Slashdot Mirror
Will Bounties Cure The Spam Problem?
An anonymous reader writes with a pointer to a piece in today's Mercury News about Lawrence Lessig's proposed spam-bounty legislation, excerpting: "If the law passes, citizens could be eligible for rewards of thousands of dollars or more if they're the first to provide the government with proof and the identity of offending spammers."
but what proof must the prompt geek provide that he hasn't 'trespassed' on others systems? would this type of legislation just create a lot of crap civil-litigation?
Fnord.sig
Sounds pretty much like outlaw bounties from the old west. This system has been successful for over a hundred years and there is a large modern day bounty hunter business. The same could work for spam.
It could cause a lot of problems to those who spammers masquerade as -- since most spammers don't use their real emails. We could end up with innocent individuals with bounty charges because the spammer forged their emails.
Massive networking attempt for friends
And then how long before this plan is turned against p2p file sharers?
Do you really want the government to go there?
Let's remember that business spam has to offer some way for a victim to buy the item which is being advertised. That invites a subpoena to search that business for evidence that they hired the spammer...if laws accept that as sufficient evidence.
There is the problem of a competitor sending spam which advertises stuff from someone else, to cause problems for someone else.
And some things are distributed -- like spam which promotes some worthless stock and tries to make the stock price rise. Any of the current stock holders could have hired the spammer.
Well I can see it now: "Tonight on America's Most Wanted, spammers." or in Canada "I'm Constable Bob of the RCMP, we are requesting your assistance in solving the spam problem."
Not likley. Rewards will not work any better than penalties. But I do like the idea of 2 year sentence of no telecomunication devices for spammers.
Nah, Never mind.
I guess this law will help halt spam from foreign servers as well, because people in other countries respect our laws.
...that people keep trying to find legal solutions to technology problems.
We created this technology, and now that it does exactly what it was designed it to do, people try to make impose laws to restrict how it's used. I have a better idea, change email's design.
It reminds me of Singapore. A poor subway design allowed for a mischievious kid to shutdown the whole system with a stick of chewing gum. Their solution was to outlaw chewing gum. Sure it was wrong for the kids to act that way, sure they should have been punished, but seriously quit trying to create legal solutions to technology based problems.
Just one more step towards a nation of snitches...
From the article: "The bounty hunters would need to trace the offending e-mail to its source, identify the sender and provide proof to the Federal Trade Commission. The FTC would investigate and fine the offender, if appropriate. The bounty hunter would get 20 percent of the fine." If the main problem is not having the manpower to trace and catch these spammers now (as posited earlier in the piece), how is this queuing system going to help? I would think that the in-basket would quickly fill up and it would still require huge manpower to investigate each claim. There would certainly be loads of helf-assed cases presented and for that matter, why wouldn't spammers simply flood the queue with bogus "proofs" to bog the proceedings?
"...all the labours of the ages, all the devotion, all the inspiration, all the noonday brightness..." yada yada
I doubt it would be nearly as effective in that regard, as pirating mp3s is not something that the public seems to care about (let alone the fact that a large percentage partake). Spam, however, is something that really pisses people off and a little extra incentive might be all that's needed to get some technologically inclined bounty hunting groups to actively pursue spammers...
Well, apparently if it works here, it might just cross over into other lines of justice, thus making the police in many urban towns completely useless and creating an angry, distrusting populace, ready to turn each other in for fabulous prizes. What's that? Operation TIPS?
I have no idea what you're talking about.
The government should have a program where they pay bounty out to the first person to publicly execute known spammers.
This is a global problem. How would you deal with spam that originates outside the jurisdiction of this law?
"I am a die-hard capitalist....but unethical, lying, bastard capitalism is really no better than socialism" - unknown
Seems to me that the majority of spam is not traceable, and the spam problem is exacerbated by .NET stupidity. If ISPs get their act together and set up filtering to route only verifiable addressed mail then the problem will go away. There are many ways to detect and differentiate between mail that is direct and mail that does the spam central routing crap. Some filters that I have set up already do exactly that. There is no reason to believe that legitimate ISPs cannot do the same. However is blocking spam in the interest of ISPs? Perhaps not if their main source of revenue is automailers! The sensible solution is to pressure your ISP to block and refuse bulk mail that is from phony addresses. One good filter blocks any mail with @yahoo if the address before @yahoo is longer than 9 characters. Likewise with @hotmail, @aol etc. Sure this might block some legit mail but so far this has not been the case. Setting up bounties to bust email spammers is like putting sheep in wolves clothing. Alot of bah bah bah and then loud howling, when the spam revenue stream dries up.
OH THE SHAME I fell off the wagon and use sigs again!
if you read the article, it explains how techniques like using PGP to sign messages can make the From field unspoofable, but they are not relevant when privacy or anonymity is crucial (whistleblowing, etc.). Hence, it cannot be demanded that everyone follows this practice. It suggests recipients should check your email more carefully to see if its legit (the article also explains this; checking your headers for a "postmark" that looks abnormal).
The last quote was somewhat encouraging, that "the Internet is a rough and tumble place" (paraphrasing) but we'll cope because it is often the best way to reach people.
If an unspoofable From: is what you want, demand your mail server administrator only accept signed messages, or filter them yourself in your client.
Another option is to convince her (and/or the administrators of any other MXs you care about) to relay with SMTP AUTH only. Most mail clients support that feature nowadays. If enough people start using that new RFC, we shouldn't have to worry about hijacked ISPs mail servers being used to send spam, and their netblocks being RBL'd.
Fuck Beta. Fuck Dice
This would prompt a lot of people who run mail servers to learn how to monitor their logs and finally close their danged open relays.
I had a sucky sig.
I see the morons are out in force today.
Obviously if your are too stupid to type "Prisoner Dilemna" into Google, to find out what the comment is referring to, you don't have a chance of understanding the logic behind it.
I wonder what the hue and cry would sound like if someone was proposing bounties for "proof" that one of their fellow citizens was a terrorist.
but pa, howdowhe know which ones to round up? I mean, whose a gonna say whose a spammer and who'se just some wetbehindthears adMIN-nostrator with one of those there open relays? I mean to say that I know when I'm looking at porn (you know that olde sayin' about how to tell porn from art?) but spam ... say I russle up some of those there Real Audio executive, for example, now I'd say their tricky sign up where the check boxes for 'send me spam' are hidden below the margin in a combo box so's you have to scroll down to see 'em, them there's a deceitful practice leadin to some unwanted email. Should we shoot 'em?
Sure, i rekon anything from Nigeria, Viagra, Pam who wants me to see her boobies or penis stretchin devices are spam, no question. After that I get somewhat confused...
closed minded is as closed minded does
Boca Raton, FL.
According to Steve Linford in this report there are out of the 150 spammers who are doing 90% of spamming, about 40 live there.
Not surprising that the recent suet against Steve Linford and other anti-spammers by the "lawyer" claming to represent anonymous coward "E-Mail Marketers" operates in Boca Raton.
What are you talking about?. It looks like you meant "If is profitable to identify spammers, then everyone will start hunting them down." If thats now what you meant, you don't know what your talking about.
If the risk of being sued is too much then the spam stops.
Only 18 people send the half of the world email in
spam according to another slashdot article. It costs alot of money to pay for a t3 line to spam. My guess is spammers might look for wireless networks next or go to a starbucks because they have high speed access. But will be severly restrained and may quite spamming altogether since its risky legal ground now.
It can take months or years to bring a spammer to court. You need proof and the spammers hack and hide there tracks. Its difficult to prove if they use openrelays and hack routers to hide there tracks. However advertisers can not do this so easily. If they hide there tricks customers will not find them.
Its the easiest and most effective way to get rid of it.
http://saveie6.com/
I blogged my rebuttal to Larry last January.
The problem, in a nutshell, is that the success of his proposal depends upon the efficacy of filtering. His bounty, if it works as desired, ensures that we have subject tags to do that filtering. My claim is that even if Larry's proposal allows for perfect filtering, we're still in store for a mail system meltdown.
This claim has not been well received. :)
The problem is that too many people--a significant number of them hang out on this web site--believe filtering is a magic bullet. It isn't, and Larry's proposal provides an example of the situation where you can implement perfect filtering and still have a mail system meltdown.
I do think there may be a remedy that may save Larry's proposal. If the filtering tag is moved from the Subject header into the tranport session (say, an ESTMP parameter), that may reduce the cost of rejecting spam enough to avoid the system meltdown problem.
Big dollar potential from the government rewards.
Large resources at major ISPs.
Major ISPs are a major target for spammers.
Major ISPs look to generate income from alternate revenue sources.
Like we all will have a chance at being first. Dream on.
Still, even with this in mind, the plan is creative and might go a ways in putting a dent into the spam problem.
Simple workaround: 'Stamp' your outgoing spam with three or four bogus relays, and a bogus orgination point.
Just make sure that one or two of the ones upstream from you actually have mailservers and it would be hard to say where the bogus trail stops and the real trail ends.
Oh, by the way: check your incoming mail headers. The stamps are there.
'Sensible' is a curse word.
He's made his intention clear.
If one has this information and wants to see a spammer harassed, here's somebody whose mad too and may have some tools to make some hurt.
Kinda like if a lawyer who has been angered at being awoken in the middle of the night by helicopters and lets it be known that he has placed a bounty on those running those helicopters. If you are getting woke up at night with those things and know whose doing it, you probably wanna give that lawyer a call and share the info. Who gives a damm about the money? Its peace at night which is the real goal.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
No, it doesn't. Spammers earn far more money by spamming than they ever would by turning each other in. There's no incentive for them to do that.
Besides, even if one spammer turned in another, that one could just turn him in too. The feds probably wouldn't offer any sort of immunity for something as trivial as this. Why should they?
Disclaimer: IANAL. This post is, however, legal advice, and creates an attorney-client relationship.
Lawrence Lessig is such a moron. Typical ivory tower pompous head-up-ass professor.