Feeds

Anti-spammer fined $60K for DNS lookup 'hack'

Whois also ruled dodgy by North Dakota court

SANS - Survey on application security programs

David Ritz, the veteran American spam-fighter, has been hit by $60,000 in fines plus lawyers fees after losing a civil suit that accused him of illegal hacking.

Sierra Corporate Design, a North Dakota business run by alleged former spammer Jerry Reynolds, sued Ritz for hacking and trespass offences. Ritz was accused of conducting unauthorized whois and DNS lookups. Edward Falk, another anti-spam campaigner and operator of the "Spam Tracking Page", was named as co-defendant.

The complaint alleged that Ritz "hacked" servers owned by Sierra (which describes itself as a specialist web hosting and internet services firm), obtaining confidential internal network configuration data (using a zone transfer, host -l command) and domain name information (using whois) before publishing that data on the net. It was alleged that Falk assisted Ritz by republishing his findings. The case was originally filed in May 2005. An injunction, which allowed Sierra's lawyers to ask Google to purge its Usenet archives of "offending material" was issued in August 2005.

In October 2006, the North Dakota court ruled that it did not have jurisdiction over Falk, a Californian resident, dismissing the suit against him. The case against Ritz proceeded.

Hearings in Fargo last October before Judge Cynthia Rothe-Seeger resulted in a surprise 11 January ruling (PDF, transcript with commentary) against Ritz. He was ordered to pay $53,000 in damages, a $10,000 fine for contempt against breaching an injunction and lawyers' fees, which could run into tens of thousands.

It's unclear if Ritz intends to appeal. His problems don't stop there because he faces possible criminal prosecution over the same supposed offences.

The case has sparked concern and support from the anti-spam community. "He [Ritz] got prosecuted for using the same Unix tools that the rest of us use all the time to troubleshoot problems, admin our systems, and track spammers," notes Reg reader Mark.

Supporters are urged to donate to a legal defense fund, set up to defend anti-spam activists against so-called SLAPP lawsuits (getting sued for speaking out on a matter of public concern).

In a separate case Reynolds sued Falk unsuccessfully for defamation for calling him a porn spammer.

Falk had accused Reynolds of involvement with Netzilla, for a time the single largest source of spam on Usenet. The published allegations led to the unsuccessful "John Doe" lawsuit against Falk in Reynolds' home town of Fargo, ND.

More background on the history of legal antagonism between Falk and Reynolds can be found at Falk's site here and elsewhere. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.