Friday, 3 December 2004

If you're thinking of using Lycos’ "Make Love Not Spam" screensaver - why you shouldn't

If you're thinking of using Lycos’ "Make Love Not Spam" screensaver - why you shouldn't

There has recently been a fair amount of publicity about the new screensaver supplied by Lycos which "attacks" known spamming sites by constantly accessing their servers in what is known as a "Distributed Denial of Service" (DDoS) attack. Lycos, via its website, is offering a free screensaver for download. The screensavers make constant http requests to spam websites. The idea is to slow down spam servers by overloading them - i.e.. by launching a DDoS. Which is illegal in many, many countries.

Don't be sucked into this!! It could cause you more problems than it's worth, including your arrest & blocking of your access to the Internet.

Firstly, it doesn't matter the reasoning, DDoS attacks are illegal in most countries. How would you like it for the authorities to appear at your door and immediately confiscate your PC & remove your Internet access for launching illegal attacks, even if against spammers sites? Some of these sites may not even be spammers any more, as they often change their site addresses regularly, and because the sites are possibly hosted by legitimate Internet Service Providers (ISP's), all other sites hosted by those ISP's may also suffer performance degradation.

But an even more dangerous thing is that it opens up your PC to all types of attacks. When you use the screensaver against a spammer's site, your IP address will be recorded by them (yeah - think about that for a moment). This means the spammer knows you are online, and may try to launch a counter-attack DDoS on you. It also means that some some malicious sites may scan your IP address for any weaknesses in your PC's security and attempt to load spyware or malware onto your PC.

All in all, the screensaver is just not worth all the trouble it may cause. Some estimates are that they may only cause a performance slowdown of less than 5% at spammers sites. The trade-off for the spammers is that they have an always up-to-date list of currently online IP addresses to try to install software onto, or take revenge with by reporting to the authorities as active DDoS participants.

So, no matter how tempting, don't download this screensaver.

No comments:

Post a Comment