All the latest UK technology news, reviews and analysis
|
|
|
24 May 2006
Blue Security may have been forced to close because of denial of service attacks from spammers, but the internet community is determined to carry on its work.
The reborn Blue Frog project has been renamed Okopipi after a type of poison dart frog found in Suriname, South America.
The work is being carried out as part of a group collaboration, using a wiki to co-ordinate the group's activities.
Industry analysts said the new version would need to spread its resources across multiple servers in multiple locations to minimise its vulnerability to spammers.
"If the new project is not to be as vulnerable to malicious attack as Blue Security was, it will need to be highly decentralised, so there is no single critical resource that can be attacked," said analyst Richi Jennings from Ferris Research.
"The project should also take care not to cross the line from legitimate spam complaints to attacking spammers using denial of service techniques, which was an early accusation levelled against Blue Frog."
Blue Security closed its service following attacks by spammers that kept it offline.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Cisco Voice Support (IPT, Unified Communications) Cisco...
Business Analyst - Finance, Retail Banking/Core Banking...
Senior C# Developer Senior C# Developer required for...
GREYWOOD ASSOCIATES are currently recruiting for an experienced...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
SPAM: Government or Private Enterprise
Whether you believe government or private enterprise should handle spammers in countries that do not reign in spam abuse, it really just comes down to money. If someone is willing to put enough money toward this endeavor, spammers could be stopped dead in their tracks. DDOS atacks aimed at spammer servers and those of their clients'would ultimately be effective, if enough money were thrown at the problem. It would be a battle and there would be a lot of expense and some casualties. But ultimately, whomever has the most money to throw at the problem will win.
Posted by: S T 30 Jul 2006
Show them the lack of money
"What legal recourse do you think the U.S. Government or any other has against "rogue" spammers in countries such as Russia, N. Korea, et. al?" A very simple one, MONEY. The majority of spammers are getting paid for their services from the websites they create the SPAM for. If the government simply made it illegal for the credit card companies to make payments to the companies responsible for the spamming websites, I would promise you the amount of SPAM would decrease.
Posted by: Brent 16 Jun 2006
The name
The ONLY name involved with this project at the moment is "Okopipi" - more information can be found on the Okopipi FAQ ("Black Frog" is not being used due to a possible trademark issue)
Posted by: Ehm 31 May 2006
Legal Recourse
"What legal recourse do you think the U.S. Government or any other has against "rogue" spammers in countries such as Russia, N. Korea, et. al?" This is where the UN committee for the Internet could actually spec some useful treaty!! A protocol for deporting spam criminals (I'm talking about somebody who is REALLY egregious, not just doing a few hundred thousand Emails...); if they refuse to cooperate on investigating or enforcing civil penalties for damages, based on some objective criteria defined by the protocol, the country could get their Inet links crimped (maybe not completely shut down, but subject to monitoring and access restrictions on content...) Until the big boys pull their heads out of their..., I think Black Frog is worth a shot. The biggest thing they have to worry about in the design of this software is it being exploited by the spam kings and used against participants and servers in the network. This is where a little asymmetric encryption might come in handy. The only other solution is a paid Email approach (a new extended SMTP protocol that has a mechanism for charging back a sender if it is determined by the recipient that it was spam, and escrow services for regulating the charges), but it seems, based on AOL's trial, that that is cultural anathma to most. Filtering is only triage...
Posted by: Code Guy 29 May 2006
Final Solution
What's really needed is to put some kind of money cost on email - in such a way that the 'subscriber' ends up getting most of back in refunds somehow - less some VERY modest admin costs - or it going to charity (problem is - which ones) We are already being extortioned into paying Norton, etc. 50-60 dollars or Euros a YEAR - plus all the hassle. If this amount of money was used for secure email it would work. If spammers had to pay only 0.001 cents to access the lists they'd stop By the way - why isn't the proliferation of spam the greatest thing that ever happened to Symantec/Norton? Amazing that no one wonders why these anti-software companies are never accused of anything in what is usually a 'conspiracy theory' society.
Posted by: Jouni Pesonen 27 May 2006
Hmm Blue Frog..
The way I see it is that the Blue Security people, decided that the spill over of a huge cyber war, was going to affect a lot of people who really just wanted to get on with their lives etc. But in terms of spammers, I'd just love to get into an all out fight to the death with them.. I guess it was that critical point, that to really have a full on cyberwar with some cyberwarts, would have caused significant disruption through the net, with lots of inconvenience to lots of people, and yet this would have been the decisive battle to totally turn the whole world against spammers.. So I guess the Blue security people simply acknoledged that they had the right to enforce their opt out requests on our behalf, but they did not want to be responsible for all the chaos that would ensue, when it started. It's a tough call. Personally I think maggots like Pharmy boy, ought to be squashed
Posted by: Shane 26 May 2006
Highly disappointed
Face it. They just gave up. Most of their subscribers were willing to stand by them and fight but Blue Security screwed us all over when they surrendered to an extortionist. Shame on THEM.
Posted by: Joe Knows 26 May 2006
We need some Real Men!
Call me a republican, but what the world needs now is some good old fashioned frontier justice. Nothing would have been more moral and respectable than had the respectable people of the earth hunted down the spammers, large and small, and tought them a lesson by force. Democracy doesn't work when people aren't willing to voice their voice in whatever way works. Blue Frog is the people taking the law into their own hands, and that's why it worked, and that's why Black Frog will work.
Posted by: http://www.colinandbethany.com/phpBB2/ 26 May 2006
Not quite so simple
What legal recourse do you think the U.S. Government or any other has against "rogue" spammers in countries such as Russia, N. Korea, et. al?
Posted by: Wiz 25 May 2006
highly decentralised?
"it will need to be highly decentralised, so there is no single critical resource that can be attacked" ...could this not mean there are several resources to attack? I think PharaMaster showed that he was more than capable of this.
Posted by: ex-blueFrogger 25 May 2006
New antispam efforts
With Blue Frog gone we lost a friend, perhaps the best friend we had up to this time. But the idea was right. It was a good concept, so froggies lets get cooking on new and better ways to battle spammers at the source. Let's not filter. That would be caving in to these criminals. Yes a replacement for Blue Frog would be welcome but why don't someone develop software that with the click of the mouse we can send our own opt out complaints to the relevant links within any spam message from our own PC's. This way we are not dependant upon any one mediator and collectively we are a community. We would own the software that we install in our PC's. The responsibility to use the software would be our own. The more who send opt out complaints the more unfruitful messages the advertised sites will get. One complaint for one spam is a good concept and if a half million of us get the same spam message the advertised site will get a half million opt out complaints to deal with. Maybe they will hijack our email addresses and send spam out in our names to embarrass us as they already have mine but that is all right. Law enforcement is evolving and perhaps by reporting hijacked email addresses to our ISP's we will eventually see these cyber criminals behind bars.
Posted by: James Junior 25 May 2006
What government can do
Cross country arrests are in the news - 565 spammers and scammers arrested this week in one operation. The net covered several countries.
Posted by: Marvyn Slayman 25 May 2006
Government backing
"a crime that would guarantee many years of jail time." If they could catch them. And if they are in Russia? The frog made a difference in my inbox and I wish his new incarnation every success.
Posted by: Christopher Proudlove 24 May 2006
Sounds cool but ...
What we really need in this case is government action. A distributed project like this will be less vulnerable to attack, but will never be impervious. I have server space under my control and I will think LONG and HARD before opening myself up to retribution by spam gangs by taking part in this initiative. Easiest solution? The US government should replicate the services offered by Blue Frog (automated opt-out service). I strongly suspect these spamming maggots would think twice before launching an attack against US government networks ... a crime that would guarantee many years of jail time.
Posted by: thomas 24 May 2006
Not the Governments Job.
There is enough government in my life, controlling and monitoring internet activities. This will be a far better solution, more effecient, and will be more responsive to customer's needs.
Posted by: Difranco 24 May 2006