« Google as a Nationwide Phone Directory | Main | Microdoc Documents the Lifecycle of a Story in the Blogosphere »

NY Times Documents Consumer and Small Business Role in SPAM

The New York Times reports that many consumers and small businesses with insecure computers on broadband connections unwittingly serve as relays for SPAMmers. It is somewhat surprising that the Times laid so much of the blame for Internet insecurity on so many users in the North America and Europe, when it's so easy to cite poorly-configured servers in some Asian countries known for lax computer security procedures.

Yet, the Times says that a major part of the open relay problem is caused by the insecure configuration of client-level proxy servers such as AnalogX Proxy. According to the aricle:

AnalogX Proxy, a free proxy-server program that has been downloaded by more than a million people, is automatically in the open state when it is first installed. Mark Thompson, the author of AnalogX, said he had rebuffed the requests of many antispam activists to distribute the software with the security features already activated because doing so would make it harder to set up.

"The biggest plug for the proxy is it is really easy to get it running," he explained. Mr. Thompson said he did try to achieve a compromise by revising the program to give people a warning about security problems every time it starts.

Even so, Wirehub, a Dutch Internet service provider, says that 45,000 of the 150,000 open proxy servers it has identified as sending spam appear to be using AnalogX.

The idea that a Dutch ISP has 150,000 open proxy servers ought to scare people to death. Then again, how many open wireless LANs are there in densely populated areas of the Netherlands?

Open wireless LANs, in the hands of the right people, are just as dangerous as open proxy servers. The big difference is that the abuser needs to be physically near the WLAN access point.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


CTDATA Venutures (CTDATA) develops Internet and Intranet applications for corporations and non profit organizations. Our services include:

  • Consulting services for Movable Type and TypePad-based publishing systems (visit our Weblog Improvement website for more information),
  • Financial services business process consulting,
  • Content management system and knowledge management system consulting,
  • Apache web server engineering and hosting,
  • MySQL, Sybase, and Microsoft SQL Server architecture and development,
  • SOAP, REST, and XML-RPC system architecture and programming, including Amazon Web Services and
  • Weblog publishing.
For more information, contact Dave Aiello by email at dave [at] daveaiello.com or call him at +1-267-352-4420.
Copyright © 1995-2010, CTDATA Ventures. All Rights Reserved.
Powered by
Movable Type 4.25