The unsung guardians of the internet
An army of 'digilanti' - unpaid loners at their PCs - are trying to keep the web free of spam and scammers
Peter, a financial adviser living in the UK, was taken aback when he got a gruff, no-nonsense call on his mobile last week. The voice at the other end told him not to send £17,300 to Spain.
"I still don't know how he found me," said Peter, who had been thinking about buying a cheap Porsche Boxster that he'd seen in a paper. The seller had asked him to send the money to an escrow company and pointed him to its website. When it received the money and the car, the seller said, the trade would be made and the car would be released for shipment.
Watching the scammers
What Peter didn't know was that the escrow company's website had been identified as a fake by a scam-watching group. If he had made the trade, he would probably never have seen car or cash again.
"I was certainly interested in sending the money because I wanted the car, and he definitely knocked that on the head for me," says Peter. He was already suspicious about the car's seller, but was wavering until he got the call. "After speaking to him, I made my mind up that I wasn't going to send any money."
The call came from Eddie, an internet vigilante living in Florida who found Peter's details after infiltrating the seller's computer. Eddie has saved people thousands of dollars over the past five years. Eddie is one of the digilanti - an internet user who prefers to keep a low profile but works without recompense to make the web a better place.
Eddie's days are always the same. When he gets home from work around noon, he lets his dogs out, then boots an ageing computer and gets to work. His speciality is tracking down escrow scammers and their victims.
He began investigating internet scammers after being scammed himself a few years ago - he tried to buy a digital camera via eBay and sent money to the seller via Western Union. The seller, and the cash, disappeared. "I found all of these fraudulent auctions on eBay," he recalls. Then someone approached him from the site's escrow and insurance message boards. "When I saw what was going on with the escrow sites, I figured this was where my heart lay."
He began nosing around the internet, and before long was gaining access to lists of potential victims. For the first few years, he'd call them directly and try to warn them that they were being duped. Some people listened, but some either hung up on him or, against his advice, contacted the scammers, hoping Eddie was wrong. That would alert the scammers, who would rush to protect their systems.
"I stopped warning people when I got frustrated because it doesn't do any good," he says. These days, phone calls to potential victims such as Peter are rare. Instead, he concentrates on logging information about scam websites and feeding it to security contacts that he hopes might be able to help. He also contacts the ISPs that are used to host scam sites registered with stolen credit cards, but mostly finds them unresponsive.
This online detective work is his life. Most of his free time is spent in front of his PC. "Everyone has obsessions of some type, but this is out of hand," he says. "I worry that if I stop, I'll lose track and I'll never be able to maintain what I'm doing now, at this depth." But while his online activities grow, his real life has suffered and his friendships have withered. "I'm in my 50s and most guys my age are married," he laments.
Like Eddie, David Hart feels compelled to do what he does, but it also occupies time that would otherwise go wasted. "If bullets were cold, I'd be dead," says Hart, who was disabled in a 2004 murder attempt. The bullet entered his back and lodged in his leg, rupturing his femoral artery. He is only alive because the heat of the bullet cauterised the wound.
Now he runs TQM3, a real-time spam blacklist that gathers IP addresses being used as sources of spam or botnet traffic. "The spam fighting is something I can do without a structured schedule," says Hart, who can barely walk and suffers from insomnia.
He is often to be found at 1am handling removal requests from the list, which attracts 18,000 new IP addresses each week. He provides the information free to ISPs, who use it to block spam for their customers. "There is not a nickel of revenue," he says. "I spend eight hours a day on a non-commercial endeavour that costs money out of my own pocket." He has to pay for server hosting, and also pays for IP addresses and domains as traps to attract spam for intelligence gathering.
What drives these people? Eddie's compulsion is partly a substitute for his social life. Hart is driven partly by guilt: he worked as a consultant to a spammer eight years ago, and while he didn't hand over the technical information that would have helped the spammer, still kicks himself for his brief lapse of reason.
Others cite morality. Packetstorm Security is a non-profit website run by a small team of techies that posts information about security vulnerabilities online. The site, which gives vendors 30 days to fix security bugs before making them public, incurred considerable hosting costs before another hosting company donated its time. "Tony" (not his real name), a security expert with a large management consultancy who helps to run the non-profit site in his spare time, says that it has cost them both time and money. He spends hours each week maintaining the site, with no financial reward. Why? "I think that for most of us, it's a combination of personal interest and also to some extent it's almost a moral obligation."
Alongside basic altruism, there's also pragmatism, argues Rodney Joffe, chief executive of the for-profit company UltraDNS. Joffe's company processes a quarter of all the internet's DNS queries (which turn a human-readable address like google.com into a machine-readable form like 64.233.167.99), and provides pro bono support to antispam groups such as Spamhaus. When angry spammers target Spamhaus with botnet-based attacks, UltraDNS helps keep it running for free. "If the internet loses its relevance, it affects all of our incomes," Joffe says. "If people lose faith in the internet, it affects the telcos, the ISPs, the equipment manufacturers, everyone."
Addiction
But not all digilanti want to keep a low profile. Sarah, an 18-year-old studying for her A-levels, is an avid Wikipedia contributor. She makes roughly 100 edits each day and spends around 50 hours a week writing articles for the online encyclopedia. It's affecting her schoolwork, and with exams coming up, she is eight essays behind. "It's an addiction," she says. "We're not called Wikiholics for nothing."
Sarah has to knuckle down and catch up, so she'll shortly be taking a break. Eddie is in a darker place. For him, there will be no such breaks. "My house is a mess. I'm a mess, but I feel compelled to do this," he says, adding that he feels as if he has been guided by God. "I asked, 'God, please give me some strength. Give me something to occupy my mind'."
Danny Bradbury
Thursday March 15, 2007
Guardian Unlimited
; Guardian News and Media Limited 2007
An army of 'digilanti' - unpaid loners at their PCs - are trying to keep the web free of spam and scammers
Peter, a financial adviser living in the UK, was taken aback when he got a gruff, no-nonsense call on his mobile last week. The voice at the other end told him not to send £17,300 to Spain.
"I still don't know how he found me," said Peter, who had been thinking about buying a cheap Porsche Boxster that he'd seen in a paper. The seller had asked him to send the money to an escrow company and pointed him to its website. When it received the money and the car, the seller said, the trade would be made and the car would be released for shipment.
Watching the scammers
What Peter didn't know was that the escrow company's website had been identified as a fake by a scam-watching group. If he had made the trade, he would probably never have seen car or cash again.
"I was certainly interested in sending the money because I wanted the car, and he definitely knocked that on the head for me," says Peter. He was already suspicious about the car's seller, but was wavering until he got the call. "After speaking to him, I made my mind up that I wasn't going to send any money."
The call came from Eddie, an internet vigilante living in Florida who found Peter's details after infiltrating the seller's computer. Eddie has saved people thousands of dollars over the past five years. Eddie is one of the digilanti - an internet user who prefers to keep a low profile but works without recompense to make the web a better place.
Eddie's days are always the same. When he gets home from work around noon, he lets his dogs out, then boots an ageing computer and gets to work. His speciality is tracking down escrow scammers and their victims.
He began investigating internet scammers after being scammed himself a few years ago - he tried to buy a digital camera via eBay and sent money to the seller via Western Union. The seller, and the cash, disappeared. "I found all of these fraudulent auctions on eBay," he recalls. Then someone approached him from the site's escrow and insurance message boards. "When I saw what was going on with the escrow sites, I figured this was where my heart lay."
He began nosing around the internet, and before long was gaining access to lists of potential victims. For the first few years, he'd call them directly and try to warn them that they were being duped. Some people listened, but some either hung up on him or, against his advice, contacted the scammers, hoping Eddie was wrong. That would alert the scammers, who would rush to protect their systems.
"I stopped warning people when I got frustrated because it doesn't do any good," he says. These days, phone calls to potential victims such as Peter are rare. Instead, he concentrates on logging information about scam websites and feeding it to security contacts that he hopes might be able to help. He also contacts the ISPs that are used to host scam sites registered with stolen credit cards, but mostly finds them unresponsive.
This online detective work is his life. Most of his free time is spent in front of his PC. "Everyone has obsessions of some type, but this is out of hand," he says. "I worry that if I stop, I'll lose track and I'll never be able to maintain what I'm doing now, at this depth." But while his online activities grow, his real life has suffered and his friendships have withered. "I'm in my 50s and most guys my age are married," he laments.
Like Eddie, David Hart feels compelled to do what he does, but it also occupies time that would otherwise go wasted. "If bullets were cold, I'd be dead," says Hart, who was disabled in a 2004 murder attempt. The bullet entered his back and lodged in his leg, rupturing his femoral artery. He is only alive because the heat of the bullet cauterised the wound.
Now he runs TQM3, a real-time spam blacklist that gathers IP addresses being used as sources of spam or botnet traffic. "The spam fighting is something I can do without a structured schedule," says Hart, who can barely walk and suffers from insomnia.
He is often to be found at 1am handling removal requests from the list, which attracts 18,000 new IP addresses each week. He provides the information free to ISPs, who use it to block spam for their customers. "There is not a nickel of revenue," he says. "I spend eight hours a day on a non-commercial endeavour that costs money out of my own pocket." He has to pay for server hosting, and also pays for IP addresses and domains as traps to attract spam for intelligence gathering.
What drives these people? Eddie's compulsion is partly a substitute for his social life. Hart is driven partly by guilt: he worked as a consultant to a spammer eight years ago, and while he didn't hand over the technical information that would have helped the spammer, still kicks himself for his brief lapse of reason.
Others cite morality. Packetstorm Security is a non-profit website run by a small team of techies that posts information about security vulnerabilities online. The site, which gives vendors 30 days to fix security bugs before making them public, incurred considerable hosting costs before another hosting company donated its time. "Tony" (not his real name), a security expert with a large management consultancy who helps to run the non-profit site in his spare time, says that it has cost them both time and money. He spends hours each week maintaining the site, with no financial reward. Why? "I think that for most of us, it's a combination of personal interest and also to some extent it's almost a moral obligation."
Alongside basic altruism, there's also pragmatism, argues Rodney Joffe, chief executive of the for-profit company UltraDNS. Joffe's company processes a quarter of all the internet's DNS queries (which turn a human-readable address like google.com into a machine-readable form like 64.233.167.99), and provides pro bono support to antispam groups such as Spamhaus. When angry spammers target Spamhaus with botnet-based attacks, UltraDNS helps keep it running for free. "If the internet loses its relevance, it affects all of our incomes," Joffe says. "If people lose faith in the internet, it affects the telcos, the ISPs, the equipment manufacturers, everyone."
Addiction
But not all digilanti want to keep a low profile. Sarah, an 18-year-old studying for her A-levels, is an avid Wikipedia contributor. She makes roughly 100 edits each day and spends around 50 hours a week writing articles for the online encyclopedia. It's affecting her schoolwork, and with exams coming up, she is eight essays behind. "It's an addiction," she says. "We're not called Wikiholics for nothing."
Sarah has to knuckle down and catch up, so she'll shortly be taking a break. Eddie is in a darker place. For him, there will be no such breaks. "My house is a mess. I'm a mess, but I feel compelled to do this," he says, adding that he feels as if he has been guided by God. "I asked, 'God, please give me some strength. Give me something to occupy my mind'."
Danny Bradbury
Thursday March 15, 2007
Guardian Unlimited
; Guardian News and Media Limited 2007
