Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Spammer cracks 'do-not-spam' list

0 views

Skip to first unread message

Roy

unread,

May 4, 2006, 1:23:28 PM5/4/06

http://www.msnbc.msn.com/id/12618136/

John Navas

unread,

May 4, 2006, 1:38:23 PM5/4/06

[POSTED TO ba.internet - REPLY ON USENET PLEASE]

In <125ke4o...@corp.supernews.com> on Thu, 04 May 2006 10:23:28 -0700,
Roy <aa...@aa4re.ampr.org> wrote:

>http://www.msnbc.msn.com/id/12618136/

Security critics say it's a wonder it took this long

The list cracked is Blue Security Inc.'s Blue Frog registry.

The lists are generally encrypted so spammers can't mine them for new
addresses. Instead, spammers run their lists through an identical
encryption algorithm, and the resulting fingerprints are compared.
Spammers can then remove any matches.

But John Levine, co-author of "Fighting Spam for Dummies," said
spammers merely have to run their lists, see what's been removed and
compare that with the original to find out the addresses on the
"do-not-spam" lists.

"It's only a surprise that it took this long," Levine said.

Eran Reshef, Blue Security's chief executive, said spammers must
already have the e-mail address to learn it is on the "do-not-spam"
list.

What a laugh! The list can be easily mined with a dictionary or brute force
attack.

--
Best regards,
John Navas <http://NavasGroup.com/>

0 new messages