After a counter-attack by spammers that knocked out millions of Typepad and Tucows customers, Blue Security has surrendered.
The company has pulled the plug on its controversial anti-spam efforts, which were based on filling out an opt-out form on a spammer’s website every time an unsolicited message was received.
Blue Security management figured the aggregated efforts of Blue Frog clients across the globe would effectively tie up spam servers, making it impossible for spammers to ply their trade.
As Blue Security chief Eran Reshef reasoned in 2005, “The sheer amount of complaints going to the spammer’s site is going to make it hard [for that site] to do anything else.”
Detractors viewed this approach as, by definition, a Denial of Service attack, which is considered by many to be illegal, immoral, and likely to lead to unforseen consequences that can hurt innocent bystanders.
In Blue Security’s capitulation letter, officials tacitly acknowledged the hole in their strategy:
Spammers launched a series of attacks against us, taking down hundreds of thousands of other websites via a massive Denial-of-Service attack and causing damage to ISPs, website owners and Internet users worldwide. They also began a relentless campaign of email intimidation against many members of the Blue Community.After recovering from the attack, we determined that once we reactivated the Blue Community, spammers would resume their attacks. We cannot take the responsibility for an ever-escalating cyber war through our continued operations.
Many anti-spammers are delighted with Blue Security’s change of heart. For example, David Cary Hart of tqmcube commented:
What is interesting is that the firm founded by IT security experts is basically conceding that they cannot handle a DDoS. Only a week ago they claimed victory against the evil forces.
Hart and others are convinced that the company simply burned through its initial $4.8 million cache, and was unable to raise second-stage financing, due to lack of a “reasonable financing model.”
Indeed, a review of the Benhamou Global Ventures portfolio may bolster that guess. Though BGV provided earlier funding, Blue Security isn’t listed.
From now on, Blue Security management says it will apply its technology in new directions. No more spam fighting.
Meanwhile, although Blue Security claimed it would keep its community site open till the end of May, as of this writing, the site is inaccessible.
So here are Blue Security’s final words:
Blue Security Ceases Anti-Spam Operations
When we founded Blue Security in 2004, we believed that if we automated a way for users to rise up and exercise their rights under the CAN-SPAM Act, we could reduce the amount of spam on the Internet.Over the past few months we were able to leverage the power of the Blue Community and convince top spammers responsible for sending over 25% of the world’s spam to comply with our users’ opt-out list. We were making real progress in eliminating spam from the lives of our users.
However, several leading spammers viewed this change as a strategic threat to their spam business. The week before last, these spammers launched a series of attacks against us, taking down hundreds of thousands of other websites via a massive Denial-of-Service attack and causing damage to ISPs, website owners and Internet users worldwide. They also began a relentless campaign of email intimidation against many members of the Blue Community.
After recovering from the attack, we determined that once we reactivated the Blue Community, spammers would resume their attacks. We cannot take the responsibility for an ever-escalating cyber war through our continued operations.
As we cannot build the Blue Security business on the foundation we originally envisioned, we are discontinuing all of our anti-spam activities on your behalf and are exploring other, non spam-related avenues for our technological developments. As much as it saddens us, we believe this is the responsible thing to do.
You need not do anything as a result of this change. We will continue to protect your names and addresses and honor all privacy commitments we made to you.
We have concluded we should not take Blue Security to the full deployment stage we originally planned to achieve, but we are proud of what we have accomplished thus far as a young startup company.
We are extremely proud to have had the chance to work with such a devoted and dedicated community: thank you for the vote of confidence you gave us over the past few months as well as the particularly vocal support you have shown over the last two weeks.
We will be innovating and building our technology in new, other directions and will continue to give back to you, our Community.
Thank you for your support,
The Blue Security Team.
Or, as Todd Underwood of Renesys wrote, “Live by the DoS, die by the DoS.”
Email Battles Backgrounder:
10 comments
Comments feed for this article
May 17th, 2006 at 10:31 pm
Patrick
I’m sorry to see Blue Frog go. It was our only hope to stop spammers.
maybe people will wise up and stop buying the spamvertised products ?
May 18th, 2006 at 8:09 am
BJ Gillette
Aren’t spam buyers baffling?
As direct marketers discovered long before the email or the Internet existed, there truly is a sucker born each and every minute.
For confirmation, check the contents of the snail-mailbox in front of your home.
May 18th, 2006 at 9:45 am
Stewart Lockey
I find your coverage of the Blue Security demise so staggeringly bias in favour of the Spammers I seriously question your motives. Blue Security was a valiant attempt to cut the amount of SPAM on the internet. It was NOT a DoS vigilante as you state. It just automated a job I have to do on a daily basis which is trying to opt out of spam mail.
Based on your coverage and obvious bias I can only assume you have an alternate agenda than your stated one. Thus I can no longer believe what you say in editorials or features. For one I’ll no longer be visiting your site.
May 18th, 2006 at 9:48 am
BJ Gillette
@Stewart.
RE: “Blue Security … was NOT a DoS vigilante as you state.”
After reviewing every word ever written on this site concerning BS, I cannot find that term applied to BS by Email Battles anywhere. Perhaps you can help.
As we’ve stated ad nauseum, BS’ sin was picking a fight, then wussing out. When BS dragged Typepad and Tucows into its fight with outsiders, the company morphed from controversial experiment to industry pariah.
Stewart, if our pointing out analysis by undeniable experts in the network infrastructure and anti-spam fields offends, your aversion to Email Battles coverage is well founded. Doggone us!
May 18th, 2006 at 10:14 pm
jon
I believe bluesecurity has started a new chapter in the war of spammers. There actions (from an advanced users point of view) is the most drastic and controversial step ever taken to control all the garbage/crap all of us get in our e-mails. I am a proud member of blue frog and believe strongly in what they stand for, spammers should be prosecuted in my opinion, there actions are disturbing, morally wrong–>porn spammers, and most of the time illegal business practices. All of these websites (around the world) should be shut down and the supporters sued and the ones who started the website given jail time, if this was done just once or twice I believe the spammers would look for legitimate/legal & moral ways to make a living instead of being sleezy, low lives that prey on pushing there scams/junk on the rest of the world. Bluesecurity/Bluefrog will be back, COUNT ON IT their push us and get shoved back policy is just what we need. I will support anti-spam tactics whatever they are, any way I can.
May 19th, 2006 at 11:11 am
Brian Williams
The only non-spammers who don’t like what BS were doing are people like Smugderwood and, presumably, this author, who make money out of consultancy and journalism spinoffs caused by spam suffering. Get rid of spam, these people have to do something else. Why would we need “email battles” for example? HOW THE HECK can you call it abusive to send ONE OPT OUT PER PERSON to a site that uses spam services involving the illegal use of zombie bots and spoofed return addresses?
The software even throttled back to ensure no DDOS. What DID happen was that the spamvertised company had to sort through thousands of opt out messages and why not? Smugderwood calls it DDOS as a typical smear campaign spreading falsehoods to discredit. A practice sadly typical of American business life. (Speaking as someone who has worked there for 4 years for a big corporation).
May 19th, 2006 at 12:37 pm
farmboy
I’m against spam like everybody else. And I don’t have much opinion either way about Blue Security. But I gotta say that some of the comments here seem off the wall, like the one that said Blue Security was the only hope we had to fight spam. I’m no expert, but I gotta believe the multitude of anti-spam solutions out there would beg to differ. As for the comments that Blue Security wasn’t using DOS as a weapon, how else can you interpret the quote from Blue Security’s big boss: “The sheer amount of complaints going to the spammer’s site is going to make it hard [for that site] to do anything else.” Call it what you want, but the result seems to be DOS.
May 19th, 2006 at 3:29 pm
Spamkil
To say that Blue Security was doing anything like a Dos or DDos is twisted. That a spammer should receive an opt out email for every piece of spam that they send to somebody who doesn’t want it is only ethical. If the volume of opt out requests is excessive in this one for one situation then just maybe the spammer should consider using the opt out list. Blue Security was a very nice answer to ethically control spam. The attack by spammers on ISPs was nothing short of terrorism. Too bad that governments don’t view disruption of communications by punk spammers to be something that they should help to stop.
May 19th, 2006 at 4:06 pm
Jones
The last thing we need is government intervention. Give ‘em an inch and they’ll take a mile. There’s nothing politicians would like better than control of the internet. A perfect opportunity for another bureacracy full of un-elected control freaks regulating our personal lives because, after all, they know better than we do. You’ll long for the good old days, replete with spam, if the feds ever get that kind of power.
May 22nd, 2006 at 10:14 am
gunslinger
BS, Blue Frog, what a bunch of chicken…..! You got me interested, I bought your line of crap, hook, line, and sinker. Where did it get me? Not so much as an email from you stating you were closing down. I had to go online and search until I had found out what had happened. You brag you had over a half million subscribers of which I was one. You let us all down. Your community is pissed, you sucked us in and then dropped us like a rock. Now my emails are again junk, enlarge your PP, buy meds, etc. This russian spammer made you roll over and play dead. Where is you balls? You never cared about your BS community, I am appalled that you quit as easily as you did. You used us!! For that, well for that I hope you never find and capital to start another venture again. How much money did you line your pockets with before you had the balls to run and hide. In my eyes BS is now no better then the bs that they are now trying to peddle on us. You turned your back on the community you started, how dare you try and explain it all away. You bunch of wimps, how dare you walk away with out so much as a email to your community. My trust in the BS has been shattered. Thanks a lot BS, thanks a lot!!!!