'LifeSphere currently offers more than 90,000 unique products and is more than likely run by one person in a suburban bungalow in Phoenix. As far as I can gather their process consists of ALPHABETICALLY(!) applying every single image in the Public Domain photography archive to every object Zazzle offers. Amazingly almost everything they make is amazing. From doggy clothes featuring macrophotography of Chex Mix, to “Thanksgiving Shrimp” skateboard decks, LifeSphere proves 90,000 times over that rigorous process-based design yields infallibly fresh results.' (via Nelson)

a short story about a spam assassin. (via Lee Maguire)

MSFT researchers discover fundamental scientific failures in almost all data on cybercrime/spam/malware damages. 'In numeric surveys, errors are almost always upward: since the amounts of estimated losses must be positive, there’s no limit on the upside, but zero is a hard limit on the downside. As a consequence, respondent errors -- or outright lies -- cannot be canceled out. Even worse, errors get amplified when researchers scale between the survey group and the overall population. [...] The cybercrime surveys we have examined exhibit exactly this pattern of enormous, unverified outliers dominating the data. In some, 90 percent of the estimate appears to come from the answers of one or two individuals. In a 2006 survey of identity theft by the FTC, two respondents gave answers that would have added $37 billion to the estimate, dwarfing that of all other respondents combined.' my opinion: this is what happens when PR drives the surveys -- numbers tend to inflate to make headlines

'a simple parser of ARF compliant FBL complaints, which normalizes the email complaints and generates a 6-tuple n-gram version of the message. These n-grams are stored in a Redis database, keyed by the file in which they can be found. An inverse index also exists that allow you to find all messages containing a particular n-gram word.'

doh (via Graham Cluley)

'if you Liked a story on a website by pressing the Like button, you’re not only sharing the content on your wall but you’re also automatically subscribing and giving permission for future newsfeed updates to site owners. This happens every time and anywhere you Like something.' ugh, spammy, Facebook

the story of Ramnicu Valcea -- Romania's Silicon Valley of phishing

jesus. Not only do they coin the cramp-inducing neologism "twolicy", they then have the temerity to suggest that people should "donate" their Facebook status so that FG can spam their social group. awful

good wiki tracking spam operations, their current campaigns, who's doing it etc.

Visa's atrociously-designed "security" program is now being used by criminals to process their credit-card payments, allegedly

'As the [pump and dump] scheme played out from January 2005 through December 2007, Berger allegedly led the sale of about 30 million shares of stock, generating approximately $30 million for co-conspirators and more than $600,000 in commission for himself.'

fast work from new FF leader Micheal Martin: 'None of those who complained consented to their details being used to contact them in this way and none could establish how Fianna Fáil obtained their addresses.'

Any teeth though?

'A man known as one of the world’s top purveyors of junk e-mail has been imprisoned in Russia for allegedly molesting [more than *50*] underage girls from a Moscow orphanage, KrebsOnSecurity.com has learned.' lovely

from last week's CEAS conference; research comparing SpamAssassin releases against the evolution of the surrounding spam environment. Nice work, I always wanted to write up something like this (via JD)

fascinating note from Bernie Goldbach: 'MORE THAN 20 YEARS ago, I worked with message traffic and the work told me the importance of verifying source material.'

a custom pastebin for spam messages. cool

Ugh, very bad idea indeed. A backchannel for spammers/phishers/attackers from the mail reader is something we definitely do not want to provide. This is why we chose to cut URLs at the registrar boundary for URIBL lookups in SpamAssassin

reverse-engineering the output of spam templates. paper isn't published yet, but sounds very interesting, particularly since it overlaps with the SpamAssassin SOUGHT ruleset's methodology, a little, it sounds like. looking forward to reading it

Reddit thread from answers from a "doctor" at a dodgy online prescription-drugs store, supposedly not a spamvertized one though

'MAAWG [..] says that spam and malicious emails dropped to 89 percent in the second quarter from 90.4 percent in the first quarter of 2009.'

Reddit mass-interview of a spammer. apparently he's working on IPv6 support

good research coming out of McAfee -- lots of Eastern European, Russian, and ex-USSR-country cybercrime businesses nowadays, apparently

The Beeb definitely takes it too far with this one; the song isn't clearly about 419 at all

the Washington Post on the Yahoozee thing

bit of controversy about Colin Powell dancing (!) to a song that promotes the "Yahoo boys", 419 scammers -- but it doesn't sound like that's the case, going by this post

"Life would be easier if you could mark people as spam"

what is the law, and how to make a complaint against an Irish company, via Donncha

good call. but as one commenter notes: why isn't there an "unsubscribe from this list" button in the normal UI? now if I want to use this as a quick-unsub mechanism for mail I know is ham, I'm _forced_ to use "mark as spam" to get this shortcut, which doesn't make much sense