lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Jun 20 12:49:41 2006 From: cardosolistas at contraditorium.com (Cardoso) Subject: scammers paradise (big useless rant) As every morning, I check my mailbox and start my traditional precedure of reporting scammers spreading malware. After a few months doing it, I think the MAJOR source of malware are free hosting providers. Most are small one-man sites, with little or none security policy. Scammers feast on the easyness of hosting their crap, and those sites don't give a frack (Yes, I'm a Galactica fan) if they're hosting a subdomain named "microsoft", a .exe, a .com or even a very suspicious .scr, not to mention .pif or .bat files. If Joe T. Hoster wanted he could block any of the Evil Extensions (.exe .bat .com and .scr) and presto, 99% of the scammers would be defanged. The reality? Most sites don't have a security report, some require you to sign-up to send a report, others are so badly designed that don't even have a public email. Some of the worse to report: www.sapo.pt www.webcindario.com (and anything related to starmedia) www.cjb.net If I were the great ISPs, I'd BLOCK those sites and all others like them, until they write down and FOLLOW a security policy. I'm really tired of so many people scammed, not only because they're stupid (yes, the two reasons someone falls for a scam are stupidity or greed) but also because some lazy smartass thinks he can make a quick money being a "mini-geocities" sharing his punny $7/month Dreamhost site with a gazillion of users, not caring about the kind of crapware they share on his server. I apologize for the rant, but I try to keep all my apps (at my servers and at home) up-to-date and try NOT to be stupid (altough I'm greed once in a while) and don't like to see how people don't give a damn about what others do with the resoucers THEY share. Allgemeinen Anschulterlaubnis Cardoso <cardoso@...ox.com> - SkypeIn: (11) 3711-2466 / (41) 3941-5299 vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com
Powered by blists - more mailing lists