Monthly Archives: May 2009

Seeing more spammers on Twitter lately?

Blog, , , , , ,

It was inevitable. As Twitter has grown and started pushing into the mainstream, spammers have started ramping up abuse. At first glance, Twitter isn’t the most obvious target – you actually have to follow someone to get content from them, users don’t generally search it for high-cpc stuff like meds and lawyers, and how much spam can you really get into 140 character messages?

But I’m seeing more invites from users like the one below:

Seeing a lot more spammers on Twitter lately...

First: What is Twitterspam? How do I know this is a spammer?

When it comes to spam, most people “know it when they see it,” but it’s helpful to look at the specific signals that this user might not be worth talking to. First off, they have 180 followers and yet haven’t posted a single update. The photo is a dead giveaway. The bio is actually pretty well-done, it’s in English and it’s not outlandish, but the homepage link (http://my-pictures.no.tp/tlow/) – she’s in Portuguese Timor?

Second: Why spam Twitter?

Spammers have two reasons to abuse Twitter: monetary payoff, and because it works.

How can they make money by tweeting a bunch of random people? Well in this case they aren’t, at least not yet. The payoff has to be through the homepage link, which I’m not following and you shouldn’t either. You get a friend invite on a system that, so far, has been a medium of immediate, short, personal communication. Your trust barriers thus weakened, you at least want to see who it is. They don’t have any updates yet, so you click the homepage link and… Virus. Or a maze of PPC affiliate pages and redirections.

Above I said spammers are hitting Twitter because it’s working. How do I know? Look at the number of followers, and the ratio of people followed to followers. About 22 percent of the people spammed so far have responded. I don’t know how many click through to the home page link, but if half the people bother to go that far they’ve got an amazing success rate for spam.

I wish Twitter luck. I know a few people over there, they’ve got their work cut out for them. This sort of thing isn’t easy to fight, it’s an ongoing process. They’ve already taken some visible steps, like using rel=”nofollow” on the Bio link, which at least keeps away blackhat SEOs looking for sources of pagerank. They’ll probably have to do more, most of it on the backend where you and I will never be the wiser. Happy spamfighting!

How spam and malware botnets work – two papers

Blog, , , , , ,

I read two reports today about large-scale botnets that really pointed out that security is still an open problem on the web. Recently, researchers got access to a nasty botnet, Torpig (original paper: Your Botnet is My Botnet: Analysis of a Botnet Takeover). A few months earlier researchers hijacked the Storm Worm and looked at its profitability (original paper: Spamalytics: An Empirical Analysis of Spam Marketing Conversion). Both papers are fascinating, but terrifying reads.

Some findings:

  • In 10 days, a botnet running on 160,000 machines stole credentials for over 8,000 bank accounts.
  • About 1 in 10 people who open a spam email click through to get infected by the malware.
  • 350 million spam emails resulted in only 28 sales, but the average purchase was $100.

How do these botnets get control of machines? How do they make money? Whether it’s a spammer who needs to get someone to make a purchase on a website or a scammer stealing credit card numbers, passwords, and other information, ultimately you need to get someone to a bad website. Think about all the paths you might take to different sites during the day:

  • Via a web search
  • Clicking on a link in an email
  • Going directly to a favorite site
  • Clicking through an ad

Spammers and scammers try to take advantage of all of those methods, and given the huge volumes of machines at their disposal, it’s a wonder search engines, spam filters, and advertising systems protect users as well as they do now. Between the first and third bullet point above, there’s a huge motivation to hack otherwise good sites to inject drive-by download malware – it can happen to anyone.

So what can we do about it? I think it ultimately comes down to a combination of smarter automated methods, better ways to establish trustworthiness, and removing the economic incentives for spamming, identity theft, and hacking. I have a few posts in mind about some current tools that help with the trust issue and how we might be able to build a social web of trust.

This isn’t a new discussion, Tim Berners-Lee has been writing about the web of trust since the 1990s. But all the work done since then has yet to really solve these problems. And really, so long as a few people are willing to click on a malware link or buy drugs via a spam email, it will never stop.

LED Bulbs vs. Compact Fluorescent: Part II

Blog, Projects, , , , , , ,

DSC_0662 I wanted to revisit an earlier post comparing LEDs, CFLs and traditional incandescent bulbs. I found two different values for the power and light output of the Lemnis Lighting Parox II bulbs, and same folks at work were wondering the same thing.

I decided to bust out my trusty Kill-A-Watt and see how much power the bulb was really drawing.

I watched the meter for a bit and it never went above 4 Watts. So that’s a bit of a bonus. Out of curiosity I decided to plug my CFLs in and see how much power they actually drew.

The 15W CFL spiked to 18W for a second but then settled in at 12W. After a while it climbed up to 13W and would have presumably stayed there. The 7W CFL globe settled at 5W. The incandescent was the odd one of the bunch, measuring 63 W instead of 60W. So when you replace those old lightbulbs, you may be saving a little more than you think.

Here’s the updated spreadsheet:

Again, the total lumen output might not be directly comparable because the LED bulbs really only emit light from a half globe, while the other bulbs cast light in almost all directions. Depending on the fixture this might make the LED seem brighter in comparison.