Lycos Offers Spam-Server Attack Program - 12/02/04 10:45 PM
MADRID, Spain (AP) - At the risk of breaching Internet civility, a European Web portal is offering its visitors a weapon against spam: a screensaver program that tries to choke spam servers by flooding them with junk traffic.
As of Tuesday, about 65,000 people have signed up for the controversial tool from the German-based Lycos Europe, whose sites get 20 million users monthly.
The company insists the technique is legal - it says the culprit servers are simply choked a bit, not completely asphyxiated - and dismissed concerns that its "Make Love not Spam" offensive can further clog the world's digital pipeline.
Still, computer experts are worried.
"You don't stop a bad thing by being bad yourself," said David Farber, former chief technologist at the U.S. Federal Communications Commission. "The idea of somebody coming and hitting you and you hitting back, you both end up very hurt. It just aggrevates an already serious problem."
When a computer with the free Lycos screensaver is idle, the program sends junk commands to Web sites identified by Lycos as selling products pitched in spam. When done in masse, this eats up precious bandwidth, causing the sites to overload and slow down.
The goal, said Lycos Europe spokesman Kay Oberbeck, is to "show the owners of such spam Web sites that there is massive interest of thousands of users who are not willing to just give up against more and more spam each day."
The targets generally are not the servers used to do the actual mailings; these days, those servers are most often legitimate ones co-opted into spamming by viruses and worms.
Lycos chooses its targets by reviewing lists of suspect sites identified by independent spam monitors such as SpamCop. The company said it checks each manually to make sure it genuinely carries products promoted by spam, though Oberbeck acknowledged the risk of going after a legitimate site that has been hijacked by a spam-spewing site.
He said Lycos takes care not to crash spam servers altogether, ensuring that they will never go below 5 percent bandwidth. Thus, he said, the offensive isn't the same as denial-of-service attacks commonly used by hackers to incapacitate Web sites.
Cyberspace activism - such as virtual sit-ins in which computer users gang together and use automated tools to flood a Web site - is not entirely new, said Dorothy Denning, a professor of defense analysis at the Navy Postgraduate School in Monterey, Calif.
But in this case a for-profit company is the driving force.
"The interesting question is whether or not that company might be liable under some law, and would probably be liable, certainly, at least under a lawsuit by the spammers," she said.
Denning believes any impact on spamming will be minor at best. Though spam sites have to pay for bandwidth required for the extra traffic, she said, "the cost off adding extra bandwidth may be worth the reward that comes from spamming."
View Source Here My Way
As of Tuesday, about 65,000 people have signed up for the controversial tool from the German-based Lycos Europe, whose sites get 20 million users monthly.
The company insists the technique is legal - it says the culprit servers are simply choked a bit, not completely asphyxiated - and dismissed concerns that its "Make Love not Spam" offensive can further clog the world's digital pipeline.
Still, computer experts are worried.
"You don't stop a bad thing by being bad yourself," said David Farber, former chief technologist at the U.S. Federal Communications Commission. "The idea of somebody coming and hitting you and you hitting back, you both end up very hurt. It just aggrevates an already serious problem."
When a computer with the free Lycos screensaver is idle, the program sends junk commands to Web sites identified by Lycos as selling products pitched in spam. When done in masse, this eats up precious bandwidth, causing the sites to overload and slow down.
The goal, said Lycos Europe spokesman Kay Oberbeck, is to "show the owners of such spam Web sites that there is massive interest of thousands of users who are not willing to just give up against more and more spam each day."
The targets generally are not the servers used to do the actual mailings; these days, those servers are most often legitimate ones co-opted into spamming by viruses and worms.
Lycos chooses its targets by reviewing lists of suspect sites identified by independent spam monitors such as SpamCop. The company said it checks each manually to make sure it genuinely carries products promoted by spam, though Oberbeck acknowledged the risk of going after a legitimate site that has been hijacked by a spam-spewing site.
He said Lycos takes care not to crash spam servers altogether, ensuring that they will never go below 5 percent bandwidth. Thus, he said, the offensive isn't the same as denial-of-service attacks commonly used by hackers to incapacitate Web sites.
Cyberspace activism - such as virtual sit-ins in which computer users gang together and use automated tools to flood a Web site - is not entirely new, said Dorothy Denning, a professor of defense analysis at the Navy Postgraduate School in Monterey, Calif.
But in this case a for-profit company is the driving force.
"The interesting question is whether or not that company might be liable under some law, and would probably be liable, certainly, at least under a lawsuit by the spammers," she said.
Denning believes any impact on spamming will be minor at best. Though spam sites have to pay for bandwidth required for the extra traffic, she said, "the cost off adding extra bandwidth may be worth the reward that comes from spamming."
View Source Here My Way