lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Aug 2012 15:04:23 +0900
From: Tonu Samuel <tonu@...m.ee>
To: Valdis.Kletnieks@...edu
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Associate professor from Pakistan National
	University - spammer


On 2012/08/16, at 12:49, Valdis.Kletnieks@...edu wrote:

> On Tue, 14 Aug 2012 14:55:41 +0900, Tonu Samuel said:
> 
>> I found that person who is spamming
>> OpenCV list with "Plz visit my e-gaming site at http://." is PhD
> 
> So... did you establish that the person doing the spamming actually *is*
> that professor, or merely somebody who managed to phish the professor's
> credentials and is using their identity to send the spam? (We get 5 or 10 phished
> users a day, and maybe 1 or 2 actual spammers a year)

I handle spam cases daily too and I find new spammers weekly. And I do lot of analysis do be able to prove what I say in my blog. I have sued few times and get lot of letters from data protection authority but was till now prove my words.

In this case there are facts you can easily verify:

There is a gaming site meyraj.com, registered to this professor name. Not company, not someone else but he personally runs it.
There is a Facebook wall https://www.facebook.com/fahim.arif.9 where we can see posts advertising same site for two years. Look on all details of this account.
There are 175688 tweets on http://twitter.com/Meyraj about this gaming site
There are spams over half year in OpenCV lists under his name and Software Engineer related to computer vision does not notice it.

Knowing this please explain the motivation of some "hacker" to advertise his site. 
I am not so naive. I also have lot of experience dealing with them and many of them try to tell me that someone else did spamming trying to advertise their sites etc. My experience is identical to one listed here http://www.spamhaus.org/faq/section/ROKSO%20FAQ
and it says: 
"
However, correcting what a spammer claims is an 'error' is not as straight forward as it may seem, since spammers are not people known for honesty; in fact they are almost all con men, fraudsters and chronic liars. Spamhaus regularly receives letters from spammer's lawyers attempting to claim that all of a spammers records are in error and demanding all therefore be removed. We naturally pay little attention to such requests. A request by a spammer for correction of a record must point to exactly what information is in error and must include verifiable proof that the error is indeed an error."


   Tonu



Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists