A screensaver developed by Lycos Europe that gives
spammers a dose of their own medicine is attracting plenty of
attention, but not all of it good.
The company officially launched the "Make Love, Not Spam"
screensaver but a beta version had already been widely
distributed.
Offering to "spam the spammers", the screensaver works by
repeatedly requesting information from websites advertised in spam,
thereby reducing the performance of those sites.
Reports began to surface earlier this week that the website
containing the "Make Love, Not Spam" download had been hacked, with
users receiving a message reading "Yes, attacking spammers is
wrong, you know this, you shouldn't be doing it. Your ip address
and request has been logged and will be reported to your ISP for
further action."
A Lycos Europe spokeswoman said however that the site had
"absolutely not been hacked". The company was victim of a hoax, she
said, and someone mocked up a screen shot of the hacked site and
forwarded it via e-mail.
Although the site was inaccessible to some users, the
spokeswoman said that this was due to "overwhelming demand" and
that the company was working to rectify the situation. The
screensaver has already been downloaded over 90,000 times, the
spokeswoman said.
She added that the company is "well aware that it is a
controversial service" and measures have been taken to defend
it.
Even if the company is not currently under attack, a security
expert said that Lycos Europe opened a potential Pandora's Box by
deciding to take direct action against the spammers.
"This seems like a very shortsighted idea of theirs, lowering
themselves to the same level as the hackers and spammers," said
Graham Cluley, senior technology consultant at Sophos.
There is the real danger that Lycos Europe has made itself a
target for hackers, and what's more the company could be treading
into a grey legal area, Cluley said.
Although the screensaver does not send spam, violating antispam
laws, it could potentially violate rules against launching a denial
of service attack, he said.
But Lycos Europe claims that it does not intend to actually take
down the spammers' sites, just deteriorate their performance. The
company is using a central database to manage the sites the
screensavers are attacking and regularly takes sites out of the
attack cycle to make sure that they are not entirely brought down,
it said.
That aside, Cluley advised users not to use the screensaver,
which could eat up company bandwidth and possibly incite the ire of
hackers.
"My advice is to get a decent spam filter, and to stop buying
things advertised in spam," he said.
Scarlet Pruitt writes for IDG News Service