Why does this group have so much spam?

R

r

So much of it could be removed even by simple keyword filtering.

A more interesting question is what morons are responding to this spam
and enticing the spammers to proliferate their garbage? Do people
actually see a spam like "Phallus enlargement pills" and say to
themself "Alright!, just what i been looking for!". I guess i just
can't understand foolishness...

Yes i agree, far to much spam is getting through.
 
B

Bruce C. Baker

casebash said:
So much of it could be removed even by simple keyword filtering.

Assuming this is a serious question:

1. comp.lang.python has relatively little spam, compared to others.

2. The spam posters aren't looking for responses within the individual NGs,
they're just hoping you'll click through to the link within the post. It's a
version of "fire and forget"

3. Simple keyword filtering /by whom/? There is no central NG governing
authority.

The best response is to ignore[1] the spam posts; they'll eventually expire
and disappear from your newsreader.

[1] Although if they're egregiously stupid, you may find yourself mocking
the OP. Realize that as witty and urbane as your response may be, the OP
ain't listening. :)
 
D

Dennis Lee Bieber

On Sun, 30 Aug 2009 00:00:54 -0500, "Bruce C. Baker"
<[email protected]> declaimed the following in
gmane.comp.python.general:

casebash said:
So much of it could be removed even by simple keyword filtering.

said:
1. comp.lang.python has relatively little spam, compared to others.
Except when viewing it via the uncontrolled Google Groups function
-- in which 90% of the spam seems to be posted by users with throw-away
GMAIL email addresses... Which conditions seem to apply to the original
poster: both a Google Groups posting, using a gmail address.
3. Simple keyword filtering /by whom/? There is no central NG governing
authority.
And experience shows that Google doesn't care at all...
The best response is to ignore[1] the spam posts; they'll eventually expire
and disappear from your newsreader.
Not from someone reading Google Groups -- spammers don't bother with
"x-no-archive" <G>
 
M

Miles Kaufmann

casebash said:
(e-mail address removed)...

Funny, I was just thinking recently about how *little* spam this list
gets--on the other hand, I'm following it via the python-list@ mailing
list. The list owners do a great job of keeping the level of spam at
a minimum, though there are occasional false positives (like your
post, apparently, since I'm only seeing the replies).

-Miles
 
N

Nobody

I think there is only one final solution to the spam pestilence: a tiny tax
on email and posts.
Spammers send hundreds of thousands of emails/posts a day and a tax of
0.0001$ each does not harm normal users but discurages spammers.

Apart from the impossibility of implementing such a tax, it isn't going to
discourage spammers when the tax will be paid by the owner of the
compromised PC from which they're sending their spam.

If you want to avoid usenet spam and don't want to filter it yourself,
find a provider with more aggressive spam filter. Ultimately, it's up to
the person running the news server as to which posts they will or will not
accept.
 
T

Terry Reedy

Nobody said:
Apart from the impossibility of implementing such a tax, it isn't going to
discourage spammers when the tax will be paid by the owner of the
compromised PC from which they're sending their spam.

It would encourge PC owners to not let their machine be used as a spambot.
 
R

r

The owner of compromised PC should be responsible of his computer like the
owner of a car is responsible of damages caused by its car.
That owner should keep his computer clean as he *must* keep his car
functional and safe.

Yes i agree but your logic is flawed. If someone cuts my brake lines
and i cannot stop who is to blame? Or if someone throws nails on the
highway and i crash, who is to blame? Obviously you cannot blame the
car owner. However if i let my brake pads wear out until they are
metal on metal and run over some poor old lady crossing the street --
well now you got me! ;)

But you cannot apply this logic when a hacker compromises someones
computer, it the same as cutting their brake lines. How can you
honestly expect that Joe computer user will know of this infection? Do
you even know where your brake lines are? Even hackers can be hacked
without ever knowing it! The only sure fire way is VM's or system re-
installs.
Today most of the people consider cyber security an optional, but all of us
pay for their negligence. Those people are externalizing to the rest of the
world their costs in terms of SO updating, antivirus, firewall and
knowledge. This is unfair.

Yes, keeping a running AV and proper updating i agree with...
This is mainly a matter of sensibility and culture: in '50/60s active and
passive car safety was an optional, today is a must.
I think it's time to switch to responsible computing and the mail-tax would
charge each person of its own costs and annoyances without affectig the rest
of the world.

What, this is madness! If you have terrorist terrorizing your country
you don't tax the public when they blow up a shopping mall so you can
rebuild it! No you kill the terrorist in a harsh and painful manner
and make an example of them, then you seize there monies. You should
direct your anger to the proper internet security authorities(and more
importantly to the perpetrator's) and not the innocent victims of such
attacks. I want you to sit back and think very deeply about your
proposal here because it is horribly wrong.

It is so easy to just slap a tax on something, yes that will solve
everything. *sarcasm*
This is not the solution. You are saying that if your neighbour makes loud
noises you can not call police to impose him to cease but you can only make
your home soundproof.

or you could go over and punch him in the nose, works every time for
me ;-)
 
R

r

It's a question of point of view: in italy if a thief steals a car and
causes an accident the car's owner's assurance (having a car assurance is
mandatory) must refund the victims. That's because protections of victims is
first priority.
Obviously the owner can not be charged

Is the car owner not a victim too? :). i am ok with the filthy
insurance company paying as long as the owners rates don't increase.
But why can't we force the criminal into hard labor to pay back the
lost monies? Seems like that would serve justice to all parties...
That's a problem of the computer owner. Why should the rest of the world be
charged of *his* problem while keeping him safe from suffering any
consequence?

No, why should spammers feel safe while doing their crimes? I say put
the pressure on criminals, and NOT the victims. I really doubt much is
being done to fight spam now that is why it is so prevalent. Two FBI
hackers can't keep up with billions of spams.
Madness, you say? Let's examine the situation a bit moore deeply.

First, the mail-tax would is not for rebuilding the destroyed building after
the attack but, at the opposite, to prevent the attack. Wouldn't you pay a
small tax to prevent terrorist's attacks?

Only if that tax was given to highly trained US Marines who where
given a green light to use any and all methods to brutally kill the
enemy and make an example of him with no worry of prosecution by their
own government.
The mail-tax would be really small, if you send 1000 mails at month (a real
huge traffic, for a non spammer!) the bill would be about 10 cents.
Do you really think this is too much to get rid of most of the spam?

I don't think that will stop most spammers since they must be making
more that a 10c a month profit or they would starve to death! I say
why not put a 1000.00 fine on any idiot that responds to a spam! What
about that?
We are paying and hidden tax in terms of HW and human resources needed by
ISPs to manage that huge (~90%) useless/malicius traffic. (I don't mention
const related to dalays, denial of services, theft of informations...)
(...snip)

The system is definitely flawed. I am no internet expert so i don't
really know what we could do to fix it. I do fear goverment or
corporations taking over of the internet and robbing use of our
freedom of speech under the pretense that they will *somehow* save us
from the spammers. Something must be done however.

I *do* know however that M$ windows ships with its back doors wide
open and you could put a lot of blame of M$ for this stupidity! And
since their product is meant for computing morons why do they still
ship it in such a vulnerable state... complete madness!
Finally a little criticims: spam and related malware is a problem growing
day by day. I am proposing a solution and if somebody doest't like it, well,
he should propose a better one. Just saying "NO!" and turning head aside
hoping that the problem will solve by itsef is no more acceptable.
(snip)

I agree with you, we must do something...
 
A

Andre Engels

Il Sat, 29 Aug 2009 17:18:46 -0700 (PDT), casebash ha scritto:


I think there is only one final solution to the spam pestilence: a tiny tax
on email and posts.
Spammers send hundreds of thousands of emails/posts a day and a tax of
0.0001$ each does not harm normal users but discurages spammers. This tax
should be applied when a message is routed by a ISP server, this saves
mails/posts internal to a LAN.

What about mailing lists? There exist well-functioning mailing lists
with thousands of subscribers. Being a posting member of those will
significantly increase your internet bill under your proposal.
 
T

Terry Reedy

David said:
I'm not saying that criminals shouldn't being prosecuted, but we are talking
of something else: creating and environment that discurages criminals,
because present enviroment is pretty wild and criminals have a big
advantage.
The mail-tax proposal aims to change this situation.

I have read at least one person saying he did not mind his machine being
used to send out spam. I have read more that one person advocating
leaving one's wi-fi base open for anyone to use as the 'neighborly'
thing to do.

A substantial fraction of people have turned off Window's update.
Consequently, whenever Microsoft announces a vulnerablility and patch,
malware writers can write an exploit of the announced vulnerability and
be sure that they will find vulnerable machines.

All the above are contributors to the problem and are externalizing some
of the proper cost of ownership and operation of a net-connected computer.

tjr
 
S

Steven D'Aprano

Il Tue, 1 Sep 2009 11:50:14 +0200, Andre Engels ha scritto:



It's an implementation issue, it doesn't touch the sense of proposal.
One possibility is register the mail list to official registers and mail
from a subscriber to other subscribers will be excluded from taxation or
will have a lower tax rate.
An excessive mailing from a single or few subscribers can be easily
detected, traced, filtered and, if the case, prosecuted.

This can be done already, without the need for an email tax. ISPs could
easily detect spammers, if they cared to.

There are a few things that can already be done to cut the spam problem
to manageable size:

(1) Why aren't ISPs blocking port 25 for home users by default? My home
ISP does, I can only send email through their mail server unless I ask
them nicely, in which case I'd be responsible for any spam that leaves my
home network. If I send spam, I'll be breaking my terms of service.

(2) Why aren't ISPs cutting off detected spam bots? Owners of zombied PCs
are menaces to society. ISPs are in the best position to detect PCs which
are spamming, and alert the owner. If no action is taken in a week, warn
the owner that they're in breach of their terms of service, and if the
behaviour persists, cut the owner off until they clean up their PC.
Repeat offenders should be banned.

(3) ISPs who won't cut off spam bots are either incompetent or have a
financial incentive to do business with spammers. Therefore, responsible
ISPs should cut them off. If this means the email universe divides into
two halves, the Wild West where 999 emails out of every 1000 are spam,
and Civilization where only one in a thousand is spam, I'm okay with that.

As for the argument that home users who send spam are the victim, that's
true up to a point, but not very far. Here's an analogy: suppose that
terrorists sneak into your house after picking the lock -- or in the case
of Windows users with no firewall or anti-malware, stroll through the
unlocked front door -- and spend the next six months camped in your spare
bedroom, using your home for their base of operations while they make
terrorist attacks. When the FBI kicks your doors down, don't you think
you would be arrested and would have to prove that you couldn't be
reasonably expected to know they were there? If millions of spam emails
are coming out of your PC, that's prima facie evidence that YOU are
spamming. You would need to prove that you're an innocent victim who
couldn't *reasonably* be expected to know that your machine was hijacked
-- you would need to prove that the spam bot was so sophisticated that it
infected your PC despite the firewall, that you didn't install it
yourself in order to get some stupid game, that no commonly available
anti-malware program detects it. Anything less than that is *at least*
negligence, and possibly willful negligence.

Negligence is a crime too, especially willful negligence. Perhaps a
lesser crime than deliberate bad behaviour, but if you kill somebody
because you neglected to service your car, the argument "I'm the victim
here, blame somebody else!" wouldn't get you very far. Not knowing how to
service your car to keep it in good working order is not an excuse -- if
you don't know how to change the brakes, there are people who do. If you
don't know how to set up an effective firewall and anti-malware software,
there are people who do. Stop hiding behind your ignorance, and pay an
expert to service -- and secure -- your computer. It is 2009, and the
malware problem isn't some theoretical threat that only a handful of
people know about. Anyone with an infected PC who does nothing about it
is, in my opinion, *equally* responsible for the spam being sent out as
the criminals who hijacked the PC in the first place.

Yes, I'd like to see the criminals, the malware authors and the spammers
punished, but I'd be satisfied to see them put out of business. The weak
link is the zombie PCs -- fix the home users' PCs, or block them, take
them off the Internet, and spam becomes manageable again.
 
S

Steven D'Aprano

I have read at least one person saying he did not mind his machine being
used to send out spam.

*Lots* of people have that attitude. I know a number of kiddies whose
attitude is they don't care what malware is on their PC, when performance
slows down to the point they can't play World of Warcrack any more,
they'll just rebuild it.

I have read more that one person advocating
leaving one's wi-fi base open for anyone to use as the 'neighborly'
thing to do.

That's a different kettle of fish. You don't do anybody any harm by
paying for Internet access for your neighbours (and anyone driving down
the street with a laptop and wi-fi).

A substantial fraction of people have turned off Window's update.
Consequently, whenever Microsoft announces a vulnerablility and patch,
malware writers can write an exploit of the announced vulnerability and
be sure that they will find vulnerable machines.

Which wouldn't matter if their system was behind a proper firewall, and
if they didn't willingly install malware because it came with a cool
game. Or accidentally installed it because they thought it was anti-virus.

The one and only time my Windows PC was infected by malware was because
my wife decided to do the right thing by installing the Windows update.
Somewhere in the process -- I never worked out how -- ActiveX got turned
back on in IE, and within an hour the machine had a dozen drive-by
malware packages installed. I know they were drive-by, because the missus
started the update process and then left the house, nobody else was
there. When she returned, she came in to a hundred pop-ups on screen, and
a hijacked browser.

Took me two weeks of elapsed time and around 30 hours of effort to remove
those suckers from the machine. Now I run Linux, behind two firewalls.
 
R

r

On Sep 1, 10:16 pm, Steven D'Aprano
That's a different kettle of fish. You don't do anybody any harm by
paying for Internet access for your neighbours (and anyone driving down
the street with a laptop and wi-fi).

naughty, naughty! somebody's been wardriving! ;-)

Took me two weeks of elapsed time and around 30 hours of effort to remove
those suckers from the machine. Now I run Linux, behind two firewalls.

Takes me less than one hour to rebuild my system including personal
files, but excluding however winders updates cause there sure are a
lot of thems updates :-O
 
T

Terry Reedy

Steven said:
That's a different kettle of fish. You don't do anybody any harm by
paying for Internet access for your neighbours (and anyone driving down
the street with a laptop and wi-fi).

Unless the 'neighbor' is your friendly local spam or malware merchant ;-)

The rationale I have seen is this: if one leaves the wi-fi router open
and illegal activity is conducted thru it, and there is no residual
evidence on the hard drives of on-premises machines, then one may claim
that it must have been someone else. On the other hand, if the router is
properly closed, then it will be hard to argue that someone hacked
trough it.

There are, of course, flaws in this argument, and I take it as evidence
of intention to conduct illegal activity, whether properly so or not.

tjr
 
S

Steven D'Aprano

Unless the 'neighbor' is your friendly local spam or malware merchant
;-)

Since they're sending spam through your account, it's the same as you
sending the spam, and you're responsible for it.

The rationale I have seen is this: if one leaves the wi-fi router open
and illegal activity is conducted thru it, and there is no residual
evidence on the hard drives of on-premises machines, then one may claim
that it must have been someone else. On the other hand, if the router is
properly closed, then it will be hard to argue that someone hacked
trough it.

There are, of course, flaws in this argument, and I take it as evidence
of intention to conduct illegal activity, whether properly so or not.

So, if somebody leaves their car unlocked, is that evidence that they
were intending to rob a bank and wanted a fast getaway car?

If you leave your window open on a hot summer's night, is that evidence
that you're planning to fake a burglary?

If you leave your knife and fork unattended in a restaurant while you go
to the toilet, is that evidence that you intended to stab the waiter and
blame somebody else?


I assume you would answer No to each of these. So why the harsher
standard when it comes to computer crime?
 
M

MRAB

Steven said:
This can be done already, without the need for an email tax. ISPs could
easily detect spammers, if they cared to.

There are a few things that can already be done to cut the spam problem
to manageable size:

(1) Why aren't ISPs blocking port 25 for home users by default? My home
ISP does, I can only send email through their mail server unless I ask
them nicely, in which case I'd be responsible for any spam that leaves my
home network. If I send spam, I'll be breaking my terms of service.

(2) Why aren't ISPs cutting off detected spam bots? Owners of zombied PCs
are menaces to society. ISPs are in the best position to detect PCs which
are spamming, and alert the owner. If no action is taken in a week, warn
the owner that they're in breach of their terms of service, and if the
behaviour persists, cut the owner off until they clean up their PC.
Repeat offenders should be banned.
The preferred option these days is to slow down net access of the
offenders, not cut them off completely. I'm not sure how many ISPs
actually do that yet.
 
E

Emile van Sebille

On 9/1/2009 9:22 PM r said...
On Sep 1, 10:16 pm, Steven D'Aprano

Takes me less than one hour to rebuild my system

If that's your job (as it's sometimes mine) then that sounds about
right. Otherwise, you must have a lot of practice rebuilding!

Emile
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top