Home
News
E-mail Newsletters
Blogs
Tech Dispenser
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Print Subscriptions


Ads by TechWords

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Patrick Thibodeau's picture
Patrick Thibodeau

D.C.

More posts | Read bio

October 3, 2007 - 11:34 A.M.

DHS gets spammed with its own reports

42 comments

That’s not our headline. It was suggested today by someone on the Department of Homeland Security Daily Open Source Infrastructure Report mailing list after it started a spam-like inbox flood. 

 

Here’s the story: DHS provides a daily summary of news items for its mailing list subscribers,  which includes people with security and disaster response roles, vendors and news media. But its mailing list was misconfigured today. Anyone who hit "reply all" reached everyone one the list,  triggering some 200 emails -- and counting.   The temptation to reach out was too much.  It quickly became a big networking party. (Although as time went on, frustration mounted prompting more and more people to send emails to everyone on the list asking everyone to stop sending emails to everyone on the list.)

 

Many used it as a opportunity to say hello, where they were writing from, inquire about jobs, show support for their team, "Go Hogs,"  there may have been some matchmaking, and one even mentioned that his firm sold anti-spam products.

 

Wrote one:

 

I don’t think everyone realizes that yet, but what a nice way for all of us to get to know one another!

 

Some of the responses

 

-- I like long walks on the beach and a nice chardonnay with my roasted duck.  

  
-- Or even a nice chianti with that roasted duck - it is autumn!

 

-- Look at this as a business development opportunity.  (To that end, one chimed: does anyone need homeland security consulting?)

 

-- Howdy from Tampa, a sunny place for shady people.

 

-- I’m a Sagittarius ...

 

  -- I like scuba diving ...

 

 SysAdmin’s advice: Today’s lesson… Folks!
Always place large distro lists in the BCC field. 
Reply or reply to all is a non issue.

 

And, finally, wrote one person:

 

Classification: UNCLASSIFIED

 
what does that mean?

Update: Are there any security issues raised by this? Some of the responses are from the world over. One list subscriber, who said he was writing from Iran, broadcast this query: "why are so many messages today?" This prompted another person to write: Open source really does mean open source!!!!! For those of you that have responded to this email from an official computer with your snazzy little signature at the bottom, especially those that have every piece of contact information listed, including those of you that have disclosed sensitive phone numbers and classified email addresses have knowingly provided this information to people all over the world.

 

See also:  DHS e-mail snafu reveals info on thousands of security pros

What People Are Saying

Add new comment
Rate this
Rated +11
711 Votes

How can we get a copy of the

Submitted by Anonymous on October 5, 2007 - 2:44 A.M.

How can we get a copy of the email to which this story is about?

Reply | Report this comment
Rate this
Rated -1
653 Votes

As soon as I saw Alex's

Submitted by DW on October 4, 2007 - 8:24 A.M.

As soon as I saw Alex's reply followed by a recall request, I walked over to a co-workers cube and said, "let the fun begin". We have seen this in our own company but never global. I resisted the urge to reply to all with this comment and moments later here they came. It spread across the country then jumped the borders. I got a good laugh and chuckle out of some but the mindless questions and requests just keep me in awe.

Reply | Report this comment
Rate this
Rated +23
667 Votes

If one is to assume that

Submitted by Ric on October 4, 2007 - 7:42 A.M.

If one is to assume that everyone on this list subscribed, at one time or another, why do there seem to be sooooooooo many individual who have no idea what the heck it is or why they are receiving it. It also saddens me that quite a few of the individuals who are using the reply to all when they BMW (Bit*h, Moan and whine) about why they are receiving it and demanding to be "REMOVED NOW" are members of DOD who receive training on "NOT" doing just that sort of thing. I wont even start on those supposed "information security specialist" who also seemed to have had all of their training somehow erased. If you happen to subscribe to the list, which I do, you will be aware that there is some very good information being provided. I think though that the DHS might want to review just who they are sharing all of this good information with.

Reply | Report this comment
Rate this
Rated +46
712 Votes

Never ceases to amaze me how

Submitted by PaulR on October 4, 2007 - 2:52 A.M.

Never ceases to amaze me how blissfully ignorant the so-called "security experts" are about electronic communications. You'da thunk they had some faint idea of what their job titles meant - which is not 'feed at the public trough as long as I can hang on'.

Reply | Report this comment
Rate this
Rated +6
656 Votes

Having seen those emails, it

Submitted by Anonymous on October 3, 2007 - 10:10 P.M.

Having seen those emails, it does not appear to be a case of people doing a "reply all" to a CC with all the subscribers. The headers were quite clean in that regard. Rather it appears that any reply or email to the listserv was being spit back out to the subscribers.

It appears to be an error in the listserv's configuration or operation. Normally any emails to such a listserv's address should go to the moderator or owner of the list.

The wisest thing to do in a case such as that is not to email *anything* to the listserv address. Don't reply. Don't send a complaint or reproof. If possible find an out of band mode of contacting the list owner. (In this case, I found a phone number on the DHS site.)

Reply | Report this comment
Rate this
Rated -13
643 Votes

Well that was interesting

Submitted by Scott on October 3, 2007 - 7:02 P.M.

Well that was interesting today....I have 700+ emails and at its worst I was receiving 25 emails a minute. When I was receiving 25 emails a minute – I have to admit I was a little panicked trying to get my filters into place and nearly fainted when I looked at my Blackberry that had 300 unread messages – but once my filters were in place – the replies were an interesting occasional read through out the day.

Reply | Report this comment
Rate this
Rated +38
632 Votes

LOL Ok, Jay wins with best

Submitted by Jim on October 3, 2007 - 5:22 P.M.

LOL Ok, Jay wins with best reply so far!!

10/10

-----Original Message-----
From: jay xxxxxx [mailto:jdxxxxxx@yahoo.com]
Sent: Wednesday, October 03, 2007 4:50 PM
To: xxxxxx, Derek; xxxxxx@pobox.com; xxxxxx Jeffrey T
Cc: TechGuy; DHS Daily Report; DHS Daily OSIR Distribution List
Subject: RE: Please do not use "reply to all" button

Greeting from Mars. As you have probably guessed, we
have sucked the brains out of all governmental
employees at DHS. Not much of a loss really, since it
only provided apporximately 3/4 of a cup.

Just wanted to let you know what happened. BTW, we
will be visiting your planet as soon as we finish
completing all of the custom's forms required by your
kingdom.

Reply | Report this comment
Rate this
Rated +30
696 Votes

What is the address to sign

Submitted by Anonymous on October 3, 2007 - 5:00 P.M.

What is the address to sign up for this awesome sounding mailing list?

Reply | Report this comment
Rate this
Rated +24
658 Votes

I want to know why so many

Submitted by Anonymous on October 3, 2007 - 4:41 P.M.

I want to know why so many people get to hump at work today! I wish I had a Hump Day like they do!

Reply | Report this comment
Rate this
Rated 0
678 Votes

I'm heading over to sign up

Submitted by sly on October 3, 2007 - 4:35 P.M.

I'm heading over to sign up for the list now! Sounds like a great time!

Reply | Report this comment

Related Posts

WTF FTW LOL@ITBW!!1! (and Flash Portal)
Web application security -- time for services
Round 5: H-1B Battle: McCain, Kennedy RETREAT! IEEE-USA offers SOLUTION!
The real reason Google is making Chrome

Today's Top Stories

At 10, Google reiterates commitment to CIOs
iPhone 3G owner sues Apple, AT&T over dropped calls, app crashes
Microsoft explains Seinfeld-Windows TV ad: just a 'teaser'
Mozilla: Firefox is faster than Chrome
Continuing coverage: Google's Chrome browser
Upcoming Microsoft patch lineup could be 'massive,' says researcher
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDG Connect IDG World Expo Infoworld
The Industry Standard ITworld JavaWorld LinuxWorld MacUser Macworld Network World PC World Playlist
Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.