Would it surprise you to learn that an unscrupulous operator might DELIBERATELY spam "on behalf of" a competitor, for the express purpose of getting that competitor knocked off the 'net?
Would it surprise you to learn that that _has_ happened?
*MORE*THAN*ONCE*Would it surprise you to learn that business *have* gone under, as a result of such actions?
If so, you are *unaware* of events on the Internet, more recent than
*1996*.The prototypical such actions (from which the name "joe job" for describing such things is derived) occurred in late 1996. Google for "joe job" (with the quotes, for lots of history -- or see (among many others) the page at: for the "jargon files" definition.
Such things are a "not infrequent" event, to this day.
That is a lie. They *cannot* tell who "really sent" the e-mail message.
All they can tell is that the material on the web-site, and material in the message are 'consistent' with each other.
Which can be explained in _at_least_ two ways: 1) the web-site operator actually sent the message(s). 2) "somebody else" -- *deliberately*and*maliciously* -- posing as the web-site operator sent the message(s) for the express purpose of discrediting the actual web-site operator.
There is *no*way* to tell which of those scenarios is the "real" explanation. Those who act, based on assumption #1, when the reality is assumption #2, can find themselves in legal hot water.
You know. There's something really "funny" about their ENTIRE operation. "Blue Security, Inc." according to their website, is located in Menlo Park, California. With a claimed telephone number, at that address, of "972-9-9577736", per the whois entry for the domain.
Yet, according to the California Secretary of State, the *legal*owner* of that _Corporation_Name_, is a locksmith in La Jolla, California, who has had that name since 1997. (That information, and the info in the following 3 paragraphs, *can* be verified by anyone who cares to, on the State of California web-site.)
They can't legally have some other name, and be using "Blue Security, Inc." as a "doing business as" (DBA) -- what California calls a "fictitious name" -- because California *expressly* forbids the use of a corporate ("Inc.", "Corp.", "Corporation", etc.) or LLC indicator as part of a fictitious name.
One *cannot* legally register a corporate name (whether an in-state corporation, or an out-of-state one doing business in California) that is the same name as an existing Calif. corporation. One can register a name that is "similar" only with the *written*consent* of the presently- registered corporation, _and_ the agreement from the Secretary of State that the naming would _not_ be unduly confusing to potential customers.
Operating an unregistered business *is* a violation of California law.
Based on that, alone, Blue Security *does* appear to be a criminal operation.
Blue Security's published INTENT regarding the co-ordinated complaint-bombing of the targeted web-site is to make it 'unusable' by people attempting to do legitimate business with that company.
One doesn't have to assume anything about how they work. One doesn't have to do any interpretation. All one has to do is look at WHAT THEY HAVE SAID THEIR INTENT IS.
Their intent, per their own words, *is* to inflict a "denial of service" on the "guilty" web-site owner.
That *is* a criminal action, under the law.
That isn't the only issue. If they're *not* doing what they say they do, then there are issues of false advertising, and/or wire-fraud. If they _do_ do what they proclaim (a crime, per the above analysis), there are additional possible charges of:
soliciting for participation in a criminal enterprise conspiracy accessory before the fact RICO just to name a few.
Those 'co-conspirators' that get sucked into their scheme could get names on any/all of the latter 3 counts named above.
Incidentally, *IF* the mail-senders must pay for the 'list-washing' service that Blue Security offers, then one can probably add "extortion" to the possible charges. Blue Security _has_ issued a public 'threat' to attempt DDoS on the web-sites of people who send them e-mail without going through the list-washing process. Avoidance of that 'threat' by the payment of money (whether or not a service is provided for that money) is the essence of extortion.
Note: somewhat deeper digging into "Blue Security" indicates that the _actual_ ownership is apparently with a company in Israel. One that many people belive as having a lot of business dealings with the Mossad.
One might speculate that "Blue Security" is a 'front' for testing some actual "information warfare" tools. Emphasis on "warfare".
REALLY??? My web browsers (4 different ones, on 3 different platforms) insist that " snipped-for-privacy@massis.lcs.mit.edu" is not a valid URL.
[TELECOM Digest Editor's Note: As I tried to explain to Robert Bonomi in private email, these two URLS are _identical_ in where they go:I tried to explain to Robert Bonomi that a 'valid URL' (as in web site) does not have an 'at sign' @ in the middle of it. PAT]