Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Battle Against Junk Mail and Spyware

Posted by michael on from the no-quarter-no-quarter dept.

wildfrontiersman writes "A New York Times editorial by Brent Staples, The Battle Against Junk Mail and Spyware on the Web, laments 'The story of technology is the story of noble aspirations overtaken by a hard-core huckster reality. This process is on vivid display in the debate about electronic junk mail, which makes up more than half of all the e-mail that travels on the Internet.' He criticizes the new spam law, the lack of attention to spyware and how it threatens our beloved internet."

11 of 312 comments (clear)

  1. Spyware is getting really bad by Aliencow · · Score: 5, Interesting

    A year ago, spyware wasn't nearly as bad as it is now. I was at a friend's house trying to show him some stuff from my gallery on his P4 2.0ghz, and it choked by starting Internet Explorer. 3 toolbars over each other, hard drive spinning like hell because all the ram is eaten up by spyware...

    Had to run Spybot, ad-aware, spybot, ad-aware over and over for like 2 hours while rebooting to get rid of everything...

    At least the latest Norton Antivirus scans some of it and so does Network Associate's antivirus. I wish Trend Micro's would do it too, it probably will soon...

    1. Re:Spyware is getting really bad by jawtheshark · · Score: 5, Interesting
      Yes, I know... I have once been called in for someone that didn't manage to run a (quite old game for the time, The Sims if IIRC) on a P-IV 2.0GHz. Indeed, it was unplayable. Task-manager reported 100% usage in idle situation (Windows XP).

      Needless to say: I did like you... Spent hours cleaning the damned thing. Then I did what any sensible person does: download Mozilla, set the skin to IE (so that the idiot users won't notice), enable pop-up blocking, and set it as default browser.

      Never heard any complains of that person again, and he can play The Sims now. Sometimes, people need to be forced to use the right software.

      --
      Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
  2. One way to solve it - stop buying by mr_lithic · · Score: 5, Interesting
    I assume that spam is one of the last places where people believe that an ad driven business model will survive.

    In most other forms of media, it seems that advertising has had its day. Television is no longer able to subject us to ads and is threatened, Radio ads in internet radio are able to be skipped. So we only have to deal with the advertisements that arrive in our inbox.

    There are a variety of ways of dealing with this detritus, the easiest one is make it a social stigma to admit to buying anything from spam.

    Have any enlargements or pharmaceuticals ever been sold using this method? Has anyone ever received one of these messages and replied and then eagerly waited for their postie to drop by with their delivery of "Hot Teens"?

    Turn Spam purchasing into the Venereal Disease of the new century and it will cost these folks more to send the messages than is returned in sales.

    Legislation is pointless in an area where geography is no longer a method of control.

  3. See it all the time- by IWantMoreSpamPlease · · Score: 4, Interesting

    I do tech support for ~10,000+ clients. When Windows 98 was common, the biggest problems were stability and trying to keep it that way.

    Now that win2k (and winxp) is out, the stability issue has been resolved. Now the most common thing I see is tons of spyware slowing the PC down to a crawl (obligatory slashdot humor: The difference between a PC infested with spyware that crawls, and Windows XP hogging all the resources making the PC crawl, is sometimes hard to discern.)

    And of course lovely viruses from that oh-so-wonderful default-installed e.mail program, Outlook Express.

    Most (nearly all) the *major* spyware issues stem from PEBKAC, a little knowledge (on the end-users part) would go a long way, but much of the spyware out there cloaks itself in "official" looking popups, all happily Verisigned, which can sometimes even trip up sys admins.

    The next version of windows is rumored to fix this (to what extent is unknown) but undoubtedly will introduce a ton of new spyware.

    Now isn't it nice that we BeOS and *nix users are immune to all that crap? I know I'm glad I use BeOS.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
  4. stealing computer time by PeepSquat · · Score: 4, Interesting

    mayebe I dont remember the law very well, but wasn't there some type of law back like 20 or more years that made it illegal to steal computer time. This applied mainly to mainframes. Couldn't this be applied to spyware,adware, and snoopware, stealing computer time on pc's?

  5. Re:From the article.... by fermion · · Score: 5, Interesting
    To be fair, it is not specifically a Windows problem. If Macs had even 25% of the market, someone would write mac centered spyware. A certain number of users would voluntarily install the new code, some may even type in thier password to give the code access to thier systems,and the games would be on.

    Of course, such code would not have the luxury of tailoring itself to outlook/IE. It would have to learn to work with mail/Safari, neither of which are as instrusive as the MS counterparts.

    I leave it as an excersise to the reader as to whether Safari is as much annoyware as IE, or if the OSS base of Safari gives it an edge.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
  6. Safeguards by fm6 · · Score: 4, Interesting
    Switching to Mozilla will protect you from abusive BHOs and toolbars. But those are easy to get rid of. The worst -- most tenacious and disruptive -- spyware uses the stupid little "custom features" hooks that Windows is full of. The only way you can completely avoid those is to never download a shareware or freeware app, ever. Somehow, I doubt such a strategy will catch on.

    It doesn't help that spyware databases software databases have gotten so undiscriminating. You run a spyware scanner, and even the best ones raise red flags over stuff that has some of the features of spyware, but simply isn't. These include customer support tools like backweb. Yes, these can be abused, but ultimately anything you install in your system can be abused. It's simply a question of whether you trust whoever provided the software. Gator and Alexa have used up our trust. Backweb and the CS orgs that use it have not.

    There's also the cookie issue. Yes, cookies are a grave threat to privacy. But the solution is in your browser: configure it use a good privacy policy, or if you totally hate cookies, not to accept them at all. Scanning the cookie database is a waste of time. Yet all adware scanners insist on doing it.

  7. Irony by Anonymous Coward · · Score: 4, Interesting

    The irony is that at the end of the NYT article, if one inspects the source code, there is this little gem of javascript code from:

    http://www.nytimes.com/js/s_code_remote_sampling .j s

    This fetches a few pieces of data and sends it back to 2o7.net in the form of a URL for a 1x1 gif.

    Anyone care to reverse engineer this code and see what it's reporting back?

  8. Circumvent the whole issue .... by thedbp · · Score: 4, Interesting

    Buy a Mac.

    I'm not trolling, nor am I evangelizing, but the truth of the matter is, out of the box, Macs are FAR less prone to be susceptible to any of these nefarious internet annoyances.

    Spyware: practically non-existant for Macs, and any application needs to be manually copied or installed w/a password verification, so nothing gets by without you knowing it (assuming you trust every user of your computer).

    Spam: Mac OS X's built in Mail client has an excellent and easy to use spam filter built in, and in the 2.5 years I've had my .Mac email addy, I haven't had a bit of spam come thru at all.

    PopUps - Not only can you block pop ups in the default browser Safari, most of the pop up ads are themed to look like Windows dialog boxes, so they're easy to spot as advertisements and whisk away with a single click.

    Just my 2

  9. Few buy from spam anyway, but that's irrelevant. by Jonathan+Quince · · Score: 4, Interesting

    The boycott you propose has already been around for a long time. It's called the "Boulder Pledge". Unfortunately, it doesn't work.

    The people who advertise through spam are fly-by-night operations. They typically hope to make a quick buck by shoving a message at a million people and getting a 0.0001% conversion rate. (Do the math.) Often they aren't even the ones with products to sell; rather, they're "basement operations" with little in the way of resources or business sense hawking merchandise on behalf of the less-reputable amongst affiliate programs.

    The people who make the real money off spam don't make the money selling stuff through spam. Instead, they get paid by aforementioned fly-by-nights to send the spam. They are the few fat sleazeballs sitting at the top of the pyramid being supported by everybody else. Just ask Alan Ralsky (if you can get a letter through to him under the massive number of catalogues he receives).

    This convoluted chain of middlemen is the reason why normal market forces haven't stamped out spam, even though spam is net unprofitable. Losers pour money into the spam system and are dealt out of the game with a high turnover rate; but there are always enough new losers coming in to keep the system afloat. Meanwhile, professional scam artists know every trick in the book to squeeze money out of an activity that truthfully causes a net loss for everybody else involved.

    From the fly-by-nighters lured in by the promise of easy riches and duped into paying hard cash for spam advertising to the victimized ISPs and end users who have server, bandwidth, and support costs shifted to them, everybody else comes out in the red anyway. So how, exactly, is a boycott supposed to work?

    --
    Microsoft Windows is, fittingly, the official Desktop OS of Olig
  10. Re:But the Solution to Spyware is ... by MillionthMonkey · · Score: 5, Interesting

    But the Solution to Spyware is fairly simple. Make the sender pay, like normail post. That is why I don't get hundreds of posts in my physical mailbox. (and the fact I don't participate in competitions every chance I get) Simply put, for somebody to send me email they have to perform a task. Say calculate the first five primes that end in five. For one persons computer this will be trivial. But for somebody mailing out millions of posts it becomes impossible. In fact I can increase the computation difficulty depending on what I want to filter out.

    Your post advocates a

    (x) technical ( ) legislative (x) market-based ( ) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    (x) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    (x) It is defenseless against brute force attacks
    ( ) It will stop spam for two weeks and then we'll be stuck with it
    (x) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    (x) Requires immediate total cooperation from everybody at once
    (x) Many email users cannot afford to lose business or alienate potential employers
    ( ) Spammers don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business
    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    (x) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    ( ) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    (x) Public reluctance to accept weird new forms of money
    (x) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    (x) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    ( ) Extreme profitability of spam
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    (x) Extreme stupidity on the part of people who do business with spammers
    ( ) Dishonesty on the part of spammers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    (x) Outlook
    and the following philosophical objections may also apply:

    (x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    (x) Countermeasures must work if phased in gradually
    (x) Sending email should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    ( ) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    ( ) Killing them that way is not slow and painful enough
    Furthermore, this is what I think about you:

    (x) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!