Slashdot Mirror

← Back to Stories (view on slashdot.org)

Would you Warranty Your Email?

Posted by CmdrTaco on from the depends-on-what-that-needs dept.

Kurt writes "A team from the University of Michigan is proposing an economic solution to spam. Instead of relying on technical solutions or government regulations, they use a sender warranty system. In some cases, they argue, it can even be superior to a perfect filter with zero cost, and no errors. Their working paper is available at SSRN. With the caveat that some infrastructure is necessary (isn't it always?), they also claim their approach restores control to the recipient, halts spam, and creates a marketplace for valuable information exchange."

15 of 395 comments (clear)

  1. Would you Warranty Your Slashdot Posts? by inertia187 · · Score: 5, Interesting

    I wonder how well this would work if everyone on Slashdot could warranty their posts. It could be implemented by adding a checkbox next to Post Anonymously, call it Post With Warranty. Your comment then gets bumped up to "+5, via Warranty." If people think it's not worthy of being +5, and they have mod points, they can moderate it down. If they mod it down, they take subscription points from the poster. If the metamoderator disagrees, the moderation is reversed as expected *and* the subscription points are returned to the poster.

    I think this could work. But it sounds like a pain to implement.

    (fp)

    --
    A programmer is a machine for converting coffee into code.
  2. Why not use PKI authentication instead? by ka9dgx · · Score: 5, Insightful
    I favor an alternative approach, which the authors concede has some merits, but quickly dismiss, sender authentication.

    If I start rejecting all email which is not from a verifiable sender, I'll quickly cut spam, and impose some costs onto those who wish to sent me email. I'm willing to pay those costs when it becomes my turn to send an email. I would start with the recent authorized sender protocols, in addition to Public Key Infrastructure, to begin to authenticate a sender.

    Once PKI starts to take hold, there would be an incentive for the spammers to start creating throw-away identities, which we could counter with a reputation system for the sender's domain. We could also create a "web of trust", automatically managed by our mail servers, or ourselves, to nip the counteroffensive.

    So, there it is... my alternative... sign and validate all email.

    --Mike--

    1. Re:Why not use PKI authentication instead? by Phillup · · Score: 5, Insightful

      Whoa there partner...

      You are only required to be identified if the receiver requires it .

      While you have every right to "free speach"... you have no right to force someone to listen to said speach.

      Quite frankly, I don't want any "Anonymous Cowards" in my home.

      I go to Slashdot... and other web sites. But, I bring my mail into my house. At least, in the social sense of things.

      So, right off the bat... to me there is a huge difference between encountering information I might not want to encounter because I went somewhere, and encountering the same information because it was sent to me.

      --

      --Phillip

      Can you say BIRTH TAX
  3. Bah by Quasar1999 · · Score: 5, Funny

    I propose that any and all spammers be subject to possible castration when caught. No infrastructure required... although verification of actual spamming may be a good idea, I say we fly by the seat of our pants... As a positive side effect, Open relays would be fixed pronto... for many admins would fear for their manhood...

    Laugh, it's a joke! ;)

    --

    ---
    Programming is like sex... Make one mistake and support it the rest of your life.
    1. Re:Bah by Prince+Vegeta+SSJ4 · · Score: 5, Funny

      That would drive all of the males out of the market, thereby making all spammers female. Now male /. users would not only be scared of girls, they would loathe them as spammers as well. Given the difficulty of the /. user in getting a date as it is, this is not a good idea.

  4. how about a physical solution? by squarefish · · Score: 5, Funny

    A team from the University of Michigan is proposing an economic solution to spam.

    if you stop sending me spam now, I won't kill you

    --
    Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains.
  5. Sounds good, but... by teamhasnoi · · Score: 5, Funny

    will I get charged a restocking fee when someone replies?

  6. Bad idea by ObviousGuy · · Score: 5, Insightful

    One benefit to having email is the ability to post information anonymously in order to avoid possible repercussions. Slashdot has that feature with the "Post Anonymously" checkbox (which should be pointed out, is not 100% anonymous and can be tracked by IP and logged-in account name) and it also exists with anonymously emailers.

    Forcing someone out into the open by the use of such 'warranties' imposes a chilling effect on free speech through email.

    I hate spam, but I hate the idea that important speech could be stifled by the use of badly considered spam 'solutions'.

    --
    I have been pwned because my /. password was too easy to guess.
    1. Re:Bad idea by ceritus · · Score: 5, Insightful

      Yep, and this is the crux of the whole spam problem: We want to be able to send as many emails with any content in it to anyone we want without any cost yet, we don't want someone to send us tons of email that we consider crap. You just can't have both these things; it's impossible to seperate the two. We can't be hypocritical and say to someone "I should have the right to this free speech medium while this guy over here can't have the same because he's doing something we don't like". I think we're going to have to give up some of our "rights" in e-mail to get rid of this junk mail. I don't like it but I have the feeling that it's going to have to happen.

  7. First, secure every machine. by Russ+Nelson · · Score: 5, Insightful

    So these guys want our computers to spend our money? First they have to secure every machine. Of course, once you do that, you don't have DDOSes, nor proxy spam. The first step of their solution *is* the solution; the remaining steps would be a waste of time.
    -russ

    --
    Don't piss off The Angry Economist
  8. A Simple Solution to the spam epidemic? by norite · · Score: 5, Interesting
    100% of the spam I get comes from America - Maybe over there they should simply legislate against the sending of unsolicited commercial emails, like they have here in Europe.

    Then people who get this nonsense in their inboxes can get together and take the companies who use spammers (and the spammers themselves) to market their junk to court. Once the companies who use this service start getting served with class action court orders to stop or else, they should soon get the message.

    Of course, there's nothing to stop the spammers moving/subcontracting to e.g. India or some other place where sending unsolicited emails isn't illegal, but it's a start. Ultimately we can hopefully have a worldwide ban against the sending of unsolicited commercial emails.

    --
    -- Fuck Beta
  9. Thanks, but no thanks by cwernli · · Score: 5, Insightful

    After having introduced the concept of "whitelists" for known senders the article continues:

    In the case of strangers, the warranty mechanism is more suitable. Analogous to a standard bond mechanism, delivering email to an inbox requires an unknown sender to place a small pledge into escrow with a third party. In the case of screening, recipients determine the size of this bond, which they can dynamically adjust to their opportunity costs. The email is delivered only after the recipient receives suitable confirmation that the bond has been posted. When the recipient opens the email, she may act solely at her discretion to seize the pledge. Taking no action releases the escrow after a period of time.

    IMHO this means the end of mailing lists - what would prevent me from signing up (automatically, of course) to thousands of mailing lists and collecting all the bonds placed for messages posted through these lists ?

    "Of course mailing list operators would first get your approval that you let through all their messages".

    This is where it starts getting complicated. And complexity is exactly what I don't want with email - it is simple, and shall remain simple.

    Therefore I am perfectly willing to put up with the current spam levels - hey, I can deal with those five to ten messages a day which pass through my Bayesian filter. On certain days I get more than that in my smail box.

  10. "Children should be seen and not heard." by iota · · Score: 5, Interesting

    I don't think that free speech requires anonimity ... Basically, you add accountability.

    Which would lead to --
    "Children should be seen and not heard." (Because they cannot be held accountable for what they say.)
    "The nail that sticks up, gets hammered down." (Because you can't voice dissent without drawing attention to yourself and your family.)

    Effective free speech requires anonymity -- There's usually needed a period of underground "pot-stirring" in order to add momentum to a movement.
    For example: Let's say your boss regularly beats the shit out of you when you walk in the door in the morning. But it's your first job, so you don't know if it's normal or not. But your family depends on your income. You could post anonymously on some forum asking "Hey everyone! Do your bosses kick your asses in the morning like mine?" / or sign your name and likely get a bigger ass whopping along with being fired.

  11. Better links by Anonymous Coward · · Score: 5, Informative
    The /. summary only links to the umich homepage. But, here are some better ones, pulled from the article. [Posted anonymously to prevent accusations of karma-whoring.]

    ---
    Proud UofM Alumnus

  12. More info, in a less technical format by Thede · · Score: 5, Informative
    Hi, I'm one of the authors of the paper mentioned in this post. We have a short summary of reasoning behind the design posted here It is a little less dense than the SSRN paper. Also, I'll get a protocol diagram up shortly, and a short FAQ, linked from the one pager.

    Thede Loder
    University of Michigan.