The Steam Review

Comment and discussion on Valve Software’s digital communications platform.

The Blue Frog

Tide turns in the war against spam :: May 3rd, 2006 :: Site news :: 14 Responses

I’m taking a slight diversion from TSR’s usual purpose today, but for a very good reason. Yesterday, Blue Security saw an orchestrated attack on their web servers and an attempted con on their user base attempting to coerce subscribers into ceasing their use of the Blue Frog service. Why? Because as the first pro-active anti-spam tool, Blue Frog is working – and the spammers behind the attack don’t like it one bit.

Real Tech News has the story:

In what appears to be a last-ditch attempt at scaring subscribers to Blue Security’s “Do Not Intrude” registry, one very prominent spammer has started to resort to scare-tactics targeted toward members of the Blue Security community. I received one of these emails today, and while it sounds forboding it is, as one Blue Security community member said, “like a sheep in wolf’s clothing”.

Blue Frog is an anti-spam tool that actually fights back at the spammers, rather than filtering their messages and pretending they do not exist. The response begins with unsubscribe requests and, if the spammers ignore them for long enough, ends with a DDOS attack on their domain(s), keeping them unavailable and worse than useless. A Small tray application run by Blue Frog users provides the bandwidth required. Thus, the more popular the service, the more effective it becomes.

Legal? No, not strictly, assuming things progress as far as disabling domains. Effective? Yes, very much so, as yesterday’s events amply demonstrate.

Today is Israel’s Independence Day. It’s a public holiday in Israel, but all of us in Blue Security are working. But we are glad we’re working. We’re helping the community fight the Blue Independence War. We fight for our freedom from spammers and cyber criminals. This is our big chance to reclaim the Internet. We must not let it slip from our hands.

The con is conclusive proof that, at last, the tide has turned and the war against spam is being won. Blue Frog hurting the spammers, and their hollow attempts to scare people off are an excellent endorsement of the service (which, incidentally, is free). New users will be able to sign up at www.bluesecurity.com when it has fully recovered from a DDOS attack of its own. The service itself is running normally for existing users.

Needless to say, I encourage everyone reading or merely passing by to bookmark the site and start running the Frog and reporting spam as soon as they can. Both Firefox (supporting GMail, Hotmail and Yahoo! Mail) and Thunderbird extensions are available; other browsers/webmail services and programs require the manual forwarding of e-mail to Blue Security’s servers, but will still work. The client is available at this address.

Blue is back online, and unsuprisingly the spam has stopped.


14 Responses to this post:

  1. Sky M. Says:

    I would like to point out that according to Blue Security, the response to spammers is not a DDoS since only the users who have received a specific spam will send an opt-out request pertaining to it.

    Of course, if 250,000 users have received 4 spams for the same “product” in a given day, that makes a million opt-out requests send back to the vendor… so one could wish to call it a DDoS, but since my computer does not act as a zombie, so that I am aware of the requests I am sending for my computer alone, I do not see this approach as DDos.

    But yes, it is aggressive alright.

    À la guerre comme à la guerre…

  2. Bez Says:

    I disagree that Blue Frog employs DDOS attack strategy. Why? Legal / technical mumbo-jumbo asside, here’s the cincher:

    THE SPAMMERS INVITED US!! Every person on earth who recieves a Spam message has been INVITED to visit a site, call a number or in some other way contact someone for a service. It’s a solicitation. No judge on earth would disagree.

    If you in turn visit that site and use the existing web forms to type in “please don’t bother me” is that a crime? In the past being a solo “anti” and registering a complaint just got you retribution attacks and more spam. Now we’ve got numbers on our side.

    Blue Frog gives us a convient tool to effectively place opt out requests on a scale comensurate with the idiotic flood of advertising the Spammers employ.

    Spammers in turn have 2 choices:
    1. Scale up their servers to be strong enough to handle responses for all the advertisements they send out.
    2. Scale down their advertisements to be equal to the power of their servers.

    No return e-mails are ever used by Blue Frog. (Most reply lines are forged – that would be dumb.) Opt out requests are timed by Blue Frog so that they don’t all arrive at the same time or overload an ISP. Exactly one or less opt out messages are sent per spam received. I admit that in numbers this might disable their systems if they aren’t prepared. But that’s hardly our fault.

    If they don’t want Blue Frog member opt out requests, they simply need to clean their lists and spam non members.

  3. Tom Edwards Says:

    Whatever the legal defenition, to you and me it remains an attack.

  4. wizpig64 Says:

    Awesome. Too bad the site is down. 🙁

  5. RP Says:

    Totally not related to the topic, but as I CBA to send an e-mail:
    Apparently we’re going to be able to watch trailers (and maybe more) on STEAM very soon, look at this thread (great find Epsilon):
    http://forums.steampowered.com/forums/showthread.php?s=&threadid=434449
    And that ofcourse connects with the STEAM media player.

  6. chuck wassall Says:

    Here’s what the rat is sending to users:

    Dear Blue Frog Member, As a follow-up to our previous emails, and, as promised, we are stepping up in the fight against Blue Security. The Blue Frog member email database has been compromised, and is currently being distributed worldwide to spammers and to the public. Attached to this email, you will find a zip file of the Blue Frog database, which includes your own personal or business email address(es). If you have not uninstalled Blue Frog yet, we highly suggest you do so now in order to avoid your involvement in this war any further. Leaving your email address on the Blue Frog list is a risky choice, as we will uphold our promise not only to increase your spam by 20 times the amount you are receiving now, but to continue to make this list publically available as well. Also, as the Blue Frog member database is updated, we will find more creative ways in which to use it, and frequently release it to whomever we wish.

  7. Tom Edwards Says:

    Funny thing is, this arrives just as Blue come back online. Exactly the point at which the spammer becomes helpless and can’t carry out threats of any sort!

  8. wizpig64 Says:

    When I signed up, I didn’t get a confirmation email or a way to set my password. When I clicked “Forgot my password” it said there was a problem with the email system. I guess us new users are gonna have to be a bit more patient. 🙁

  9. Trigger- Says:

    I am proud to be on the list, i am brave enough to stay strong through threats.

  10. gracefool Says:

    Blue has given up. Sounds like a stupid idea to begin with, how do you fight back against zombies?

    http://www.wired.com/news/technology/0,70913-0.html
    http://www.washingtonpost.com/wp-dyn/content/article/2006/05/16/AR2006051601873.html

  11. wizpig64 Says:

    Hm, Firefox can’t find bluesecurity.com, but I can still report spam. Seems like the spammers are at it again.

  12. Tom Edwards Says:

    Sounds like a stupid idea to begin with, how do you fight back against zombies?

    That isn’t how it worked at all. Blue’s weakness was the same as BitTorrent’s: while the clients are too disparate to be harmed, there still has to be a central server to organise everything.

  13. wizpig64 Says:

    Hey Tom, the site is still down, and i found this:

    http://digg.com/software/A_New_Blue_Frog_
    http://digg.com/security/Uninstall_Blue_Frog_immediately_

    This sounds inportant.

  14. Tom Edwards Says:

    Well, that happened sooner than I expected. 🙂