Berkeley CSUA MOTD:Entry 43078
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2024/12/25 [General] UID:1000 Activity:popular
12/25   

2006/5/17-22 [Computer/SW/Security] UID:43078 Activity:nil
5/16    Blue Security gives up:
        http://csua.org/u/fvo
2024/12/25 [General] UID:1000 Activity:popular
12/25   

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
2011/2/10-19 [Computer/SW/Security] UID:54034 Activity:nil
2/9     http://www.net-security.org/secworld.php?id=10570
        Summary: iPhone passwd storage is unsafe after all
	...
Cache (3416 bytes)
csua.org/u/fvo -> www.washingtonpost.com/wp-dyn/content/article/2006/05/16/AR2006051601873.html
Manage Your Newsletters spacer In the Fight Against Spam E-Mail, Goliath Wins Again By Brian Krebs Special to The Washington Post Wednesday, May 17, 2006; Page A01 Eran Reshef had an idea in the battle against spam e-mail that seemed to be working: he fought spam with spam. But because those sort of requests tend to be ignored, Blue Security took them to a new level: it bombarded the spammers with requests from all 522,000 of its customers at the same time. That led to a flood of Internet traffic so heavy that it disrupted the spammers' ability to send e-mails to other victims -- a crippling effect that caused a handful of known spammers to comply with the requests. Then, earlier this month, a Russia-based spammer counterattacked, Reshef said. The spammer also sent another message: Cease operations or Blue Security customers will soon find themselves targeted with virus-filled attacks. Today, Reshef will wave a virtual white flag and surrender. The company will shut down this morning and its Web site will display a message informing its customers about the closure. would be the only thing to prevent a full-scale cyber-war that we just don't have the authority to start," Reshef said. Security experts say the move marks a disheartening development in the ongoing battle by computer users, online businesses and law enforcement against those who clutter e-mail inboxes with a continuous glut of ads for drugs, porn and get-rich-quick schemes. Alan Paller, director of research for the Bethesda-based SANS Institute, a computer security training group, said extortion attacks have exploded in the past few years. With Blue Security, Paller said, the attackers' extortionist demands were that the company merely stop interfering in a multimillion-dollar spam operation. "We're hearing from federal law enforcement that they are getting more than one new case of online extortion each day," Paller said. Tucows chief executive Elliot Noss called the attack "by far the largest the company had ever seen," and said that only a handful of companies have the infrastructure in place to withstand such an assault, much less a more powerful one. "This attack really was like trying to take out a mosquito with an atomic bomb," Noss said. The FBI is investigating the attacks, according to Six Apart, but agency officials would not confirm a federal investigation yesterday. The innovative approach in the fight against spam caught the attention of investors in 2004, when Blue Security received more than $4 million in venture capital, but critics questioned whether the company could win such a massive battle. "When the company's founders first approached the broader anti-spam community and asked them what they thought of the idea, everyone said this was a terrible idea and that they would eventually cause a lot of collateral damage," Underwood said. "But it's also extremely unfortunate, because it shows how much the spammers are winning this battle." RSS Feed Post a Comment Comments: Post Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site.