General discussion

Locked

STOP the insanity - re: virus, spam, and malware

By harperwill ·
INSANITY is defined as "doing the same thing, in the same way, and expecting different results." That's what you are trying to do with your better-and-better-and-better spam-trap software, virus-traps, malware-traps, (you fill in the blank).

I have been a lone voice, crying out into the wilderness, without much impact. But, I think I have a message that should be heard....

How 'bout a fresh look at the problem...

We are losing ground to the virus writers, THE MALWARE WRITERS, AND THE SPAMMERS. The reason is extremely simple - YOU are using the wrong model, shooting at the wrong target, fixated on a solution for the wrong problem.....(more?)

I just read all of the futile spam, virus, and malware emails and white papers. I found it interesting, but I think I can add a few verbs to the battle. The problem is that nobody takes the time to step-back from the "Problem" and look for real solutions.

In engineering, it is acknowledged that it is always better to stop a problem as soon as possible, and not have to fix up after it. "Fixing up" is what the current spam, malware, and virus models are focused on. THERE is your problem. There is only one problem, one model, and one solution...

Maybe you can add your influence to a REAL solution to the spammer, malware, and virus problem (in one tight bundle). Here is my input to this issue:

Actually, ALL of the spam efforts (including the recent "can-spam" legislature AND Billy Gates' and Yahoo's money making email postage schemes) are aimed at the wrong target. It reminds me of a game that a friend delighted in playing with his dog. He would shine a laser pointer beam on the wall, and the dog would frantically try to catch it (I asked him not to torture the poor dog). The point, however, is the dog NEVER THOUGHT OF BITING THE HAND THAT WAS HOLDING THE POINTER!

You guys can try until the proverbial cold spell in Hades, and you will NEVER beat the spammers, malware writers, and virus writers. Virus writers have their own agenda, but the spammers and malware writers are just the beam on the wall. The hand that is holding the laser pointer (and paying the spammers and malware writers) are the unscrupulous advertisers who hope to get some responses to their advertisements.

DING! DING! DING! For spammers and malware, go after the advertisers! Look for embedded URLs, mailto: and phone numbers. The spammers can/and do change their email addresses every-minute-on-the-minute, and they change their subdomains almost as quickly. Changing registered domain names takes a little longer, but they have nothing invested in those arbitrary domain names, either. ON THE OTHER HAND, the advertisers NEED to keep their return URL (don't forget to catch the mailto: and phone numbers also) until they can get a return on their advertising (spamming) expenses. In other words, use the same model to develop "spam signatures" as the virus industry does. FORGET about the spammers "FROM" LINE AND THE EXPLOITED SERVERS AND ZOMBIES!

But, after the signatures are published, here is where the virus model hits the wall! And where the spam and malware models have never seen the light of day.

THE SIMPLE ANSWER: Quit depending upon the dumb end-users who are trying to (or not trying to) understand the problem. Stop the problems at the input side. Consider the web as a cloud, with stuff on the inside, which works pretty well as it is. The point of failure is the "input" doorways. These are (or should be) controlled by the ISPs and by a few of the "doorway" web switching vendors. Require the ISPs and doorway portal operators to filter for and BLOCK inbound spam, viruses, and malicious packets using frequently updated "signatures." (Using the very same signatures and analysis engines as the virus engines.)

The current spam/malware/virus models just let the stuff fly "into" the web, and then hopes that EVERY end-user will be able to detect and throw it away, after it arrives. This is the INSANITY! In the meantime, the web is melting-down, with garbage traffic, and nobody in the industry seems to be concerned with stopping it at the sources.

When you remove the profit motive from spamming, the spammers will look for other ways to exploit the internet - but our spam problems will die out to just a trickle. The same solution will also stem the flow from script-kiddies and out-of-control worm propagation, and from unsuspecting "zombie" end-user computers. A few HI TECH virus writers may slip through, but the same model, being self-correcting, will stop the spread of it, as soon as it is identified - in hours ... not months or years, as it is now......

Will Harper, MCSE (NT, W2K, XP), MCT, CCNA, CTT+
MCSE Certification Trainer
ECPI College of Technology

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

True, OR

by Oz_Media In reply to STOP the insanity - re: v ...

Just buy decent software and be done with it once and for all.

No SPAM in over a Three months (well one or two, but you can't consider THAT SPAM). Viruses? GroupWise with Novell, backed with e-Trust, no problems yet.

If this is an issue with your Microsoft products you may want to join the Netware vs Microsoft discussion and add how crappy Miocrosoft products are and how theye are constantly targeted.

Or you could spend a few grand and have a nice rest while everything works in the background.

SPAM is no longer an issue for me at all, viruses never have been. That's what I get for choosing antiquated software that isn't marketed properly, from what I hear.

Collapse -

Interesting approach...

by Oldefar In reply to STOP the insanity - re: v ...

I think your initial assumption is flawed.

The bulk of the spam is not, in my humble opinion, an approach to advertising. I suspect instead that the bulk of the spam is a scam.

Poor economic outlook, concern over job security in manufacturing and technology industries, and the downside of a stock market frenzy that made it seem like millions were making fortunes based on the Internet.

Now, it may be that the market for easy physical enhancements is large enough to account for dozens of duplicate email ads each day and that the firms selling these products are just flooded with orders. I don't believe that, however. I suspect that this spam comes from unemployed or insecure people who BOUGHT INTO the idea they could send these adds and earn huge commission checks as a result. The unique feature in these duplicate adds is a code that in theory associates the spammer with the order and so insures proper assignment of commission checks.

The real business is selling the scam. I doubt there are really any warehouses of blue pills or their herbal equivelents waiting to fill orders. At best, there might be a shelf in a garage or basement just in case the authorities come checking to validate product could be shipped. What is really being sold are email packages and mailing lists to folks so desperate they are grasping at straws to make money. The URL in the add is meaningless. No one involved at the source expects or wants any orders. The money was made when the spam program was sold.

I do agree that the approach is wrong. First, the folks behind these scams (if I am right) need to be tracked down and prosecuted for fraud. Next, the ISP that allows the spam to enter should be blacklisted. Any peering arrangements blocked. On lower tier ISP, the upstream tier 2 or tier 1 should be fined as well.

Of course, this does nothing for virus spreading and trojans. Still, another approach should be considered.

Collapse -

Guard your e-mail address

by TheChas In reply to STOP the insanity - re: v ...

The BEST protection against SPAM is to guard your e-mail address that same as you would a credit card number.

I don't get enough SPAM to be an issue.
Why?

I don't sign up for freebies that require an email address. That is where it starts.

If I do need to provide an email address and have any question about how the site will use it, I give out one of my on-line addresses. With Yahoo in particular, I get free spam filtering.

Chas

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums