Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Update on spaces.live.com redirection spam... 2

Status
Not open for further replies.

wahnula

Technical User
Jun 26, 2005
4,158
US
thread717-1508151

I posted quite a while ago ranting against the endless redirection spamming on spaces.live.com - now I know I'm not the only one, and I have some hard facts to back up my claim:


I am a new member at the InboxRevenge forums, and I'm glad to be a part of their effort to do as much as possible to hassle spammers. Complainterator does some good, there have been inroads made and spammers sent to jail, so something positive is happening. Someone at MS must be paying attention, because the domains listed in the IBR Nov. 29th report have since been taken down, but...

...until Microsoft becomes more proactive on the issue, the blame falls squarely on them. Yahoo, Blogspot and others have much more manageable systems in place to prevent or at least report abuse, until Microsoft does the same I'm calling them out on this one.

I feel this IS an "IT ethics" issue, enabling spammers easy access to spread their criminal exploits is just plain wrong. I'm glad to find I'm not alone.

Tony

Users helping Users...
 
The problem with Microsoft choosing to ignore the abuse of its spaces.live.com free hosting service is widely known by all. Except perhaps Microsoft itself. It is incredible to find redirections from Microsoft's service to software piracy sites.

* * * * *
 
...until Microsoft becomes more proactive on the issue, the blame falls squarely on them.

Section 230 of the CDA begs to differ. While there is more they could do to make things better, it is still not their fault that other people sign up for unsavory reasons.
My position remains unchanged, even if this problem is widespread.
Although, that is not to say that it makes me like them. I most certainly do not. I just do not see it as all their fault.
You even stated how the previously mentioned domains are down. This shows they are at least doing a little bit.

Note, my post is not to say Mircosoft is great. It is just to say that you should blame the spammers. Even if MS stops it completely, they will just move onto another site. The only way to stop it is to take out the spammers themselves. This is why I feel they deserve all of the blame. If anything, them using Spaces.Live makes them easier to catch.

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Well, yes, off course you are right...

... and no.

A web application is like a money transfer machine. It acts in the name of a company. Any actions of that machine are purely that company's responsibility. Yes, that is right. The site or machine is not just a tool, it is an acting entity with responsibility. It may accept payments and deliver goods or services in the name of the company. If that machine is compromised, that is off course not that company's blame, but it still acts in the name of that company. The company's name and trust are then hijacked.

The ease in which the company allows its name and trust to be hijacked is by all means its responsibility. If they cannot guarantee the actions of the machine, they should not have given it responsibility to act in their name in the first place.


+++ Despite being wrong in every important aspect, that is a very good analogy +++
Hex (in Darwin's Watch)
 
Thanks for the thoughts folks. I am NOT a Gates-hater, I feel MS wants to be a good company. But with all those smart people there, they should have devised a way to prevent their free blogging service from being exploited by criminals, some ironically selling pirated MS software. I look at the quote from Spamhaus referenced in the article published around the time of my original complaint:


Spamhaus via Washington Post said:
Although all networks claim to be anti-spam, some network executives factor revenue made from hosting known spam gangs into corporate policy decisions to continue to sell services to spam operations. Others simply decide that closing the holes in their end-user broadband systems that allow spammers access would be too costly to their bottom lines.

I think MS falls into the latter category, fixing things would simply cost too much. I feel this is unacceptable.

Luckily, there is a hardcore anti-spam user-base that voluntarily takes the time and effort to complain enough to shut down the domains that spaces.live.com redirects to, so, while the blog page may still be active, the domain it redirects to has been shut down by this user-base's hard work. Since CastleCops folded last year (because its main guy went to work for...wait for it...MS), this work is more important than ever.

If you look at the log:


...all the "spaces" created on 12/5 (all 550 of them) point to the same domain (which has been taken down by the host, China Springboard, not MS). Surely there's someone at MS that can monitor or develop software that throws up a red flag when 500+ domains are created within a 2-hour period on the same day all pointing to the same domain. We just need them to pay the teensiest bit of attention to how their service is being used.

I'm currently in communication with some folks in the security industry to try and get involved in solving this problem rather than just complaining about it.

Tony

Users helping Users...
 
There are signs that the attack on spaces.live.com is diminishing. The number of spammed URLs reported at the spam-trap rss.uribl.com over the past week is

Sat 12 .... 65
Fri 11 ..... 79
Thu 10 ... 380
Wed 09 .. 381
Tue 08 ... 605
Mon 07 .. 2693

 
I would not celebrate too soon, over 700 entries for the 15th:


...including several for pirated MS software! I would report all of them but spaces.live.com's abuse reporting system is more difficult than it needs to be.

Tony

Users helping Users...
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top