In Joe We Trust

August 30, 2003

"And no, I'm not Spews." (Joe Jared, 2003)
"He said ... I'm going to blacklist the world. And by golly, he did." (Jim Miller, 2003)

Well, it finally happened on August 26, just as we had predicted in a previous article: "Do you really want to have to look for a joesomebody somewhere if something happens?" Joe Jared, some obscure citizen of the People's Republic of Kalifornia with an axe to grind against the rest of the world, went out with a bang in an international incident of electronic sabotage, by purposely nominating the entire Internet ip address space in a poisoned zone on his relays.osirusoft.com blacklists, thereby causing chaos and mayhem for those organizations stupid enough to have trusted an unbalanced anarchist with the filtering of their electronic communications.

You may think that what the confidence trickster did was not a big deal, but we happen to know that some well-known institutions and ISPs were bovine enough to be led by their noses into blindly using relays.osirusoft.com blacklists for their email filters and thus were caught with their pants down when Joe yanked the greased plug unexpectedly. Among them, for example, was Miami-Dade Community College, whose email system came to a halt when every ip address including those on their own network were rejected, as the author heard from some miffed MDCC employees who shall remain nameless. You would think a college that teaches Computer Science and IT has enough brain power on the payroll to figure out why trusting some Joe somewhere was bad?

So what really happened? Osirusoft's little cyberextortion clearinghouse business used to be hosted by SBC in their address space, with a netblock allocated to Kathy Clinkenbeard, Joe's former girlfriend. When you called and managed to talk to somebody, SBC's official answer was that they "will continue to block e-mail from any server identified by Jared as insecure". Some time ago, after Joe had a fallout with his girl, SBC (which became the laughing stock of the net when they managed to block some of their own ip address space by trusting Osirusoft's blacklists) may finally had had enough of putting up with user complaints and legal threats, and may have terminated Joe's special contract. Who knows? Maybe even our story helped to shed some light and must have hit a nerve somewhere, for we had man and mouse and victims' lawyers call for information on who this joesomebody was. Whatever the reason, for Jared it was time to leave the nest.

Joe shacked up with Qwest, and reckoned business will run as usual. Big mistake! Qwest, the phone company riddled with scandals and corruption, besides being a public utility which almost went bankrupt, had enough internal problems to worry about, and must have left Joe out in the cold to fend for himself. Without Daddy Warbucks SBC to shield him, orphan Joe was just another schmuck and quickly exhausted his available bandwidth. As of July 3, 2003 his servers barely responded to zone queries, the web site was down, and to make things worse, the usually talkative and prolific NANAE contributor remained mysteriously silent. Not a post since April! Rumor spread that he was under a DoS attack, but even a computer halfwit can probably understand why an email blacklist zone cannot be served from a mere ADSL connection by one guy. This adds even more fuel to the speculation that SBC had a heavy hand in supporting SPEWS and Osirusoft's cyberterrorist activities, and that Jared was dropped when the potato became too hot to handle. Now their former business association must really weigh on their record as a big corporate embarrassment.

Theories as of what pushed Joe to intently break the Internet's fragile electronic communications fabric on that day are abundant, but speculative. As one of Osirusoft's innocent victims, we sincerely hope Jared has legal problems -- if not from this lawsuit filed in federal court before he went under, then at least after his latest stunt (i.e., any lawyer worth his salt can show that Joe knew exactly what would happen if he purposely poisoned the relays.osirusoft.com blacklist zones -- besides, Joe was stupid enough to declare his intent to "blacklist the world" to a follower who was quoted in the press). NetSide is prepared to provide expert testimony in any legal action against Osirusoft and Stephen Joseph Jared a/k/a Joe if solicited. We can show that our ISP company was specifically targeted for inclusion on SPEWS in March 2002 at the suggestion of former ORBS blacklist operator Alan Brown, a New Zealand fugitive currently hanging out in the Netherlands after being shut down by the legal system of his own country, and that the motives were not based on any NetSide user sending spam, but on our firm stance against MAPS and other cybervigilantes, and especially because the articles found on the dotcomeon.com site were not to Joe Jared and Alan Brown's liking. NetSide was also listed on relays.osirusoft.com as a "Test blocker", meaning that we did not allow probes of our main SMTP server from ip space controlled by Joe Jared. Now that must have been a capital sin and really infuriated the self-appointed thought police!

What Osirusoft calls a DoS attack was mostly caused by excessive, but benign queries from all of his "customers" trying to look up ips for the the millions of Sobig.F worm-generated messages on relays.osirusoft.com and all the other blacklists. On top of that, visitors to the Osirusoft web site who had infected computers would also unwittingly keep sending him 100Kb emails -- that's how the Sobig.F worm, which has an internal SMTP engine to email itself, was programmed to work. How do we know? As an ISP, we had our share of worm attacks. A regular SMTP server with locally maintained email filters can handle such an influx, because there is no third party blacklist lookup involved, hence no outgoing traffic and no timeouts, but we can only imagine all the queries Joe's customers must have collectively directed all at once toward relays.osirusoft.com when the worm hit.

This is precisely what we repeatedly warned about: centralized blackhole lists are contrary to the distributed spirit of the Internet, vulnerable to attack and abuse, unreliable, capricious and subjective, lack in uniform standards and accountability. Now that something bad happened as predicted, we hope you have learned a valuable lesson and will abandon the use of tarnished blacklists maintained by third parties with an agenda in favor of local spam filtering solutions under your direct control. Supporting extortionate vigilante cybergangs may buy you momentary peace of mind, but you'll end up paying for the right to email sooner or later. As the Godfather of the Internet mafia himself predicted: "There will be a day when folks will need to pay to transit email." (Paul Vixie, 1998)

One thing is certain: Joe Jared "was SPEWS" over here -- he hosted the SPEWS blacklist zone, provided primary and secondary DNS and resolved the mail server (MX) record for spews.org. They are all down. That constitutes sufficient proof that Jared was the dirty rat who turned the SPEWS wheel. With Joe on vacation, out of touch and more concerned to be "gellin like a felon" with his footwear inserts or whatever else he's peddling to make a living, it seems his extortion racket business is at least temporarily out of commission in the United States. Attempts by diehard groupies are made to resuscitate SPEWS mirrors in Australia, where their web site was hosted. One of Joe's mates named Matthew Sullivan, who runs the SORBS blacklist and offers spews.org a secondary DNS server down under, seems particularly agitated about his future, which doesn't look too promising. But that's Her Majesty's headache now.

Links

War is Peace
Freedom is Slavery
Ignorance is Strength

STOP THE MAPS CONSPIRACY!