![]() | This article was nominated for deletion on October 29, 2006. The result of the discussion was keep. |
![]() | This article was nominated for deletion on 17 February 2006. The result of the discussion was keep. |
![]() | This article has not yet been rated on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: |
|||||||||||||
|
Punkmorten 15:08, 23 February 2006 (UTC)
If you have received threatening E-Mails from Blue Security, or about Blue Security, please see the following websites:
Thank you. --Skoorb 13:40, 3 May 2006 (UTC)
I just got a email from some "PIMENTEL Winnie <rhodes@crookedsmile.com>" saying this:
"You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/
Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.
BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.
BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.
They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?
1. Using your computer to send spam ? 2. Using your computer to attack competitor websites? 3. Phishing through your files for your identity and banking information?
If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning..."
Not sure what to do with it, but here it is if anyone's interested. FredTheDeadHead 21:15, 1 May 2006 (UTC)
The response from the strictly ethical Blue Security is found at http://community.bluesecurity.com/webx?14@112.Cd7NaRswkcI.248@.3c3e88bc!discloc=.3c528f04
The ethics are well covered at http://www.bluesecurity.com/news/experts_say.asp
The media profiles on Blue Security provide further useful information, at http://www.bluesecurity.com/news/in_the_news.asp
May 2006 - In an emerging battle between Blue Security and a subsection of the spamming community, there is a logical test of which party is legitimate -
On one side you have a group who have clearly revealed their executive group, source of funding, code of ethics, and even provide the full source code of their software. On the other side you have an anonymous group whose actions speak for themselves, as demonstrated by the above spam.
The Blue Frog seems to be suffering a DDOS attack currently. Their site is unavailable and the spam plugin is failing to report spam -- Chris Q 09:09, 4 May 2006 (UTC)
I think all of the DoS stuff should be boild down to only a sentence or two. This is supposed to be an encyclopedia, not a news outlet nor an ad medium. Compare the sizes of the entries for bluefrog with spamcop. Spamcop has had many more DoS attacks over the years, and many more lawsuits, and yet spamcop's entry is quite short and to the point. It also doesn't read like an ad. Wrs1864 13:47, 8 May 2006 (UTC)
That supposed "false" email sent out to users of Blue Frog contains a lot of true information.
Blue Security does perform DdoS attacks. Blue Security is a company in Isreal.
Add to that we recently uninstalled Blue Frog from our computer and since then our Bulk folder has been flooded with spam. It seems that Blue Security themselves are now spamming our email. We never even got this much spam back before we used Blue Frog. And now that we've uninstalled the program the spam has increased to a ridiculous amount.
Here are some links to articles about Blue Security, their DdoS attacks, and their location being Isreal:
http://securitypronews.com/news/securitynews/spn-45-20050722SpamWarsBlueSecurityStrikesBack.html http://www.pcworld.com/news/article/0,aid,121841,00.asp - C&R 05:31, 6 May 2006 (UTC)
I think I have found a place to put my IMHO. =) Sorry for being stupid enough to add it to the article itself for the first time and thanks Savidan for quickly pointing this out.
So, IMHO two points present: 1. BlueFrog is the Bad Thing. (cut-and-paste from talk with Savidan)
I'm a system administrator and of course I'm also bothered with the spam problem. But the Blue Frog solution to that problem really freaks me out. What they do is using same botnet technologies as spammers supposingly do, with only difference that their bot (client) is installed by user admission. But even if building botnet such way is legal, using it for any purpose is illegal. While BlueFrog is attacking supposed spammers, many intermediate hosts and routers are affected, lots of businesses and individuals expierence technical problems with low or neglected chance to detect the real cause. Using DDoS to stop single spammer site is like throwing a nuke to the city with single terrorist and million innocent people.
2. All the buzz with attacks to Blue Frog is a self-PR of BlueSecurity and must be investigated.
First point: Too much buzz over it, too many data sources, all against all, but the net effect is the raise of BlueFrog community. IMHO, that was predictable and clearly states the stakeholders. I consider BlueSecurity has enough power bots to launch DDoS to itself, just as it did to spammers, and until now nothing voted against it.
Next point: just try to google PharmaMaster and you find it is mentioned only in context with BlueSecurity's initiated report. That's a serious consideration that it is faked up. At least no clues against it - whoever can track supposed ICQ talk?
Next point: one of the "spammer strikes" was with BlueSecurity whois information. One can see prolexic anti-DDoS protection within it. Prolexic is a costly service and usually hooked up on-accident - e.g. one must be prepared to be attacked first.
After all, Prolexic is known to effectively stop minor to major DDoS within minutes. And instead of it we have company officals stating that several hours or may be days their site was out of net and they even had to (and that is the most abusive point) to switch their site DNS to the blog in suppose DDoSer will stop and finally change to 127.0.0.1 blah-blah-blah. That's hardly to believe - when the site is protected with Prolexic no such DNS dance ever need to happen - because all DNS entries are initially set to Prolexic "filter tube".
So these are my points and if there are Wikiusers out there which are not BlueSecurity's employees I'm sure they would found at least some of the points useful to consider.
this is getting totall y insane. i've received yet another email formulation from the spammer and their logic just totally escapes me. i'd go on and analyse their claims and failed affirmations but it's just really ridiculous. i mean it's even getting quite entertaining to see PharmaMaster struggle with their repeated threats. http://evilloop.com/blue.security.3.png - Zenzizi 14:02, 8 May 2006 (UTC)
The "Spammers' next attack levelled at CEO Eran Reshef" section as currently worded makes no sense. The spam that it quotes is being sent to lots of people (not just BlueFrog users or BlueSecurity customers; I am neither and have probably seen fifty copies by now), and is just a straight ordinary joe job: spam that appears to be sent by the victim, for the purposes of getting the spam recipients mad at the victim.
So the sentence "The implication in the e-mail is that with such a past history, the Blue Security venture, which is still in a beta test phase, should not have been susceptible to a DDOS attack" is beside the point. The quoted spam doesn't mention any DDOS attack on Blue Security at all; it will seem to the vast majority of readers to be just ordinary spam sent by Skybox Security / Carmel Ventures / Blue Security. If in fact this spam is a joe job and not actually sent by who it claims to be sent by, the paragraph in this section should just note that the quoted spam (is it an actual recent or old press release, or just something the spammers made up?) was sent out by the spammers in the name of Skybox Security etc in order to damage their reputation (by making them appear to be spammers themselves).
(Or if this article is shortened as much as it probably ought to be, that whole section should be removed. Although myself I'm glad it was there, because it at least explained where all these particular bits of spam are coming from...) --Orbst 19:23, 10 May 2006 (UTC)
This article is in need of serious work. It needs a near complete rewrite to get rid of non-neutral tone problems, it contains many statements which cannot be verified by any neutral media source, and it contains large "primary source" quotations which have no purpose here. savidan(talk) (e@) 22:59, 11 May 2006 (UTC)
I received these emails as a blue frog user (unconnected to the company) I believe they should be reinstated if a number of other independent users received them. Please vote on reinstatement with
*'''Reinstate''' - <optional sentence> ~~~~
or
*'''Do not Reinstate''' - <optional sentence> ~~~~
Note that this has been reported on slashdot, etc. and we could quote the blue frog site. -- Chris Q 07:17, 12 May 2006 (UTC)
On May 2 the anti-Blue Security attack entered stage 3. The spammers performed a "Joe Job" attack designed to
Below is a sample of the Joe Job attack. Spammers sent these to people on their lists who were known to be the most strident spam complainers. The From address was forged as "Blue Security Member" <user address> where user address was taken from their Blue Security address list.
Subject: Bringing spammers to Their Knees Bluesecurity.com hopes you'll join thousands of others in an army capable of crippling spammers' Web sites. A few thousand spammers have ruined our internet. They've clogged our mailboxes with filth. Already, 90% of email traffic is made up of spam. Let us no longer blind ourselves to the irrefutable facts: current measures have failed to stop spammers. The experience of the past several years has proven that passive measures are just not the answer. Retribution is the only real answer to spam. We must punish spammers ourselves to prevent them from taking over cyberspace. We must reclaim our territory. We need direct action to eliminate spammers for good. The magnitude of the task which lies before us is great. We are fighting for the future of the Internet. What we need to do now is get as many users as possible into our community. We already have a botnet with hundreds of thousands of computers working together to induce commercial loss on spammers and their ISPs. We have launched numerous Denial-of-Service Attacks on Chinese spam networks with great success, and plan many more! We have excellent financiers who allow us continued success with our botnet growth and Denial-of-Service Attacks. We thank the government agencies involved for their continued cooperation. We thank our leader, Eran Reshef, for continued strategies of DoS attack operations. Also, US-based Rembrandt Ventures & Skybox Security for their extensive funding & continued support. And a very special thanks to Douglas Schrier who has helped our botnet come to life. If you haven't signed up with the registry and installed a blue frog yet, please sign up now. If your friends have not yet joined us, we will convince them to do so. Let's stop filtering spam and start eliminating spammers. Together, we will reclaim the Internet, One ddos at a time. Please Contact Us for any questions on signup via the following info: 2077 Gateway Place, Suite 550 San Jose, California 95110 USA Phone: 866-6SKYBOX Phone: 408 441 8060 Fax: 408 441 8068 Israel HQ: 60 Medinat Hayehudim St. P.O.Box 4109 Herzliya Pituach 46140 Israel Phone: +972-9-9545922 Current and potential investor relations: Rembrandt Venture Partners 2200 Sand Hill Road, Suite 160 Menlo Park, CA 94025 T: 650.326.7070 F: 650.326.3780 ----- Fight back spam! Join our Botnet today. Download our .EXE here: http://www.bluesecurity.com/blue-frog/
==Spammer continued attack included extortion and forgery== On May 6 2006 the spam attack took a new direction. Blue Security members received an email purporting to be from Blue Security by its signature, but containing extortionate threats from the spam attackers. The content is included here. The zip file referenced was not actually successfully attached.
Dear Blue Frog Member, As a follow-up to our previous emails, and, as promised, we are stepping up in the fight against Blue Security. The Blue Frog member email database has been compromised, and is currently being distributed worldwide to spammers and to the public. Attached to this email, you will find a zip file of the Blue Frog database, which includes your own personal or business email address(es). If you have not uninstalled Blue Frog yet, we highly suggest you do so now in order to avoid your involvement in this war any further. Leaving your email address on the Blue Frog list is a risky choice, as we will uphold our promise not only to increase your spam by 20 times the amount you are receiving now, but to continue to make this list publically available as well. Also, as the Blue Frog member database is updated, we will find more creative ways in which to use it, and frequently release it to whomever we wish. Blue Security, Inc
==Spammers' next attack levelled at CEO Eran Reshef== On May 7 2006 the spam attack dealt an even lower blow. Blue Security members received an emailed News Release concerning Blue Security's CEO, linking him to his previous ventures. It highlighted his previous roles as co-founder and chairman of Skybox Security Solutions that offered services for simulating DDOS attacks. The implication in the e-mail is that with such a past history, the Blue Security venture, which is still in a beta test phase, should not have been susceptible to a DDOS attack.
Simulated DDoS Network Attacks and Network Intrusions Customer Challenge: Large corporations often hire consultants to conduct quarterly penetration (DDoS) testing on specific segments of their corporate network. This testing can cost over hundreds of thousands of dollars, and also exposes the network to many potential disruptions. These disruptions are the result of the intense DDoS attacks testers can impose on live networks in order to isolate vulnerabilities and weaknesses. Since the network is constantly changing, and DDoS attacks are rarely dispersed from a centralized location, the penetration test results often become nullified and end up being limited to a small portion of the total network. The Skybox Solution: Skybox Security performs accurate and non-intrusive DDoS attacks across a larger portion of the corporate network. The tests are modeled and analyzed through an automated process via our large botnet network rather than manually performed on a live network. As a result, the tests are repeated rigorously on a scheduled basis without any fear of network disruption. Through DDoS attack and access simulation, vulnerability exposures as well as security control weaknesses are revealed instantly. DDoS attack simulation discovers all possible attack scenarios and reveals the step by step process that an attacker or worm may follow. It illustrates specific vulnerabilities to be exploited and network access traversed for each exploitable path. Access simulation calculates network access privileges determined by firewall and routing configuration. Our botnet helps characterize the interconnectivity between any two given points, reporting not just whether access is possible, but also the detailed path to reach a final destination. Based on these combined results, security personnel are able to determine what additional DDoS attacks are necessary and where to deploy our organizations penetration testers. Awards: Info Security - Info Security Hot Companies 2006 The Wall Street Journal - One of the most innovative companies in 2005 Information Security Magazine - Product of the year Network Magazine - Most Visionary Security Product Network Magazine - Best of the Best in all categories Secure Enterprise Magazine - Editor's Choice Gartner - " Cool Vendor " in the security & privacy space SC Magazine Awards 2006 Winner - The Best Security Solution for Financial Services IM2005 Award finalist - Information Security and Product of the Year Company Profile: Eran Reshef Founder, Chairman & CEO of Blue Security ( www.bluesecurity.com ) A serial entrepreneur, Eran is currently the founder, chairman & CEO of Blue Security, the do-not-disturb registry pioneer. Prior to Blue, Eran co-founded Skybox Security and served as its Chairman. Prior to Skybox Eran founded and managed Sanctum (acquired by WatchFire), the leader in web application security. Eran holds a variety of security- related patents that are based on his inventions. Rina Shainski General Partner at Carmel Ventures ( www.carmelventures.com ) Following a successful career leading business development and R&D operations in high-growth software companies, Rina has been investing in software companies ever since. Before joining Carmel she served as the VP Business Development at Clal Industries and Investments where she was responsible for software investments. From 1989 to 1996, Rina held several managerial positions in Tecnomatix including VP Business Development and R&D Director. Rina serves on the boards of Followap Communications, Skybox Security, mFormation and Silicon Design Systems. Rina holds a B.Sc. degree in Physics from Tel Aviv University and a Master of Science degree in Computer Science from Weizmann Institute. Contact Information: 2077 Gateway Place, Suite 550 San Jose, California 95110 USA Phone: 866-6SKYBOX Phone: 408 441 8060 Fax: 408 441 8068 Regional Offices (Israel) 60 Medinat Hayehudim St. P.O.Box 4109 Herzliya Pituach 46140 Israel Phone: +972-9-9545922 Fax: +972-9-9545933
I got the message from the spammer when Blue Frog was shut down too, however this guy is just a pathetic loser that is on the losing side of this war. If he really had the email addresses of all members then why did this "message" arrive in only one of my emails registered with Blue Security and not the other two registered? This guy only sent this message to users who were on a specific email spam list. My spam has not increased and I still forward to Blue Security because spammers blow.
The spammers offer nothing positive and are just a tiny bit of all that is wrong with the world; like Hitler, Hussein and Ahmadinejad, they will all get what's coming to them and good will prevail over this evil!
When those spammers can shut down a great service like Blue Frog (NPOV note, I loved the service), perhaps we can word it to point out the fact that Blue Security wasn't doing anything illegal it was only the illegal actions of these criminal spammers that led to the shutdown -- Tawker 05:44, 17 May 2006 (UTC)
If the frog is dead, I say it should rise again. Make the blue frog software Peer-To-Peer. Call it the Gray frog! The undead frog. The frog who can no longer be killed! Feel free to use this slogan and/or brand idea, this was my idea and I give it to the open source community freely! User:Bretthavener 12:00 ,16 August 2006
Now that things have settled down a bit, we should probably start cleaning up this article.
I've just put a Template:POV-section tag on the "Controversy" section. I've just put a lot of Template:fact tags in as well. Also, I think the first paragraph under "Attackers identified" is out of date: while Eran Reshef did identify the attacker as PharmaMaster earlier, recent reports seem to point to different culprits.
It's important to remember that lots of misinformation has been spread about Blue Frog, especially the false claim that they DDoS'd or DoS'd spammers. Apparently an article in Information Week is responsible for a lot of this.
We should also remember that lots of spammers have the know-how to edit Wikipedia ...
On a specific matter: does anyone have a URL for a press release by sixapart about the attack? All I found was http://www.sixapart.com/typepad/news/2006/05/typepad_update_1.html, which is rather terse.
Also, I've added URLs for two items by Brian Krebs, both of which I recommend.
—CWC(talk) 17:57, 19 May 2006 (UTC)
Regarding part of the article that recommends Blue Frog should be removed, it sounds like the spammers posting rubbish to try and stop Blue Frog. Is there a proper source with this info?
FredTheDeadHead 21:52, 20 May 2006 (UTC)
I'm glad that there is an open source initiative to help curtail this spam. I'm all for any BlueSecurity 'way of thinking' initiative. It's awesome that since a spammer pretty much closed down BlueSecurity that a group of people are creating a P2P based solution. With an open source P2P anti spam agent, hopefully.... hopefully. Celardore 23:30, 25 May 2006 (UTC)
It says that Blue Frog was closed source, yet the source is/was on SourceForge. Is there an explanation or is the article wrong? Masterdriverz 08:19, 29 May 2006 (UTC)
I downloaded the source here: http://sourceforge.net/projects/bluefrog Now it's gone. Maybe there is a sourceforge mirror somewhere that doesn't update quickly.
I found the link here: http://digg.com/security/Blue_Security_Throws_In_The_Towel
Here's a couple of comments about Blue Frog made at slashdot by http://slashdot.org/~mybootorg. I found them informative, so I've copied them here (slightly edited) as background info. However, slashdot comments do not count as Wikipedia:reliable sources (quite the contrary!). Cheers, CWC(talk) 17:48, 30 May 2006 (UTC)
Before comparing to DDOS, or botnets, be informed
As time goes on and the fight against bots and spam gets more heated, Blue Frog will become more and more relevant. Just today, Wired featured a 4 page article on Blue Frog and the situation surrounding it.
User:Wrs1864 contribs is a spammer! He has methodically removed any links to sites that are promoting on the blue frog concept. He has removed http://www.spamdspammer.com and http://www.dosdragon.com. People need to know the idea is NOT dead. —Preceding unsigned comment added by 64.8.28.2 (talk • contribs) 21:45, 8 November 2006
User:Wrs1864 YOU ARE A vandal! GET LOST WE DON'T WaNT YOU HERE!
http://www.Dosdragon.com has an article on bluesecurity. Wrs1864 has never visited the site, because it blocks the IP of known spammers like him!
Hello fellow Wikipedians,
I have just modified 5 external links on Blue Frog. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
((dead link))
tag to http://castlecops.com/t154098-Summary_of_the_BlueFrog.htmlWhen you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template ((source check))
(last update: 18 January 2022).
Cheers.—InternetArchiveBot (Report bug) 04:48, 22 July 2017 (UTC)