SoylentNews is people
SoylentNews
Brian Weinreich has been trolling spammers for two years using a bot that fires realistic and ridiculous replies to the pervasive online salespeople.
He simply forwards unwanted emails to a specific address and the bot takes over. Offering the spammers open ended questions that they fall over themselves to answer.
My favourite bit from Brian's blog is "after the first month, I didn't have to feed the Looper any more. People were just spamming it on their own.". The spammers were selling on the list of "bitters" to other spammers.
The code is on GitHub
[editor's note: we covered a somewhat similar story here. Does this one have the same ethical implications?]
This discussion has been archived.
No new comments can be posted.
Dev Teaches Bot to Talk Spammers' Ears Off
|
Log In/Create an Account
| Top
| 34 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
If the thunder don't get you, then the lightning will.
(Score: 3, Insightful) by jmorris on Wednesday September 28 2016, @03:48AM
The only evaluation criteria for anti-spam measures is "are they exploitable to attack the innocent?" So long as the counter measure can be assured to only impact the spammer anything up to and including high explosives are morally acceptable.
This method could, at worst, be induced to send a spam to an innocent that isn't going to make sense to them and won't have an active payload. If widely deployed in sufficient variations to prevent the spammers from learning to thwart it easily, it could raise the cost of spam enough to make it uneconomical. Which is the only long term defense; If it is profitable, somebody is amoral enough to send it.
(Score: 0) by Anonymous Coward on Wednesday September 28 2016, @04:51AM
> So long as the counter measure can be assured to only impact the spammer anything up to and including high explosives are morally acceptable.
What's sad is that I fully believe you mean every word of that literally.
Fundies are freaking scary as shit.
(Score: 3, Insightful) by jmorris on Wednesday September 28 2016, @05:28AM
It is logic. Spammers can't be stopped by talking them out of it. Spammers can't be stopped with technical measures short of actions more likely to render the Internet useless than solve the problem. But if the civilized world told these scum in second and third world countries running "bulletproof hosting" that they might want to ask themselves if they are "bombproof", the cost of hosting spammers, scammers and bot controllers would almost instantly get repriced to a point where a spammer couldn't make enough to remain profitable. A datacenter is a pretty delicate and expensive thing, a single Hellfire missile would really impact uptime and availability and totally screws up the pricing calculation. More importantly, every reputable customer would be outta there the second the threat was made. Finally, we haven't even considered the impact on insurance premiums yet. Hellfire missiles are not on any insurance carrier's risk profile, few would be willing to even consider covering such a risk.
Consider that a typical datacenter is lightly populated by best. If less than ten medium price pieces of ordnance could eliminate spam, botnets and most of the other crap every network admin spends far too many hours mitigating for a decade with a loss of life likely to be in the single digits, can you honestly say the idea doesn't intrigue you and you aren't at least secretly wanting to subscribe to the newsletter?
Thinking outside the box can be fun!
The only other idea that might work would be if a critical mass of backbone operators picked one country per month, delivered them a list of rogue 'bulletproof' datacenters who have refused to disconnect known criminals and give them an ultimatum. Close those operators within seven days or see their entire national set of IP blocks dropped at every router under control of the organization until they comply. Doubt it could be maintained though. Easy enough to bully a non-aligned third world hellhole but they have little net and can't support the worst offenders, it is the second world that is causing the problems and they engage in enough ecommerce Amazon and Google would not allow it.
That is why it needs to be bombs. Quietly. A datacenter in eastern Europe goes BOOM! in the night when it is believed it is unoccupied and nobody officially claims responsibility. If the mass media pick up on it at all, nobody knows anything except it might have been terrorists. But as the news is spreading like wildfire on the dark Internet, that underworld is told to expect the beatings to continue until behavior improves. Suddenly nobody is advertising 'bulletproof hosting' and they are reduced to relying entirely on hijacked Windows PCs and highly distributed C&C systems. Very hard for new beginners to break into that game. Now start tracking down and seizing the assets of the remaining pros with operations rich enough to be worth seizing.
(Score: 0) by Anonymous Coward on Wednesday September 28 2016, @07:01AM
We have "Military Intelligence" (yes, I know) - why the hell are they not taking down the hosting networks. Given their budgets,
and their need to improve their image, surely "we eliminated spam (If I told you how, I would have to kill you)" would get more
budget support than "we might, possibly, have snuffed out a barely credible terrorist plot that we are not able to tell you about".
Particularly as the police kill more people than terrorists.
I am talking about "umbrella marks in their legs" - not DoS attacks.
I think Joe Public would generally be quite supportive of telemarketers being dropped into the ocean from helicopters. Or buried in
wet cement. Hell, they might even crowd-fund it (Mafia, are you listening?)
(Score: 2) by EQ on Wednesday September 28 2016, @03:35PM
Spam? Hell, just take out the DDOS punks, that would make them cyberheroes.
(Score: 2) by Grishnakh on Wednesday September 28 2016, @04:12PM
I think Joe Public would generally be quite supportive of telemarketers being dropped into the ocean from helicopters. Or buried in wet cement.
Burying telemarketers in wet cement is very, very wrong. When the human body decomposes, it'll cause the concrete structure to be horribly compromised. You can't bury people in wet cement, as this could have catastrophic results later; what if it's done for a building foundation? That could result in a collapsed building.
Dropping telemarketers into the ocean from helicopters is a waste of fuel and money. Helicopters are very, very expensive to operate and use a lot of fuel, and require a lot of maintenance. If you must drop telemarketers into the ocean, do it with far more inexpensive fixed-wing airplanes. But even this is costly and burns fuel. But at least it'll give the sharks something to eat.
Personally, I think it would be much more economical and environmentally-friendly to feed telemarketers to hungry bears or mountain lions.
(Score: 2) by HiThere on Wednesday September 28 2016, @06:22PM
Well, you could cannonize them.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 0) by Anonymous Coward on Wednesday September 28 2016, @04:37PM
I got the image of turning on the news to see the talking head say, "and in other news President Obama ordered the launch of an ICBM that blew up the call center used by the autodialer that starts with a cruise ship blowing its horn. According to polls, he now has a 98% approval rating."
(Score: 2) by DannyB on Wednesday September 28 2016, @02:26PM
Since the NSA likes to keep exploits secret, thus depriving our own systems of defenses, maybe they should use some portion of their capability to continuously disrupt spam and malware operations.
Maybe disrupting these operations is worth investing significant taxpayer resources into. While difficult to calculate, there would be a substantial payback in savings to our own IT economy in terms of human time saved, bandwidth, storage, email lost in a sea of spam, investment in spam filter development, malware countermeasures, etc. The costs of all that are not insignificant.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Wednesday September 28 2016, @03:50PM
> It is logic.
Said every asshole everywhere. You got the playbook down. How's the final solution coming along?
(Score: 2) by HiThere on Wednesday September 28 2016, @06:24PM
The problem is false positives. (False negatives just make the proposal less effective.)
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2, Funny) by Oakenshield on Wednesday September 28 2016, @08:20PM
Spammers can't be bargained with. They can't be reasoned with. They don't feel pity, or remorse, or fear. And they absolutely will not stop... ever, until you are suckered out of your money.