Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] why o why did NASA do this.
From: Barry Fitzgerald (bkfsecsdf.lonestar.org)
Date: Mon Oct 18 2004 - 09:02:21 CDT
Harry de Grote wrote:
>i have to admit... it's pretty old and useless, but i think this may be a nice
>place for spammers to try out some new adresses...
This is *NOT* the major issue that everyone is blowing it out to be.
Lists like this are available on many organization/company websites.
This mailing list itself is a vast treasure-trove of data for spammers.
In fact, it's a far more lucrative one because the users span multiple
active e-mail domains.
Even with this abundance of e-mail accounts, spammers STILL use botnets
and the like to send out spam to random e-mails. Spammers don't need a
list of verified e-mails to spam people, not the way that they do things.
Not to mention that people listed in this file aren't an amazing target
for spam. Do you think someone thinking "Hmmm... where can I find
stupid people who will respond to my random scam e-mail?" is going to
respond with "I know! Nasa!" I mean, seriously, they're going to spend
their time spamming AOL, not Nasa. Even with that, I'm sure that they
do it...and they don't even need this list to do it.
Come on people, rather than being scared of the monster in the closet,
can we apply a logic filter to things like this?
p.s. Spam is a nuisance that occassionally includes exploits to achieve
a further goal. Sending spam may include the act of compromising
systems, but recieving (and subsequently deleting) spam does not
constitute a security issue. Random people can e-mail you. Random
people have always been able to e-mail you. If this scares you, go on
Paxil and get over you Generalized Anxiety Disorder condition. The
only instance where I can see the reciept of spam as a security issue is
if it's DoS'ing your network, and that is a different issue altogether.
Full-Disclosure - We believe in it.