Nov 30, 2004 (09:11 AM EST)
Lycos Europe To Spammers: It's Payback Time
Read the Original Article at InformationWeek
Lycos Europe N.V. is offering Internet users a way to stick it to spammers with its new screen-saver software, called "Make Love, Not Spam."
While the online community/portal company's program saves your screen's pixels from phosphor burn-in--seldom a problem with newer monitors--it uses idle CPU time to send HTTP requests to sites that distribute advertisements via spam. These requests are what a Web browser generates when requesting a Web page. The goal is to generate an abundance of HTTP requests on spam servers, hindering their ability to respond and function. According to makelovenotspam.com, "the frequency and rate of requests are controlled by a centrally stored configuration file from where we can halt, decrease, or increase the load generated by all clients."
However, although Lycos Europe indicates that the targeted sites are only slowed and aren't shut down, that's a subtlety the law might miss. "This strikes me as a denial-of-service attack and a flagrant violation of U.S. law," says Ray Everett-Church, chief privacy officer for ePrivacyGroup.com and counsel for the Coalition Against Unsolicited Commercial E-mail. He warns that while Lycos Europe may be procedurally immune to U.S. prosecution, any spammer in the States harmed by this program might have legal recourse.
But Lycos Europe spokesman Frank Legeland insists that the software is legal in Europe and the U.S. "Make Love, Not Spam is not a DDoS-attack because no spammer server crashes down," he wrote in an E-mail. "We don't do that as we will maintain in any case at least 5% of the remaining bandwidth. We have a technical 'health check' implemented to guarantee that we only create cost, but not crash, any spam server."
The company's site is keeping track of the campaign's effectiveness. On Monday, response times for seven listed spam sites were delayed by 85%, the result of several gigabytes of newly generated traffic. Lycos Europe claims that because the spammers have to pay for bandwidth, "more requests means higher bills."
The Flash page from which the software is available also includes a button to "ANNOY a spammer now!". Clicking on it initiates an HTTP request just like the screen-saver software. Visual feedback is also provided: A map of the world displays a red line arcing from Europe to a spam site in Brazil, China, Central Asia, and the United States with every click.
"Lycos Europe wants to make life more difficult for the people sending spam," wrote Legeland. "We don't want to bring the spammers' sites down entirely, but together with the Internet community we want to send a strong signal that spam is unacceptable and an unfair marketing method, which is at the end not paying off."
But some say the screen saver could create problems for corporate IT departments. "This is just a field day of liability [for] a spammer who's harmed by this," says Everett-Church, adding that users who install the software on company PCs could put their employers at risk. "Corporate IT departments would wise to block access to this software."
A spokeswoman for Lycos Inc., a subsidiary of Daum Communications Corp., which is a Korean Internet company and a separate entity from Lycos Europe, said yesterday that Lycos planned to provide a link to the screen saver software on its home page. Today, she indicated that plans had changed and any link that appeared would likely not be on the home page--because of design rather than legal considerations--and would take users interested in the screen saver to Lycos Europe's site rather than downloading the software directly.
You can download the screensaver here.