Attention Bonds Gain Momentum

Thede writes "Hi all - the ABM, a proposed solution to spam first posted to /. back in February, is gaining some momentum and refinement. It has been presented it at the Federal Trade Commission, the ACM, the National Bureau of Economic Research (NBER), and at the ITU in Geneva earlier this month. The original post referenced an academic article that not so accessible. We now have a short FAQ and a very detailed Q and A that covers a lot of the issues raised over the last five months. Next step (barring gaping holes) is to get a standards effort going - and most of the needed standards already exist."

If they can authenticate the sender ....

[Jason1729]

to get the bond, then why can't they use the same technique to simply stop all unauthenticated email. If the sender is forced to use their real name, spam will stop pretty fast.

Won't work, again

[Julian+Morrison]

Short summary: it's an intermediated version of "pay me to read, and I'll pay you back if it's not spam"

Bug summary:
- too many people will keep the money regardless
- the services of escrow agents are not freebies
- nobody will bother to use it when regular email is cheaper, already deployed, and infinitely less fuss

Who does this really benefit?

[panurge]

First, look at the opportunities for fraud. Say I set up a porn site with an email address. You email me and the system asks you to post a huge bond to get the message through, say $1000. Somewhere out there will be id10ts who haven't configured their systems properly. The bond gets posted, I mark your message spam. Result: legal profit. Or if I get lots of replies, I can just set the bond to say 49c and then collect lots of small sums from people.

Second, who else will profit from this? The escrow companies. Do we really want bankers in charge of the email system? They will simply see this as an opportunity to print money. Before long, you won't be able to contact your mobile phone provider, electricity company etc. without posting a bond - and they will own the escrow companies, and you will be paying them an annual subscription to use their escrow account. It's as good a scam as having special rate phone lines, which means when you call them they get part of the cost of the call.

Third, increased email traffic around the system due to the challenge/response cycle will partly compensate for any reduction in spam.

The only way to fix spam is to make it unprofitable for the people who pay the spammers. Given that Joe Sixpack is the idiot who buys from spam and so makes the system possible, and that he will no more be able to set up an escrow account than he is able to understand to install Firefox to remove annoying popups,and Thunderbird for the junk mail filter, the system won't work - the majority of users will be unaffected, the ones who are affected are probably corporate users with spam blocking tools in place already.

Let's look at the checklist!

[sdeath]

(As a side note, what happens if you receive mail without an associated bond? 12.2Q in the Q&A says "Well, you could still read it", which OBVIATES THE ENTIRE FUCKING POINT!!! Yet another idiotic spam "solution", in other words. Oh well. Here's where it scores on the Spam Solution Checklist:)

Your post advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
(x) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
(x) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
(x) Blacklists suck
(x) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

More holes than a siwss cheese

[Andy_R]

Heres 10 off the top of my head...

1) who pays for bounce messages ?
2) who pays for badnwidth needed for billions of bond requests?
3) adds a number of new points of faliure to already flaky e-mail system
4) relies on everyone knowing the 'reputation' of every possibility in the whole of the possible address-space
5) bombarding everyone outside the scheme with bond request messages will make this the most hated thing since spam itself
6) spammers will ddos the hell out of the infrastructure, giving it a reputation for flakyiness
7) 'exposure is limited to the amount in your escrow account' ie it cuts you off from mail every now & then unless you top it up - people are going to LOVE having to do that
8) Faked from fields
9) Introduces ability to 'escrow-ddos' a company by signing up random valid names to lists who then collect on unwanted mail.
10) 'reputation' system will quickly devolve into ebay feedback style AAAAAAAAAAA++++++++++++ garbage.

I could go on for another page or two. Their 'Extended FAQ' says 'yes but we don't care' to half the above btw.

Too complex, too brittle, too expensive.Advantage?

[davids-world.com]

Several problems with this:

- Banks will possibly want to make money with every transaction, not just with bonds that get collected, especially if you take into account that bonds will rarely be collected. That means that banks will make a sh*tload of money just in order to prevent criminal or annoying behavior of a few spammers.

- It's not clear how the "challenge" step involving the whitelist is supposed to be implemented. Right now, we have mail servers receive mail and store it until the final recipient (client) polls it, e.g. via IMAP/POP3/Exchange. Would this mail server have to store the whitelist and bond info? Probably yes. Privacy issues?

- How does it integrate with the current e-mail world? Not very well. Sure, you can still accept e-mails without a bond and rank them low (i.e. mark them as potential junk). But for quite a while, people will not be able to discard these e-mails automatically. Therefore, there will be no incentive for senders to move to the bond mechanism.

- There are many parties involved: Right now, we're talking about sender-SMTPrelay-mailserver-client. In addition to these four parties we need two escrow agencies: one for the sender, one for the recipient. these will need to be organized, so they can talk to each other - which means there is some kind of additional club involved. (We can get rid of the SMTP relay entitiy mentioned above - this can be done by the client directly.)
The problem is that with the new entities, things can go wrong. They can simply be down (keeping me from sending or receiving e-mail!). Or their security can be compromised.
The bottomline is: this is too complicated.

I wonder what is better about the bond scheme, compared to the challenge-response idea that circulated a while ago, where sending e-mail is simply computionally expensive enough (unless you're on the recipient's whitelist).

Missing the real problems

Sure, there are things wrong with this scheme, but the problems aren't the ones most of you are talking about. Here are some I posted on my Web log:

#1: It creates a great opportunity for traffic analysis by the government, marketers, etc., because the escrow agents can collect data on who's emailing whom. The recipient gets to choose their escrow agent, so an individual participant doesn't have the option of only dealing with reputable or privacy-respecting escrow agents.

#2: It creates a money trail alongside the email trail, making anonymity almost impossible (especially because the recipient can choose the escrow agent, see above). This issue actually could be turned to an advantage because remailers could use the bond system to collect "postage", clear postage between themselves while obfuscating the money trail, and reduce their own spam problem into the bargain, but it'll be a big headache for them, and the anonymity of the remailers to the escrow agencies is hard to maintain.

#3: Trolling can become financially profitable. The business plan goes something like this: 1. Post something to Slashdot or Usenet that lots of people will want to respond to by email. 2. Collect a small enough bond from each responder that they'll be willing to pay it. 3. Profit! One could argue that that's an acceptable business (because you're only collecting money from the people who decide they're willing to give it to you) but I'd argue that it's a bad thing to encourage this business, because it also imposes on many people who do not want to respond to you, and damages the infrastructure for everyone. It's like saying "Selling SUVs is morally okay because I'm only selling them to people who are willing to accept the environmental impact" - hello, it's not just your customers who bear the brunt of the environmental impact!

#4: Participants who are poor, or penniless, just can't have email anymore. That includes children, the homeless, and many people in developing countries. Moreover, even among people with nonzero disposable income, it stratifies email along economic lines: I will demand attention bonds roughly proportional to my income (because otherwise they won't have the intended effect of compensating me for time lost) and then someone with less income than me has to make a disproportionate sacrifice to talk to me, and someone with more income than me can spam me with no hardship. I have received legitimate, important email from a scholarship student in Uganda, and in an official capacity from the legal department of a multi-billion-dollar US corporation; the value of a dollar to those two parties is totally different. Note that it's not good enough to say "Oh, we just won't collect the bond from people who are poor" because they still have to have the money in order to promise it in the first place. Children have no money, not just a small amount - especially if, as would necessarily be the case, enforcement of the bonds is tied to legally binding contracts in jurisdictions where children's right to make commitments is not recognized, so the children wouldn't even be allowed to spend money this way if they got some.

#5: If only applied to email, it'll encourage spammers to move to other media - Usenet, Web BBSes, and referrer logs, for instance. Attention bonds can't be easily applied to some of these.

#6: If you offer to sell your time to all comers for $0.50, then you have to actually do that, and at least glance at all the messages sent to you by people who are willing to put up the $0.50. If it were actually the case that there were lots of evil perverts out there sending pornography more or less at random to innocent children out of sheer perversity (I don't believe that, but many people do), then this kind of arrangement would make it harder to block them. Even under a more realistic threat model for pornography in particular (people only sell that stuff to make money, and so will only send it to you if they think