of iMac for $1299. Apple needs to lower prices in order to compete (Mac Mini is a rip off considering it comes with no monitor).
Value of Dell after 5 years: > $50
Value of iMac after 5 years: ~600

I bought my 17" Dell 1707FP for 168$, and that was a MAJOR bargain. Let's round a 19" Dell LCD off to a nice clean 200. This is even unrealistic, because we're talking about retail cost here, but whatever. Now, let's JUST add in a renewal for virus scan on the Dell. Call it an even 50?

Money lost on Dell after 5 years: $700
Money lost on iMac after 5 years: $700

Here again I make a post about basic economics. I even stretched a few things here to help the Dell out. But, all arguments of which is better aside. Which comes out on top financially? I'll let you answer that.

•••

Michieru2
zzz zzz zzz
Premium Member
join:2005-01-28
Miami, FL

Michieru2 to itguy05

Premium Member

to itguy05
All of them can run SMTP...your point?
SD6
join:2005-03-26
Pittsburgh, PA

SD6

Member

are users really the best way to solve the spam problem?

"Perhaps the reality is that the statistics can't be reduced any further unless US home users take action to secure their computers and put a halt to the zombie PC problem."

I switched to Opera last year and use malware prevention software. But, c'mon can we realistically look to people who don't to solve the problem...

most home PC users don't know (and shouldn't have to learn) how to defeat spammers. They will always be one step behind. Most users openly profess to being ignorant of computer security issues, and how computers work.

Maybe..., we should look to the company to which PC users who have paid time and again for decades for IE and OS versions that are notoriously unsecure. Most spam is the result of various PC exploits. Not to mention all the Windows 98 users that will be left as orphans to be devoured by and become zombies.... They've made $$billions and have the expertise, why not let them be more responsible on this issue is what I'm thinking...

••••

batterup
I Can Not Tell A Lie.
Premium Member
join:2003-02-06
Netcong, NJ

batterup

Premium Member

Zombies must die.

If a PC is found to be a spamming Zombie the owner of said PC shall receive the death penalty. That would cure the problem.

•••

gigahurtz
Premium Member
join:2001-10-20
USA

gigahurtz

Premium Member

interesting...

I've been using Windows PC's for all of my life and very rarely have I gotten a virus (maybe twice) and both were my own stupidity. Instead of referring everyone to by an Apple and really let their guard down, try and explain to people that COMPUTERS ARE DANGEROUS. You don't let people going door to door walk into your home so you lock your doors. Do a little bit of research -> google "spyware protection" and you'll find your answers.

The problem here is that everyone is lazy. They want to buy it, set it up and go. No additional time put into their project.

Once again, I won't purchase an Apple because... it's not necessary. My custom built Windows PC runs smooth and will continue to run smooth because.... IM NOT AN IDIOT.

Interesting.... very interesting....

••••

woody7
Premium Member
join:2000-10-13
Torrance, CA

woody7

Premium Member

Hmmm.....

"PEBCK" is the major problem.... people are lazy, don't want to take time to know, just don't care, blame someone else, etc.I also think that the ISP's have a clue who is doing this. In my humble opinion "Florida" seems to be a host to a lot of these butt munches...JMT

PS this cleanup is what keeps me in "starbucks"

madylarian
The curmudgeonly
Premium Member
join:2002-01-03
Parkville, MD

madylarian

Premium Member

Follow the $$$$$$$

Look, anyone reading and posting here is going to know how to protect their computer no matter what OS, browser, or brand of computer they are using, so all the bragging is wasted. The problem is in the great mass of people who've been convinced that they MUST have a computer and that it's no harder to use than a toaster. These people have been targeted by the computer makers and ISPs; they've been told that all they have to do is plug it in and turn it on.

Follow the $$$. In order to cash in on the technology, more and more of the functions once performed by humans have been shifted to computers. At the same time, it's gotten harder and harder for people to make do in life without a computer. In fact, such people are often penalized by paying more for such things as tickets and reservations maid in person or by phone. Just about every level of schooling above middle school requires use of a computer.

So now they (and we!) are reaping what's been sown. Rather than turn away someone who has no idea what spam or phishing is, who never heard of an antivirus or firewall, we've convinced them to get a computer and a broadband connection. At some point we're going to have to make it mandatory that anyone connecting a computer to the Internet indicate that they have taken the appropriate steps to secure them (and us!) from being hijacked. If they can't or won't....no broadband for you!

mady
SD6
join:2005-03-26
Pittsburgh, PA

SD6

Member

Re: Follow the $$$$$$$

said by madylarian:

At some point we're going to have to make it mandatory that anyone connecting a computer to the Internet indicate that they have taken the appropriate steps to secure them (and us!) from being hijacked. If they can't or won't....no broadband for you!
Sure, we can do it just like we make them indicate that they've read the license agreement or terms of service, because no one EVER clicks the box just to be done with it.
bmn
? ? ?

join:2001-03-15
hiatus

bmn

Well, duh !

The reasons are obvious... The US contains the greatest number of unrestricted internet hosts of any nation... So, clearly, that means there are more targets and more bots.

That's like the news saying that the US leads the world in CO2 emissions... Duh, we (stupidly) run mostly on fossil fuels.

As for getting home users to get in the habit of securing their computers... Good luck. Most people can't even program the CLOCK on their VCR, let alone understand the intricacies of denying a suspicious program network access while still preserving access for trusthworthy applications. I know several people, including myself, who have tried to explain it as we fixed owned (usualy by spyware and adware) computers and we nearly always get the "I don't care, just fix it" responses for our efforts and a phone call several weeks later because they didn't listen and got owned again...

lonnyb
Blessed Beyond Belief
Premium Member
join:2004-01-25
San Antonio, TX

lonnyb

Premium Member

Spam

- the other red meat.
GunnarDanne
join:2002-12-02
Crown City, OH

GunnarDanne

Member

Outsourcing

Sure, keep the crap on the mainland and outsource all the tech-support jobs.
patcat88
join:2002-04-05
Jamaica, NY

patcat88

Member

Jail the sellers

Very simple answer, who cares about catching spamers, just catch whatever the spam is selling. Much easier to catch someone who is willing to accept money. Also if a vendor claims innocence, let the vendor defend against its referal payments to spammers. Spammers dont spam if they cant get money out of it. What is spam? Forged headers, end of story. Make forged headers for commercial purposes illegal. All spam relays will be caught, and whatever vendors are in those relay'd spam will be prosecuted. Or a per spam message fine, let the vendor sue the spammer then on contract law after the vendor is sued under criminal. If vendors want to spam, they have to send it off their own machines, end of story, accountability. This wont hurt the 419s and the identity theft, since all of those are out of USA and are elaborate back and forth convos, and those are too much work and cant be automatedly prosecuted. Also if a vendor is outside the USA, add him to the special nationals list, now if a CC company or a person transfers money to them, nice jail or fine. Now im sure marketing ppl and intl vendors and payment processors will have kittens over this and will lobby against it and it will never be passed.
jimbo21503
join:2004-05-10
Euclid, OH

jimbo21503

Member

Yeah right...

As long as Micro$oft lives, so will the enormous ammount of spam coming from the U.S.

You think Vista will be ANY safer than XP?

Consider this:

- Security problems are already being located by security firms and technical pros alike in the current betas of Vista.

- Windows installs "Windows Defender" be default in Vista. This rediculous peice of software does little to say the least.

- Windows Vista, like XP SP2, practically threatens you to install virus protection software.

- Reports have been realeased that, today, some 80% of new viruses could easily slip past most any virus detection software. Many rootkits are practically impossible to remove without a re-format. That percentage is expected to continue up into the 90%s in the coming years.

Had more people re-distributed to MAC or LINUX (I recommend Ubuntu), maybe Microsoft would focus on secuirty and this stuff would not happen as often. Competition moves innovation. There are more than 100 different distributions of Linux. MAC is based on UNIX (just like Linux). Catch my drift.
Kill M$, kill spam. Plain and simple.