Blue Security gone, its lessons already forgotten

Blue frog worked as we can

Blue frog worked as we can only hope that Black frog will as well. Spammers don't care 1 bit about our privacy, as does the media or the media would not have been so biased against the entire Blue frog principle which is to date, the only thing that has put a dent and jurt the spammers in the only place it counts...... in the wallet....

Maybe, just maybe, the media will change their ignorant ways and actually study a problem instead of jumping to conclusions in the future? Is it possible?

In response to jbl: Most

In response to jbl:

Most spammers advertise online retailers, those retailers want you to get in contact with them.

Some times they are simply an order form, other times they have legitimate contact us addresses. Either way it's possible to use these as a way to ask the retialers to tell their "Marketing department" to stop spamming us.

Probably fortunate for us

Probably fortunate for us all that IT journalists were not involved in any of the military decisions of WWII or for that matter citizens of occupied countries.

I would like to suggest a special tool for those complacent about spammers and their vandalism of the web, "Deadfrog security", for people whose frog was boiled so slowly they didn't notice. Once you have installed it on your pc it does nothing, but criticises everyone else.

This spammer is clearly

This spammer is clearly engaging in activities that should be covered by criminal statutes. It seems that Blue Frog has an idea of who this person is. Why they are not rotting in an Isreali prison is beyond my comprehension.

There is speech and commerce, and then there's fraud and theft. If the spam I get is typical, then most of these major spammers are breaking the law. It's time that the international community make an example of the major players.

As my website shows, I think

As my website shows, I think there are plenty of political problems to go around, but spam is NOT one of them. Nor is it a technical problem. Spam is an economic problem and the only way to solve the problem is with an economic tool.

There is NO free email. SMTP is only a broken model of email based on the fantasy that each person using the Internet is nice. WRONGO. Because we pretend email is free, the spammers can divide their "costs" by zero. If you think your cost is zero, then finding one more sucker looks like an infinite return on your "investment", even if you had to send out another million spams. The spammers simply don't care that they are wasting the resources and time and intruding on the privacy of millions of other people.

We need to provide an email alternative with real accounting of the money. It can live transparently with SMTP, and it doesn't even need to balance exactly--but the spammers are orders of magnitude away from ANY balance. If you had the option to have a special email address that would never get spam, would you use it? I certainly would.

Maybe I'm taking too many

Maybe I'm taking too many risks by posting this right here, since anyone could post on my behalf (as you can see, this message is not PGP-signed, so I as well could be an impostor - see how insecure the internet already is?), but I feel I need to answer your concerns.

(Disclaimer: whatever I post in here is exclusively my opinion and my understanding of the project. My post and my possibly controversial opinions do not express the views of other okopipi developers or associated people)

In summary, you don't need to worry, we're establishing the mechanisms so that the network won't be abused.

I repeat: There's no way we will design the okopipi network to become a target for spammers. My intention on collaborating with the project is to make the frogs independent, so they can't be controlled using a botnet.

Actually, my first idea was to make autonomous frogs where each user would review his own spam and opt-out by himself. This is why I applied for a "black frog" project at a famous software development site (it was then that I met the okopipi-group).

But this original idea of mine (having 100%-independent frogs, without a P2P network) could be prone to abuse ( see http://en.wikipedia.org/wiki/Joe_job ), so we DO NEED a regulation mechanism. This is what the P2P network is for. Just as police officers in the US have a department of "internal affairs", the new frogs will need a way to be regulated, and maybe even prevented from acting against spamertised websites. This is the P2P network intent.

Please let me repeat: The purpose of the p2p network, or "frognet" as I call it, is ONLY to prevent abuse of the system with fake spam (this is, spam directing to legitimate websites) or malevolent frogs.

(A second function would be to keep the do-not-spam list distributed and available for anyone).

The network will NOT be able to initiate attacks on websites, and therefore, cannot be used to create an "evil botnet". Hackers and spammers are ALREADY using botnets by abusing the poor security of Microsoft Windows systems to send SPAM. The spammers' power was shown with the attack on SixApart and related sites. The criminals out there don't need Blue Frogs to throw chaos on the internet. They have the resources, and will use them if they feel the need to do it.

The okopipi developers are currently discussing if there is an authoritative system (or hierarchy) precisely to prevent abuse. We're seeking professionals to assist us in the design of the network.

Let me clarify: Currently we have NOT started to write a single byte of code. The project is still on its planning stages, and if anybody thinks the frognet will be abused indiscriminately, it's because their own ignorance of the subject.

We, the okopipi developers, are going to work to maintain health in the internet, so we ARE going to be EXTREMELY careful with the design, even paranoid.

Besides, the purpose of Blue Security (to which I'm not related to, in any way - except that I was just another Blue Frog user) was to fill a void in the authority enforcement and lack of laws against SPAM. We're NOT trying to create a criminal network to DDOS spammers. The okopipi-dev and okopipi-discuss groups were made to discuss the philosophy, ethics and implementation of this effort.

The only problem with Blue security was that they planned to make money with Blue Frog (via subscription), and therefore, they needed a website and a central network to work. We, however, are not interested in money, and therefore we don't need a central website or network to do our tasks. Without a central network, there's no point that could be attacked by the spammers. So there's no risk of retaliation against a particular network.

So, let me repeat: There is NO need to worry.

Thank you for your time.

Okopipi (or the earlier

Okopipi (or the earlier Black Frog as you referred to it as) is still in the planning stages, the community hasn't started the implementation yet.

This project will go ahead in one form or another - if you wish to prevent legit sites from being hurt why don't you help propose some ideas & suggestions to top that from happening?

Why reporters are calling

Why reporters are calling Blue Frog a failed idea shows a lack of thought, Blue Frog was a failed implimentation of a valid idea. This is proven by the effort the spammers put out to bring it down, Now a group of people have taken that idea and set out to fix the system behind the idea so it does not have a single point of failure.

As for the validity of the opt out list idea remember that even though the spammers started attacking those users they determined to be on the list it had the opposite effect they wanted, Blue Frogs membership went up not down. Most of the attacks to users were being filtered out by stndard spam filters and compared to the ammount of junk we get daily it was barely a blip on our radar.

Bluefrog said it didn't have permission to start a war for it's users, Okopipi is being started with the first membes being well aware of what they are getting into. But we are willing to put up with a little additional discomfort (All this spam we get daily has already numbed us)to get our message across that we have a right to not be spammed and a simple way of expressing that right to spammers.

Sorry I forgot to include

Sorry I forgot to include the link:
http://groups.google.com/group/okopipi-dev?

As a member of Black Frog,

As a member of Black Frog, or okopipi as its now called (okopipi is a species of blue frog). I'd like to say that its spammer proof, but I can't. On the other hand, Mr. McKeay I don't see how you can say its easy to subvert. We havn't finished designing it yet.

I Reccomend that you visit the developemnt disscssion pages. If you know how spammers can easily get round the proposed safe-guards I'm sure the coders will be delighted to hear from you and upgrade the design.

-Tortanick