Finally a decent tool to shot back.
posted by homodigitalis at 12:17 PM on July 23, 2005

I enjoy calling the 800 numbers attached to mortgage spam.
posted by tomplus2 at 12:18 PM on July 23, 2005

Can someone here offer a compelling reason why signing up and participating is a bad idea?
posted by docpops at 12:33 PM on July 23, 2005

two wrongs don't make one right?
posted by ijoshua at 12:38 PM on July 23, 2005

Although I don't subscribe to this line of reasoning, I think a significant amount of people relate this approach to taking the law into your own hands and sinking to their level. In addition, you have to assume that this company will accidentally go after at least one website that is legitimate.
posted by JPowers at 12:40 PM on July 23, 2005

I still fail to see how this even remotely qualifies as vigilantism. Spammers clearly demonstrate an unwillingness to make opting-out of their messages a possibility. What other mode of communication is so polluted with so little means of recourse? I think it sounds sublime. Anyone that willfully fucks with my privacy without my consent has given away any right to a 'reasonable' response. I think most people would agree.
posted by docpops at 12:50 PM on July 23, 2005

What would be ironic is if Blue Security sold their email list :)
posted by antifuse at 1:17 PM on July 23, 2005

So if somebody sends out a Joe job, faux-promoting one of my businesses, this company will batter my server into the ground?

Blue Security won't withstand their first lawsuit.
posted by waldo at 1:28 PM on July 23, 2005

Well waldo, it does say that the number of complaints is equal to the number of emails sent, so sending 1 Joe job won't kill someone's legitimate server.

Anyways JPowers, I'm trying to sign up, but I'm not exactly sure what to do. I don't have to download something, do I?
posted by Citizen Premier at 1:34 PM on July 23, 2005

This scheme is so wrong-headed I don't know where to begin. First, it assumes that "unsubscribe" forms actually remove the address, which long experience has shown to be largely false. Secondly, it's abusive towards those who share network space with the Web sites being attacked. It assumes that those Web sites are actually hosted by spammers (it's been shown that many of the viruses that infect Windows "spam zombies" are capable of hosting Web sites, DNS service, and so forth, so it's possible that a Blue Frog user could DDoS their own machine if infected and sent spam by the spammer). It's vigilantism, with an interesting goal: shifting costs back on spammers. But it's doomed, just like the Lycos screensaver was, and should be avoided.
posted by schampeo at 1:40 PM on July 23, 2005

Hmm, the beta version of Blue Security is free, and everyone who signs up now gets to stay on for free, but when they go alpha they'll start charging a membership fee. I suspect this will prevent them from ever reaching the "hundreds of thousands" of members they need.

And I thought I could customize my own complaint against spam--that would have made this more fun.
posted by Citizen Premier at 1:52 PM on July 23, 2005

Won't it have to enter a valid credit card number to even complete an order?
posted by rolypolyman at 2:02 PM on July 23, 2005

Citizen Premier: Sign up here.
posted by JPowers at 2:27 PM on July 23, 2005

Good luck with that. Let us know how you make out.
posted by fixedgear at 2:30 PM on July 23, 2005

You know, if I'm tired of spam, the last thing I want to do is give my email address to some potentially shady overseas operator.
posted by clevershark at 2:49 PM on July 23, 2005

Can someone here offer a compelling reason why signing up and participating is a bad idea?

Because they might give you spyware?

I don't know why I would trust something like this, I mean the internet is full of scammers these days (quite sad, really).

In any event, how exactly do these people know they are targeting the "right" server? I had one of my domain names used fraudulently to send spam (they never touched any of my machines, just claimed to have been sent from my server, so I got all the bounce messages)

They will never be able to stop spammers this way. Real spammers hide their tracks for a reason.
posted by delmoi at 2:54 PM on July 23, 2005

Well, I signed up, forwarded a few email addresses, and somehow I feel like that's the end of that.

The horrible thing is, only 1/10,000 spams need to lead to a purchase for spamming to be profitable. And, we probably have a lot more people than that who don't realize or don't care that their purchase is just a big vote for more spam. Although I have to say that if I owned a business, I would consider an association with spam to be a death sentence, but I guess small businesses make enough money through it.
posted by Citizen Premier at 3:06 PM on July 23, 2005

OK - so I just signed up and it's in two parts - the bit you use to report spam and the bit that clobbers spammers.

So if you want to be 'community minded' but not actually stoop to their level you could always just report the spam and not install the client - that way you could at least be sure the real spammers get DDOS'ed ;-)
posted by fingerbang at 3:10 PM on July 23, 2005

Because they might give you spyware?

I find it hard to believe that the BBC would run a story on the group without making sure they were legit. And I, for one, trust the BBC.
posted by JPowers at 3:11 PM on July 23, 2005

1- put out a "clean" client for press review.
2- get tons of new signups as a result of BBC story.
3- switch on spyware, sell email lists... profit!

Ah, the internet has made me such a bitter, crusty old curmudgeon...
posted by clevershark at 3:26 PM on July 23, 2005

In any event, how exactly do these people know they are targeting the "right" server?

They are not targeting the source of the emails, they're targeting the linked to page in the email. These have to be "real" servers so there is very little risk to flooding personal computers that are victim to some form of a virus.

DDOS attacks are illegal and that's what this is and why its bad. Personally if the method is effective and non disruptive to legitimate businesses then it leaves me pretty ambivalent but I won't sign up.
posted by bitdamaged at 3:32 PM on July 23, 2005

Wouldn't it be ridiculously easy then to disable a competitor's web site by mounting a "fake" spam campaign listing said competitor's web site as the place to go?
posted by clevershark at 3:38 PM on July 23, 2005

That site totally crashed my Firefox.
posted by rhapsodie at 4:35 PM on July 23, 2005

What's to stop the spammers from blocking the IP address where all the complaints are coming from?
posted by O9scar at 5:06 PM on July 23, 2005

As soon as this starts becoming effective, spammers will use it as a tool for obstructive competition, by downloading the registry (yeah, when you sign up, you are putting your email address on a list that they're encouraging spammers to download) and sending spam "on behalf of" one of their competitors, drawing a firestorm of angry frogs to take out the sites of the competition.

Still, at least it's something. Not quite as satisfying as a brick through the window of the spammer or spamvertiser, perhaps, but it's something.
posted by gregor-e at 10:30 AM on July 24, 2005

So spammers can use the list to hit each other. Everyone else still wins.
posted by NickDouglas at 1:27 PM on July 24, 2005