Vicious attack on degreeinfo by a.e.d spammers

Folks,

I just want to clear up what's been going on the past couple of days with Degreeinfo.

Two things are happening simultaneously:

1. The interest and demand for the site is growing tremendously (about 20% growth, just since January), so we're having to scale the technology that serves the site. It's not as easy as scaling an ordinary site, because when we serve the site from multiple servers, we still have to access the one database where messages are stored, to ensure everyone sees the same thing. That's a pretty big feat for an organization with no paid staff, no revenue, and one that relies on the spare time of those of us who maintain it. But we're working on it, and we're committed to solving the problem.

Unfortunately,

2. The spammers that have ruined the newsgroup alt.education.distance have now turned their sights on degreeinfo. We foresaw this, and began making redundant arrangements. Unfortunately, we did not count on the spammers using MAILBOMBS and DENIAL-OF-SERVICE attacks against our upstream providers. On one day, our primary DNS provider received over 65,000 emails from the a.e.d. spammers... and the "Dan Peters" persona threatened that this was only a drop in the bucket.

The Peters persona is claiming that Degreeinfo was spamming a.e.d. , encouraging people to use our forum... which, of course, isn't true, and we have messages from the maintainers of the newsgroup FAQ, the closest thing there is to an authority figure for the newsgroup, to back up the claim that we're doing nothing wrong.

But ISPs don't have the time or inclination to fight these things, or to understand the nuances. Someone who drops into the newsgroup sees dozens of messages from the spammers saying "DEGREEINFO: STOP SPAMMING THIS GROUP" (all posted using anonymizers) and hundreds of messages from our loyal users inviting people to check out these discussions. (nearly all of whom use real names and traceable ISPs.)
And, of course, the newsgroup FAQ also encourages people to come here. So we're clearly in the right.

So... long and short of it is, ZoneEdit, our upstream DNS provider, couldn't sustain the attacks and asked us to move. And as soon as we did, the next provider also got threatened and told that we were spamming... so they didn't want to fight it either.

But we do have more bulletproof solutions in the works. In the meantime, it's possible the site will go down again, but it won't stay down for long.

I apologize for the inconvenience.

If anyone has any suggestions/assistance/resources they can provide, we would be delighted for any and all help. Particularly useful would be someone who hosts DNS and is willing to deal with the possibility of threats from the spammers.

We're doing our best, with not a dime coming in to cover our costs, but we don't plan on giving up simply because a group of spammers don't like the message we're disseminating.

Thanks for all your continued support, and please bear with us as we work to resolve the problem created by these cyberterror thugs.

 

Suggestion...

Set up a way to receive financial contributions from you members...I know that this entire process is costly and its unfair for the burden to be heaved upon just the administrators. I will gladly contribute money...and I am checking some resources to find out if there is a way to circumvent spamming! I admit I am not the most knowledge when it comes to this matter, but I have acquaintances that may be able to help.

All members of this forum are in this together...and must stick together!!

Mike

 

The ignoble actions of spammers continues to surprise me. I just don't understand the destructive nature of some people.

 

Re: Suggestion...

I wouldn't mind giving a monthly donation or something to that effect, as long as it's not through PayPal.

Darren.

 

Would you be willing to post your monthly/annual costs, sort of like a corporation? That way, people like me could make a determination of how much we should give.

If it cost you $150 per month, then I should give _____ as a donation....

On second thought, maybe that's not a good idea. If corporations (like UoP or whoever and whatnot) see how much a forum like this costs, then these kinds of forums might start springing up all over with corporate motives.... I guess it's going to happen anyways... eventually...

I dunno... I'm just thinking out loud.

 

[Greetings.

Perhaps I am simply dumb, but I don't understand how/why things have been permitted to go on as long & as far as they have.

As I understand it, there is a lunatic (Mr. Peters), presumed to be living in a country chock-full of laws (UK) and the will to enforce them, making slanderous charges against Dr. Bear (a resident of a country with fewer laws but far more lawyers) when Mr. Peters is not (presumably) selling phony diplomas. The lunatic has now taken to violating (additional) Federal laws to further his aims. Dr. Bear, on the other hand, has not violated any federal laws (that we know about <g>), but, presumably, still knows a few people in both the FBI and the news media.

Surely, if you gang-of-five chaps were as clever as all the initials after your names suggest, you wouldn't need to reread the preceding paragraph too many times before one or more solutions to Mr. Peters came to you.

Alternately, or in the interim, have you considered getting your web services from a ISP like Earthlink? Few of their customers, such as myself, come out unbruised after dealing with them; I doubt Mr. Peters would enjoy the experience much more. <g>

And, of course, so long as I'm able to, I have no problem chipping in a few bucks, either.


Cordially,
Richard Kanarek

 

what can users do to help

This is really awful. The exchange of ideas shut down, rather than expanded.
Please let us "users" know what we can do to help.
Spam is a virus that hurts us all.
IraT.

Cert. Gerontology Studies
BS Human Development
MA Guidance and Addiction Counseling
MExtension Ed. Adult & Vocational Education Administration
Cert. of Advanced Study in Special Education

 

Re: Re: Vicious attack on degreeinfo by a.e.d spammers

To go after these jokers can be expensive with the risk that nothing would be accomplished. I would be more than willing to donate a few bucks to try to help spread out the cost and minimize the expense to any particular individual.

 

RE: Suggestion

Obviously when I suggested that we (the members) contribute to the upkeep, maintenance, etc. of this wonderful resource I also meant to state that it has to be done in a way that "evildoers" cannot intercept or intervene on it. Paypal was mentioned as a bad choice...but something along those lines would be feasible because none of us are in close proximity of each other.

Whatever we do...we have to do it together and be concerted in our efforts to keep this forum going. It has personally got me on the right track and I want to ensure that it stays around forever!!

Mike

 

Thanks much for all of your kind words and offers of financial support. It does mean a lot to me, personally, and to all of the degreeinfo admin and moderation team members. Quite a few people have written to us privately as well as those who have posted here with various offers of help.

As to the financial support thing, again, thank you very much for the offers. We'll work out details soon. What I'm thinking right now is that we will make available a useful and interesting little product that we've been getting ready to offer anyway, and people can purchase that, and the purchase will support this site. I'm being a little cryptic because we kind of want it to be a surprise, but we'll work on announcing it very soon.

We are committed to keeping this site functional. It may go down here or there for a short time, but we are lucky enough to have a couple of really high-powered network security gurus (as in, Fortune 500 types) available to us for free, and we're fortifying things as we speak. Redundancy and disaster recovery plans are a good thing!

And there is definitely a silver lining to this little escapade... more about that in the next week or two.

Meantime, our latest DNS provider, Granite Canyon, has also just dropped us, but we expected it and already had other arrangements in place, so we don't expect any downtime. Both of our previous providers have been very helpful and accommodating in giving advice on creating bulletproof solutions, and we've taken that advice.

So... that which doesn't kill us only makes us stronger. Thanks again for your support, and keep your eyes out for some new and exciting things coming to this space soon!!

 

Re: Re: Vicious attack on degreeinfo by a.e.d spammers

I agree with Richard.

This has gone well beyond "spamming". It is now full-scale computer crime.

I think that Degreeinfo needs to pursue this on multiple fronts: In criminal and civil law, through other federal, state and private agencies, in the press, and by hardening Degreeinfo's own infrastructure against further attack. Degreeinfo already has participants, friends and contacts in all of these areas, I'm sure.

This is not just an attack on an individual, as in the MIGS debacle. It is an attack intended to shut down all public consumer-level discussion of distance education on the internet. That's a threat not just to us, but to the DL medium itself.

I take all of this very seriously and am certainly willing to contribute towards the cost of these activities.

 

In short, we pissed some people off.

We used to sayd 'Buy John Bears book'

Now we say ' come to Degreeinferno'.

Not everyone else on the world is on our wavelength and we firget that at times.

So in a sense we asked for 'it', but this is a different version of 'it' and we are dealing with people with different thought processes and reactions.

We go into immediate damage control [we have] and we do future risk assessment.

This site already has a 'bad' name in some areas and we need to be aware of that. Which areas? ... those who need to knopw nkow, and it will not become public knowledge. These are people who take exception to some attitudes that we eopxress and some actions that we take - in short the 'outing' that has taken place.

OK OK - disagree with me, but it wasn't smart. Everyone is entitled to their own opinions, and plenty of you don't agree with my stance over that issue, but don't forget that plenty of people have the same reaction that I had. Fortunately generally those people are refined in the way that they address their concerns, but they still have them.

So maybe we should be a little more careful at times what we discuss and how we discuss it, especially when it may be seen to not go down the track of fair and natural justuce, and when it directly affects thirds parties to us.

Maybe there should be a closed forum for 'edurednecks'?

Just my thoughts, but I do recommend that some consider them.

 

Peter,

I find your comments are reasoned and thoughtful, and they make sense.

While I don't think that we should be intimidated by diploma mill operators trying to prevent free speech and honest dissemination of information, I also think that we *do* have to be careful in considering the ramifications of "outing" people. I am not saying it should never be done, but just that it's something requiring thought and contemplation.

 

Update...

Well, a couple of good things have happened in the last 24 hours, and I want to give credit where credit is due.

Yesterday, I wrote


Meantime, our latest DNS provider, Granite Canyon, has also just dropped us, but we expected it and already had other arrangements in place, so we don't expect any downtime.

Actually, this turns out not to be true. I received a call at home last night from one of the Granite Canyon principals. He said that he'd initially been fooled by the spammers, and temporarily disabled us, but one of his partners caught on to the scam, and they have restored our DNS service and decided to take up our cause.

I spoke to him again today, and he reiterated that Granite Canyon will do everything possible to work with us and continue to provide DNS services, and that they are willing to do their best to weather the attacks that the spammers may try.

Bless their hearts, these guys do what they do totally for free, just because they want to and they like to help others. If anyone needs to register a domain name, it would be great to do it through www.granitecanyon.com, because they get a small fee for every domain registered through them, and those fees will help to support what they're paying for out of their pockets.

Additionally, one of the "silver linings" I spoke of yesterday is that the DoS attack got the attention of the Chronicle of Higher Education. They interviewed me and, I believe, also the staff of ZoneEdit about the attacks, and are doing a story on DegreeInfo and the DoS attacks that I'm told will be in their online edition tomorrow.

And there are more good things in the works...

 

DNS idea..

Note: I didn´t read the message above before I posted this but this is still a valid idea if it ever comes to it.

Hello,

I consider myself quite adept at the DNS protocol and I have written several applications that utilize this protocol and I also have administered several large sites which host hundreds of domains.

There is way to make the DNS hosting free and more reliable and redundant to spammers attacks. And harder for DDoS attacks to take down.The way is to let the community host the zone degreeinfo.com for you.

Its easy, you select several members of the degreeinfo.com board that have steady connections(T1 and above) preferable not to the office, to the home is more apropriate and less likely to cause problems at work. I for example have a 2mbit sdsl line at my house which can handle heavy traffic and is a very stable line.

Say you get maybe 10 users here with strong connections and the ability to set up the DNS daemon software then you have a hosting party that does not rely on one service and is cost effective and to the best of my knowledge quite fast and easy.

Let me explain a few things: out of these 10 people willing to service this zone degreeinfo.com from their homes lets say that 5 of these people had to reboot their computers or some power problem, no matter the other 5 still alive handle all the requests, because the client software of the user trying to lookup "degreeinfo.com" will try to connect to all of them in case the one he tried did not work.

Anyways this is a plan that saves degreeinfo.com staff money and provides excellent redundancy and gives us a chance to help you guys out in a way and probably the best thing gained is that you have people that ignore the spammers and threats. The onyl thing needed to do basically is to select and find people willing to host provided they have strong connections and contact your domain registrant(register.com or whatever) and tell them that the zone degreeinfo.com is handled by these specific domain name servers and they will change their records and voila.

I am willing to assist in any techincal arrangements needed if you decide that this is something that you want to. Aswell as hosting the zone.

Just a small idea, but good luck!

Theodor Ragnar Gislason

 

Re: Re: Re: Vicious attack on degreeinfo by a.e.d spammers

ditto

 

Those guys are really pi$$ed

I use to be a regular lurker on the a.e.d. discussion board and really enjoyed the debate over distance education. However, the spammers have completely destroyed that forum. Now, I have to run to degreeinfo in order to get good information.

I guess my question is, why are those guys so pissed off? They have been spewing hate mail for over year and it shows few signs of abating. My God, how can you stay so angry at the same person (or gang) for so long? Do these guys have jobs? Where do they get the time to continue to send all of that stuff?

 

Re: Those guys are really pi$$ed

It's possible that it's a psychotic at work.

But my opinion is that it is just business. Nobody is angry and what they are doing IS their job. The people responsible are being paid to do it.

AED and John Bear have been among the only voices on the planet willing to criticize degree mills by name. Fraudulent online "universities" are a multimillion dollar business, and the negative publicity was driving away customers. So about 16 months ago, some organization operating a stable of phony universities assigned an employee to suppress AED and to try to discredit John. More recently they tried to attack this group.

I think that several different individuals have been involved. The original "factwatcher" was British or Irish, using British-style slang and vocabulary. But more recently the posts seem to be coming from Americans. But the overall style and agenda have been identical.

My guess is that the source is a syndicate that operates a number of degree mills and probably an assortment of other shady online enterprises.

 

Re: Re: Those guys are really pi$$ed

Cor blimey! Stone the crows and love-a-duck! Whatever gave you that idea, old bean? Hollywood British-style slang, maybe, but nothing authentic I could detect. A red herring perhaps. Anyway, top of the morning to you, Your Honour. Yer a fine man.

.

 

You mean, that's their job?

Can you really get a job as a professional spammer? How much does it pay? More importantly, how do you describe that job on your resume?

I know the economy isn't the greatest, but my goodness, can you imagine waking up, kissing your wife and then saying, " Alright honey, I'm off to the office to slam, spam, thank you ma'am, the Bear."