The business and culture of our digital lives,
from the L.A. Times

Category: Spam

A spam filter for HIV is in the works


HIV: a deadly virus that kills an estimated 5,000 people a day.

Spam: annoying emails that infiltrate your inbox and try to get you to shell out for erectile dysfunction drugs, credit cards and international scams purportedly involving Nigerian princes.

Could these two things possibly have anything in common? According to Microsoft researcher David Heckerman, the answer is yes.

Heckerman is the inventor of Microsoft's spam filter that protects Hotmail, Outlook and Exchange clients from deluges of unwanted email, but for the last seven years he's been working on designing a vaccine for HIV.

He said it's not so strange that he shifted his attention from protecting email systems to protecting body systems. He is a doctor, and besides, fighting spam and fighting HIV are not as different as you might think.

"We have an adversarial situation going on between spam filters trying to block the spam and the spammers changing and mutating," he said in an interview with The Times. "And in the case of HIV, we have the immune system fighting the virus and HIV mutating to try to get through."

Heckerman said the key to fighting spam and HIV is the same: Find the part that absolutely can't mutate -- what he calls the Achilles' heel -- and attack there.

"In the case of spammers, they want to extract money from you. That's what they can't avoid. So our spam filters, at least in part, focus on that," he said.

Now he and his team are trying to find the Achilles' heel of the virus that causes AIDS.

"It mutates a lot, but it can't mutate to where it stops functioning," he said. "If it does do that, we win."

The work now is to find the places where if the virus mutates there, it dies out. To find it, Herckerman and his team are using the needle-in-a-haystack approach -- crunching enormous amounts of data with the help of thousands of computers in order to find clues to what might work.

"I think it is a solvable problem, but we have a lot of work left to do," said Heckerman. "But I'm working on this every day, and I'm hopeful."

Want more information? Microsoft Research has put together this video.


HIV prevention trial ends in disappointment

On World Aids Day, activists condemn global donor shortfalls

Africa study suggests hormonal contraceptive tie to HIV infection

-- Deborah Netburn

Image: A computer model of the human immunodeficiency virus. Efforts to find a vaccine to prevent its spread have failed. Cedit: Corbis 20080512.

FTC asks court to shut down text spammer who promised home loan modifications

The Federal Trade Commission has filed a complaint against a Huntington Beach man who it says sent  millions of illegal text spam messages advertising a mortgage modification website that claimed to offer government-affiliated services.

The FTC said in the court document that Phillip A. Flora sent out text messages at a "mind boggling" rate of about 85 messages a minute, every minute of every day for a 40-day period that began on Aug 22, 2009.

During that time, Flora allegedly sent out more than 5 million illegal text messages, according to the complaint filed Tuesday in Los Angeles federal court.

The commission, in the complaint, has requested that the court freeze Flora's assets and order a permanent injunction against him from sending such text messages.

Among the messages sent, some read: "Homeowners, we can lower your mortgage payment by doing a Loan Modification. Late on payments OK. No equity OK. May we please give you a call?," the complaint said.

Some others stated: "If you are struggling to keep up with credit card payments and have more than 10k in debt, we can help. May we give you a call regarding this?" the court document said., a website that is no longer up, contained text that said it could offer "Official Home Loan Modification and Audit Assistance Information" with an image of a U.S. flag beneath it, according to the complaint.

Many of the sites and texts were designed to trick consumers into believing they were affiliated with the U.S. government, the court document said.

The commission also alleges that the text spam blasts resulted in many recipients losing money because they ended up having to pay fees to their respective mobile carriers for receiving the unsolicited messages.

The FTC said in its complaint that Flora collected contact information from those who responded to the text spam, even if they were asking him to stop sending the messages, which was then sold to marketers as "debt settlement leads."

The commission is also accusing Flora of sending a number of e-mail spam messages to commercial e-mail marketers touting his success in sending such text message blasts.

In his e-mails, Flora promoted the texts by writing, "Currently able to send out 200k text messages a day; I designed, own and operate the marketing system. All companies on the internet charge a penny a message, I charge a tiny fraction of that and I do not charge for cell phone data because I maintain a database of 100 million cell phone opt-in uses," the complaint said.

The e-mails failed to offer recipients a way to opt out of receiving the messages and didn't list a physical mailing address for the sender, two items required by law for such commercial e-mails, the FTC said.

In the e-mails, Flora offered a rate of $200 for 50,000 messages and $300 for 100,000 messages sent, the complaint said.

The FTC said it was assisted in its investigation into the text message spam by AT&T, Verizon and CTIA - The Wireless Association.

-- Nathan Olivarez-Giles


Federal regulators looking into legality of Apple's App Store subscription service

Apple's book rule: 'I wouldn’t be surprised if phones were ringing at the FTC,' analyst says

PrivacyStar mobile app users have filed 100,000 complaints with FTC over telemarketers

Privacystar PrivacyStar is a smart phone app that works on Android and BlackBerry phone. The app's main purpose is to block unwanted calls and text messages, and to provide Caller ID for unknown callers.

But the app has an arguably more interesting feature: When you get one of those annoying junk robo-calls from telemarketers, you can use PrivacyStar to immediately file a federal complaint against the incoming number. 

PrivacyStar says its 600,000 registered users have taken a shine to the feature, filing 100,000 such complaints with the Federal Trade Comission.

The company says the FTC liked the app so much that the agency asked PrivacyStar to add a feature that would allow users to complain about debt collectors violating the Fair Debt Collection act -- for instance, trying to gain information about debtors by pretending to be someone else.

PrivacyStar says the data are all fed into the so-called Consumer Sentinel, the online database used by law enforcement to track consumer complaints.

You might file a complaint if a caller contacts you even though your number is on the federal or state Do Not Call list. Or you could file one if an incoming call blocks your Caller ID, hiding the fact that it is from a telemarketer -- which can be a fraudulent practice.

PrivacyStar is not yet available for the iPhone because, according the company, "Apple has not made available key APIs [application programming interfaces] necessary for doing so."


Verizon acknowledges ongoing BlackBerry outages, says fix pending

Facebook's new security method: Can you beat it by Googling the names?

Cartoon of former Google CEO Schmidt's 'creepy' lines hits D.C. streets

-- David Sarno

Photo: PrivacyStar app for Android. Credit: PrivacyStar

Gawker websites, Twitter hacked and spammed by 'Gnosis'


Gawker and its ring of blogs, as well as Twitter, were hacked this weekend by a group calling itself "Gnosis."

Gawker said thousands of its commenter usernames and passwords for its blogs were broken into and Gnosis said its hacking of the network of blogs led it to breach of e-mail address belonging to banks, federal government employees and NASA.

"This weekend we discovered that Gawker Media's servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot," Gawker said in a post on its Lifehacker blog.

JezebelHackedTweet "We understand how important trust is on the Internet, and we're deeply sorry for and embarrassed about this breach of security -- and of trust. We're working around-the-clock to ensure our security (and our commenters' account security) moving forward," Gawker said.

Twitter said a virus that hijacked some of its user's accounts to send out spam advertisements for a fake Acai berry weight-loss program was linked to Gawker's user accounts being compromised.

Gawker has so far denied the link between the two hacking incidents.

"We never stored Twitter passwords from users who linked their Twitter accounts with their Gawker Media account," Gawker said. "However, if you used the same password for your Twitter account as you did on your Gawker Media account, you should change your password immediatley."

Unlike Twitter, Gawker does not allow users to delete their accounts with its blog sites.

Due to the hack, Gawker sites were unable to publish blog posts. had no new blog posts from Sunday afternoon until about 2 a.m. Monday -- which is a notable period of down-time for the prolific blog known for its snarky celebrity and political gossip posts.

An official at Jezebel, Gawker's blog aimed at female readers, tweeted, "I'd write a post about how we've been hacked and can't publish, but we've been hacked and can't publish."

Gnosis leaked files of Gawker statistics and thousands of its commenter usernames and passwords on various hacker forums and websites after its breach of Gawker servers.

An anonymous source identifying itself as one of the Gnosis hackers told the news blog Mediaite that the group attacked Gawker because of its "arrogance."

"It took us a few hours to find a way to dump all their source code and a bit longer to find a way into their database," the source told Mediaite.

"We have been cracking the database for about 17 hours and have managed to retrieve 273,789 passwords," the source told the blog. "If our release schedule wasn’t so tight we could get 500,000-plus. Included in the dump are passwords linked to accounts from NASA, about every .gov domain you could imagine and hundreds from banks. One can only pray that they do not use the same password everywhere."


Sarah Palin says her website, credit card were attacked in Operation: Payback

Operation: Payback claims to have shut down Visa website in defense of WikiLeaks

-- Nathan Olivarez-Giles

Walgreen Co. warns customers e-mail addresses may be in spammer's hands

Customers who subscribe to Walgreen Co.'s e-mails should be on the alert for spam that directs them to another website where they are asked for personal data, the company warned Friday.

Walgreens recently became aware of "unauthorized access" of its e-mail list and began notifying customers Friday.

"We want to assure you that the only information that was obtained was your e-mail address. Your prescription information, account and any other personally identifiable information were not at risk because such data is not contained in the e-mail system, and no access was gained to Walgreens consumer data systems," an e-mail to customers reads.

The company also advised customers of "an increase in attacks on e-mail systems," and advised caution, "when opening links or attachments from unsolicited third parties."

Consumers with questions can call (888) 980-0963.


Facebook wins $873-million verdict against spammer

First good Google rankings, then arrest for cyber-bullying Brooklyn eyewear merchant

— Jessica Guynn


Recommended on Facebook


In Case You Missed It...


How to Reach Us

To pass on technology-related story tips, ideas and press releases, contact our reporters listed below.

To reach us by phone, call (213) 237-7163


Andrea Chang
Armand Emamdjomeh
Jessica Guynn
Jon Healey
W.J. Hennigan
Tiffany Hsu
Deborah Netburn
Nathan Olivarez-Giles
Alex Pham
David Sarno