SamuraiNet Blog

Spam is annoying.

Spam trying to avoid spam filters with it’s 1337 5p34k is more annoying.

Idiotic spammers are the worst. I have been receiving spam from myself for quite some time, but only today did I actually think before simply clearing it out. Why would a spammer send me spam from a spoofed address that is mine? Obviously it would help to avoid certain filters, ones looking at allowed or disallowed email addresses. This method of filtration is extremely weak however and any decent spam filter would still block the email. I also verified these emails were infact spoofed and that my account had not been hijacked. They were indeed spoofed emails.

Beyond my confusion for the reasoning of using the rcpt address as the from address was one question: Who would open spam from themselves?

Here is a collection of subject lines I have received… from myself.

• Try these on the dirtiest surfaces in your home..
• Get up to 15OO USD by tomorrow..
• Vl@gra Cl@lis 72.5324% Save
• dirty teein stripping sincerode

Funny… I don’t remember sending any of these emails to myself.

Over the past few years more and more news has arrisen about hacking becoming a part of warfare, however; it seems that though it has a tactical advantage and is a powerful resource for any government that uses it, it is not paid enough attention to. Governments’ lax attitude towards these actions only prove to encourage.

Attacks on the defense department by Chinese web sites (http://www.washingtonpost.com/wp…8/24/AR2005082402318.html) have been used as well as trojans on external harddrives and direct hacking attempts. Still recourse has only been to “harden networks” and “further investigate” things. While these are both important, and I’m glad to see that “hardening networks” is on the list, but the problem is at the source: we have not made clear we see it as a threat. Had Chinese spies entered the DoD building and stolen critical data more than an “investigation” would ensue, yet if the same sensitive material was stolen over the internet the reaction would be quite different.

Attacks of these types be they political or economical (targeting corporations) have proven to be effective. So effective that attacks such as Distrusted Denial of Service attacks are for sale. Estonia’s entire infrastructure was damaged when a massive DDoS attack rendered their “eGovernment” useless.

According to an article at Bloggernews.com (http://www.bloggernews.net/115503) cyber warfare is here. This is no surprise to the rest of us, but what I find most interesting is that the government’s reaction was saying not to use email for critical and sensitive information transfer. Again, this is exactly the problem I speak of. I am by no means advocating another offensive war, nor am I trying to raise hatred against China or any other nation. I simply and pointing out that we are leaving ourselves unprepared. Speak up! Raise your voice. Politicians are afraid to lose their seats. If we make it clear that our nation’s cyber security is paramount, perhaps something will be done.