Bonum Certa Men Certa

Targeted Attack Leveraging FSF Servers

Target



Summary: Targeted by a determined and persist perpetrator, I've received over 20,000 E-mails. And the weapon of choice was the FSF's infrastructure, remotely misused against yours truly.

THOSE who read our IRC logs or follow us outside this site (e.g. social control media) would likely be aware of communications we had opened up with the FSF in the form of a report, support ticket, and correspondence.



"Leveraging Tor exit nodes, some party decided to 'weaponise' the FSF's mailing lists to bombard my E-mail accounts several times per minute."First of all, I'd like to commend the FSF for swift action, transparency and eventually an explanation (including technical aspects).

So what is it that happened? Well, it seems like more than a week ago someone (or someones) was trying to cause nuisance if not conflict (it was a nuisance, but I spoke to 3 people at the FSF and there was no conflict). Leveraging Tor exit nodes, some party decided to 'weaponise' the FSF's mailing lists to bombard my E-mail accounts several times per minute. For several days. Non-stop.

"Suffice to say, it clogged things up and caused technical issues."By week's end I had received over 20,000 E-mails from the FSF's mailman services. Suffice to say, it clogged things up and caused technical issues. Rather than flag as spam or report the FSF I contacted them, at the advice or Mr. Oliva, and the problem was resolved within less than a day (despite COVID-19 disruptions to workflows and LibrePlanet right there in the middle, keeping FSF staff very busy).

The timing of the incident was particularly inconvenient to all and its perpetrators remain unknown. We can only speculate about the motivations. This week I asked the FSF if I can interpret the situation as, "as far as we know only Roy was targeted by this" and John Sullivan responded with a yes.

The spam mails have stopped.

It's worth noting that not one E-mail address of mine was targeted (the public address; there are more addresses). Two accounts were targeted, including a private one (which isn't easy to find).

"It's worth noting that not one E-mail address of mine was targeted (the public address; there are more addresses). Two accounts were targeted, including a private one (which isn't easy to find)."So it seems rather clear that someone targeted me, specifically, and used FSF servers for this purpose.

"Given various recent events," I told the FSF, "it's rather clear that some people try driving a wedge and strive harm Free software groups. There's ample evidence of it. Who would have the persistence to get 20,000 spam mails sent to my account from FSF servers?"

The mystery persists, but the FSF and us are in good terms. Many thanks and kind regards to Ruben Rodriguez, Zoë Kooyman, and John Sullivan.

Recent Techrights' Posts

Despite Its Severe Financial Problems Gnome Foundation Inc Paid Rosanna Yuen Over 100,000 Dollars Last Year
maybe relocation should be considered
The "Left" and the Right"
It poisons everything
Mozilla and Rust Are Not Leftists
they're part of the mass consumerism machine
Disposable to Microsoft
There is an extensive set of people who got used by Microsoft, only to be thrown away a month later or a year later or a decade later
The UEFI 9/11 - Part VII - This Coming Week Many PCs Will Refuse to Boot "Linux" (Because of Microsoft's Expired Certificate)
The real solution is, disable "secure boot" or "SecureBoot" while it's still possible. [...] Just like submarine patents, a lot of this problem was "hibernating" for a while
The Thing Nobody in Red Hat Wants to Talk About Openly
There is a real sentiment or worry among Red Hatters, Europeans and Americans in particulars (because of higher salary expectations)
Slopwatch: Small Parade of Fake News About "Linux" and Scams Borrowing the Name (or Word) "Linux"
In practice, LLMs are a risk
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 05, 2025
IRC logs for Friday, September 05, 2025
Genini Links 05/09/2025: Community, ROOPHLOCH, and PITkit
Links for the day
Links 05/09/2025: Vaccine Sceptics Poison the Well, Two Exploited Vulnerabilities Patched in Android
Links for the day
Gemini Links 05/09/2025: Logitech Lift and DIY Gemini Servers
Links for the day
Links 05/09/2025: Sainsbury's Caught Spying on In-Store Shoppers and Microsoft "OpenAI is Using Legal Threats to Harass its Critics"
Links for the day
BASIC Predates Microsoft by Over a Decade, Microsoft-Controlled Sites Like The Register MS Don't Want You to Know This
The state of the media is really bad when it relies a lot on oligarchs' money and is appointing editors who are working for oligarchs
Analogies for "Memory Safety" in Rust
Don't worry, it's Rust! It can do anything!
Brian Kernighan, "Only Third to Dennis Richie and Ken Thompson" (UNIX), Agreed With Someone Who Said Rust Was Just Hype, Should Not Replace C
17 hours ago
Reminder: Microsoft's "Secure Boot" Certificate for "Linux" Will be Expired in One Week
Many PCs won't manage to 'rotate' to another certificate
"Many of the Red Hat Employees Are Still Looking for Work"
Shame on IBM's CEO
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 04, 2025
IRC logs for Thursday, September 04, 2025
Microsoft Started With Code Literally From The Trash, Nothing Has Improved Since
The reality is, there are systems and code that are reliable. But they're not Microsoft's.
Hypothesis That New McKinsey/Microsoft Executive Inside Red Hat Will Outsource Research and Development Operations to India (Like They Do in IBM)
IBM is floundering
Slopwatch: Scams, Fake Articles About "Linux", Plagiarism, and Worse
Perhaps some time soon the LLMs or the "Big LLMs" will run out of money (to borrow) and go offline, leaving those slopfarms in a tough place
Gemini Links 04/09/2025: Means of Production and Rusting Out
Links for the day
Links 04/09/2025: Science, Hardware, and Eyes on China
Links for the day
Gemini Links 04/09/2025: Digital Minimalism and Social Control Media
Links for the day
IBM's GNU/Linux Divestment, Based on Hard But Anecdotal Evidence (IBM Fails to Recognise How Much Money It Made and Can Still Make From "Linux")
Love us or hate us, a lot of what we've been saying about Red Hat under IBM turns out to be rather accurate
Links 04/09/2025: Massive Microsoft Staff Cuts (Barely Reported), "Strange Conspiracy Theory Is Reportedly Spreading Inside OpenAI"
Links for the day
Activists Can Win, But Keep an Eye on the Ball and on the Trophy
GitHub is dying, it was a loss-making trap, not free hosting
Gemini Links 04/09/2025: Katrina Remembered, Distracted Driving, and Virtual Economics
Links for the day
At This Point It's No Longer Matthew Garrett But People Who Fund Matthew Garrett (or Companies That Fund His SLAPPs Against My Wife and I)
The only thing worse than misogynists are misogynists who fail to respect other people's right to go on holiday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 03, 2025
IRC logs for Wednesday, September 03, 2025
The UEFI 9/11 - Part VI - This Serious Harm Was Planned for Over a Decade, Not an Accident or Merely Some Misfortune
The term "Serious Harm" is legally meaningful here
GNOME Unfit for Diversity and Inclusion
GNOME's leadership is using "bad words"
Brodie Robertson Addressing the Recently-Discovered Comments
Most people probably knew nothing about this until he wrote a response
Red Hat QA Team "Had Shrunk by Half Over the Past Year." (After IBM Divestment)
If Red Hat's workforce is being moved to the East, then RHEL can become a national security problem
Slopwatch: "Open Source" and "Linux" News Faked, Made by Bots and Entered Into Google News
Spam combined with slop about "Linux" has entered Google News