My IRC chat with okopipi (a.k.a. Black Frog)
May 25th, 2006 by SecuriTeam, Filed under: Commentary, Spam
Well, I went to visit pipikaki, the project named as Black Frog. Actually, it’s okopipi, Black Frog merged with them. They mean well and they will send a response to this blog soon with what they are up to. This is a chat and shouldn’t be taken as more than that.
Obviously, this guy has no intentions to destroy the Internet, but it’s an interesting
look at how people view the project.
Here is a chat I had on their IRC channel:
<Arancaytar> hello
<tortanick> intrestingly no one seems to know the fact black frog is not
being used as a name
<Arancaytar> Who calls it black frog?
<tortanick> Cnet mainly, and everyone’s copying them
<ge-> well, red frog will soon show up. don’t feel special. 
<Arancaytar> red frog?
<ge-> and 10 other such frogs…
<tortanick> yep
<tortanick> but here, and now, there is only okopipi
<Arancaytar> anyway, I think cnet also mentioned the name Okopipi - not
for the product, only the project though.
<tortanick> they did
<ge-> they did
<ge-> i personally believe the project is doomed to failure, much like
blue security was a complete idiocy to begin with… but who am i to not
let people try?
<tortanick> I posted in the comments a few corrections, but I’m not sure
who to E-mail
<tortanick> well ge-, why do you think so?
<ge-> hmm
<ge-> okay, let me put it this way
<Arancaytar> Anyway, what is redmond magazine on - “after spammers cracked
the Blue Security code, the company decided to shut it down.” (
http://www.redmondmag.com/reports/article.asp?EditorialsID=296)
<tortanick> drugs J/K 
<ge-> even if DDoS by itself wasn’t hurting the Internet badly
<Arancaytar> I don’t remember the spammers “cracking” anything in the
client though.
<ge-> even if DDoS didn’t attack the server and whoever is on it, not just
the spammer (in the rare case it’s the spammers server and that they
didn’t move on by the time you attack them)
<ge-> even if it doesn’t affect the ISP
<ge-> or the Internet
<ge-> you nearly never attack the spammers
<ge-> they buy 5K domains a day, use one for spam, and throw it away
<ge-> same goes for IP’s
<ge-> (servers)
<ge-> so who do you attack?
<ge-> further, P2P is just as vulnerable to attack
<tortanick> we don’t go after spammers, far to hard a target. But there
are statioary websites, the ones who advertise by contracting out to
spammers
<ge-> that’s my 2 cents
<tortanick> we go for them
<tortanick> and blue frog proved it works
<ge-> these change even faster
<ge-> nope, they really didn’t
<tortanick> obviously not
<tortanick> they got 6 out of the 10 biggest spammers to scrub their lists
<ge-> why do every anti spam guy out there say blue security is wrong?
<ge-> you really believe that?
<tortanick> yep
<ge-> i will give you a very good reason why they didn’t
<ge-> they said they “protect their users”, correct?
<tortanick> why did all their customers reporting a drop in spam?
<ge-> do you honestly believe that?
<tortanick> yes
<frip> well, that really happened to me, for instance
<ge-> first, a list of known anti-spam people is always good for
spammers. second, a list of confirmed addresses is even better. this has
been attempted before
<tortanick> and if it didn’t work who would be willing to work on Okopipi
<ge-> plus, blue security claimed their users are safe, yet they gave
their lists to spammers
<tortanick> they gave encrypited lists
<ge-> people like you, who want to do good, know their stuff, but don’t
understand the mafia world of spam and the current technology
<ge-> no, they didnt
<ge-> see, let me ask you a question
<omry|work> ge-, they didn’t give them the list. they gave list of
hashes. its not the same.
<ge-> if you are a spammer, and you run a tool that removed addresses from
your list, can’t you see what addresses were removed?
<tortanick> You can
<ge-> okay, you run the hashes against their hashes, same difference
<tortanick> thats how the spammers got the addresses
<ge-> yep
<tortanick> but they had those addresses allready
<omry|work> ge-, of course. it was very clear to me that this is what they
did.
<omry|work> (spammers)
<ge-> further, they said that they remove random addresses
<ge-> and that way are safe from being found out (their users), right?
<tortanick> add random addresses
<ge-> exactly
<ge-> now, answer me this
<ge-> if you are a spammer, and you know that every time you run their
tool, you lose random addresses that may want to get your spam.. would you
run it?
<ge-> every time you lose more potential customers
<tortanick> if you don’t run it your clients refuse to deal with you
<tortanick> so yes I’d run it
<ge-> spam is good business
<ge-> they have clients
<ge-> those who buy from spammers obviously don’t care about blue security
<ge-> so why should they?
<tortanick> All the more reason to clean the lists
<tortanick> remove antis and you’ve only got customers left
<omry|work> because bsec put presured their clients. (advertisers)
<ge-> so: 1. they never attacked real spammers, just the INternet and
innocent bystanders, and 2. their lists were always compromised to begin
with, and no spammer would use them
<tortanick> in a word, wrong
<ge-> why is that wrong?
<tortanick> people who pay spammers to advertise are not “innocent
bystanders”
<ge-> ahh, but these people are the spammers and the mafia. further, their
sites move IP’s even every 10 minutes and a domain every time they make a
spam run. so you never attack spammers, just innocent bystanders and the
Internet
<ge-> maybe you get lucky, sometimes, but the spammer already moved on
<tortanick> thats not true ge-
<ge-> yes, it is
<tortanick> those sites are stationary
<ge-> which? where?
<tortanick> or at least, enough of them are for BS to make an impact
<ge-> i can show moving sites
* NewOkopipiUser (n=NewOkopi at 82-70-238-82.dsl.in-addr.zen.co.uk) has
joined #okopipi
<ge-> can you or BS show stationary sites?
<tortanick> I’m sure spam experts can show static
<ge-> exactly
<tortanick> I can’t though, I don’t get spam
<ge-> spam experts - ALL OF THEM, show BS was wrong
<tortanick> well mailwasher didn’t for one.
<ge-> show me a second one, and you will get 2 out of 10,000
<ge-> and the clueless ones at that
<ge-> all i am saying is
<ge-> don’t take my word for it
<ge-> check the facts on your own
<tortanick> I did
<ge-> and?
<tortanick> Blue security was the target of a DDoS, its important enough
to be a target
<ge-> of course
<ge-> the spammers got pissed and attacked
<tortanick> Download.com gave it a good rateing
<ge-> is your purpose to get attacked?
<ge-> okay, so you do this for a good download rating, making people
believe they are fighting spammers when they are not?
<tortanick> nope, but you said BS would just be going for sites that
vanish to quickly to do anything
<ge-> or sites that the spammers don’t care about or own
<ge-> yes
<tortanick> Download.com is very hard to rig
<ge-> download.com is not a spammer nor was spammed that i know of
<ge-> they offered them for download
<tortanick> if the spammers didn’t care about those sites, why did they
launch a DDoS?
<ge-> do they need a reason?
<tortanick> yes
<ge-> first, we can’t prove it was the spammers, second, I believe it was
them
<ge-> they got pissed
<tortanick> DDoS uses botnets that can’t be used for making money at the
same time
<ge-> so they got BS down
<ge-> i happen to know a thing or two about botnets
<tortanick> proving BS was effective enough to piss spammers
<ge-> and you can use them for whatever you want
<ge-> ahh, so your goal is to piss spammers off and get them to ddos the
internet?
<tortanick> nope, thats just proof that BS worked
<ge-> i am not trying to attack you, i am trying to show you that maybe
you didn’t think this though
<ge-> through
<tortanick> we did though
<ge-> so, because you piss someone off you were successful?
<ge-> apparently not enough, no offence.
<tortanick> yep
<tortanick> piss someone off and you’ve obviously found a way to affect
them
<ge-> okay, so if spamhaus goes and says spammers suck, they won’t get
attacked too?
<ge-> it’s about who mouths off more.
<tortanick> spammers are secrative, they ignore “mouthing off”
<ge-> okay, so let’s start a war. we will piss spammers off without
affecting their business, and cause a network wide ddos attack
<tortanick> you have to hit them in the wallet
<ge-> you obviously don’t know much about spam or anti spam
<tortanick> and even if that were true
<ge-> no offense, but i’d suggest cluing up
<ge-> as others less nice than me will ask you these same questions
<tortanick> causing them to rampage across the net would finally wake the
governments up
<ge-> ahh, so it’s a Scortched Earth strategy
<ge-> your goal in this project is to cause the Internet to die so that
the Government gets involved?
<ge> having irc client trouble here.
<tortanick> that explains your silence
<ge> <ge-> ahh, so it’s a Scortched Earth strategy
<ge> <ge-> your goal in this project is to cause the Internet to die so that the Government gets involved?
<ge> that’s what i last sent
<ge> but i have to go very soon
<ge> i wish you guys luck in fighting spammers
<tortanick> thats not the plan
<ge> i’m sure you have no wish to destroy the world
<tortanick> its just silver lining on the possible failure of the real plan
<Ehm> Hopefully the spammers will utilise the 2 braincells they have collectively and just clean their lists
<ge>
<tortanick> hit the spammers in the wallet like blue frog did and make them clean their lists
<ge> i sent this log to the botnets@ mailing list, let’s see what people think and who they agree with
<ge> time to discuss this once and for all.
<ge> actually, that’s the one thing i agree on this far
<tortanick> you seem quite in with the spammers crowd
<ge> it’s an economic problem, hit them economically
<ge> not really
<ge> you can google me, my name is in my /whois
<ge-> as others less nice than me will ask you these same questions
<ge-> ahh, so it’s a Scortched Earth strategy
<ge-> your goal in this project is to cause the Internet to die so that the Government gets involved?
* ge- has quit (Read error: 104 (Connection reset by peer))
<ge> erm, damn, that client was lagged
<tortanick> yep
* Entvex (n=Entvex@194.192.108.108) has joined #okopipi
<ge> and by the way, repeating something doesn’t make it right.
<Entvex> HI 
<Ehm> lol
<Ehm> hi Entvex
<tortanick> no, but it was the awnser to sevral diffrent questions
<tortanick> hi Entvex
<tortanick> btw ge, this you? http://blogs.securiteam.com/?author=6
<ge> yes
* tortanick looks for comment button
* Flinty (n=Flinty@84.12.79.104) has joined #okopipi
<ge>
<ge> what’s your job with the project?
<Entvex> i been looking at the google grops but i can relly get an ider where the projeket is atm do any one know
<tortanick> Public relations
<tortanick> still planning Entvex
<Entvex> ok
<ge> well than, how would you like to write a response to my blog entry?
<tortanick> you know ge, its normally the job of the one making accusations to prove it
<tortanick> I’d be happy to write one but I think we’ll do it collaboratively
<ge> tortanick: everyone can make accusations
<ge> *shrug*
<Ehm> wow ge, couldn’t get it more wrong (@ that blog)
<ge> iehm, did you read my conversation with tortanick ?
<tortanick> lible laws, slander laws, its illegal to make reputation dammaging accusations without proof
<tortanick> we were both talking past eachother, quite an itresting log
<ge> it’s not about your reputation. it’s about what you do
<ge> what you do, in simple terms..
<ge> erm
<Ehm> no I didn’t
<ge> and without trying to hurt you, as you guys are trying to also fight the good fight
<ge> is stupid and proven wrong
<ge> ehm: try reading it, maybe you can prove me wrong
<tortanick> As the accusor though, the legal system says you have to prove it
<Ehm> okopipi will throttle the opt-outs… to make sure we don’t DoS the spamvertised
<tortanick> but we’ll try and prove you wrong anyway
<ge> deal
<tortanick> lets get to work Ehm
<kork> good morning *cough*
<tortanick> morning
<ge>
<Ehm> afternoon kork
<kork> that’s what you get for going to bed at 8am
<ge> i will post this log, and let’s see what people think. i will mention you guys will send something in to prove me wrong.
<Ehm> lol
<ge> 5 am? that’s it? geek!
<tortanick> Ok, but this log isn’t what I’d call a resonable discussion
<tortanick> we were both to sure we were right for one
<ge> agreed!
<Ehm> ge: What we’re doign is perfectly legal: One opt-out per spam recieved…
<ge> ehm: times how many?
<ge> let’s stop now, and contrinue this with your response to my blog?
<tortanick> of course
<ge> actually, it’s not my blog really, but the author 6 is mine
<tortanick> btw, want to change the news link from black frog to okopipi
<tortanick> or will you leave that for us to point out in our response
<ge> i think black frog is your name from now on
And I must be wrong, we will hear their response soon.
Gadi Evron,
ge@linuxbox.org.
-
Is your site safe from SQL Injection attaks? Sign up for Beyond Security’s Automated Vulnerability Detection Service today!
Subscribe
Subscribe
Do you have a version of the logs with who said what? It gets hard to read this log. If you could just link to a .txt file where there is no word wrapping that’d be great.
I had to HTML escape the obvious characters. It’s fixed now. My apologies.
Allow me to add some extras:
[14:44:26] [o] [Journeyman] if you send someone an email and they visit yoursite, it isnt a DoS
[14:44:42] [o] [Journeyman] if you send 10,000 people an email and they all visit your site, it still is not a DoS
[14:45:00] [-] [ge] you are right, it’s a DDoS
[14:45:12] [o] [Journeyman] uhm no
[14:45:26] [-] [ge] what’s the definition of DDoS?
[14:45:32] [o] [Journeyman] so any time you invite a bunch of people to your website it is a DDoS
[14:45:34] [-] [atoponce] its requested, so how is it a ddos?
[14:45:43] [o] [Journeyman] distributed Deinal of service
[14:45:53] [o] [Journeyman] we arnt trying to deny service to the website
[14:45:59] [o] [Journeyman] we are merely trying to complain
[14:46:08] [-] [ge] one minute, let me get something done and i will be back?
[14:46:09] [o] [Ehm] From Google: DDoS = “A type of denial of service attack in which an attacker uses malicious code installed on various computers to attack a single target. An attacker may use this method to have a greater effect on the target than is possible with a single attacking machine.”
[14:46:21] [o] [Journeyman] 1000 complaints at once is heard a bit more than one complaint
[14:46:52] [o] [Journeyman] I am in the military, when I was in tech school we had a problem with our air conditioner, a few people filled out complaints, nothing was done
[14:46:55] [-] [ge] 1. you don’t send the complaint to spammers, you send them to hacked machines, hosted websites of regular people, isp’s that were hacked and the internet.
[14:47:01] [o] [Journeyman] one day our whole floor wrote complaints
[14:47:08] [o] [Journeyman] the problem was fixed that afternoon
[14:47:10] [-] [ge] well, then you reached the right people
[14:47:21] [o] [Journeyman] ge: the websites arnt on hacked machines
[14:47:23] [-] [ge] this is rehearsing our earlier log
[14:47:26] [-] [ge] let me fix it first
[14:47:35] [-] [ge] you obviously don’t know much about what spammers are using.
[14:47:36] [o] [Journeyman] they are on legit hosting sites most the time
[14:47:40] [o] [Journeyman] i do
[14:47:49] [o] [Ehm] ge: We’re *not* contacting the *spammers*
[14:47:52] [-] [tortanick] hi again ge
[14:47:52] [o] [Journeyman] and we arnt complaining to the spammers directly
[14:47:59] [o] [Journeyman] we are complaining to the people who pay the spammers
[14:49:08] [o] [Journeyman] you obviously dont know what you are talking about ge
[14:50:05] [v] [tortanick] yes but be polite about it
[14:50:11] [v] [tortanick] thanks Ehm
[14:50:18] [v] tortanick wishes I could keep it post logout
[14:50:56] [-] [ge] journeyman, we can’t hold a normal conversation, you’d rather call me stupid than hear me out. tortanick and me may have talked past each other, but we also listened.
[14:51:05] [-] [ge] okay, i fixed the blog. check it out and tell me if it’s ok now.
[14:51:11] [o] [Journeyman] thats good
[14:51:34] [o] [Journeyman] I call people out when they are clueless
[14:51:52] [o] [Journeyman] i heard what you said
[14:52:16] [-] [ge] well, than i suppose we have nothing much to talk about.
[14:53:02] [o] [Journeyman] hey whatever, talk to these guys if you wish
[14:53:13] [o] [Journeyman] I have things I gotta go do
[14:54:23] [v] [tortanick] cya
[14:54:27] [-] [ge] you are not very friendly, sending a CTCP version out of nowhere. not to mention being completely clueless, and appearing to be an open source project dictatorship.
[14:54:28] [-] [ge] oh well
[14:54:40] [-] [ge] i will let you guys post your response
[14:54:43] [-] [ge] you know my email
[14:54:45] [o] [Ehm] uhh
[14:54:47] [-] [ge] i’m going back to work.
[14:54:56] [o] [Ehm] ‘open source project dictatorship’
[14:54:57] [v] [tortanick] I do Ehm
[14:54:59] [o] [Ehm] hah
[14:55:01] [-] [ge]
[14:55:08] [-] [ge] whatever you are, you appear that way to me now
[14:55:14] [v] [tortanick] oh thought you ment you didn’t know his E-mail
[14:55:16] [-] [ge] journeyman appeared, and boom, world is over
[14:55:24] [-] [ge] regardless - have a very good luck guys
[14:55:25] [-] [ge] cya
[14:55:29] [o] [Ehm] ge: =\
[14:55:46] [ge] Has left [#okopipi]
[14:55:53] [o] [Ehm] Because we let a knowlegable person in our team speak it’s a dictatorship?
“If we invite 10000 people to our web site, it’s a DDoS?”
No, but if you invite them somewhere else, it is.
“Our air conditioning didn’t work” - well, you DDoS’d the right guy without attacking the base, didn’t you?
I walked down the street and a fridge dropped down from a window. Relevance?
““If we invite 10000 people to our web site, it’s a DDoS?”
No, but if you invite them somewhere else, it is.”
which is why you don’t make the system fully automatic but rather only let it send opt outs to sites that are vetted (by people) as being the right site and being safe to send opt outs to…
really, this shouldn’t be such a hard concept to grasp…
Okay:
1. Site does not belong to spammer.
2. Site hosts other sites.
3. Site was likely broken into.
4. Site sits on ISP.
5. If all above is false, spammers or their spammed sites moved on by now, both an IP and a domain.
What’s so difficult to understand?
what’s difficult to understand is why you think it’s so difficult to determine if any of those problem conditions hold true and then not enable blue frog to send user complaints in those cases…
seriously gadi, i’m not trying to offend you here… but it seems you really don’t seem to get the concept of black/blue frog/okopipi.
stop being so stubborn and get the concept right before you rant on please. (btw, i’m just a reader who came along this site).
correct me if i am wrong, but the opt-outs that are send by the frogservice go to the advertisers (not the spammers). The advertisers are usually ‘legitimate’ sites, who want customers to visit their site. This is why they hire a spammer that sends out advertisements for them. The opt-outs are send to these paying advertisers (because they shouldn’t use a spamservice!).
So in short: opt-outs will NOT go to the machines that are used to send the spam, nor will they go to the domains or IP’s that seem to be the senders. The opt-outs go to the advertised site (which stays on a stable server, else the sent advertisement would be useless).
It could be i myself misunderstood the concept, but i’m sure someone will correct me in that case.
It’s not that you misunderstand the concept, it’s that you are 10 years behind on spam technology and operations.
Kurt: erm, okay, how do I put it.. it happens that the security community is cut in half or even 5 parts about a subject and disagree. In this case Everyone agreed, BS sucks. I can’t put it in any better terms.
Hmm, this chat is takin place with Kurt, in two places:
http://blogs.securiteam.com/index.php/archives/425
this is getting sad… did you actually read my complete comment?
i think it’s not that hard to understand how spam is send these days… that is not what this is about…
you just seem to fail to notice the difference in the two ‘guilty’ parties that are involved in sending spam…
1. the spammer with his spamsending machines (botnet i assume, doesn’t matter what he’s using).
2. the advertiser, having a ‘legitimate’ site, hiring this advertisement agencey (we usually call this agency the spammer as in 1.) to sent advertisements to a whole lot of e-mails around the globe (we usually refer to this as spam).
The so called ‘ddos’ (if you would like to call it like that) that blue/blackfrog might start is targeted at number 2, the advertiser…
I’m just curious, what do you not understand in my explanation? And can someone else confirm that this is the way blue/blackfrog works and i’m not misunderstanding that concept?)
–Kurt: erm, okay, how do I put it.. it happens that the security community is cut in half or even 5 parts about a subject and disagree. In this case Everyone agreed, BS sucks. I can’t put it in any better terms.–
well, i guess it’s just too bad that i don’t blindly follow… if the security community says “jump”, you won’t find me saying “how high”, rather i’ll be saying “why should i”…
perhaps you do have a fully thought out opinion on why one complaint per user per spam received by that user is a DDoS or why the human researchers controlling what gets added to the blacklist (blue frog essentially worked off a catalog of known bad sites) is an insufficient safeguard against bad things happening to good people - but if you do have such an opinion you don’t seem to be expressing the reasoning here…
sometimes writing the answer down isn’t enough, sometimes you have to show your work too…
Okay, I want to see BS’s work. I know how spammers work, now - don’t take my word for it. Go clue up and then I’d be happy to resume this lil chat.
[…] You can read it online here it’s quite illuminating even if I don’t agree with their drivers or mentality. […]
Everyone else is being to nice to you gadi, you are an idiot. plain and simple
irc is for losers
Gadi, I’m still waiting for your response at Circle ID linked to below.
You say that Everyone knows that spamvertised sites are hosted by responsible ISPs and webhosts and “In this case Everyone agreed, BS sucks.” That’s nonsense. Certainly SOME people believe that, but what circles are you in where everyone believes this? Certainly not MAAWG or MARID. Certainly not nanae/nanabl (I don’t even have to look to know the answer on that one.) Certainly not spam-l. It’s only true among the DMA, EMarketersAmerica or some similar mainsleaze ‘coalition’.
If they do use some service they buy, it’s still a DDoS. On the server’s other clients, on the ISP, and on the Internet. Plus, the Time to Live for it won’t be very long regardless of any attack.
Example taken from real spam received on May, 31th.
Site: tormaza.com
It resolves to 61.188.39.20, which belongs to China IP range.
According to public whois data, the domain creation date is 2006-05-30, or just 1 day before I received the spam.
So, this advertisement does not “[stay] on a stable server”. I can post 38 other similar examples received just today at just one of my email addresses.
“If they do use some service they buy, it’s still a DDoS. On the server’s other clients, on the ISP, and on the Internet.”
responding (sending opt-outs) to incoming traffic (spam) on a one-to-one basis is not a DDoS…
if you hire someone to send a million messages on your behalf you need to be prepared for a million responses, and if you aren’t it’s not the fault of the people responding…
“If they do use some service they buy, it’s still a DDoS. On the server’s other clients, on the ISP, and on the Internet. Plus, the Time to Live for it won’t be very long regardless of any attack.”
I cannot say about other countries but in the US under the Can-SPAM act advertisers HAVE to have an opt-out feature. What the okopipi project is doing is allowing users on an individual basis (1 email per spam) the ability to opt-out of those lists. If the spammer is smart they would just clean their lists and the opt-out requests would stop.
To be a DDoS attack the project would have to intend to bring down the site. If the advertisee’s server cannot take the load of a portion of those they advertised to loading the page and filling out a form, that is poor planning on the part of the them and not any malicious intent of the okopipi project.
more than that, to be a DDoS attack (or even a DoS attack) perpetrated by the clients, those clients would have to be initiating communication, not responding to it… the system in question here responds to spam (albeit not through the same channels the spam comes in on since the purported starting point is often forged/unreachable)…
Gadi, you call yourself a security expert? You sound like a little playground know-it-all. Give it a rest, will you? It is clear that you dont know what you are talking about. Half your responses are nothing more than you stroking your own ego.
One of your first comments in the chat is
” i personally believe the project is doomed to failure, much like
blue security was a complete idiocy to begin with… but who am i to not
let people try?”
and then you go on to cry about Journeyman treating you with the same contempt? Can you spell hypocrite?
Your holier-than-thou attitude offended me from the first comment you made. By the end I was entirely sickened by your retarded attitude.
What you don’t seem to understand is that the purpose of Blue Security and the purpose of Okopipi is not to DDOS, you dolt. It’s to fill out opt-requests and possibly to poison their purchase order database.
Get it through your tiny skull - NOBODY IS TRYING TO DDOS THE SPAMMERS!
That means your diatribe about spammers registering 5k domains and moving by the time you decide to DDOS them is not only moot, but it proves that you just have your head up your ass. Who cares if their IP moves every nanosecond? There has to be a place for potential buyers to place an order right? Well, what do you know… there’s the place that the opt-out requests and fake order forms are sent to! The ip addresses have to stick around long enough to allow orders to be placed, and if they happen to sport one of those newfangled “Domain Names”, then obviously it doesn’t matter if they change the ip.
Your talk of innocent bystanders is equally stupid. If anything, the DDOS launched by the spammers was what caused any collateral damage.
Here are some nice snippets showcasing more of your combative, arrogant attitude:
” you obviously don’t know much about spam or anti spam”
” i happen to know a thing or two about botnets”
“[ge] you obviously don’t know much about what spammers are using.”
” as others less nice than me will ask you these same questions”
That last one is pure gold. So far, you seem like one of the biggest assholes on the Internet that I’ve ever seen. Can’t be too many out there that are “less nice” than you.
Here is another gem:
” it happens that the security community is cut in half or even 5 parts about a subject and disagree. In this case Everyone agreed, BS sucks. I can’t put it in any better terms. ”
Please back that up with some kind of proof. Just running around shouting something doesn’t make it true, and it doesn’t make your case any stronger. Oh yeah… and it makes you look like even more of a jackass.
To use another one of your catch phrases that nobody else has ever heard before… “clue up”.
I’m just a random passer-by and found “ge-”’s comments in the IRC chat to be most unhelpful. There’s no use claiming a superior position based on authority to an audience who wants to understand the reasoning behind it, unless you’re going to share that reasoning. To do this properly you must first understand the listener’s framework and ideas, then present your reasoning in terms of that. And you can’t be over-confident, because this will make you unable to respond adequately to problems with your presentation and reasoning. Your comments remind me of other claimed experts I’ve encountered on IRC, who each constantly change the subject and periodically appeal to authority. Heh, and IRC sucks donkey nuts. What a fucking waste of time.
Everyone knows that spamvertised sites are hosted by responsible ISPs and webhosts and “In this case Everyone agreed, BS sucks.” That’s nonsense. Certainly SOME people believe that, but what circles are you in where everyone believes this? Certainly not MAAWG or MARID.
Wow, ge aka gadi — can’t believe I wasted my time reading your stupid irc log. You sound like one of those people that take the opposite side of any topic, regardless if that is your true stance, to look edgy and “against the norm”. Your a retard bro.