Lycos Europe seems to have shot itself in the foot with
the release of a free screen-saver that uses computer down time to
turn the tables on web sites associated with spam
campaigns.
At least one site targeted by Lycos's "Make love not spam"
screen saver has changed its web page so that it automatically
forwards requests it receives back to the domain that distributes
the screen saver, according to F-Secure.
The escalating war with spammers comes amid mounting criticism
of the screen-saver from anti-spam experts and an ISP crackdown on
the program.
Lycos launched the screen-saver on Wednesday, but was
circulating a beta version of the software before that.
The program promises to "spam the spammer" by sending a steady
stream of requests to a list of websites that have been used in
spam campaigns, slowing those sites.
The list of sites to attack is downloaded by the screen-saver
program from a control server operated by Lycos.
Charges quickly surfaced that Lycos was crossing the line by
launching a distributed denial of service attack, which is illegal
in the US and most European countries.
The anti-spam campaign also prompted quick retaliation from
unknown parties, including a reported hack of the
makelovenotspam.com website.
Lycos denied that its site was hacked and stated that
makelovenotspam does not launch denial of service attacks, because
the company is careful to avoid completely shutting down the sites
it targets.
But one of its targets, the mortgage.info web page, has been
changed to contain an HTML meta refresh tag that forwards all
requests to view the page back to makelovenotspam.com, effectively
using the screen-saver to launch attacks on Lycos's website,
F-Secure said.
More troubling for Lycos, some ISPs are blocking traffic to the
server that controls the makelovenotspam screen savers, according
to Johannes Ullrich, chief technology officer at The Sans
Institute's Internet Storm Center.
ISPs are treating Lycos's network of machines running the
makelovenotspam screen saver in the same way they treat "botnets"
of compromised systems that are controlled by malicious hackers or
organised criminal groups and often used to distribute spam or
launch DOS attacks, he said.
"The makelovenotspam application is not really all that well
thought-out. In a way, it's doing a DDOS attack, and DDOS attacks
are always a bad thing, because there are always innocent
bystanders who get hit as well," he said.
"I would have to characterise it as an astonishingly stupid
idea," said John Levine of the Internet Research Task Force's
Anti-spam Research Group.
Legal questions aside, the "spam the spammers" approach will not
work because those behind spam campaigns can quickly take down and
move websites referred to in spam e-mails.
The makelovenotspam program also consumes bandwidth and
resources from the networks and ISPs that serve machines running
the software, not just from spammer networks, he said.
"This program steals bandwidth from a lot of people who had no
intention of playing junior DDOS cop," Levine said.
Ullrich and others consider the campaign a publicity stunt
rather than a well-planned antispam campaign, but say that it was
poorly thought-out.
Resistance from ISPs may bring a quick end to the
campaign, Levine said.
Lycos antispam screensaver draws fire >>
Paul Roberts writes for IDG News Service