An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."

TCPALaw writes: Hate robocalls? In July, the FCC tightened the rules regarding robocalls to cell phones, especially debt collection calls (in particular limiting calls to wrong numbers or to anyone who is not the debtor). Now the debt collection industry is getting their revenge by sneaking in a massive exemption (see section 301 on page 10 to the PDF) to the the FCC's rules that would expressly permit debt collection robocalls to cell phones (and even collect calls!) for student loans, mortgages, taxes, and any other debt owed or guaranteed by the government. Time to make a few phone calls myself to some senators. The Senate switchboard is (202) 224-3121 or go to senate.gov to find the number for your senators. This may come up for a vote in 24 hours or less.

New submitter d4nimal writes: Intel today announced that it is killing the MX Logic/McAfee/Intel Security spam protection service (PDF). The last date of service is January, 2017. This comes on the heels of numerous outages and a general rise in user and admin dissatisfaction. Intel purchased the service as part of its McAfee acquisition in 2010. MX Logic was bought by McAfee less than a year earlier.

An anonymous reader writes: As we consolidate on just a few major email services, it becomes more and more difficult to launch your own mail server. From the article: "Email perfectly embodies the spirit of the internet: independent mail hosts exchanging messages, no host more or less important than any other. Joining the network is as easy as installing Sendmail and slapping on an MX record. At least, that used to be the case. If you were to launch a new mail server right now, many networks would simply refuse to speak to you. The problem: reputation. ... Earlier this year I moved my personal email from Google Apps to a self-hosted server, with hopes of launching a paid mail service à la Fastmail on the same infrastructure. ... I had no issues sending to other servers running Postfix or Exim; SpamAssassin happily gave me a 0.0 score, but most big services and corporate mail servers were rejecting my mail, or flagging it as spam: Outlook.com accepted my email, but discarded it. GMail flagged me as spam. MimeCast put my mail into a perpetual greylist. Corporate networks using Microsoft's Online Exchange Protection bounced my mail."

Muad'Dave writes: Here's an interesting article at The Atlantic about the prevalence of surveillance and the recent uptick in 'deja-vu' moments where devices seemingly hear your conversations and then attempt to market to you. From the article: "One night the previous summer, I’d driven to meet a friend at an art gallery in Hollywood, my first visit to a gallery in years. The next morning, in my inbox, several spam e-mails urged me to invest in art. That was an easy one to figure out: I’d typed the name of the gallery into Google Maps. Another simple one to trace was the stream of invitations to drug and alcohol rehab centers that I’d been getting ever since I’d consulted an online calendar of Los Angeles–area Alcoholics Anonymous meetings. Since membership in AA is supposed to be confidential, these emails irked me. Their presumptuous, heart-to-heart tone bugged me too. Was I tired of my misery and hopelessness? Hadn’t I caused my loved ones enough pain? Some of these disconcerting prompts were harder to explain. For example, the appearance on my Facebook page, under the heading “People You May Know,” of a California musician whom I’d bumped into six or seven times at AA meetings in a private home. In accordance with AA custom, he had never told me his last name nor inquired about mine. And as far as I knew, we had just one friend in common, a notably solitary older novelist who avoided computers altogether. I did some research in an online technology forum and learned that by entering my number into his smartphone’s address book (compiling phone lists to use in times of trouble is an AA ritual), the musician had probably triggered the program that placed his full name and photo on my page."

dkatana writes: Street vendors across Barcelona's tourist districts last week created their own union to negotiate with city officials. Barcelona has a new mayor, and new policies dealing with the "Top Manta" (for the blankets — or mantas — they spread out on the sidewalk). The recently-elected left-leaning administration in this Mediterranean city is taking a new — and controversial — approach to this complex issue. They argue that the real fault is the government's for not having a more comprehensive immigration policy. Mayor Ada Colau has welcomed the newly created Popular Union for Street Vendors (Sindicato Popular de Vendedores Ambulantes), established by the illegal vendors themselves.

An anonymous reader writes: A Russian man that calls himself "Alister Maclin" has been disrupting the Bitcoin network for over a week, creating duplicate transactions, and annoying users. According to Bitcoin experts, the attack was not dangerous and is the equivalent of "spam" on the Bitcoin blockchain servers, known in the industry as a "malleability attack," creating duplicate transactions, but not affecting Bitcoin funds. Maclin recently gave an interview to Vice.

aarondubrow writes: The National Science Foundation announced $74.5 million in grants for basic research in cybersecurity. Among the awards are projects to understand and offer reliability to cryptocurrencies; invent technologies to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the science of censorship resistance by developing accurate models of the capabilities of censors. According to NSF, long-term support for fundamental cybersecurity research has resulted in public key encryption, software security bug detection, spam filtering and more.

An anonymous reader writes: The U.S. Department of Justice has announced that Dimitry Belorossov, a.k.a. Rainerfox, an operator of the "Citadel" malware, has been sentenced to 4.5 years in prison following a guilty plea. Citadel was a banking trojan capable of stealing financial information. Belorossov and others distributed it through spam emails and malvertising schemes. He operated a 7,000-strong botnet with the malware, and also collaborated to improve it. The U.S. government estimates Citadel was responsible for $500 million in losses worldwide. Belorossov will have to pay over $320,000 in restitution.

jfruh writes: The latest attack vector hackers are taking advantage of: Google's Webmaster tools, which allow domain owners to index new pages for searching and react quickly to Google-detected malware. It's that last capability that hackers are after, tweaking things to keep infected sites under their control longer. From the ITWorld story: "According to the Sucuri researchers, by becoming verified owners for compromised websites, attackers can track how well their BHSEO campaigns perform in Google Search. They can also submit new spam pages to be indexed faster instead of waiting for them to be discovered naturally by Google's search robots, they can receive alerts if Google flags the websites as compromised, and, most importantly, they can remove legitimate owners of the site from the Search Console."

An anonymous reader writes: The American Egg Board targeted publications, popular food bloggers, and a celebrity chef as part of an effort to combat a perceived threat from Hampton Creek, an egg-replacement startup backed by some of Silicon Valley's biggest names, according to internal emails. The Gaurdian reports: A detailed review of emails, sent from inside the AEB and obtained by the Guardian, shows that the lobbyist's anti-Hampton Creek campaign sought to:

• Pay food bloggers as much as $2,500 a post to write online recipes and stories about the virtue of eggs that repeated the egg lobby group's "key messages."
• Confront Andrew Zimmern, who had featured Hampton Creek on his popular Travel Channel show Bizarre Foods and praised the company in a blog post characterized by top egg board executives as a "love letter."
• Target publications including Forbes and Buzzfeed that had written broadly positive articles about a Silicon Valley darling.
• Unsuccessfully tried to recruit both the animal rights and autism activist Temple Grandin and the bestselling author and blogger Ree Drummond to publicly support the egg industry.
• Buy Google advertisements to show AEB-sponsored content when people searched for Hampton Creek or its founder Josh Tetrick.

An anonymous reader writes: I have, for a while now, been collecting IP addresses from which email spam has been sent to, or attempted to be relayed through, my email server. I was wondering if I should publish them, so that others can adopt whatever steps are necessary to protect their email servers from that vermin. However, I am facing ethical issues here. What if the addresses are simply spoofed, and therefore branding them as spamming addresses might cause harm to innocent parties? What if, after having been co-opted by spammers, they are now used legitimately? I wonder if there's a market for all the thousands of webmail addresses that send Slashdot nothing but spam.

An anonymous reader points out The Register's story that recent changes to the spam filters that Google uses to pare down junk in gmail evidently are a bit overzealous. Linus Torvalds, who famously likes to manage by email, and whose email flow includes a lot of mailing lists, isn't happy with it. Ironically perhaps, it was only last week that the Gmail team blogged that its spam filter's rate of false positives is down to less than 0.05 per cent. In his post, Torvalds said his own experience belies that claim, and that around 30 per cent of the mail in his spam box turned out not to be spam. "It's actually at the point where I'm noticing missing messages in the email conversations I see, because Gmail has been marking emails in the middle of the conversation as spam. Things that people replied to and that contained patches and problem descriptions," Torvalds wrote.

An anonymous reader writes: According to Symantec's latest Intelligence Report, spam has fallen to less than 50% of all email in June – a number we haven't seen in over a decade. Of all emails received by Symantec clients in June, junk emails only accounts for 49.7% down from 52.1% in April which shows a huge drop. Year over year, spam has decreased as well due to internet providers doing a better job at filtering and shutting down spam bots.

jfruh writes: When Google opened up its Maps to user edits, a lot of useful information got added — along with plenty of spam and outright abuse, some of it obscene, which led to the program being shut down. Now the company is planning to reopen things to user input, recruiting local mappers that they're calling "regional leads" to filter out problematic content.

MojoKid writes: OCZ is launching a brand new series of solid state drives today, dubbed the Trion 100. Not only are they the first drives from the company to use TLC NAND, but they're also the first to use all in-house Toshiba technology with the drive's Flash memory and controller both designed and built by Toshiba. That controller is paired to A19nm Toshiba TLC NAND Flash memory and a Nanya DDR3 DRAM cache. Details are scarce on the Toshiba TC58 controller but it does support Toshiba's QSBC (Quadruple Swing-By Correction — a Toshiba proprietary error correction technology) and the drives have a bit of SLC cache to boost write performance in bursts and increase endurance. The OCZ Trion 100 series is targeted at budget conscious consumers and users still contemplating the upgrade from a standard hard drive. As such, they're not barn-burners in the benchmarking department, but performance is still good overall and a huge upgrade over any HDD. Pricing is going to be very competitive as well, at under .40 per GiB for capacities of 240GB, 480GB and 960GB and .50 per GiB for the smallest 120GB drive.

Mark Wilson writes: Spam is a problem that is not going away for anyone who receives email — and who doesn't? Over the years Google has taken steps to try to reduce the amount of junk that reaches Gmail inboxes and today the company is taking things a step further with Gmail Postmaster Tools and enhanced filter training for Gmail. Part of the problem with spam — aside from the sheer volume of it — is that the detection of it is something of an art rather than a science. It is all too easy for legitimate email to get consigned to the junk folder, and this is what Gmail Postmaster Tools aims to help with. Rather than helping recipients banish spam, it helps senders ensure that their messages are delivered to inboxes rather than filtered out.

HughPickens.com writes: Reuters reports that a Manhattan federal judge has ruled Time Warner Cable must pay Araceli King $229,500 for placing 153 automated calls meant for someone else to her cellphone in less than a year, even after she told them to stop. King accused Time Warner Cable of harassing her by leaving messages for Luiz Perez, who once held her cellphone number, even after she made clear who she was in a seven-minute discussion with a company representative. Time Warner Cable countered that it was not liable to King under the federal Telephone Consumer Protection Act, a law meant to curb robocall and telemarketing abuses, because it believed it was calling Perez, who had consented to the calls. In awarding triple damages of $1,500 per call for willfully violating that law, U.S. District Judge Alvin Hellerstein said "a responsible business" would have tried harder to find Perez and address the problem. While Time Warner argued that they were unaware King ever asked to be on the company's "do not call list," Hellerstein determined, "there is no doubt King made this revocation." He wrote that the company "could not be bothered" to update King's information, even after she filed suit against TWC in March of 2014. The judge said 74 of the calls had been placed after King sued and that it was "incredible" to believe Time Warner Cable when it said it still did not know she objected. "Companies are using computers to dial phone numbers," says King's lawyer Sergei Lemberg. "They benefit from efficiency, but there is a cost when they make people's lives miserable. This was one such case."

I first heard of Consumer Energy Solutions from a non-profit's IT guy who was boasting about how he got them to lease him LED bulbs for their parking lot and the security lights at their equipment lot -- pretty much all their outdoor lighting -- for a lot less than their monthly savings on electricity from replacing most of their Halogen, fluorescent, and other less-efficient lights with LEDs. What made this a big deal to my friend was that no front money was required. It's one thing to tell a town council or non-profit board, "If we spend $180,000 on LEDs we'll save it all back in five years" (or whatever). It's another thing to say, "We can lease LEDs for all our outdoor lighting for $4,000 per month and save $8,000 on electricity right away." That gets officials to prick up their ears in a hurry.Then there are energy service contracts, essentially buying electricity one, two or three years in advance. This business got a bad name from Enron and their energy wholesaling business, but despite that single big blast of negative publicity, it grows a little each year. And the LED lease business? In many areas, governments and utility companies actually subsidize purchases of anything that cuts electricity use. Totally worth checking out.

But why, you might ask, is this on Slashdot? Because some of our readers own stacks of servers (or work for companies that own stacks of servers) and need to know they don't have to pay whatever their local electric utility demands, but can shop for better electricity prices in today's deregulated electricity market. And while this conversation was with one person in this business, we are not pushing his company. As interviewee Patrick Clouden says at the end of the interview, it's a competitive business. So if you want the best deal, you'd better shop around. One more thing: the deregulated utility market, with its multitude of suppliers, peak and off-peak pricing, and (often) minute-by-minute price changes, takes excellent software (possibly written by someone like you) to negotiate, so this business niche might be one an entrepreneurial software developer should explore.

A few weeks ago you had a chance to ask Brian Krebs about security, cybercrime and what it's like to be the victim of Swatting. Below you will find his answers to your questions.