Slashdot Mirror

← Back to Stories (view on slashdot.org)

Will Bounties Cure The Spam Problem?

Posted by timothy on from the hang-'em-high dept.

An anonymous reader writes with a pointer to a piece in today's Mercury News about Lawrence Lessig's proposed spam-bounty legislation, excerpting: "If the law passes, citizens could be eligible for rewards of thousands of dollars or more if they're the first to provide the government with proof and the identity of offending spammers."

24 of 241 comments (clear)

  1. YEEHAW!!!!!! by spoonist · · Score: 5, Funny

    SADDLE UP, BOYS!

    I'M PUTTIN' ME TOGETHER A POSSE!

    We're gonna round up them bandwidth rustlers and get us the bounty!

    1. Re:YEEHAW!!!!!! by doktor-hladnjak · · Score: 5, Funny
      Hmmm... Perhaps, we've stumbled on a new opportunity for unemployed Slashdotters.

      Setting: cocktail party

      "So what do you do for a living?"
      "I'm a bounty hunter--a spammer bounty hunter."

      How cool would that look on a resume? Boring freelancers and consultants eat your hearts out!

  2. Lovely idea... by johny_qst · · Score: 4, Insightful

    but what proof must the prompt geek provide that he hasn't 'trespassed' on others systems? would this type of legislation just create a lot of crap civil-litigation?

    --
    Fnord.sig
  3. bounty hunters by Frostalicious · · Score: 5, Insightful

    Sounds pretty much like outlaw bounties from the old west. This system has been successful for over a hundred years and there is a large modern day bounty hunter business. The same could work for spam.

  4. That's an easy one... by bergeron76 · · Score: 5, Funny

    Mike Wendland - public enemy number 1.

    Now where do I pick up that check...?

    --
    Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
  5. Well... by Avsen · · Score: 5, Insightful

    It could cause a lot of problems to those who spammers masquerade as -- since most spammers don't use their real emails. We could end up with innocent individuals with bounty charges because the spammer forged their emails.

    --


    Massive networking attempt for friends

    1. Re:Well... by anonymous+loser · · Score: 4, Insightful

      I don't really believe that would be as big an issue as you imply. Spammers' Achilllies Heel is that they (or those who use them) *must* provide some tracable contact information in order to get your money. Sure, the email address might be spoofed, but since most people (especially law enforcement) already know this, it will probably be disregarded unless it happens to correlate with all the other evidence.

      The same thing happens with snail mail, e.g. when someone sends a threatening letter. I'm sure they check out the return address on the envelope, interview the folks, etc., but they probably don't throw whoever's address in on there in jail unless there's plenty of other supporting evidence.

  6. Proof? by jasonditz · · Score: 5, Funny
    "If the law passes, citizens could be eligible for rewards of thousands of dollars or more if they're the first to provide the government with proof and the identity of offending spammers."

    Proof? What year do they think this is?!

    Hasn't it already been established that the act of accusing them is proof enough? Send them to Guantanamo Bay, they'll confess in due course.

    1. Re:Proof? by abhisarda · · Score: 4, Interesting

      Ok..if this becomes a law, then the law enforcement agencies will be compelled to help track the spammer. The person who receives the spam will contact the police, who in turn will ask the ISP(of the spammer) for details.

      Now that this law is proposing thousands of dollars in bounties. It is not difficult to envisage spam bounty help centres opening up(true american entrepreneurship ;)) who will help track down the identities of the spammers for a cut from the bounty-say 30 %.
      People would be more than willing to agree to that if they they are assured of results.

      Now assuming this will be successful, spammers would have to move their bases offshore. How will we deal with that? I don't know.

  7. ok sure by Anonymous Coward · · Score: 5, Insightful

    And then how long before this plan is turned against p2p file sharers?

    Do you really want the government to go there?

  8. I'm skeptical.... by mark-t · · Score: 5, Interesting
    The same plan could be used to find people who illegally copy music or who pirate software, but that isn't going to happen anytime soon, is it?

    Nope... this is a waste of time for them to even be talking about.

    --
    File under 'M' for 'Manic ranting'
  9. Purpose of Spam by Anonymous Coward · · Score: 5, Insightful
    One of the problems is the hiding of origin. Many spam laws make such lying specifically illegal, but can be hard to enforce.

    Let's remember that business spam has to offer some way for a victim to buy the item which is being advertised. That invites a subpoena to search that business for evidence that they hired the spammer...if laws accept that as sufficient evidence.

    There is the problem of a competitor sending spam which advertises stuff from someone else, to cause problems for someone else.

    And some things are distributed -- like spam which promotes some worthless stock and tries to make the stock price rise. Any of the current stock holders could have hired the spammer.

  10. An unspoofable "From:" field would be a start by Anonymous Coward · · Score: 4, Interesting

    Average Joe is just starting to realize that the "From:" field on e-mails is like the return address on an envelope, you could write whatever you want.

    But there's no reason why electronic mail cannot be better than snail mail in that respect. Make the "From:" field unspoofable!

  11. I prefer this version... by exhilaration · · Score: 4, Funny
    "If the law passes, citizens could be eligible for rewards of thousands of dollars or more if they're the first to provide the government with the scalps or the severed heads of offending spammers."

  12. half the problem is... by argoff · · Score: 4, Insightful

    ...that people keep trying to find legal solutions to technology problems.

    We created this technology, and now that it does exactly what it was designed it to do, people try to make impose laws to restrict how it's used. I have a better idea, change email's design.

    It reminds me of Singapore. A poor subway design allowed for a mischievious kid to shutdown the whole system with a stick of chewing gum. Their solution was to outlaw chewing gum. Sure it was wrong for the kids to act that way, sure they should have been punished, but seriously quit trying to create legal solutions to technology based problems.

  13. Still a mountain of work for the enforcers by SYFer · · Score: 5, Insightful

    From the article: "The bounty hunters would need to trace the offending e-mail to its source, identify the sender and provide proof to the Federal Trade Commission. The FTC would investigate and fine the offender, if appropriate. The bounty hunter would get 20 percent of the fine." If the main problem is not having the manpower to trace and catch these spammers now (as posited earlier in the piece), how is this queuing system going to help? I would think that the in-basket would quickly fill up and it would still require huge manpower to investigate each claim. There would certainly be loads of helf-assed cases presented and for that matter, why wouldn't spammers simply flood the queue with bogus "proofs" to bog the proceedings?

    --
    "...all the labours of the ages, all the devotion, all the inspiration, all the noonday brightness..." yada yada
  14. Re:Forget the spammers by mark-t · · Score: 4, Informative
    Wrong.

    Some people throw all sorts of crud into their spam, for exactly that reason. You don't know which companies actually did pay for the spam and which didn't.

    I wrote some shareware once and ended up getting several nasty emails one week accusing me of spamming them because my web page was mentioned in a spam email they received. I have never participated in or authorized any sort of email advertising campaign in my life, spamming or otherwise, but having seen this, I know you can't just go out and blame the web pages that the person is advertising.

    --
    File under 'M' for 'Manic ranting'
  15. Will bounties cure the spam problem? by ratfynk · · Score: 4, Insightful

    Seems to me that the majority of spam is not traceable, and the spam problem is exacerbated by .NET stupidity. If ISPs get their act together and set up filtering to route only verifiable addressed mail then the problem will go away. There are many ways to detect and differentiate between mail that is direct and mail that does the spam central routing crap. Some filters that I have set up already do exactly that. There is no reason to believe that legitimate ISPs cannot do the same. However is blocking spam in the interest of ISPs? Perhaps not if their main source of revenue is automailers! The sensible solution is to pressure your ISP to block and refuse bulk mail that is from phony addresses. One good filter blocks any mail with @yahoo if the address before @yahoo is longer than 9 characters. Likewise with @hotmail, @aol etc. Sure this might block some legit mail but so far this has not been the case. Setting up bounties to bust email spammers is like putting sheep in wolves clothing. Alot of bah bah bah and then loud howling, when the spam revenue stream dries up.

    --
    OH THE SHAME I fell off the wagon and use sigs again!
  16. Notes... by pr0ntab · · Score: 4, Insightful

    if you read the article, it explains how techniques like using PGP to sign messages can make the From field unspoofable, but they are not relevant when privacy or anonymity is crucial (whistleblowing, etc.). Hence, it cannot be demanded that everyone follows this practice. It suggests recipients should check your email more carefully to see if its legit (the article also explains this; checking your headers for a "postmark" that looks abnormal).

    The last quote was somewhat encouraging, that "the Internet is a rough and tumble place" (paraphrasing) but we'll cope because it is often the best way to reach people.

    If an unspoofable From: is what you want, demand your mail server administrator only accept signed messages, or filter them yourself in your client.
    Another option is to convince her (and/or the administrators of any other MXs you care about) to relay with SMTP AUTH only. Most mail clients support that feature nowadays. If enough people start using that new RFC, we shouldn't have to worry about hijacked ISPs mail servers being used to send spam, and their netblocks being RBL'd.

    --
    Fuck Beta. Fuck Dice
  17. Spammers and proxies by httptech · · Score: 5, Informative
    Spammers almost always use proxy servers to disguise their true IP address. This blind dependence on an army of proxies is actually a weakness. The more proxies they use, the more likely one is actually a honeypot (honeyproxy). Recently it was discovered that the Internet is being seeded with hidden proxy servers by the Sobig.a (BigBoss) virus. Unfortunately for the spammers, the password for the proxy server console was also discovered, allowing anti-spammers to watch their comings and goings and log their true IP addresses. Not that I recommend doing that, (as it could be illegal in most countries), but the password is here:

    http://www.lurhq.com/sobig.html

  18. Coming soon by skillet-thief · · Score: 5, Funny

    Hello [your name spelled wrong]

    Want to make as much as $3000/week, without leaving home!?! Become a Spam Bounty hunter! Just buy Doctor Bob's 12-step program for hunting down spammers...

    etc.

    --

    Congratulations! Now we are the Evil Empire

  19. $100 bounty offer by Animats · · Score: 5, Interesting
    I repeat my bounty offer:

    I will pay $100 to the first person to provide me with the identity of the actual person or persons operating the following spamvertised sites:

    • contipay.com
    • profitabill.com
    • alphabill.com
    • quantumbill.com
    • girlswhocry.com
    • girlswhocry.net
    • girlraped.com
    • incestuals.com
    • hardgiants.info
    • spywiper.com
    • internetsweeper.net

    The name and address obtained must be within the United States and must be usable for service of process.

    "whois" addresses have been checked and are not useful.

    These sites move from ISP to ISP frequently. Many no longer work, but others in the same family appear.

    We've received over 16,000 spam bounces because of this spammer.

  20. Go after the people paying them. by Billly+Gates · · Score: 4, Insightful
    AOL is doing something right for once by not just suing the spammers but also the companies that advertise their products with spam.

    If the risk of being sued is too much then the spam stops.

    Only 18 people send the half of the world email in
    spam according to another slashdot article. It costs alot of money to pay for a t3 line to spam. My guess is spammers might look for wireless networks next or go to a starbucks because they have high speed access. But will be severly restrained and may quite spamming altogether since its risky legal ground now.

    It can take months or years to bring a spammer to court. You need proof and the spammers hack and hide there tracks. Its difficult to prove if they use openrelays and hack routers to hide there tracks. However advertisers can not do this so easily. If they hide there tricks customers will not find them.

    Its the easiest and most effective way to get rid of it.

    --
    http://saveie6.com/
  21. my rebuttal to larry by chip+rosenthal · · Score: 5, Insightful

    I blogged my rebuttal to Larry last January.

    The problem, in a nutshell, is that the success of his proposal depends upon the efficacy of filtering. His bounty, if it works as desired, ensures that we have subject tags to do that filtering. My claim is that even if Larry's proposal allows for perfect filtering, we're still in store for a mail system meltdown.

    This claim has not been well received. :)

    The problem is that too many people--a significant number of them hang out on this web site--believe filtering is a magic bullet. It isn't, and Larry's proposal provides an example of the situation where you can implement perfect filtering and still have a mail system meltdown.

    I do think there may be a remedy that may save Larry's proposal. If the filtering tag is moved from the Subject header into the tranport session (say, an ESTMP parameter), that may reduce the cost of rejecting spam enough to avoid the system meltdown problem.