- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Nice :) And I had been meaning to ask when the beginning of the day for this site was. It must be midnight somewhere on the planet round about now.
Admin
I LOVE YOU ADAM GOLEBIOWSKI
Admin
Ah, those charming fellows from Nigeria and Russia. Who wouldn't want their webs?
Admin
Ha ha ha ha. He said "telnet".
Admin
OMG!! Finally being able to get the spammer where it hurts :) That must have been a glorious feeling to be able to remove all his files :)
Personally I would have posted the FTP account details to as many websites and forums as I could in the hope that it would be picked up by those that search the internet for open servers to store their movies on :P
Brilliant but I have to say that the biggest WTF is that Adam actually visited the link in that obvious spam email.
Coditor
Admin
That's a heck of a lot of laws the guy violated there, just because he didn't like that company's (annoying but legal) marketing strategy. I'm going to assume the spammer probably has few American legal resources but I reckon I'd have left the place alone.
Admin
I probably would have done the same thing. And I wouldn't have had any trouble sleeping at night afterwards either, if you get my drift.
Admin
One might point out that in the US, an unsolicited email pretending to be from an 'old highschool friend' is also illegal...
But yeah. Internet vigilantism is a dangerous occupation these days.
Admin
Wait a minute... No one ever said that Adam was responsible for anything more than snooping...
Admin
In a few small number of countries, unsolicited bulk emailing is illegal. In those countries, some have the doctrine of "unclean hands" which means that the individual who instigates an act which breaks the law is fully responsible for all the consequences, including personal losses - that individual is unable to sue/prosecute anyone who thwarts or even takes advantage of the instigator.
Admin
Wouldn't it have been a lot more fun to discover the spammer's personal email address(es) and change every field in his database of email addresses to his own? You know, so that next time he sends out a mass email, he gets 150,000 copies of the spam, gets pissed off cause his inbox won't load, so he calls his ISP, who then discover that they've got a spammer on their hands, and they drop him like a hot rock, and then post a story here about how some idiot inadvertantly turned himself in for spamming.
That, and the "post the link everywhere so that people can use the open server to store movies" thing... LOL.
Admin
God bless us every one.
What a beautiful story. :`)
Admin
From a bit of Googling around, I'm guessing the page in question was probably an older or newer version of http://web.archive.org/web/20060423052254/www.emoneyworks.com/lender/climate_city.asp
. It's not *that* version because it doesn't have a username/password combo. (the actual page is down now)
It would make sense though. That page is about 2.3MB.
Admin
But where is the line between internet vigilantism and electronic self defense? You are, in a sense, disarming your attacker. The downside is, of course, that the spammer was merely interrupted, and not prosecuted.
I say pass the info on to the folks at one of the big-name ISPs who are losing half their bandwidth to these pirates... They will happily have their investigators and lawyers stomp on any spammers they can.
Admin
Bonus points if he replaced the list of emails with [email protected] and spamtraps.
Admin
Just deleting it won't do any good. The spammer probably has a backup. If the bulk mailing program was some kind of script, I would have sprinkled it with "sleep(50)" and leave the spammer to wonder why it suddenly takes 100x as long to send out his mailings...
If you have the time, you can write a script to poison the list of names (insert random letters / numbers into the username of the address, etc.)
Catchpa "paste". It's not just for snacktime anymore.
Admin
I have found massive spam email lists on google before, it is a scary thing to see a directory of tens of text files, each megs in size, that are just lists of email addresses in alphabetical order.
Admin
> then there's the Hormel folks.. 33% of SPAM purchases were for "gag and joke purposes specifically related to unsolicited email
Yep, have to admit that I was one of them. Actually my tin of Spam reached it's "consume by" date 3 years ago and I'm just trying to find the courage to open it up and have a look inside. IMHO it'll be as rotten as the ****** that keep sending me unsolicited mail.
Admin
I seem to remember reading somewhere that it wasn't illegal to walk through an open door......
Admin
I believe that it's still illegal for you to pocket the money, but the good part is that the spammer can't win a lawsuit against you.
Oh, what you can learn by watching the People's Court.
Admin
Sadly that was probably not the spammer's box, but one he had hijacked for the purposes of spamming :(
Admin
I run a car enthusiast's forum which was spammed by someone advertising his website to claim money back from UK banks. Nice helpful guy.
Quick whois on the domain gets his name and address, bit of google work gets his home phone number and cell, few gory details on his personal life and company he works for.
Didn't appreciate me spamming his forum with his personal info, but I think he got the hint.
Admin
Russia? I bet you never met a charming fellow from Russia. Should I remind you of Sergey Brin, or Sergey Dmitriev would be enough?
Admin
Bullshit! In a world where the law is sold to the highest bidder, vigilantism is the only moral left. I hate that "the law is the law" attitude, is common sense dead in America?
Edit: Now that I think about it, most people here agree with Adam's actions, so common sense is not dead, only ilegal.
Admin
If you think that the Spam in the can is rotten after only 3 years, obviously you never saw the old spam-cam from the early days of the Internet.<G>
I also worked with an metalurist from Iowa many years ago. As a teenager he did summer work for Hormel. He would say, "Pigs go in, Spam comes out, no remainder." Just couldn't bring myself to eat anymore Spam after that.
Admin
From what I understand, a typical spammer's account is used once and then abandoned. It's easy enough to get new ones, and the ISP will catch on fast, though (alas) usually not fast enough. So while what Adam did was very soul-satisfying, it almost certainly had zero impact on the ability of that spammer to stay in business. Ditto all the other suggestions for what to do with the list or the account.
Admin
You might be right about the backup.
But, seriously...if the author of the page is dumb enough to place user/pass in the readily-available source code of his page...what makes you, honestly, think he was smart enough to back up anything?
Cause, I'm not giving him the benefit of the doubt.
Yeah, he's probably not expecting anyone tech-savvy--meaning anyone who knows what "View -- Source" is and what NotePad (or other) then displays--to actually stop by his site.
Admin
Well here in Canuckland, section 342.1 might be worth a quick read:
http://laws.justice.gc.ca/en/c-46/280843.html
Admin
Admin
Another way to look at it:
A hostage shoots you, while you're robbing a bank, with a concealed gun.
Do you sue him/her for "assault with a deadly weapon" and for damages considering all the money you otherwise would've had?
Edit: yeah...the extremities are obviously different...
Admin
While I have no way of knowing what horror stories you were told...
Based on those I've heard--including gutting, factory sanitation, etc.--I'd say it's more so being able to stomach the facts.
The idea that people will stop eating the food, once they know what's in it, is one of the ideas behind Fast Foot Nation.
Admin
I've only engaged in "internet vigilantism" twice, both times when I was younger and more foolish.
The first time was the first time I saw somebody probing my web server for those "_vti" vulnerabilities. I fed the same URL back to the site sending me the probe, and got a director listing of their computer and realized they were infested, but probably didn't know it. I wanted to shut down their computer, but couldn't figure out how to do it, so I sent a "deltree" command to delete one of the guy's games so he'd realize that he was infested.
The second time was when I discovered that ftp.frys.com was an open ftp server, and people were using it as a porn and warez repository. After I copied some of the porn for *ahem*study*ahem*, I deleted the whole porn and warez repository. No, it wasn't nice, and it wasn't helpful, but I figured it would only be a slight slowdown for the porn and warez kiddies.
Admin
"Fast Foot Nation," would that be Kenya?
Admin
Hello.... remember for the file to get to the web server, 98.6% of the time it is FTP uploaded. Every FTP programs I've ever used doesn't delete the source file when the upload is complete. So he/she (can't leave those evil vindictive vixens out of this) probably has the list on his/her hard drive and perhaps already uploaded it to those other dozens of accounts.
Haven't any of you ever used the web before????
Admin
Absolutely!
http://www.overlawyered.com/archives/01/mar3.html#0321a
Admin
I thought I had heard of something like that happening...
but, I was thinking it was an off-duty cop...sadly, I'm sure it's happened more then once, though...
Admin
I'm truly surprised no one has posted the link to the P-p-p-powerbook yet...
http://www.zug.com/pranks/powerbook/
Admin
I recall a website where the navigation links didn't work at all (at least in Firefox, they worked in IE). When I looked at the source code, the buttons were set up like this
<tr>
<a href="..."><td><img ...></td></a>
</tr>
It kind of makes sense that this was the web site for one one the most badly written computer games ever. It was a trucking game where there was no collision detection (not even with bridges that went over deep chasms, you fell right through them) and when you raced against the computer, the opponent truck matched your speed exactly the whole way.
To this day, I'm pretty sure the whole thing was someone's tax dodge.
Admin
Disarming an attacker is knocking the weapon from his/her hand and reach or otherwise rendering the attacker unable to use the weapon (shot in the shoulder, knocked out, etc.). Destroying the property of another can surely get you in trouble, even if you do it to the lowest of the low.
Not that I do not agree with the actions taken, mind you... I do!
-=- James.
Admin
I purchased a can of spam as a pet back in highschool, and named him eric. He's still sitting in a box somewhere, better part of a decade later.
Should have seen the looks on their faces at city hall when I went to get him licensed. I had a license for my pet dog, eric, and my cat, also called eric.
Admin
Perhaps. But what you do while in there may be...
Peace!
Admin
I'm sure the agents from Homeland Security appreciate the *wink* *nudge* cleverness about as much as they appreciate humour. And yeah, thanks to the overlapping knee-jerk insane computer laws and knee-jerk insane terrorism laws, they could be the guys to show up at your house.
When you combine the Patriot Act and the DMCA, filling in a web form with a made up name can get you put on a plane to gitmo.
Admin
That's HIGH-larious tiny-E.
Admin
What kind of idiot tries to take hostages at the gun club?
Admin
While downloading network drivers one weekend a bunch of years ago, I chanced on an open FTP site with quite a collection of warez. I emailed the admin to let him know what was going on and got a reply that basically said I was full of sh!t and they didn't have a problem. Apparently the people taking advantage of the server would clean up their trading area on Sunday night so that it wouldn't be detected. I replied back to his email suggesting he check his logs and left it at that, I never heard back from him.
Admin
Ah, the old "If I bitch out the reporter, maybe the problem will go away" approach to system administration.
Admin
If you delete it, they'll immediately know that something was wrong and that their list was bad. Instead, I recommend using Perl to do something like tr/trnslaeiouy/mmbbvvxxcttee/ (swap a bunch of letters around in a non-reversible way), that way they won't know that their list has been trashed unless they inspect it.
Admin
That was probably the best WTF I've seen so far.
It's wrong is so many ways that makes it a classic.
Hilarious xD
Admin
Regardless of the fact that your example is different, it happens. Google Tony Martin, who shot intruders, after being robbed repeatedly and the cops basically told him there was nothing they could do. He spent more time in jail than the thug who broke into his house--and the government initially gave the guy money to sue Martin for loss of wages and injuries.
Admin
The same kind that sues the victims afterwards.