« Fear of Phishing Scams Delay Unicode Domain Name Rollout | Main | Links Roundup »
July 18, 2005
Blue Frog: Yet Another Fight-Spam-Through-DDoS Tool
As discussed in this PCWorld article, Blue Security's Blue Frog is another misguided attempt to shift costs back on the spammers by enlisting the help of their victims' computers. Similar in concept to the Lycos "Make Love Not Spam" screensaver idea, Blue Frog is equally abusive and of dubious merit, but with an added twist: it is apparently smart enough to try to unsubscribe the target email address from the spammer's list. Of course, this assumes, quite naively, that spammers' unsubscribe mechanisms actually unsubscribe the victim from their list, rather than confirming that the email address is live, and giving them evidence that it is now worth selling to the next spammer. I guess we shouldn't be too surprised; one of Blue Security's other products is an email address registry, which spammers can download to "clean their mailing lists". The whole bundle appears to be nothing more than a thinly disguised blackmail scheme - by threatening to DDoS spammers who refuse to comply with their Do Not Intrude Registry. The final point I'd make about the product is that it also apparently assumes that all spammers pay to host their own Web sites. On the contrary, it's been widely reported that many of the recent viruses act as both DNS server and Web server for the spammers who also use them to send out their spam. So, it's not impossible to believe that a Blue Frog user who was also infected by one of these viruses could effectively be trying to DDoS his own machine. And this is a solution to the spam problem how, exactly?
Posted by schampeo at July 18, 2005 3:36 PM