Slashdot Mirror
Gates on Spam
pvt_medic writes "Microsoft is proposing a new system that would require people to pay to send e-mails. Postage would be in the form of allowing others to use your computer to make calculations, similar to the SETi@home project. There are other systems being suggested that would include monetary stamps and people could decide on accepting an e-mail based off the value of the stamp. (story has great picture of Bill Gates as well)" Gates' proposed system will be Microsoft patent-encumbered, unsurprisingly.
story has great picture of Bill Gates as well
.02,
Is he praising Mel Gibson for Passion of Christ? Is he smoking one incredibly fat doober that would make even Tommy Chong jealous? Is he trying to convince the Pope that Longhorn isn't named after a pornstar? Or is he really just THAT great?
You decide.
Seriously:
Instead of paying a penny, the sender would "buy" postage by devoting maybe 10 seconds of computing time to solving a math puzzle. The exercise would merely serve as proof of the sender's good faith.
And how the fuck would this make a difference? So what? The computer that is supposed to do the work is going to be like Johnny Badass in 2nd grade math class... They are not going to do their homework and just try to bluff it through class. If they do end up having to hand it in to be graded they are just going to get around it some other way. We will end up blocking just as many hosts as before.
Gates' proposed system will be Microsoft patent-encumbered, unsurprisingly.
No kidding. Gates came up w/it why would you be surprised he wouldn't want to protect his idea? No conspiracy here... Was the comment necessary?
Just my worthless
According to the Info World article about Microsoft's Caller ID patents, Microsoft's license "... will encourage all parties involved to allow the Caller ID technology to develop and improve without being hindered by license restrictions or royalty schemes"; and "Microsoft wants to do more than merely give (Caller ID) away, they also want to make sure nobody else can profit from it."
:-)
Seems like a perfect application for the GPL to me.
Charging for email doesn't discourage spam. It discourages mass email. But there are many legitimate uses of mass email, like discussion lists, automated order confirmation emails, etc. - and increasing the costs of sending this type of mail will hurt open-source developers and small businesses the most.
.org? Yeah, right!
It's not surprising that Microsoft doesn't see the problem with this. They can afford to buy a few more mail servers to handle all of microsoft.com's outgoing mail, and they'd love it if people had to buy more servers (each running a copy of Windows, of course) just to handle all of the added computational costs of sending mail.
In the article, "Goodmail chief executive Richard Gingras said individuals might get to send a limited number for free, while mailing lists and nonprofit organizations might get price breaks." But how do you know who's a nonprofit? Someone with a
I believe that SPF currently has the potential to put the biggest dent in spam, since it directly addresses forged email addresses without needing to replace SMTP. It's not a complete solution, but it's a lot more realistic than Microsoft's idea.
It pains me to think that MS will have IP hooks into this stuff, but one thing, however, is clear... A system isn't far away, and when it's in place, the spam and virus f*cks will be screwed--and I can't wait to see them fold (it least, to a large degree). For once, virus authors will have to make *real* exploits (rather than take advantage of Outlooks click-and-run garbage) and spam people will have to pursue legit forms of mass mailing.
One thing's for sure, as a receiver of 500-1000 spam and virus emails a day, I welcome the not-too-distant future.
G-Force music visualization
Requiring people to let the sender or some third party execute instructions on the sending machine is so fraught with problems, it's hard to know where to start. Unless this software is Free, you simply can't expect everyone to install on their systems; of course MS wants them to, but hey let's be realistic here: they won't. If it's only available in binary, it would lock out anyone using an unsupported OS (or version thereof). It'd be a new security hole in the sender's machine just begging (with a big neon sign) to be exploited, and would complicate the use of firewalls, especially those using NAT. It'd have a regressive fee structure, because those with expensive, high-powered machines could afford to "spend" more CPU cycles (heck, build a beowulf cluster of discarded 486's to buy more spamming rights), while some poor sod using a Pentium/150 can hardly afford to give up any.
http://alternatives.rzero.com/
The most explosive growth for Internet usage (including the almighty email, of course) is coming from third world nations. A penny here or there may not affect someone from the first world, but it sure would make a difference in poorer parts of the globe.
I always save my last mod point to mod up a good troll. You people are too serious.
How does this help in the case of spammers creating massive networks of compromised hosts which are then used to send spam in a distributed manner? Such a "pay-with-cycles" technique is useless in this case, since you can still send a *massive* amount of spam with a few million compromised computers, even if each one can only send, say, one email per hour.
Aren't most spams sent using hijacked PCs anyway?
Why wouldn't the spammer be willing to sell cycles on the zombie PCs?
I'd rather get spam than pay Microsoft for email (indirectly, it seems, through patent licensing).
I do agree that this could be potentially troublesome for companies like amazon that send out large quantities of confirmation emails. But I imagine those would still be received and stored somewhere -- the user would just have to go poke around for emails they were expecting but hadn't specifically authorized.
Wouldn't current methods trivially circumvent this?
1) Spamhouse uses viruses to own assorted desktops (just like they do now).
2) Instead of just using those boxes as oen relays (like the do now) they first have them 'pay' this postage.
That charging for email means that *nobody* will be able to run a free mailing list service anymore. Or, alternatively, be just as easy to get around as the current system. Or, even better, have a new set of quirks and possibilities for abuse that would further ruin our email systems.
The problem is, the main reason why the Internet has worked and CIS, GEnie, ISDN, Teletex, etc. have all fallen by the wayside is because you pay for bandwidth, not services.
No, the problem is, there's no good way to kick somebody off of the Internet.
Gentoo Sucks
I pay for my internet service, I pay for my pc, my taxes ( way too much ), my electrical bill... and my time isn't free.. ( though my software is )
Why should I have to pay more just because the government refuses to enforce laws that already exist.. Remember the no fax spam laws that pre-date this 'internet thing'? They prohibited sending faxes due to the fact the receiver had to foot the bill for the 'privilege' of getting the spam, due to expenses of paper and ink.
This doesn't even touch the fact that a large percentage of spam is pornographic, and being sent to minors.. also a crime in this country....
So fact Bill is in it to profit ( go figure ) has nothing to do with my statement...I f-ing pay enough now.. And im sick of it.
---- Booth was a patriot ----
Does anyone -really- believe the cost would stay 1 cent? It would stay there for a while, until everyone considers paying for emails normal, then it'll rise and never come back, guaranteed.
Could you imagine the security problems we'd have if Microsoft developed software that forced us to leave machines open to remote connections in order to "pay" for mail.
I have enough security problems with downloading email and web content onto Windows machines. God only knows what would happen if people could upload shit onto my machine without my approval.
It's a novel idea. But I wouldn't trust MS to implement it.
"Things are more moderner than before- bigger, and yet smaller- it's computers-- San Dimas High School football RULES!"
get an email, get a penny, send an email, send a penny
Paid by whom, to whom, managed by whom?
That device he's holding in the picture is a slide changer for the speech he's giving... Do all executives take the same class to teach how to give a speech? Regardless of company (Microsoft, Intel, Apple, etc, as long as its a tech speech), they all seem to come out with the same horribly hunched over shoulders, and hold that damn thing with two fingers while spinning it around with their other hands fingers.
It's such a pet peeve now that I can't even watch keynote speeches anymore.
DrPascal: Not the language, the mathematician.
...now those mass mailing trojans will slow your computer down even more!!! A completely useless idea as I see it, except to pad Gates pocket book.
If MS is in charge of selling the distributed computer time, all those security holes and the trojans that take advantage of them will become their primary revenue stream.
IT seems like Spam is largely able to exist just because of the widespread looseness in SMTP. If access to SMTP servers is restricted with accounts (either with authentication or address recognition, etc. for LAN's), and then further checking is done by other SMTP servers to validate the hostnames, addresses, etc. so that random SMTP servers can't just be set up. Then sent e-mails should always be able to easily be tracked down to the account that sent it (relevant info could be added to the header) and that account can be disabled for spam. If the reporting process were relatively streamlined objectively, then the effort of overcoming the obstacles would outweigh any benefit.
I don't try to be right, I just try to make people think
I own a business and we get something like a fair amount of sales leads via email.
I wonder how many people would not bother contacting us to inquire about services if they had to pay for the priviledge?
Also, I exchange A LOT of emails with existing clients...working off-site makes email the prefered mechanism of communication. I already pay for Internet Access (which currently includes access to routes between mail servers); I'd sure hate to have to pay for using a particular service on the Internet that is now free.
IMO, Spam is best fought at the source. Filters like SA are great for the user end, but the demand on the wires is still there (the recipient server has to GET the spam for it to be dropped). Go after the spammers themselves. Hard. With both barrels.
(1) Make it financially unattractive to spam. This can be either by fines or by MORE user education to NOT RESPOND to the dang things.
(2) Go after them criminally. They put an arguably unethical demand on everyone's Internet; who knows how many hardware failures are accelerated by the traffic due to spam (disks, NIC's etc). I liken spammers to someone who blows up, or at least physically blocks, a bridge on a public highway.
Computational Chemistry products and services.
Free evenings and weekends? Seriously, this isn't going to work. There will be abuses, a situation similar to the internic.net registry debale of a few years back, with everyone stumbling and fighting to be a registrar. Microsoft in charge? No thank you. Also, as companies get bigger, you know that there will be discounts for quantity. There are going to be proxy re-mailers popping up.
Secondly: There will be a skimming situation created, where your local ISP will skim off "pennies on the penny" to send emails. Also, if and when the "registrar" like situation comes into play, the large ISPs will have favorites.
Thirdly: This is just begging for government monitoring. I mean, the accounting would be in place, why would the government not want to use it?
BTW, maybe Microsoft and the gang are appealing to the government for this very reason...
If sending regular email via the existing methods becomes a pay-for-play service, then it's only a matter of time before an entirely new email protocol surfaces that allows participants to send mail for free.
I suppose you could say it'd be "voting with your dollar" to shut down any efforts to control the Internet in such a manner.
"It was hell!" recalls former child.
The mail server knows the answer in advance
And how is it going to know the answer in advance?
You either have two choices -- either the mail server does the same computation, which will either bog the hell out of any high volume mail server (if it's trivial for the mail server then why the hell wouldn't the spammers just buy the same class of CPUs?) or do a database lookup (and you think the spammers can't either buy or generate the same database?).
And, frankly, if we're going to completely revise the email system to do this kind of thing (which this involves), then there's better ways of stopping spam, as well as a host of other problems. The problem is that we're not going to revise the entire email system -- it's too entrenched and too costly to do so. We have to come up with something that will work with the current system.
If Microsuck can not even keep it's own operating system from being hacked and pirated, how is it going to keep it's email systme from being hacked and pirated. I can see everyone "paying" to use email while the spammers hack the system and pay nothing. And we'll still get a crude-load of spam!!
Articles like these really make me sad.
When the Internet exploded and the joe masses came flooding in there were many rapid changes witnessed. Many of these changes were tremendously wonderful, and many weren't.
Over the years we saw the tug of war between those who think that the net is evil and must be controlled, and those who are intelligent enough to govern themselves and contribute to the common good.
There were many different attacks on our freedom, and usually we prevailed because it was obvious that proposed restrictions would damage our precious medium. But lately the anti-spam efforts begin to scare me.
I'm scared because most people hate spam. So even people who are normally freedom-fighters give a moment of pause to think, "Well, I really do hate spam, maybe I should consider this."
The answer to problems that arise within the net are never ones that limit and merely mimic our failing systems elsewhere.
I too was pulling out my hair over the explosion of advertising. I realized that it was collecting in my memories, permanently, like toxic waste being spewed at my senses.
For the most part however I have returned to serenity. I use Mozilla Firefox with the Adblock plugin, this takes care of all banners/popups. I also finally just installed spamassasin on my mail server and the hundreds of junk mailings that normally made my veins bulge are now routed behind closed doors to a junk folder.
To top it off I threw away my television. I can still enjoy the simpsons, but now it is commercial free. Caller I.D. protects me from unwanted calls. Simply lift the phone for a split second and slam it back down. And I do most of my business through the net so I can safely ignore snail mail.
The solution is already here. It is education, technology, and intellect.
[Paul Anka]
To stop those monsters 1-2-3
Here's a fresh new way that's trouble free
It's got Paul Anka's guarantee...
[Lisa]
Guarantee void in Tennessee!
[All]
Just don't look!
Just don't look!
Just don't look!
Just don't look!
And how is it going to know the answer in advance?
Just a guess, but maybe the mail server would know the answer in advance because it used the answer to calculate the question? Couldn't the calculation to generate the question from the answer be orders of magnitude easier than the reverse?
Today since its free to send everybody defines E-mail to be pretty much the same thing. However what happens when E-mail costs a penny to send? Won't every packet on the internet cost something to send? Otherwise some one can start up an open source project that implements software that provides the same functionality as E-mail but doesn't meet the current definition of e-mail, so its free to send/receive. Would the new software be E-mail or not? It makes a difference because if it is E-mail it costs money, if it isn't its free.
98% of people will read this as: "So the richest man in the world wants me to pay for something I have always done for free?"
I predict his personal backing can only hurt this effort.
Email is valuable and popular because it is cheap and quick. Make it expensive and slow, and its value goes away. Hashcash-like proposals seek to make email suck more for all of us, in the hopes that it will be even more sucky for the spammers, so sucky that they'll quit.
But you cannot save email by destroying the things that makes it valuable and popular.
Edith Keeler Must Die
non-upgraded computers get treated like criminals
Microsoft....Intel....I'm getting a sense of deja vu here.
"Provided by the management for your protection."
No I am not going to pay to send e-mail. Sorry, but Bill's proposal is not acceptable.
It is one thing to donate idle CPU time to something charitable and worthwhile, like SETI, if you wish to do so. But to allow a private corporation to freely enjoy things that cost me considerable money for, like a full time DSL connection, and the electricity to operate a PC with a 450 watt power supply 24/7, makes no sense. To require me to submit to this just so I can send e-mail is nonsense.
Other questions come to mind. If this proposed system is burdened with Microsoft patents, then exactly how will open-source or third-pary e-mail clients and servers be licensed with the Microsoft IP. Exactly what is that going to cost?
There are a lot of "simple" solutions against spam like the one you describe. The problem with the server solutions - where the servers of the sender and receiver make some kind of negotiation to decide if the email is legit. - is that it only works if every server on the net is upgraded and that will never happen.
For example, let's say you receive an email from babar@domain.ii (imaginary tld). With your scheme, your server asks authorize.domain.il but domain.il hasn't upgraded and still use old simple email server. Email is discarded. That means no user from domain.ii can send you email.
bzzzt the internet is broken.
Men are born ignorant, not stupid; they are made stupid by education. Bertrand Russel
The mail server knows the answer in advance, and if the client provides the correct answer, the message is relayed... if not, it's denied. That way, spammers HAVE to perform the expensive computation, which significantly slows their mass-mailing efforts.
Ok, I quickly read over the article, so I may have missed something... However I had to respond to this particular point that you make. If this is going to be 'expensive computation which significantly slows [spammers'] mass-mailing efforts', won't it do the same for legitimate mass-mailing efforts as well? Newsletters? Daily mailings? News updates? I can think of several legitimate mass-mailing systems that I myself subscribe to, and I like getting them, if this makes it expensive for mass-mailing, then I may just lose the stuff that I signed up for as well as the stuff that I didn't (spam). I don't think that's necessarily the best approach..
-matt
The problem is that algorithms to solve NP-complete problems are usually scale fairly linearly with processing power. In fact, if you're suggesting NP-Complete problems (rather than NP-Hard) then they definitely scale with processing power, so a computer which is twice as fast will take half as long to compute the result (more or less).
;)
So two computers which are 10 years apart in age will be impossible to challenge equally. And even more disturbingly, specialized computers (think Deep Blue, or even a re-purposed graphics card) could be fairly easily constructed to demolish any NP-Complete problem.
The interesting thing about Microsoft's implementation here is that I believe they're using a challenge which is gated on something processor speed doesn't help with much. I'd trust MSR to have done this well. (Say what you will about the corporation, but MSR is top-notch).
I heard it had something to do with bus speeds, but I'd ask someone whose job security doesn't rely on not being tainted by reading others' patent applications.
Instead of paying a penny, the sender would "buy" postage by devoting maybe 10 seconds of computing time to solving a math puzzle.
//e?
How many years is that on my cellphone (which sends email) or my apple
Spammers can get around this in any number of ways. Let's say I run a boobie site and want to spam you... I have visitors browsing it running a client which does all the calculations I need to send millions of spam a day. After all, I have a captive army of geeks (boobies!) that'd be happy to run calculations in my stead in exchange for free boobies.
Compute cycles just aren't the answer since they're easy to obtain, and easy to fake, and who the hell gets to decide what problem gets worked on with MY cycles?
Cold, hard cash is the way to discourage millions of spams sent daily. And the payment should be "opt-in" by the recipient, so that you don't need to worry about your grandma charging you a nickle to send her an email.
Typical Microsoft conduct: showing up late to the party (people have been inventing "solutions" to SPAM for years now), coming up with solutions other people have already proposed (domain-verified sending and "pay with cycles" have been thought of a million times), and claiming to own them (with patents).
I especially love:
"Since they're dedicating it to the public free of charge, (Microsoft) doesn't want to be the patsy who builds a foundation just so other people can come along and erect a building on it, then sell the building," he said.
Can you say "BSD Stack?"
For the sake of argument let's assume Gate's has perfect vision and the world is going to cooperate, perhaps with some nudging, and it gets implemented and is effective.
Well there are all sorts of existing technology that could limit spam rates, stop client boxes from using unauthorized services, or unapproved domains, send auth... I'm not suggesting any of those things are or are not appropriate. Just that they do indeed exist and what's lacking is the will and cooperation. And without that his approach will not make things better. There are much easier ways to extend existing standards where that is needed.
It may slow the rate of growth but it won't stop the flood.
What it will generate though is more impetus to force older technology users to upgrade. And most likely servers will need to be upgraded as well. The cost will be insignificant to the spam kings who profit. Not even a bump really.
Of course we could ensure some sort of reliable client identification process is built it... Ooops that's a good benefit to DRM as well! What luck! And stopping spam is a good sales pitch.
Nah I haven't argued all the points. There are some good ideas out there as to how to stop spam in general.
But Gate's approach is let's all spend more money on more technology even though the gesture in the long run will be futile. Just because we can't cooperate on these things today doesn't mean we won't if we all spend more money on it (true but not plausible).
And with proper design we can eliminate this pesky free email too. Does he really think I'd ever pay for hotmail?
And what the hell are we providers supposed to do? We're already having to upgrade our mail system to deal with the unbelievable increase in infected email and spam. Now we're supposed to add computations to each and every message that passes through our boxes? Who the hell is going to pay for that? We're having to "absorb" the costs of the 3 new SMP boxes that will make up our new mail system. We can't afford to do this ever couple of months. That is unless YOU as a customer want to foot the bill. How would you like to pay an extra $10/month for your Internet access? I didn't think you'd like it. And who's going to pay for the inevitable Microsoft licensing fees? We're sure as hell not going to.
..who does the money go to, the email provider? This is all to M$'s advantage. What is one of the most user email providers? Hotmail. Who owns Hotmail? M$
Cheers,
RoadkillBunny
> Why would they want to pay for something (either monetarily, through CPU sharing, etc...) that they've gotten essentially for free
Well, for 94% of them, they'd 'want' whatever Bill Baby had pre-installed on their system when they bought it! If they will put up with and make excuses for a system that allows virus-of-the-week and crash-of-the-day, why not put up with paying for email (especially if free email involves a scary extra software installation). If this thing went live, five years from now most of that 94% would have happily convinced themselves that 'it was always like that.'
The man with no surname and a silly hat
On the universe: It's bunk.
I got more junk mail in my snail mail box compared with the actual important mails.
I think this system will only benefit the stamp company (Microsoft), and they wouldn't mind selling bulk stamps cheaply to the spammer. If it turned that a spammer can buy $10 e-stamp to send 1000000 emails, spammer will still send spam.
The problem with requiring computation cycles is that you need to deal with a lot of older computers. I have friends with old Pentium-based computers, some of whom cannot afford a nice new P4 system.
Also, what happens to all these web-based email accounts like Yahoo or Microsoft's Hotmail? I guess they'll need to spend a lot of money adding processing power for their users to send email.
What's to stop someone from making hardware to do the processing? It shouldn't be too difficult to implement an FPGA or an ASIC that could do the processing much faster. I imagine it wouldn't take too long for PCI boards to come out to offload the processing for large mail servers, then spammers with money could just buy the board to offload the processing.
-Aaron
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
It's extremely fast to check if the answer is correct, but slow to find a correct answer. The ideal algorithim for this is one where you have to run the test on every single possible answer until you find the correct one. If there were a million possible answers this would take (on average) 500,000 times longer than the test to see if the answer was correct.
A human-scaled version of this is:
How long does it take you to figure out "what two numbers when multiplied make 14803?"
Compare to how long it takes you to figure out "Does 113 times 131 equal 14803?"
Actually, XP isn't too bad, I'll admit.
;-).
:-(
I DO use XP at work as that is what is installed, so I have got some 'up-to-date' experience and XP is still a dog. Just less of a dog than previous versions (though the physicist downstairs would disagree with me. She very loudly refuses to upgrade from 2k
Sorry about your RH troubles. GNU/Linux is a fiddly bastard. I generally call it 'the least worse OS' and do my share of cursing it too. I then go use XP for a while and that helps me appreciate my GNU/linux system a bit more!
Let's see...
Microsoft Windows - good for maintaining network worm farms. Security a bad joke. Comes pre-installed, which is just as well - the install isn't a walk in the park anymore.
Linux - pain in the posterior to install and configure. But quite secure.
MacOS - Great usability but a little pricey and I trust Jobs with my data less than I do Gates.
That's all I can validly make a comment on from personal experience. But I am always on the lookout for something better. I expect something around 2005-6
The man with no surname and a silly hat
On the universe: It's bunk.