Ed Gibson, newly appointed chief security advisor for Microsoft UK, applauded Internet security and anti-spam organisation Spamhaus on Tuesday, particularly for its work with Microsoft.
Gibson revealed that Microsoft had used Spamhaus' services to find problems in its own abuse management system, which Microsoft uses to identify which of its products and services are being used by spammers and cybercriminals.
"Microsoft's systems needed to be adjusted [and Spamhaus pointed that out]," Gibson said. He went on to liken Spamhaus' influence on the IT industry to that of a defence barrister probing a case, in that their presence can force companies to raise their game.
Gibson did not go into details as to the exact nature of the security adjustments that were carried out. "We acted on the intelligence [Spamhaus gave us]. I'm not going into the bits and bytes".
What is also laudable is that Spamhaus "do it for free", Gibson added.
Gibson also highlighted the risks of working at the sharp end of the Internet security landscape. "Some people from Spamhaus have had death threats," he said. "It's like the Wild West out there. It's the OK Corral." This is because of, he explained, the nature of the criminals who are making money from spam and scams.
Gibson became chief security advisor to Microsoft UK this summer after working for the FBI as a special agent and as an assistant legal attaché for the UK.
Speaking at the Westminster eForum, after Spamhaus chief information officer Richard Cox had accused Yahoo of hosting thousands of phishing sites, Gibson also said: "Hats off to Spamhaus. We don't do a good job of responding to abuse. Spamhaus are excellent to highlight areas of deficiency."
Talkback
My opinion is that spam(hated name) is controllable if the source is spotted; I mean that 37.000.000.000 cannot pass unnoticed and the fact that the clean-up is outeageous.
Microsoft has always been leader in security
SP2 has saved my life protecting what I have
most precious, my computer; A last word big
companies are more apt to receive scam because they make money
I find this quite ironic, since the FOUNDER of spamhaus has many times complained about Microsoft spamming.
Isn't Spamhaus in the business to put spammers out of business? Why is it working closely with the world's largest spammers?
------
Newsgroups: news.admin.net-abuse.email
From: Steve Linford <s...@uxn.com> - Find messages by this author
Subject: Re: MICROSOFT SPAMS AGAIN!! (was) Re: [email] Grow Your Web Presence with bCentral.
Me four, I brewed a large pot of indignant froth and sent Microsoft
abuse and security a good helping, the admins for bcentral.com and
Exodus abuse are now sampling it.
Registrant:
Microsoft Corporation (BCENTRAL3-DOM)
One Microsoft Way
Redmond, WA 98052
US
Domain Name: BCENTRAL.COM
Administrative Contact, Technical Contact, Zone Contact:
Grimes, Charleston (CGW221) s...@MICROSOFT.COM
Microsoft
One Microsoft Way
Redmond, WA 98052
425-705-8930
Billing Contact:
Gudmundson, Carolyn (CG6635) carol...@MICROSOFT.COM
Microsoft Corporation
One Microsoft Way
Redmond , WA 98052
+1 (425) 882-8080 (FAX) +1 (425) 936-7329
Record last updated on 05-Oct-2000.
Record expires on 19-Mar-2001.
Record created on 19-Mar-1999.
Database last updated on 25-Oct-2000 21:12:39 EDT.
Domain servers in listed order:
NS1.LINKEXCHANGE.COM 204.71.191.205
NS2.BCENTRAL.COM 207.46.234.12
--
Steve Linford
I'm wondering why Microsoft are hammering that spam out. They're pissing
everyone off and yet still spamming it. The only reason I can think of is
that Microsoft are suddenly _very_ worried about Y2K. Why they should be so
worried is a mystery, surely they've had years to prepare for Y2K.
Steve Linford
Link to Steve Linford Founder criticizing Microsoft for spamming.
And now Spamhaus says they are working with Spamhaus to fight spammers? COMPLETELY HYPOCRITICAL. Spamhaus is SPAM-FRIENDLY.
LINK1
http://groups.google.com/group/news.admin.net-abuse.email/browse_thread/thread/8d28e17abb4ac488/3dc51ae1dfaa3354?lnk=st&q=microsoft+group%3Anews.admin.net-abuse.email+author%3Asteve+author%3Alinford&rnum=1&hl=en#3dc51ae1dfaa3354
LINK2
http://groups.google.com/group/news.admin.net-abuse.email/browse_thread/thread/dc132509870a8e86/e33fdeab8d13b28d?lnk=st&q=microsoft+group%3Anews.admin.net-abuse.email+author%3Asteve+author%3Alinford&rnum=3&hl=en#e33fdeab8d13b28d
Steve Linford and Spamhaus Internet Terrorists
Supernews.com hosts the Spamhaus Project and anti-spam vigilantes, These Internet Terrorists list mail servers and IPs that they know are not spam sources. But they blacklist them anyway to reach their goals. This is, strictly speaking, terrorism: harming innocent people as a way to pressure some central authority into doing what you want is the embodiment terrorism. Spamhaus lists Ip addresses in ever escalating blocks to force hosting companies and ISPs to shut off service to whomever then deem is not worthy to be on the Internet.
The innocent people whose mail got blocked as a result of this kind of criminal act are not "collateral damage." they are not harmed by accident. Spamhaus Intentionally harms these innocent people to put pressure on their ISP to further their goals
Power has corrupted Steve Linford and Spamhaus anti-spam vigilantes. They are not following any rules whatsoever and will go as far as block IPs from sysadmins that are rude to them for sending constant relentless emails trying to force them to bend to their will.
This is the same kind of tactic that gradually brought MAPS into disrepute. Most mail server administrators dropped their list and switched to another blacklist. that blacklist was Spamhaus SBL but now they are more corrupted than MAPS ever was.
Corruption is the inevitable failing of blacklists. Unlike filters, they're run by humans. And humans are all too likely to abuse the kind of power that blacklists embody. Steve Linford and the Spamhaus SBL is a perfect example of this. Only needs to read the nonsense that goes on at their meeting place http://groups.google.com/group/news.admin.net-abuse.email/ to get the idea that it is time to ditch this group of lunatics. Here you will find examples of Linford bragging he can shut any host in the world.
It is time to say no to this kind of Abuse and Terrorisim. Do not use the Spamhaus SBL. If must use a Blacklist at all the same list Spamhaus misrepresents as their SBl is freely available at http://cbl.abuseat.org
Steve Linford SpamHaus.org (Spamhaus Project) to aquire SPEWS blacklist and adopt the SPEWS technology platform and non removal policy.
Combined Company to blacklist up to 20% of Internet IP space from which offending companies will not be removed.
London. - August 11, 2006. Steve Linford AKA Spamhaus, today announced a definitive agreement to acquire the SPEWS Blacklist and its technology in an all-stock transaction valued at approximately $5.4 million.
The combination of Spamhaus and SPEWS will provide customers a more powerful set of solutions for blacklisting and punishing Spammers and SPAM friendly hosting companies by listing the IPs in a common black list with no ability for removal. I am tired of chasing these spammers and playing the Wack-a-Mole game with them, as soon as I shut their site down it is up again on another hosting company.
From now on offending companies that support spammers or email marketers in any way shape or form will be blacklisted and will have no chance of removal as both a corporate Identity and the IPs themselves. Basically they will have to throw away the imprisoned IPs and change their corporate identity to do business on the Internet. We also will be including Blog Spam in our area of authority and blacklisting Blog providers and bloggers that do not meet our standards. We feel that compelling internet users to create content and experiences across multiple operating systems, devices and media with set standards is in the best interest of all Internet users. Together, the two companies will meet a wider set of customer needs and have a significantly greater opportunity to grow into new markets, Regretfully there will always be a small amount of "Collateral Damage" to innocent users that happen to be on the same IP space as a spammer or outlaw content website, however we feel that this is an acceptable inconvenience for users considering the greater good of removing spam from the Internet.
Under the terms of the acquisition agreement, which has been approved by both boards of directors, Spamhaus stockholders will receive, at a fixed exchange ratio, 0.69 shares of SPEWS stock for every share of Spamhaus stock in a tax-free exchange.
In the combined company, Steve Linford will continue as chief executive officer and John Reid will remain president and chief operating officer.
Both Spamhaus and SPEWS are passionate about creating and enabling Blacklists that will once and for all curb the growing Spam problem by blocking or "Imprisoning" large blocks of Internet IP space from which there will be no parole and completely blocking internet traffic from specific countries that the are the source of 90% of Internet Spam IE, Russia and China and the Netherlands.
Our combined teams and small army of Internet anti-spam watch dog volunteers will be a powerful force for policing Internet content and forcing hosts to shut down sites that are linked to spam, owned by spammers or promote email marketing in anyway. We are the world leader in Blacklist innovation based around cutting-edge platforms for delivering blacklist feeds, content and applications." This acquisition will give Spamhaus the power to shut down any website no matter where it is located in the world by giving internet hosting providers and bandwidth providers a choice to comply with our policies or to go out of business.
The two companies are developing integration plans that build on the cultural similarities and the best business and product development practices from each company.
Steve Linford
Spamhaus Project.
Spamhaus Internet terrorists.
Becoming what you oppose
Editorial by Dave Hayes
Many folks have asked me why I stopped "contributing" to the everlasting debates in NANA (news.admin.net-abuse.*). I generally respond with something along the lines of "I don't wish to become that which I oppose". Indeed, recently I've "plonked" several entities (among them the terrorists known as "spamhaus" and "spews") simply because I no longer wish to beat my head against the stone wall of ignorance.
Terrorists? Yes that's right. One definition of "terrorism" is "attacking innocents in the name of your cause". Nowhere is this more ironic and extreme than in the deeds of my old nemesi, the anti-spammer zealotry collective, some of whom are now known as spamhaus and spews. The terrorism they practice is implemented in the form of "mail blacklists".
Blacklists are not a new notion. In the 1950's, the infamous McCarthy blacklists contained names of "possible communists", which ultimately led us to a more sterile culture.
The social costs of what came to be called McCarthyism have yet to be computed. By conferring its prestige on the red hunt, the state did more than bring misery to the lives of hundreds of thousands of Communists, former Communists, fellow travelers, and unlucky liberals. It weakened American culture and it weakened itself. ---Victor Navasky, Naming Names (New York: Viking Press, 1980)
Modern internet technology has created our own version(s) of social blacklists. Many anti-spam zealots have turned to this method for freeing their mailboxes from spam. Simply expressed, these organizations maintain databases which are supposed to contain the IP addresses of known spammers. They then provide these databases to various electronic mail servers, so that the servers can reject email based on what's in these databases.
The bottom line is, if the machine that sends your email is on this list, a number of mail servers will automatically reject all email from your server.
If (and only if) they restricted these blacklists to actual spammers, I doubt very seriously that I would have problem with this practice. If we could trust human beings to maintain a logical and calm viewpoint about life, I doubt that I would have a problem with these blacklists. Unfortunately we cannot trust these things in either case.
Fact: Spamhaus and spews have added innocent IP blocks to their blacklists.
The anti-spammer idealotry goes like this: "Anyone who gets service from a network friendly to spammers is supporting the spammers and therefore our enemy." (The friend of my enemy is my enemy too?)
So here's how this goes. Once a network provider is branded "a communist"...er excuse me..."a spammer", ALL of their IP ranges are blocked. Typically a network provider is providing services for smaller service providers, many of whom would never and have never engaged in spamming of any kind. No notice is really given on these blacklisting events, rather you find out when mail starts bouncing to some destination. Usually an end customer is the first to notice, and that customers is directed by the bounce to complain to...their own ISP!
In essence, the customer is tricked into presenting the terrorist anti-spam agenda to the ISP. The ISP turns around and finds out that -their- provider (or provider's provider) is what the anti-spam zealots want "silenced". Until that target complies with their arbitrary agenda (usually of the form "stop spamming", but this is not always true...see below), everyone else has to suffer with electronic mail blocks.
What's wrong with this? Everything.
*
First and foremost, the most often heard reason anti-spammers are so rabid about anti-spam is "it makes electronic mail unusable for average people". If this is true, then how does blocking innocent email help this situation? In fact, blacklisting innocents contributes to the problem. The hypocrisy here is so thick I doubt even a k