Talk:Blue Frog

This article was nominated for deletion on October 29, 2006. The result of the discussion was keep.

This article was nominated for deletion on 17 February 2006. The result of the discussion was keep.

This article has not yet been rated on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Software: Computing This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware articles ??? This article has not yet received a rating on the project's importance scale. This article is supported by WikiProject Computing.

Punkmorten 15:08, 23 February 2006 (UTC)[reply]

If you have received threatening E-Mails from Blue Security, or about Blue Security, please see the following websites:

• http://www.bluesecurity.com/
• http://isc.sans.org/diary.php?storyid=1304&rss

Thank you. --Skoorb 13:40, 3 May 2006 (UTC)[reply]

I just got a email from some "PIMENTEL Winnie <rhodes@crookedsmile.com>" saying this:

"You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/

Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.

BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.

BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.

They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?

1. Using your computer to send spam ? 2. Using your computer to attack competitor websites? 3. Phishing through your files for your identity and banking information?

If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning..."

Not sure what to do with it, but here it is if anyone's interested. FredTheDeadHead 21:15, 1 May 2006 (UTC)[reply]

i've received one too. mine is of the threatening type. http://evilloop.com/ceremonial.homicidal.png Zenzizi 01:05, 2 May 2006 (UTC)[reply]

The response from the strictly ethical Blue Security is found at http://community.bluesecurity.com/webx?14@112.Cd7NaRswkcI.248@.3c3e88bc!discloc=.3c528f04

The ethics are well covered at http://www.bluesecurity.com/news/experts_say.asp

The media profiles on Blue Security provide further useful information, at http://www.bluesecurity.com/news/in_the_news.asp

May 2006 - In an emerging battle between Blue Security and a subsection of the spamming community, there is a logical test of which party is legitimate -

On one side you have a group who have clearly revealed their executive group, source of funding, code of ethics, and even provide the full source code of their software. On the other side you have an anonymous group whose actions speak for themselves, as demonstrated by the above spam.

Great. We are getting to the spammers when they send out such tosh. Good on you, frog. Kittybrewster 21:26, 1 May 2006 (UTC)[reply]

I got the same crap email. I must say that it's a great encouragement. I was previously skeptical of whether Blue Frog could make much headway against a sea of spammers, but since they are now trying to discredit it it must really be working. Someone should update the article with these new developments immediately (in fact, I think I'll throw something together myself in the meantime). Garrett^Talk 01:20, 2 May 2006 (UTC)[reply]

There, done. I've also added the email I got, which actually looks much more believable than the laughable one Zenzizi posted above. For me at least the arrival of this coincided with a crapload more spam (usually only one or two a day miss Gmail's filters, today about ten did). I'm wondering if they deliberately turned up the volume of spam to reinforce that Blue Frog is screwing you over... hmm... Garrett^Talk 01:54, 2 May 2006 (UTC)[reply]

I don't doubt it. I have received a ton of stuff which is anti Frog. I prefer that to the fake University degrees - it advertises froggy. Kittybrewster 09:21, 2 May 2006 (UTC)[reply]

The Blue Frog seems to be suffering a DDOS attack currently. Their site is unavailable and the spam plugin is failing to report spam -- Chris Q 09:09, 4 May 2006 (UTC)[reply]

Blue Security switched to a BLOG and TypePad and LiveJournal got collateral damage.

At this moment BlueSecurity.com's domains are mapped to "localhost" (127.0.0.1). Zenzizi 14:57, 4 May 2006 (UTC)[reply]

Slashdot just added a new article about it with a better story link. Zenzizi 15:12, 4 May 2006 (UTC)[reply]

More info linked from BlueSecurity.com who is back up apparently. Zenzizi 15:15, 5 May 2006 (UTC)[reply]

I think all of the DoS stuff should be boild down to only a sentence or two. This is supposed to be an encyclopedia, not a news outlet nor an ad medium. Compare the sizes of the entries for bluefrog with spamcop. Spamcop has had many more DoS attacks over the years, and many more lawsuits, and yet spamcop's entry is quite short and to the point. It also doesn't read like an ad. Wrs1864 13:47, 8 May 2006 (UTC)[reply]

That supposed "false" email sent out to users of Blue Frog contains a lot of true information.

Blue Security does perform DdoS attacks. Blue Security is a company in Isreal.

Add to that we recently uninstalled Blue Frog from our computer and since then our Bulk folder has been flooded with spam. It seems that Blue Security themselves are now spamming our email. We never even got this much spam back before we used Blue Frog. And now that we've uninstalled the program the spam has increased to a ridiculous amount.

Here are some links to articles about Blue Security, their DdoS attacks, and their location being Isreal:

http://securitypronews.com/news/securitynews/spn-45-20050722SpamWarsBlueSecurityStrikesBack.html http://www.pcworld.com/news/article/0,aid,121841,00.asp - C&R 05:31, 6 May 2006 (UTC)[reply]

Blue Security is in Isreal, my grandparents live in isreal, there is nothing wrong with being from Isreal.

And they don't to DDoS attacks, arguably they send spam with huge safeguards to enusre that only spammers recieve it and only less messages then they sent out to Blue Frog. Its proportionate, its not perfect but it works.

---

Good lord. Who said that there was anything wrong with being from Isreal? That's not the point. It's the fact that while Blue Security speaks of being in California they never make any mention of being in Isreal. The company is not being completely honest. And yes they do DdoS attacks. The article that I linked to above talks about how they perform DdoS attacks. - C&R 09:15, 7 May 2006 (UTC)[reply]

I don't see anything in those articles about Blue Security doing DDOS attacks. They do send masses of email to spammers (but at most one per outgoing spam email); they do not sent zillions of IP packets to spammer's hosts, nor do they use zombie computers for a distributed attack. (By the way, that pcworld URL does not open in Firefox, only in Internet Explorer.)

Incidentally, you can indent text by putting one or more colons (":") at the start of a line, as I have done here. Cheers, CWC(talk) 15:08, 7 May 2006 (UTC)[reply]

They don't do DDoS attacks. Blue Frog sens 1 complaint e-mail per 1 SPAM forwarded. How is that a DDoS? MyrddinEmrys 00:18, 8 May 2006 (UTC)[reply]

Consider you having transit network sending all those 1-to-1 e-mails back and forth - a real DDoS for the ISP routers. Also, if lots of users of single company are convinced in BlueFrog - it double waste of the corporate bandwidth.

[You have no chance to survive make your time. For great justice.] But seriously, eventually your bandwidth _will_ go down to lower than the pre-bluesecurity days, because over time overall there will be less spam. Family Guy Guy 14:44, 12 May 2006 (UTC)[reply]

I think I have found a place to put my IMHO. =) Sorry for being stupid enough to add it to the article itself for the first time and thanks Savidan for quickly pointing this out.

So, IMHO two points present: 1. BlueFrog is the Bad Thing. (cut-and-paste from talk with Savidan)

I'm a system administrator and of course I'm also bothered with the spam problem. But the Blue Frog solution to that problem really freaks me out. What they do is using same botnet technologies as spammers supposingly do, with only difference that their bot (client) is installed by user admission. But even if building botnet such way is legal, using it for any purpose is illegal. While BlueFrog is attacking supposed spammers, many intermediate hosts and routers are affected, lots of businesses and individuals expierence technical problems with low or neglected chance to detect the real cause. Using DDoS to stop single spammer site is like throwing a nuke to the city with single terrorist and million innocent people.

2. All the buzz with attacks to Blue Frog is a self-PR of BlueSecurity and must be investigated.

First point: Too much buzz over it, too many data sources, all against all, but the net effect is the raise of BlueFrog community. IMHO, that was predictable and clearly states the stakeholders. I consider BlueSecurity has enough power bots to launch DDoS to itself, just as it did to spammers, and until now nothing voted against it.

Next point: just try to google PharmaMaster and you find it is mentioned only in context with BlueSecurity's initiated report. That's a serious consideration that it is faked up. At least no clues against it - whoever can track supposed ICQ talk?

Next point: one of the "spammer strikes" was with BlueSecurity whois information. One can see prolexic anti-DDoS protection within it. Prolexic is a costly service and usually hooked up on-accident - e.g. one must be prepared to be attacked first.

After all, Prolexic is known to effectively stop minor to major DDoS within minutes. And instead of it we have company officals stating that several hours or may be days their site was out of net and they even had to (and that is the most abusive point) to switch their site DNS to the blog in suppose DDoSer will stop and finally change to 127.0.0.1 blah-blah-blah. That's hardly to believe - when the site is protected with Prolexic no such DNS dance ever need to happen - because all DNS entries are initially set to Prolexic "filter tube".

So these are my points and if there are Wikiusers out there which are not BlueSecurity's employees I'm sure they would found at least some of the points useful to consider.

Blue Frog signed up with Prolexic after the attack. And Spammers are known to use fake IDs so PharmaMaster could have made his one up just for Blue Security

this is getting totall y insane. i've received yet another email formulation from the spammer and their logic just totally escapes me. i'd go on and analyse their claims and failed affirmations but it's just really ridiculous. i mean it's even getting quite entertaining to see PharmaMaster struggle with their repeated threats. http://evilloop.com/blue.security.3.png - Zenzizi 14:02, 8 May 2006 (UTC)[reply]

The "Spammers' next attack levelled at CEO Eran Reshef" section as currently worded makes no sense. The spam that it quotes is being sent to lots of people (not just BlueFrog users or BlueSecurity customers; I am neither and have probably seen fifty copies by now), and is just a straight ordinary joe job: spam that appears to be sent by the victim, for the purposes of getting the spam recipients mad at the victim.

So the sentence "The implication in the e-mail is that with such a past history, the Blue Security venture, which is still in a beta test phase, should not have been susceptible to a DDOS attack" is beside the point. The quoted spam doesn't mention any DDOS attack on Blue Security at all; it will seem to the vast majority of readers to be just ordinary spam sent by Skybox Security / Carmel Ventures / Blue Security. If in fact this spam is a joe job and not actually sent by who it claims to be sent by, the paragraph in this section should just note that the quoted spam (is it an actual recent or old press release, or just something the spammers made up?) was sent out by the spammers in the name of Skybox Security etc in order to damage their reputation (by making them appear to be spammers themselves).

(Or if this article is shortened as much as it probably ought to be, that whole section should be removed. Although myself I'm glad it was there, because it at least explained where all these particular bits of spam are coming from...) --Orbst 19:23, 10 May 2006 (UTC)[reply]

This article is in need of serious work. It needs a near complete rewrite to get rid of non-neutral tone problems, it contains many statements which cannot be verified by any neutral media source, and it contains large "primary source" quotations which have no purpose here. savidan^{(talk) (e@)} 22:59, 11 May 2006 (UTC)[reply]

I received these emails as a blue frog user (unconnected to the company) I believe they should be reinstated if a number of other independent users received them. Please vote on reinstatement with

*'''Reinstate''' - <optional sentence> ~~~~

or

*'''Do not Reinstate''' - <optional sentence> ~~~~

Note that this has been reported on slashdot, etc. and we could quote the blue frog site. -- Chris Q 07:17, 12 May 2006 (UTC)[reply]

On May 2 the anti-Blue Security attack entered stage 3. The spammers performed a "Joe Job" attack designed to

• discredit Blue Security with misrepresentation,
• annoy those people who have a history of complaining about spam,
• flood Blue Security members with delivery failures.

	Below is a sample of the Joe Job attack. Spammers sent these to people on their lists who were known to be the most strident spam complainers. The From address was forged as 	 
	"Blue Security Member" <user address> where user address was taken from their Blue Security address list. 	 
	

 	 

 	 
 	Subject: Bringing spammers to Their Knees 	 
 		 
 	Bluesecurity.com hopes you'll join thousands of others in an army capable 	 
 	of crippling spammers' Web sites. 	 
 		 
 	A few thousand spammers have ruined our internet. They've clogged our 	 
 	mailboxes with filth. Already, 90% of email traffic is made up of 	 
 	spam. Let us no longer blind ourselves to the irrefutable facts: 	 
 	current measures have failed to stop spammers. The experience of the 	 
 	past several years has proven that passive measures are just not the 	 
 	answer. 	 
 		 
 	Retribution is the only real answer to spam. We must punish spammers 	 
 	ourselves to prevent them from taking over cyberspace. We must reclaim 	 
 	our territory. We need direct action to eliminate spammers for good. 	 
 		 
 	The magnitude of the task which lies before us is great. We are fighting 	 
 	for the future of the Internet. What we need to do now is get as many 	 
 	users as possible into our community. We already have a botnet with 	 
 	hundreds of thousands of computers working together to induce commercial 	 
 	loss on spammers and their ISPs. We have launched numerous 	 
 	Denial-of-Service Attacks on Chinese spam networks with great success, 	 
 	and plan many more! 	 
 		 
 	We have excellent financiers who allow us continued success with our botnet 	 
 	growth and Denial-of-Service Attacks. We thank the government agencies 	 
 	involved for their continued cooperation. We thank our leader, Eran Reshef, 	 
 	for continued strategies of DoS attack operations. Also, US-based Rembrandt 	 
 		 
 	Ventures & Skybox Security for their extensive funding & continued support. 	 
 	And a very special thanks to Douglas Schrier who has helped our botnet come to 	 
 	life. 	 
 		 
 	If you haven't signed up with the registry and installed a blue frog yet, 	 
 	please sign up now. 	 
 	If your friends have not yet joined us, we will convince them to do so. 	 
 		 
 	Let's stop filtering spam and start eliminating spammers. 	 
 	Together, we will reclaim the Internet, One ddos at a time. 	 
 		 
 	Please Contact Us for any questions on signup via the following info: 	 
 		 
 	2077 Gateway Place, Suite 550 	 
 	San Jose, California 95110 USA 	 
 	Phone: 866-6SKYBOX 	 
 	Phone: 408 441 8060 	 
 	Fax: 408 441 8068 	 
 		 
 	Israel HQ: 	 
 	60 Medinat Hayehudim St. 	 
 	P.O.Box 4109 	 
 	Herzliya Pituach 46140 Israel 	 
 	Phone: +972-9-9545922 	 
 		 
 	Current and potential investor relations: 	 
 	Rembrandt Venture Partners 	 
 	2200 Sand Hill Road, Suite 160 	 
 	Menlo Park, CA 94025 	 
 		 
 	T: 650.326.7070 	 
 	F: 650.326.3780 	 
 		 
 	----- 	 
 	Fight back spam! Join our Botnet today. 	 
 	Download our .EXE here: http://www.bluesecurity.com/blue-frog/

	==Spammer continued attack included extortion and forgery== 	 
	On May 6 2006 the spam attack took a new direction. Blue Security members received an email purporting to be from Blue Security by its signature, but containing extortionate threats from the spam attackers. The content is included here. The zip file referenced was not actually successfully attached. 	 

 	 
 		 
 	Dear Blue Frog Member, 	 
 		 
 	As a follow-up to our previous emails, and, as promised, we are stepping up in the fight 	 
 	against Blue Security. 	 
 		 
 	The Blue Frog member email database has been compromised, and is currently being distributed 	 
 	worldwide to spammers and to the public. Attached to this email, you will find a zip file 	 
 	of the Blue Frog database, which includes your own personal or business email address(es). 	 
 	If you have not uninstalled Blue Frog yet, we highly suggest you do so now in order to avoid 	 
 	your involvement in this war any further. 	 
 		 
 	Leaving your email address on the Blue Frog list is a risky choice, as we will uphold our 	 
 	promise not only to increase your spam by 20 times the amount you are receiving now, but 	 
 	to continue to make this list publically available as well. Also, as the Blue Frog member 	 
 	database is updated, we will find more creative ways in which to use it, and frequently 	 
 	release it to whomever we wish. 	 
 		 
 	Blue Security, Inc 

	==Spammers' next attack levelled at CEO Eran Reshef== 	 
	On May 7 2006 the spam attack dealt an even lower blow. Blue Security members received an emailed News Release concerning Blue Security's CEO, linking him to his previous ventures. It highlighted his previous roles as co-founder and chairman of Skybox Security Solutions that offered services for simulating DDOS attacks. The implication in the e-mail is that with such a past history, the Blue Security venture, which is still in a beta test phase, should not have been susceptible to a DDOS attack. 	 

 	 
 	Simulated DDoS Network Attacks and Network Intrusions 	 
 	Customer Challenge: 	 
 	Large corporations often hire consultants to conduct quarterly penetration (DDoS) 	 
 	testing on specific segments of their corporate network. This testing can cost over 	 
 	hundreds of thousands of dollars, and also exposes the network to many potential 	 
 	disruptions. These disruptions are the result of the intense DDoS attacks testers 	 
 	can impose on live networks in order to isolate vulnerabilities and weaknesses. 	 
 	Since the network is constantly changing, and DDoS attacks are rarely dispersed 	 
 	from a centralized location, the penetration test results often become nullified and 	 
 	end up being limited to a small portion of the total network. 	 
 	The Skybox Solution: 	 
 	Skybox Security performs accurate and non-intrusive DDoS attacks across a larger 	 
 	portion of the corporate network. The tests are modeled and analyzed through an 	 
 	automated process via our large botnet network rather than manually performed on a 	 
 	live network. As a result, the tests are repeated rigorously on a scheduled basis 	 
 	without any fear of network disruption. Through DDoS attack and access simulation, 	 
 	vulnerability exposures as well as security control weaknesses are revealed instantly. 	 
 	DDoS attack simulation discovers all possible attack scenarios and reveals the step 	 
 	by step process that an attacker or worm may follow. It illustrates specific vulnerabilities 	 
 	to be exploited and network access traversed for each exploitable path. Access simulation 	 
 	calculates network access privileges determined by firewall and routing configuration. 	 
 	Our botnet helps characterize the interconnectivity between any two given points, reporting 	 
 	not just whether access is possible, but also the detailed path to reach a final destination. 	 
 	Based on these combined results, security personnel are able to determine what additional 	 
 	DDoS attacks are necessary and where to deploy our organizations penetration testers. 	 
 	Awards: 	 
 	Info Security - Info Security Hot Companies 2006 	 
 	The Wall Street Journal - One of the most innovative companies in 2005 	 
 	Information Security Magazine - Product of the year 	 
 	Network Magazine - Most Visionary Security Product 	 
 	Network Magazine - Best of the Best in all categories 	 
 	Secure Enterprise Magazine - Editor's Choice 	 
 	Gartner - " Cool Vendor " in the security & privacy space 	 
 	SC Magazine Awards 2006 Winner - The Best Security Solution for Financial Services 	 
 	IM2005 Award finalist - Information Security and Product of the Year 	 
 		 
 	Company Profile: 	 
 	Eran Reshef 	 
 	Founder, Chairman & CEO of Blue Security ( www.bluesecurity.com ) 	 
 		 
 	A serial entrepreneur, Eran is currently the founder, chairman & CEO of Blue Security, 	 
 	the do-not-disturb registry pioneer. Prior to Blue, Eran co-founded Skybox Security and 	 
 	served as its Chairman. Prior to Skybox Eran founded and managed Sanctum (acquired 	 
 	by WatchFire), the leader in web application security. Eran holds a variety of security- 	 
 	related patents that are based on his inventions. 	 
 	Rina Shainski 	 
 	General Partner at Carmel Ventures ( www.carmelventures.com ) 	 
 		 
 	Following a successful career leading business development and R&D operations in 	 
 	high-growth software companies, Rina has been investing in software companies ever since. 	 
 	Before joining Carmel she served as the VP Business Development at Clal Industries and 	 
 	Investments where she was responsible for software investments. From 1989 to 1996, Rina 	 
 	held several managerial positions in Tecnomatix including VP Business Development and 	 
 	R&D Director. Rina serves on the boards of Followap Communications, Skybox Security, 	 
 	mFormation and Silicon Design Systems. Rina holds a B.Sc. degree in Physics from Tel 	 
 	Aviv University and a Master of Science degree in Computer Science from Weizmann Institute. 	 
 	Contact Information: 	 
 	2077 Gateway Place, Suite 550 	 
 	San Jose, California 95110 USA 	 
 	Phone: 866-6SKYBOX 	 
 	Phone: 408 441 8060 	 
 	Fax: 408 441 8068 	 
 	Regional Offices (Israel) 	 
 	60 Medinat Hayehudim St. 	 
 	P.O.Box 4109 	 
 	Herzliya Pituach 46140 Israel 	 
 	Phone: +972-9-9545922 	 
 	Fax: +972-9-9545933 	 
 	

I got the message from the spammer when Blue Frog was shut down too, however this guy is just a pathetic loser that is on the losing side of this war. If he really had the email addresses of all members then why did this "message" arrive in only one of my emails registered with Blue Security and not the other two registered? This guy only sent this message to users who were on a specific email spam list. My spam has not increased and I still forward to Blue Security because spammers blow.

The spammers offer nothing positive and are just a tiny bit of all that is wrong with the world; like Hitler, Hussein and Ahmadinejad, they will all get what's coming to them and good will prevail over this evil!

The day before the huge amounts of spam, I got that message to take myself off the list. I only got it in the first address I signed up with. It was only a day or so later that the other mailboxes got those messages. I'm guessing the database: [1] and [2] is ordered based on the date you signed up, and that's the order that the spammers used. Family Guy Guy 15:02, 12 May 2006 (UTC)[reply]

When those spammers can shut down a great service like Blue Frog (NPOV note, I loved the service), perhaps we can word it to point out the fact that Blue Security wasn't doing anything illegal it was only the illegal actions of these criminal spammers that led to the shutdown -- Tawker 05:44, 17 May 2006 (UTC)[reply]

Are we sure that the frog is really dead? There has been so much FUD from the spammers, this could be a rumour to get people to de-install the frog. -- Chris Q 09:15, 17 May 2006 (UTC)[reply]

Blue Frog hasn't been working for me since that time, in contrasting with its almost non-stop processing earlier this month. The news has made its way to the unofficial Google Group without being contradicted, so I'd say it's official. Since the software was open-source I'll be interested to see if a successor emerges... Garrett^Talk 12:03, 17 May 2006 (UTC)[reply]

Let me quote an interesting sentence from the Wired News item:

The lesson to be learned, Reshef said, is that large ISPs and governments need to recognize that spammers are connected to criminal syndicates and that they, not a small startup, are the only ones who can shut down these networks.

It seems to me that a successor would need backing from a government or a backbone connectivity provider to make themselves "un-DDOS-able". Let's hope someone picks up this ball and starts running with it. (Woops, that was POV.) CWC(talk) 14:40, 17 May 2006 (UTC)[reply]

If the frog is dead, I say it should rise again. Make the blue frog software Peer-To-Peer. Call it the Gray frog! The undead frog. The frog who can no longer be killed! Feel free to use this slogan and/or brand idea, this was my idea and I give it to the open source community freely! User:Bretthavener 12:00 ,16 August 2006

Not a new idea. It is called Okopipi - Kittybrewster 11:58, 17 August 2006 (UTC)[reply]

Now that things have settled down a bit, we should probably start cleaning up this article.

I've just put a Template:POV-section tag on the "Controversy" section. I've just put a lot of Template:fact tags in as well. Also, I think the first paragraph under "Attackers identified" is out of date: while Eran Reshef did identify the attacker as PharmaMaster earlier, recent reports seem to point to different culprits.

It's important to remember that lots of misinformation has been spread about Blue Frog, especially the false claim that they DDoS'd or DoS'd spammers. Apparently an article in Information Week is responsible for a lot of this.

We should also remember that lots of spammers have the know-how to edit Wikipedia ...

On a specific matter: does anyone have a URL for a press release by sixapart about the attack? All I found was http://www.sixapart.com/typepad/news/2006/05/typepad_update_1.html, which is rather terse.

Also, I've added URLs for two items by Brian Krebs, both of which I recommend.

—CWC(talk) 17:57, 19 May 2006 (UTC)[reply]

Should Blue Security be removed?[edit]

Regarding part of the article that recommends Blue Frog should be removed, it sounds like the spammers posting rubbish to try and stop Blue Frog. Is there a proper source with this info?

FredTheDeadHead 21:52, 20 May 2006 (UTC)[reply]

Well, the link in the article is to a thread on a web forum. It would be really, really good if someone found a better link, because that one is not a Reliable Source. For what it's worth, if I had Blue Frog installed, I'd uninstall it as soon as convenient. Cheers, CWC(talk) 22:25, 20 May 2006 (UTC)[reply]

Seeing as the program dosn't work anymore, it should be uninstalled from any system. Which was also the reason I removed most of the "fear propaganda" which I added before. Havok (T/C/c) 06:48, 27 May 2006 (UTC)[reply]

I'm glad that there is an open source initiative to help curtail this spam. I'm all for any BlueSecurity 'way of thinking' initiative. It's awesome that since a spammer pretty much closed down BlueSecurity that a group of people are creating a P2P based solution. With an open source P2P anti spam agent, hopefully.... hopefully. Celardore 23:30, 25 May 2006 (UTC)[reply]

Anyone who thinks any such sort of thing will stop spam is flat-out insane. So long as spammers are able to control thousands of virus-hijacked "send" machines, there's absolutely no way that any of these "rebound mail" schemes can possibly work. (But of course *I* must be a professional spammer if I am on the internet criticizing Blue Frog -- its Koolaid Kultist followers can fathom no other possibilities in their false-dicholoty universe. Meanwhile, out in the real world, many people use places, like Yahoo!, which auto-filter spam efficiently.)--Mike18xx 23:56, 28 May 2006 (UTC)[reply]

Bouncing email, of course, would be useless. BlueFrog submitted one unsubscribe request per spam to the advertised website, once administrators confirmed it was a real spamvertised site not respecting CAN-SPAM restrictions. Please correct others with this common misunderstanding. Blue Security also reported scams and phishing emails to authorities and ISPs. All of these actions actually affected the spammer by affecting his money source, with potential for a lot of growth because it was legal. Filtering is also legal, but does not have such an effect, particularly because the primary targets of spam (naive new internet users) will not have filtering software installed and properly trained. --Jtheory 05:39, 13 June 2006 (UTC)[reply]

Cease-and-desist submissions and reports to authorities are 100% useless against the great bulk of spam originating from Nigerian and Russian con-artists; anyone without a head made of solid lead should be able to figure that out.--Mike18xx 11:50, 7 July 2006 (UTC)[reply]

That's why those cease-and-desist activities are just the first warning; after that, the Blue Frog clients are instructed to file one complaint per received spam, on the spamvertised site, or whatever back channel the spam mails give (mail address in the case of Nigeria-type con schemes).

It says that Blue Frog was closed source, yet the source is/was on SourceForge. Is there an explanation or is the article wrong? Masterdriverz 08:19, 29 May 2006 (UTC)[reply]

I downloaded the source here: http://sourceforge.net/projects/bluefrog Now it's gone. Maybe there is a sourceforge mirror somewhere that doesn't update quickly.

I found the link here: http://digg.com/security/Blue_Security_Throws_In_The_Towel

Here's a couple of comments about Blue Frog made at slashdot by http://slashdot.org/~mybootorg. I found them informative, so I've copied them here (slightly edited) as background info. However, slashdot comments do not count as Wikipedia:reliable sources (quite the contrary!). Cheers, CWC(talk) 17:48, 30 May 2006 (UTC)[reply]

Re:Poisonous frogs?

I think it might be helpful for you to go back and read up on what Blue Frog was initially about. Their FAQ is undoubtedly cached somewhere. Many of the people posting here — and nearly all of the media in past weeks — have missed the point entirely. Because of the deliciously newsworthy "angle" of using spam vs. spam, most reporters have molded Frog to fit that news story, but not to represent what it actually was.

Blue Frog didn't automatically focus on every Spam that was submitted. It focused on the ones where it could do the most good. To be specfic, the developers would identify Spam that had been submitted to the most Frog members and originating from Spam networks that were not in compliance with the Blue Frog opt-out list.

Then the developers would visit the page and develop a script/bot that would submit opt-out requests using the E-Commerce or "For More Information" forms on the website.

Give this, I think it's pretty unlikely that someone would get hit by accident, dont you agree? Frog was never a completely automatic process. It required intervention and that's a good thing.

Blue Frog won because it was systematically beating the big spammers into submission, one spammer at a time.

Before comparing to DDOS, or botnets, be informed

Ok folks, let get a few things straight.

Blue Frog was NOT effective as a denial of service attack or distributed denial of service attack. It was never meant or designed to be. The Russian spammer said it himself - they never brought down our servers, they only served as "a daily nuisance". The nuisance was this: for every spam that the spammer sent to the some 500,000 Blue Frog members, an automated script (bot) visited the website advertised and filled out the form for snakeoil, home refinancing -- whatever was being hawked. But instead of filling it in with valid input from someone interested in what the website was hawking, it filled it in with a legitimate plea from a single person to Opt-out of being spammed further. With me so far?

The spammer — or worse, the spammer's client — in turn, goes to check on their database of people or leads to which they can hawk their snakeoil and generic viagra and low and behold, instead of being filled with legitimate contacts of people they can do business with — it's filled with hundreds upon thousands of opt-out requests.

Undoubtedly there are real requests from potential business contacts in there. But first they have to filter out all the opt-out requests that Blue Frog has submitted.

Sound familiar? It sure does. It's what we've been putting up with for years. We open our Inbox and instead of seeing email from friends and business associates, we first have to sift through and filter a few gazillion pieces of spam — each with "Hi How are you?" and "Important Account Information" fake titles. Only then can we get down to the email that's actually sent to us. It's a nuisance.

Blue Frog forced spammers to deal with the SAME NUISANCE they cause us. And the spammers didn't care for it too much. They don't care about opt-out requests, the Internet, what people think of them, possible prosecution — all they care about is making money and they're making it by the truckload. The fact that Blue Frog actually bothered them enough to use their botnets to attack is VERY encouraging. It means we've found a way to kick them in the ass and make it hurt.

Please don't compare Blue Frog to a DDOS or DOS. As the Russian Spammer demonstrated with his attack, what little network disturbance Blue Frog causes for the spammer or spammer client server pales in comparison to a real attack. Mainly because it isn't meant to be an attack in the first place.

If Okopipi ends up with 1,000,000 subscribers, then lets talk DDOS.

• Oppose and keep. The concept was interesting and may yet be carried forward by others in a different form. Previous nomination for deletion failed on good grounds which remain valid. - Kittybrewster 17:57, 29 October 2006 (UTC)[reply]

Thank you for the notice. I forgot to add it. AQu01rius (User | Talk | Websites)  18:20, 29 October 2006 (UTC)[reply]

As time goes on and the fight against bots and spam gets more heated, Blue Frog will become more and more relevant. Just today, Wired featured a 4 page article on Blue Frog and the situation surrounding it.

User:Wrs1864 contribs is a spammer! He has methodically removed any links to sites that are promoting on the blue frog concept. He has removed http://www.spamdspammer.com and http://www.dosdragon.com. People need to know the idea is NOT dead. —Preceding unsigned comment added by 64.8.28.2 (talk • contribs) 21:45, 8 November 2006

Uh, no, I am not a spammer. Just the opposite, I don't like spam at all and have put quite a bit of effort into reducing spam in various forms. It is just that I have read WP:EL and understand the policies on external links and realize that external links to sites that don't give information about blue frog do not belong on the blue frog page. They are know as "spam links" and one of the things I try to do is cut down on the amount of spam on the Wikipedia. The Wikipedia is not a directory. Wrs1864 22:08, 8 November 2006 (UTC)[reply]

User:Wrs1864 YOU ARE A vandal! GET LOST WE DON'T WaNT YOU HERE! http://www.Dosdragon.com has an article on bluesecurity. Wrs1864 has never visited the site, because it blocks the IP of known spammers like him!

'What you need, when you need it' seems to be only a search site, but without refinement, does not directly mention "bluesecurity". Search: 'bluesecurity' and 'blue frog' merely lists 6 more advert search engines promising to find the same, but don't. I find that www.spamdspammer.com is also not resolved, and unsatisfactorily diverts to ASK.com. Per WP:EL, we should find some verifiable, relevant links.

Wikidity (talk) 02:21, 21 April 2011 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified 5 external links on Blue Frog. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Corrected formatting/usage for http://sourceforge.net/projects/bluefrog/
• Added archive https://web.archive.org/web/20061028125933/http://www.castlecops.com/postitle156112-0-0-.html to http://castlecops.com/postitle156112-0-0-.html
• Added archive https://web.archive.org/web/20071004112031/http://www.castlecops.com/modules.php?name=Forums to http://castlecops.com/modules.php?name=Forums&file=viewtopic&p=768501
• Added {{dead link}} tag to http://castlecops.com/t154098-Summary_of_the_BlueFrog.html
• Added archive https://web.archive.org/web/20060612033151/http://blog.washingtonpost.com/securityfix/2006/05/blue_security_surrenders_but_s.html to http://blog.washingtonpost.com/securityfix/2006/05/blue_security_surrenders_but_s.html
• Added archive https://web.archive.org/web/20060618231951/http://www.renesys.com/blog/2006/05/the_bluesecurity_fiasco_dont_m.shtml to http://www.renesys.com/blog/2006/05/the_bluesecurity_fiasco_dont_m.shtml

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 04:48, 22 July 2017 (UTC)[reply]