CAUCE NORTH AMERICA NEWS, Vol 14, No 4, 29 2013

[CAUCE North America]

CAUCE

CAUCE News, Volume 14, Number 4
March 29, 2013


IF YOU DON'T KNOW WHY YOU GOT THIS MESSAGE: Please see the "About This
Message" section at the end. See [1]our web site for the most recent
updates.
__________________________________________________________________

The Spamhaus Distributed Denial of Service - How Big A Deal was it?

If you haven't been reading the news of late, venerable anti-spam
service Spamhaus has been the target of a sustained, record-setting
Distributed Denial-of-Service (DDoS) attack over the past couple of
weeks.
Al Iverson over at Spamresource has a great round-up of the news, if
you didn't manage to catch this item, go check it out, then come on
back, we'll wait ...
Of course, bad guys are always mad at Spamhaus, and so they had a
pretty robust set-up to begin with, but whoever was behind this attack
was able to muster some huge resources, heretofore never seen in
intensity, and it had some impact, on the Spamhaus website, and to a
limited degree, on the behind-the-scenes services that Spamhaus uses to
distribute their data to their customers, who happen to be some of the
biggest sites and services on the Internet. Spamhaus notes they protect
as many as 1.7 billion email accounts.
Some reasonable criticism was aimed at the New York Times, the BBC and
Cloudflare for being a little hyperbolic in their headlines, and sure,
it was a bit Chicken Little-like, the sky wasn't falling and the
Internet didn't collapse.
But don't let the critics fools you, this was a bullet we all dodged.
For one, were Spamhaus to be taken offline, their effectiveness in
filtering spam and malware would rapidly decay, due to the rate at
which their blocklists need to be updated. The XBL anti-botnet feed and
the DROP list both have many additions and deletions every day. These
services are used to protect mail servers and networks against the most
malicious criminal traffic. If they go down, a lot of major sites would
have trouble staying up, or become massively infected with malware.
There are also a ton of small email systems that use the Spamhaus lists
as a key part of their mail filtering (for free as it turns out). Were
those lookups prevented, or tampered with, those systems would buckle
under the load of spam that they dispense with ease thanks to Spamhaus.
To put it into perspective, somewhere between 80% & 90% of all email is
spam, and thats the stuff Spamhaus helps filter. So it doesn't take a
Rocket Scientist to figure out that if filters go out, so do the email
systems, in short order. AOL's Postmaster famously said, at an FTC Spam
Summit a decade ago, before the inception of massive botnets, that were
their filtering to be taken offline, it would take 10 minutes for their
email systems to crash.
Due to some poorly researched media reports (hello, Wolf Blitzer!),
there is a perception that this is a fight between two legitimate
entities, Spamhaus and Stophaus; some press outlets and bloggers have
given equal time to the criminals (we use that word advisedly, there is
an ongoing investigation by law enforcement in at least five countries
to bring these people to justice). Nothing could be further from the
truth. The attackers are a group of organized criminals, end of story.
There is nothing to be celebrated in Spamhaus taking it on the chin,
unless you want email systems and networks on the Internet to stop
working. So yeah. this was a big deal. Postscript: There were some
reports early on in the attack that some of the Spamhaus feeds may have
been hijacked. There is no indication that that is ongoing.
__________________________________________________________________

Dennis Dayman is a Distinguished Fellow of the Ponemon Institute

CAUCE Board member Dennis Dayman announces he was just named a
Distinguished Fellow by the Ponemon Institute, a research center
dedicated to privacy, data protection and information security
policies. Ponemon Institute Fellows represent some of the top privacy
and security strategists in the world, associated with many of the
leading...

Read more: [2]Dennis Dayman is a Distinguished Fellow of the Ponemon
Institute
__________________________________________________________________

Updating the Electronic Communication Privacy Act

Back 1n 1986, the Congress passed and President Reagan signed the
Electronic Communication Privacy Act (ECPA), which set the rules under
which the government could get copies of a relatively new-fangled
medium called electronic mail. While it was a forward looking law for
the 1980s, it's gotten pretty creaky. In...

Read more: [3]Updating the Electronic Communication Privacy Act
__________________________________________________________________

Facebook, their Walled Garden, and McAfee Anti-Virus - What Really
Happened

On Sunday, a number of Facebook users reported being locked out of the
system. When they attempted to log in they were presented instead with
the a series of screens, informing them that their computer was
infected, and providing a link to a free scanning service by McAfee
antivirus software....

Read more: [4]Facebook, their Walled Garden, and McAfee Anti-Virus -
What Really Happened
__________________________________________________________________

What happens when people respond to pharma spam?

NPR's Planet Money did a remarkable piece yesterday, based on research
by reporter Brian Krebs and UCSD professor Stefan Savage, looking at
pharma spam (black market pharmacies selling prescription drugs), who
sends it, and what happens when people respond. The most surprising
discovery was that, for the most part, people...

Read more: [5]What happens when people respond to pharma spam?

About This Message:

This message was written and sent by CAUCE North America. It is � 2013
by CAUCE North America, Inc.

Consider supporting CAUCE by becoming a free or supporting individual
Member or an organizational Sponsor: [6]Join Here. Organizations can
support CAUCE at several levels, starting at $5,000 per year. Sponsors
may enjoy a range of benefits, including logo placement and recognition
in our periodic newsletter. Please contact us via e-mail at
orgm...@cauce.org for additional information.

We encourage redistribution of this message, as long as it is not
spammed anywhere, is on-topic for any forum to which you send it, and
includes our copyright notice. When in doubt, post the URL of our site
(http://www.cauce.org) instead, or put it in your signature. Press,
broadcast, and Internet media may treat this material as they would a
press release.
__________________________________________________________________

You have received this message because your address was signed up for
the cauce-us-announce mailing list. If you do not want to receive any
further messages from this list or think you were subscribed without
your knowledge, please send a message containing "unsubscribe" to
[7]our list management system or use [8]the list's home page, or
contact owner-cauce...@lists.cauce.net to be removed manually.
We exist to eradicate unsolicited bulk e-mail, and, unlike spammers,
will honor "remove" requests.

On the other hand, if a friend passed along this message to you and you
would like to receive the CAUCE North America News in the future, visit
[9]the CAUCE web site to join or to subscribe to the mailing list. For
other questions or comments about this message, contact
[10]comm...@cauce.org
__________________________________________________________________

This newsletter made possible in part by the support of our members.

Sponsor members
MailChimp MessageBus Return Path

References

1. http://www.cauce.org/
2. http://www.cauce.org/2013/03/cauce-board-member-dennis-dayman-announces-he-was-just-named-a-distinguished-fellow-by-the-ponemon-institute-a-research-cent.html
3. http://www.cauce.org/2013/03/updating-the-electronic-communication-privacy-act.html
4. http://www.cauce.org/2013/02/facebook-their-walled-garden-and-mcafee-anti-virus-what-really-happened.html
5. http://www.cauce.org/2013/01/what-happens-when-people-respond-to-pharma-spam.html
6. http://www.cauce.org/cauce/join.html
7. mailto:cauce-us-ann...@lists.cauce.net
8. http://lists.cauce.net/cgi-bin/mj_wwwusr?list=cauce-us-announce&func=unsubscribe
9. http://www.cauce.org/join.html
10. mailto:comm...@cauce.org