The neutrality of this article or section may be compromised by "weasel words." You can help Wikipedia by improving weasel-worded statements.

Blue Frog

Developer:	Blue Security
OS:	Microsoft Windows Extension for Mozilla Firefox
Use:
License:	Open Source
Website:	Blue Security Inc. is a dead link; use the Internet Archive link here instead

For a real blue frog see Dendrobates azureus.

The Blue Frog software tool, produced by Blue Security Inc., operated as part of a community-based anti-spam system which tried to persuade spammers to remove community members' addresses from their mailing-lists by automating the complaint process for each user as they receive spam. Blue Security maintained these addresses in encrypted form in a Do Not Intrude Registry, and spammers could use free tools to clean their lists. Image File history File links Unbalanced_scales. ... Image File history File links Blue-frog-spam. ... Software engineering (SE) is the profession concerned with specifying, designing, developing and maintaining software applications by applying technologies and practices from computer science, project management, and other fields. ... The Blue Frog software tool, produced by Blue Security Inc. ... To meet Wikipedias quality standards, this article or section may require cleanup. ... Microsoft Windows is a family of operating systems by Microsoft. ... Mozilla Firefox showing several extensions and a custom theme See also: List of Firefox extensions Extensions are installable enhancements to the Mozilla Firefox or Mozilla web browsers, and add features to the application or allow existing features to be modified. ... Firefox redirects here. ... A software license is a legal agreement which may take the form of a proprietary or gratuitous license as well as a memorandum of contract between a producer and a user of computer software. ... Open source refers to projects that are open to the public and which draw on other projects that are freely available to the general public. ... This page as shown in the AOL 9. ... A dead link or broken link is a link on the world wide web that points to a webpage or server that is permanently unavailable. ... Internet Archive headquarters. ... Binomial name Dendrobates azureus (Girard, 1855) Dendrobates azureus is a type of poison dart frog found in South America, specifically in the Sipaliwini region of Suriname. ... Computer software (or simply software) refers to one or more computer programs and data held in the storage of a computer for some purpose. ... E-mail has become the subject of much abuse, in the form of both spamming and E-mail worm programs. ... This article is about spam, the abuse of electronic communications media to send unsolicited bulk messages. ... Electronic mailing lists are a special usage of e-mail that allows for widespread distribution of information to many Internet users. ...

Information

Community members reported their spam to Blue Security, which analyzed it (to make sure it met their guildelines) then reported sites sending illegal spam to the ISPs which hosted them (if it could be found, contacted and were willing to work with them), to other anti-spam groups and to law-enforcement authorities in an attempt to get the spammer to cease and desist. If these measures failed Blue Security sent back a set of instructions to a Blue Frog client. The client software used these instructions to visit the websites advertised by the spam messages and leave complaints on those websites. For each spam a user received, their Blue Frog client would leave one generic complaint, including instructions on how to remove all Blue Security users from future mailings. Blue Security operated on the assumption that as the community grew, the flow of complaints from tens or hundreds of thousands of computers would apply enough pressure on spammers and their clients to convince them to stop spamming members of the Blue Security community. An Internet service provider (abbr. ... For the band, see The Police. ... In computing, a client is a system that accesses a (remote) service on another computer by some kind of network. ...

The Blue Frog software included a Firefox and Internet Explorer plugin allowing Gmail, Hotmail, and Yahoo Mail electronic-mail users to report their spam automatically. Users could also report spam from desktop email applications such as Microsoft Office Outlook, Outlook Express and Mozilla Thunderbird. Firefox may refer to: Firefox (novel), written by Craig Thomas, published in 1978 Firefox (film), the 1982 movie starring Clint Eastwood, based on the novel Firefox (arcade game), the laserdisc arcade game based on the movie Mozilla Firefox, a web browser The Red Fox or the Red Panda, based on... To meet Wikipedias quality standards, this article or section may require cleanup. ... Gmail, officially Google Mail in the United Kingdom and Germany, is a free webmail and POP3 e-mail service provided by Google. ... Hotmail is a free webmail e-mail service, which is accessible via a web browser. ... See also Hotmail Gmail External links Yahoo! Mail Yahoo! Mail FAQ YPOPs: An application that provides POP3 access to Yahoo! Mail Categories: Domain name stubs | Email | Yahoo! | Websites ... In graphical computing, a desktop environment (DE) offers graphical user interface (GUI) solution to operate a computer. ... Microsoft Office Outlook is a personal information manager from Microsoft, and is part of the Microsoft Office suite. ... For the personal information manager included in the Microsoft Office suite see Microsoft Outlook Microsoft Outlook Express is an e-mail and news client bundled with certain versions of Microsoft Windows starting with Windows 95 OSR-2. ... Mozilla Thunderbird is a free, cross-platform e-mail and news client developed by the Mozilla Foundation. ...

Users who downloaded the free Blue Frog software registered their email addresses in the "Do Not Intrude" Registry. Each user could protect ten addresses and one personal email domain name. The term domain name has multiple related meanings: A name that is entered into a computer (e. ...

Blue Frog was available as a free add-on within the Firetrust MailWasher anti-spam filter. It was also compatible with SpamCop, a tool with different spam-fighting methods. SpamCop is a free spam reporting service, allowing recipients of unsolicited bulk email (UBE) to report the offense to the senders Internet Service Provider (ISP), and sometimes their web host. ...

Blue Security released all its software products (including Blue Frog) as open source: the developer community could review, modify or enhance them. Open source refers to projects that are open to the public and which draw on other projects that are freely available to the general public. ...

Spammers' backlash

A screenshot of one of the emails.

A variation of the hoax emails.

On May 1, 2006 Blue Frog members started to receive intimidating emails from sources claiming that the software was actually collecting personal details for identity theft, DDoS attacks, creating a spam database, and other such purposes. Blue Security has dismissed these claims [1]. Image File history File links Blue_Frog_discredit_a. ... Image File history File links Blue_Frog_discredit_a. ... Image File history File links Download high resolution version (828x613, 22 KB) Summary Another variation of the Blue Frog Hoax letters. ... Image File history File links Download high resolution version (828x613, 22 KB) Summary Another variation of the Blue Frog Hoax letters. ... May 1 is the 121st day of the year in the Gregorian calendar (122nd in leap years). ... 2006 (MMVI) is a common year starting on Sunday of the Gregorian calendar. ... A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system. ...

One variant of the email stated that they had found a way to extract addresses from the database for malicious purposes. Due to how the Blue Security software works, this is not possible; however, spammers can identify BlueFrog member email addresses in lists they already possess. Blue Security provides spammers a free tool that allows them to 'clean their lists'. Extracting addresses directly from the program would be impossible as they are just hashes, but a spammer can run a list through the BlueSecurity filter and then compare the results with an unaltered list, and thus identify BlueSecurity users and target them. This method can only identify Blue Frog addresses already in the spammer's possession, and cannot give them access to as-yet untargeted addresses. Image File history File links Download high resolution version (828x613, 22 KB) Summary Another variation of the Blue Frog Hoax letters. ... In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ...

As of November 1st 2006 Spammers have now invaded Wikipedia in an attempt to remove any links to sites that have continued the fight against them. This article has been butcher by BOTS under the names Husond and Wrs1864

Controversy

The neutrality of this section is disputed. Please see the discussion on the talk page.

Individuals claiming to be members of the computer security establishment condemned the Blue Security company for the action it took while under the load of a retaliatory DDoS attack initiated by spammers. As their servers folded under the load, Blue Security redirected (without permission) its own DNS entries to point to the company weblog which was announcing their difficulty. The company weblog was hosted at the blogs.com webportal, a subsidiary of Six Apart. This effectively redirected the attack to blogs.com and caused Six Apart's server farm to collapse, which in turn is said to have made some 2,000 other blogs unreachable for several hours. A representative of Renesys likened this action to pushing a burning couch from their house to a neighbor's. Image File history File links Unbalanced_scales. ... Six Apart Ltd. ...

In their defense, Blue Security Inc. stated they were not aware of the DDoS attack when they made the DNS change, claiming to have been "blackholed" (or isolated) in their Israeli network as a result of a social engineering hack, which was alleged to have been pulled off by one of the attackers against a high-tier ISP's tech support staff. Social engineering has several meanings: Social engineering (political science) Social engineering (computer security) This is a disambiguation page — a navigational aid which lists pages that might otherwise share the same title. ...

This claim has been disputed however by many writers such as Todd Underwood, writer of Rensys blog. Most sources, however, agree that regardless of whether Blue Security were "blackholed", they seem not to have been facing attack at the time they redirected their web address.^{[citation needed]} Blue Security also claimed^{[citation needed]} to have remained on amicable terms with Six Apart and pointed to the fact that the blog hosting company did not blame or even name them in the press release which explained the service outage. In any event, the action was widely reported on IT security websites, possibly damaging Blue Security's reputation within that community. At the same time, the incident and its broad reporting in more general interest media was considered by many to be a boon to the notoriety of Blue Security and the Blue Frog project.

Security Expert Brian Krebs gives a different reason for Blue Security's website being unavailable in his article on the Washington Post website. He says that what happened was not that Blue Security was lying about being unable to receive HTTP requests (because their servers were down), saying they had been "black hole filtered" and maliciously re-directed traffic (as Todd Underwood would claim), but rather that they were actually unable to receive traffic due to an attack on their DNS servers. This makes it probable that they had essentially been telling the truth and that CEO Eran Reshef was simply misinformed as to why their users were unable to reach their site. Brian Krebs is an American journalist, born in 1972, in Alabama. ... ... HTTP (for HyperText Transfer Protocol) is the primary method used to convey information on the World Wide Web. ...

Attackers identified

Soon after the attack started, Blue Security CEO Eran Reshef claimed to have identified the attacker as PharmaMaster, and quoted him as writing "Blue found the right solution to stop spam, and I can't let this continue" in an ICQ conversation with Blue Security.[2]. The ICQ Logo ICQ is an instant messaging computer program, owned by Time Warners America Online subsidiary. ...

Prime suspects for the Distributed Denial of Service (DDOS) attack on Blue Security's servers have been identified in the ROKSO database as Christopher Brown AKA Swank AKA "Dollar", his partner Joshua Burch AKA "zMACk" and "some Russians" (Russian / Americans) notably Leo Kuvayev and Alex Blood. The suspects were identified from a transcript of their postings in the www.specialham.com forum where both the spam attacks and DDOS attack were planned. The Spamhaus Project is a largely volunteer effort founded by Steve Linford in 1998 that aims to track e-mail spammers and spam-related activity. ...

Shutdown of Anti-Spam Service

Blue Security ceased its anti-spam operation on May 16, 2006. The company announced it will look for non-spam related uses of its technology. In a rare move for the venture capital industry, the company's investors expressed full support for the company's decision to change its business plan [3]. May 16 is the 136th day of the year in the Gregorian Calendar (137th in leap years). ... 2006 (MMVI) is a common year starting on Sunday of the Gregorian calendar. ... Venture capital is a general term to describe financing for startup and early stage businesses as well as businesses in turn around situations. ...

Many users have suggested continuing the project's goals in a decentralized manner (specifically using peer-to-peer technology, with the client distributed via BitTorrent or similar, thus making both the spam processing and client distribution elements harder for the spammers to attack). One such program already under development is dubbed Okopipi [4]. A peer-to-peer (or P2P) computer network is a network that relies on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively few servers. ... The BitTorrent logo BitTorrent is the name of a peer-to-peer (P2P) file distribution protocol, and is the name of a free software implementation of that protocol. ... Okopipi is an open source project to create a successor to Blue Securitys Blue Frog anti-spam project, which was abandoned following attacks by spammers. ...

A number of users have recommended all users to uninstall the Blue Frog program, as it is no longer useful without the Blue Security servers active. [5] Simply, an uninstaller is the opposite of an installer. ...

See also

• SpamCop - a popular free spam reporting system
• Spamhaus
• Okopipi
• Spampoison (in: Spamtrap) - a free system to make spammers' mailing lists useless
• List of e-mail spammers
• DoSDragon.com a site carrying on the blue frog concept.
• spamdspammer.com A site that provides software to get back at spammers.

SpamCop is a free spam reporting service, allowing recipients of unsolicited bulk email (UBE) to report the offense to the senders Internet Service Provider (ISP), and sometimes their web host. ... The Spamhaus Project is a largely volunteer effort founded by Steve Linford in 1998 that aims to track e-mail spammers and spam-related activity. ... Okopipi is an open source project to create a successor to Blue Securitys Blue Frog anti-spam project, which was abandoned following attacks by spammers. ... List poisoning is a tactic for detecting or diverting e-mail spammers by tricking them into including invalid addresses into mailing lists. ... E-mail spammers are people who send unsolicited electronic messages in bulk. ...

External links

• Wired news article on botnets and the DDoS attack on Blue Frog, Oct 31, 2006
• Wired News Article on shutdown, May, 16, 2006
• "In the Fight Against Spam E-Mail, Goliath Wins Again" Brian Krebs, Washington Post, May 17, 2006
• "Blue Security Kicked While It's Down", May 17, 2006 Brian Krebs on the spammers victory and its implications
• Summary of Blue Frog
• Marcus J. Ranum - Enabling the Complaint Department
• David Johnston: "Spammer Desperately Tries to Undermine Blue Security"
• Suspects in the DDOS attack
• Transcript of the Spammer attack plans
• Spammers Win, Anti-Spam Software Firm Shuts Down. Day to Day, 17 May 2006.
• Renesys' overview
• The Original Blue Frog Fan Club and News Source
• DoSDragon.com a site carrying on the blue frog concept.
• spamdspammer.com A site that provides software to get back at spammers.