funsec mailing list archives
RE: Image spam hits a new level...
From: "Brian Azzopardi" <brian () gfi com>
Date: Mon, 20 Nov 2006 12:52:25 +0100
Adding random dots and rectangles would add a trivial amount of CPU - and by doing it at the bot the load is distributed. The distortions are more costly, but nothing like compared to the CPU required for OCR. Spammers can always break an image into multiple ones. For anti-spam software to piece the images together again (as rendered by the client) to be able to OCR them would be a pain. IMO OCR is a dead end. As Nick noted, I too wonder what the spammers are targetting; I don't think it is to beat OCR which is trivial. Brian -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Larry Seltzer Sent: Monday, November 20, 2006 12:31 PM To: funsec () linuxbox org Subject: RE: [funsec] Image spam hits a new level...
The more I think about this the more I'm convinced that the spammers
are targetting something other than beating the odd site that has deployed SpamAssassin's OCR plugin or the occasional rough equivalent. At the same time they're introducing what appear to be anti-OCR techniques they're also throwing in randomized distortions that make it impossible to take signatures (CRC/checksum) of the graphics. So they're muddying the waters on their intentions. It's interesting that this ramdomization increases the CPU load on the spammer end too; I wonder if it's done at the bot at some earlier stage. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. This mail was checked for viruses by GFI MailSecurity. GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker), and network security and management software (GFI LANguard) - www.gfi.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Image spam hits a new level..., (continued)
- RE: Image spam hits a new level... Nick FitzGerald (Nov 20)
- Re: Image spam hits a new level... Gadi Evron (Nov 20)
- Re: Image spam hits a new level... Nick FitzGerald (Nov 20)
- Re: Image spam hits a new level... Fergie (Nov 18)
- Re: Image spam hits a new level... Nick FitzGerald (Nov 18)
- Re: Image spam hits a new level... David Lodge (Nov 19)
- Re: Image spam hits a new level... Nick FitzGerald (Nov 19)
- Re: Image spam hits a new level... coderman (Nov 19)
- Re: Image spam hits a new level... Nick FitzGerald (Nov 20)
- Re: Image spam hits a new level... Nick FitzGerald (Nov 18)
- Message not available
- Re: Image spam hits a new level... Nick FitzGerald (Nov 20)
- Re: Image spam hits a new level... Jeff Kell (Nov 20)
- RE: Image spam hits a new level... Larry Seltzer (Nov 20)
- RE: Image spam hits a new level... Nick FitzGerald (Nov 20)
- Re: Image spam hits a new level... Valdis . Kletnieks (Nov 20)