Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    How much do botnets re-use their IPs?

    • 7 Comments
    One of the assumptions that I have long held about botnets is that they grab a compromised computer, spam it like crazy and then abandon it once it lands on an RBL.  Eventually, this RBL delists it due to dormant activity, and later on the botnet...
  • Terry Zink: Security Talk

    How much do spammers actually make?

    • 7 Comments
    Spammer X is an ex-spammer who has written book called "Inside the Spam Cartel: Trade Secrets from the Dark Side."  He's a former spammer who retired in 2004 who has shared many of his tricks of the trade. He presented at the Spam Symposium...
  • Terry Zink: Security Talk

    Some patterns for spam in my inboxes

    • 7 Comments
    I am lately seeing some odd patterns for spam in my various inboxes. In my Frontbridge account, I regularly see spam from Gmail and never Hotmail. In my Gmail account, I regularly see spam from Gmail but rarely anything else. In my Yahoo account, I regularly...
  • Terry Zink: Security Talk

    Recovering a hacked Hotmail account

    • 7 Comments
    From time to time, I get asked about what to do if your Hotmail account credentials are stolen and is being used to send out spam.  Here is a paraphrased response that someone from the Windows Live Safety team said on an internal thread, but it applies...
  • Terry Zink: Security Talk

    What happens on Facebook stays on Facebook

    • 7 Comments
    I have read some blog posts by other writers about the "questionable" email practises of tagged.com (wherein they login to your email address book and spams everyone in it, encouraging them to sign up for their own page).  I agree with the other writers...
  • Terry Zink: Security Talk

    Yahoo's CAPTCHA security reportedly broken

    • 7 Comments
    I read about a week ago that Yahoo's CAPTCHA security has reportedly been broken, and those of us with email accounts should be expecting an upsurge in spam from Yahoo.  To summarize the issue, before you sign up for a Yahoo account, they make you...
  • Terry Zink: Security Talk

    Using DMARC in Office 365

    • 7 Comments
    Exchange Online Protection (EOP), also known as Office 365, will soon be supporting DMARC for authenticating email which is a feature designed to combat phishing and spoofing of email. If you’re unfamiliar with DMARC, here are a few links that explain...
  • Terry Zink: Security Talk

    Was a CAPTCHA broken?

    • 7 Comments
    A couple of weeks ago, I blogged that some outfit in Russia claimed to have broken Yahoo's CAPTCHA for creation of new email accounts.  Someone posted a reply in the comments with a link to an article that this was unlikely.  Yet, in the past...
  • Terry Zink: Security Talk

    The problem of backscatter, part 18 - Wrapping it up

    • 6 Comments
    Backscatter spam is annoying.  It's tough to filter because the contents of it can fool content filters and can also fool end users. Indeed, if your content filter could recognize an NDR and ignore the parts that typically occur in NDRs, you could...
  • Terry Zink: Security Talk

    The problem of backscatter, part 3 - Legitimate bounces

    • 6 Comments
    When a mail server accepts a message and later decides that it can't deliver the message, it is required to send back a bounce email to the sender of the original message. There are a few kinds of bounce notifications that a mail server can send: Recipient...
  • Terry Zink: Security Talk

    Why does all popular software become bloated?

    • 6 Comments
    Over the weekend, I read an articled entitled Superior Alternatives to Crappy Windows Software .  This is not to suggest that Windows is crappy, but that there are applications that run on Windows that are lousy.  There are a lot of points that...
  • Terry Zink: Security Talk

    Why change the FP metrics?

    • 6 Comments
    In the comments in my other post on the other side of accurate metrics, a fellow blogger writes the following: In my experience every vendor who quotes a FP figure bases it on the total number of inbound messages (including those that get 5xx-rejected...
  • Terry Zink: Security Talk

    Personal dilemma

    • 6 Comments
    My girlfriend works a later shift and often times, she and her co-workers bring in food or order it in.  Potlucks, or Thai food, that sort of thing.  Well, today, they had spam and eggs. You read that right – not ham and eggs but spam and eggs...
  • Terry Zink: Security Talk

    Save the inbox, save the world

    • 6 Comments
    One of the differences that webmail services like Hotmail has is the ability that it does not deliver mail to the end-client, users have to login to their accounts and view their mail on the web (unless, of course, they POP their mail). Exchange Hosted...
  • Terry Zink: Security Talk

    Review Part 2: Spam Kings

    • 6 Comments
    I'd like to continue on in my review of the book Spam Kings and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools.  I was never a participant...
  • Terry Zink: Security Talk

    Security risks at a big box retailer

    • 6 Comments
    Even though things like phishing and spoofing and hacking are what we normally think of when we consider electronic security risks, sometimes the simple things are what cause the biggest problems. I was recently in a big box retailer picking up some stuff...
  • Terry Zink: Security Talk

    Sender Authentication part 1: The basics of sending email

    • 6 Comments
    This is my first post in my series on email authentication. In order to understand how to authenticate the sender of an email, we need to understand how email works. I remember back in my 4th year of university when we learned how to send "fake" email...
  • Terry Zink: Security Talk

    New spam rules of engagement finally starting to sink in

    • 6 Comments
    Having been a spam fighter for over two years, and having watched spam evolve very quickly over the previous six months, it is now sinking in to me that the methodology in which we used to use to fight spam is no longer valid. Whereas before we had a...
  • Terry Zink: Security Talk

    Spam filters and foreign spam, part 3 - ASCII

    • 6 Comments
    If everyone spoke English, and spammers only sent spam from bots, spam filtering would have a relatively simple task (relatively speaking, of course). But, that simply isn't reality. The biggest shift in spamming over the past 18 months or so is the use...
  • Terry Zink: Security Talk

    Sender authentication part 7: Shortcomings of SPF

    • 6 Comments
    SPF is a method of authenticating the envelope sender's domain with the IP that transmitted the message to the receiving mail server.  It is quite useful for preventing spoofing but it has its shortcomings: 1. SPF adoption has been slow. As I alluded...
  • Terry Zink: Security Talk

    Sender authentication part 19: How spammers evade SPF

    • 6 Comments
    How would a spammer get around SPF? One way is the method used by Spammer-X in his book Inside the Spam Cartel . Spammer-X is a retired spammer (so he says) and goes into a lot of the details in his book. I'll give a review when I'm done this series on...
  • Terry Zink: Security Talk

    Stopping bots from abusing webmail

    • 6 Comments
    One of the problems of bots is that they sign up for free webmail accounts (like Hotmail, Yahoo or Gmail) and then use them to send out spam.  These services will throttle their outbound mail, that is, cut off the sender if they exceed a certain...
  • Terry Zink: Security Talk

    The advantages of being a PM

    • 6 Comments
    Here at Microsoft, we quite regularly see people rotating in and out of various divisions.  A new person will join and another person will leave.  Recently we had another anti-spam manager join the group.  Since I've been in the antispam...
  • Terry Zink: Security Talk

    Gmail disappointing me... a lot like Walmart

    • 6 Comments
    In the past week or so, I have been getting quite a bit of spam in my Gmail account. It's not image spam, it's stock spam. I blogged a few months ago that Gmail was allowing lots of spam through (no pun intended) but that may have been because an email...
  • Terry Zink: Security Talk

    Interview with Yahoo spam chief

    • 6 Comments
    A few days ago, Yahoo antispam chief Mark Risher hosted a Q&A session with various users and answered their questions, both pre-submitted and live questions.  I thought I'd chime in and take some selected quotes from the session and add my own...
Page 3 of 47 (1,160 items) 12345»