A Visual History of Spam

Cristiano writes "Microsoft employee Raymond Chen has saved every spam message and virus-laden e-mail he's received at work since 1997 and graphed the spams and viruses to create a cool visual representation of one man's malicious traffic."

"one man's malicious traffic"

"one man's malicious traffic"

Sounds like a cool title for a future book about Gill Bates.

Re:"one man's malicious traffic"

There is another example of one man's visual SPAM reporting here along with a bunch of other interesting visualisation techniques.

Obvious

If only MS employees spent more time working on their software, and less time doing these kinds of things...

Re:Obvious

[DaHat]

Do you have a problem with programmers being able to spend a little time here and their on their own projects?

...it was a slow day on slashdot...

[Fjornir]

...pretty pictures though, did anyone else try the "magic eye" deal and see what I saw?

Re:...it was a slow day on slashdot...

[derrith]

A sailboat?

Re:...it was a slow day on slashdot...

[Xzzy]

It's a sailboat!

Re:...it was a slow day on slashdot...

[Loligo]

A schooner IS a sailboat, stupidhead.

Raymond Chen in Linux source CREDITS

An interesting aside: Raymon Chen is mentioned in the Linux kernel's source 'CREDITS' file:

N: Raymond Chen

E: raymondc@microsoft.com

D: Author of Configure script

S: 14509 NE 39th Street #1096

S: Bellevue, Washington 98007

S: USA

Re:Raymond Chen in Linux source CREDITS

[sriram_2001]

This blog (post) has some interesting info on this.

...This post wouldn't have been possible without Kaushik - he called me up this morning and said that he had spied a familiar name on the Linux 1.0 contributors file. And since the chances of 2 people with the name Raymond Chen and working at Microsoft were pretty slim, we got pretty interested. A bit of Googling lead us to this page (http://grumbeer.dyndns.org/ftp/mail/v5/digest363) which has an email that Raymond Chen has typed out back in 1993. The first thing that strikes you is his Microsoft id. I was taken aback - a Microsoft employee contributing to Linux code? That too kernel level stuff - not some fringe OSS project? Seems like things were a lot different back then. Here's a snippet from that mail From: raymondc@microsoft.com (Raymond Chen) Subject: New Configure script (and some console patches) Date: 05 Jun 93 20:23:30 GMT This patch kit is really *THREE* patches in one. 1. A new Configure script, hopefully easier to use and more flexible than the current one. 2. A kernel configuration switch to enable high-intensity background in lieu of blinking foreground characters. 3. A kernel configuration switch to control the destination of kernel trace messages (printk's). But the part which I really found interesting was this...the way he signs all his mails. Thanks. -- Raymond (just another linux hacker) Chen Definitely not something you would see nowadays. These days, the very mention of the word 'GPL' might get you into serious trouble in Microsoft - and contributing code is definitely unthinkable.I guess back then , Linux was considered more of a hobbyist-thing rather than a future competitor. But I'm only guessing here. An interesting question that arises is the effects of the viral nature of the GPL. If he had worked on GPL code back then, is he 'infected'? Well - I'm no expert in these issues, but its interesting all the same. Before all the Linux supporters jump to any conspiracy theory, I would just like to point out that the only thing this points out is the amazing versatility and skill exhibited by most Microsoft devs and Raymond in particular. This is a guy who knows both Windows and Linux inside out.Awesome!!! I would really like it if Raymond comes and tells us a bit about his past - especially the 'just another linux hacker' days :-) ....

Re:Raymond Chen in Linux source CREDITS

[kaleco]

Yes, he used a PERL script to generate the graph. Less than orthodox for an MS employee. His blog's 'not a .net blog' caption also hints at a certain cynicism being harboured.

Only 19000 spam messages?? That's nothing.

[joshuao3]

My primary account receives nearly 500 spam messages a day, and the number is growing. It would only take me 6 months to get that amount of spam. It seems like Raymond Chen is less than average in the amount of spam received. The data analysis is intriguing, nonetheless, and I'm glad he had the forsight to do this project.

Good work

Now he'll get even more spam.

Single worst spam day by number of messages: Augus

[FePe]

Single worst spam day by number of messages: August 22, 2002. 67 pieces of spam.

I normally get around 60 spam mails *per day*, so I guess he is rather lucky. The spam mails I receive are fortunately not full of images like the 41 images he got.

It's the Visual part that scares me

[superbondbond]

I think if I were to actually see what went into Spam I'd never be able to eat it again.

Jose nazario might have more spam graphs

Jose Nazario arguably has a much more extensive collection of spam, you can see some of his research here: http://www.monkey.org/~jose/wiki/wiki.php?page=Spa mAnalysis.

One of several talks of his on spam (complete with more graphs): http://www.linuxchile.cl/docs.php?op=verVersion&do c=64&id=1 And he's even done generated some really really horribly insane spam collages, but I'll let those interested dig around for them on their own.

Re:Jose nazario might have more spam graphs

[moonbender]

They're holding talks in IRC now? (The document AC linked to is an IRC log.) Cool. I never would have thought of that, but I guess why not? Is this commonly done? I'd like to have something to read. :)

Sorry for posting off-topic, but it's a slow news days, anyway - none of the stories today has gotten more than 250 comments.

Not exactly "reader friendly"

[Hockney+Twang]

I would have much preferred to see the volume of email, represented in terms of the size of messages received, displayed on a nice looking bar graph, with viruses in the foreground, spam in the back. Maybe even show legit email as another row in front of the viruses. Or even just a line graph. As it is, the information is occluded by his presentation. He took some raw data, did very little to interpet it, and put it on his blog. The information could be interesting, but the presentation is very lacking.

Single worst day was only 67?

[Shayde]

Single worst spam day by number of messages: August 22, 2002. 67 pieces of spam. The vertical blue line.

This guy needs to get out more. I set up monitoring of all my spam and total message traffic for the last couple years. My current average is around 350-450 spams per day. Check out the spam report I run every night.

Virii? That's a different report. I seperate my virii out of the entire mail feed for the 3-4 domains I run (yay amavisd and postfix). The virii report is a lot more variable, with as many as 1600 viruses a day, and as few as 10, though that's pretty rare.

Spam filtering here is done via amavisd + postfix + spamassassin + some custom rules.

Re:Single worst day was only 67?

[syrinje]

67 that made it past the corporate filters. I ahve to admit that makes it sound like MS has pretty good filters though.

OTOH, he could just be a man with low span suseptibility :)

How I avoid spam.

[here4fun]

Here is what I did and I get next to no spam. Actually, I have none. I got an account at yahoo, and I made a login which has numbers mixed in, and is not a word from a dictionary. Think taking the first three lettes of your first name, a couple numbers, the first four lettes of your last name, and a couple more numbers. I never post my email address anywhere on the web, and just use it to communicate with people I know. I have a second email address that I give out to everyone, and that one is not bad with spam either. The account that gets 100 spam messages a day is my account that I used to reply to offers from websites, or that I used when posting on the web. It is a shame, because I don't check that last account except once every other month when I have nothing_better_to_do. And every once or twice a year I get an email which is important.

When I was back in school I never had spam in my university account, but that was before the 2002 spike shown on his graph. I wonder if school email accounts are still off limits. When I was in school, I did not get spam there, it was my "free" email accounts that had spam.

Re:I just don't understand

[targo]

How did he manage to keep track of this on a M$ box without catching a few of those viruses?

Beause contrary to the popular opinion on Slashdot, you actually have to open and run the attachment yourself in Outlook in order for it to do anything. None of the big e-mail viruses have been able to spread without active help from the user. I have been running Outlook for 6 years by now and never had any problems.

Re:Single worst spam day by number of messages: Au

[mrak+and+swepe]

Although we all hate spam, at least we can engage in some harmless macho posturing re the amount of it that we get.

I'm a mere minnow in comparison to your good self: Just 57 per day, on average.

Me off to stuff a pair of socks into my pants...

RTFA instead of looking at the pretty picture

From the page:

Note that this chart is not scientific. Only mail which makes it past the corporate spam and virus filters show up on the chart.

*DOH*

Re:RTFA instead of looking at the pretty picture

[gordgekko]

I agree with the person you responded too; this guy's level of spam is nil. And, the true irony is that M$ (for whom this suck-ass works) is probably 99% of the reason spam exists anyway!

Eh? Care to explain that statement? Microsoft didn't write the first spam, didn't create the open protocol that enables spam to be sent so easily, and doesn't run the biggest ISPs where spam is sent from, though its Hotmail users seem to be quite susceptible to receiving it. So how is Microsoft responsible for virtually all spam?

I don't much care for many of Microsoft's products but let's be a little more circumspect with the accusations we throw around.

another graph

[DuctTape]

Cristiano writes "Microsoft employee Raymond Chen has saved every spam message and virus-laden e-mail he's received at work since 1997 and graphed the spams and viruses to create a cool visual representation of one man's malicious traffic."

I'd like to have saved every BSOD that I've received since 1997 and make a cool visual representation, too, but the system crashes each time I get one... so much for data retention.

DT

Re:Only 19000 spam messages?? That's nothing.

[Holi]

It seems like Raymond Chen is less than average in the amount of spam received

Umm.. so your the average? Have you ever thought that maybe you are on the high-end of the bell curve.

Raymond Chen is less then you in the amount of spam received, who knows maybe he is exactly the average.

Why don't you poll people and find out.

I would but I dodn't care.

This has been done before

[Prince+Vegeta+SSJ4]

THIS site even has an animation of the propagation of spam.

Irony

[thrills33ker]

A Microsoft employee keeps a record of his ever-increasing levels of spam and viruses?

Aargh! My irony meter has gone off the scale!!

He saved copies

Does that mean that Bill Gates will be sending me the money he owes me for forwarding all those emails?

RTFB

[daytrip00]

Read the blog. This guy is one prolific programmer. He's the guy who ensures that all the old windows apps (like the ones from 10 years ago) keep running on the latest versions of windows. He has all sorts of stories about windows bugs and idiosyncracies and explains how they all came to be. It's a fascinating read and I have an RSS subscrption to his blog.

Read this article which is all about his quest for windows and developer backwards compatiblity.

He give this story about Sim City: It deallocated memory, and then used it right after deallocation. It was a bug that windows 95 allowed. So his code make a special check that you were running sim city and if you were, you could use memory right after you deallocated it. It's pretty amazing to see all the hoops that he and his team jump through. But he's a MSFT ledgend.

PS. That blog entry I linked to sent Shockwaves through Microsoft. It's changed the new XML api design, and resulted in the backporting of Avalon to Windows XP.

Re:Should we rewrite SMTP

[AndroidCat]

Excellent idea. You go first.

Mailinator

[R.Mo_Robert]

Have you head of Mailinator?

Basically, you can make up any e-mail address, say foobar2004@mailinator.com and go and check it later. All you have to do is type in your chosen name and check for mail. It's useful for websites you don't really trust (but not for those you might continually receive useful mail from). And, of course, it's incredibly unsuitable for any personal information, since anyone can check any "account" if they can guess its name. And e-mails only stay for a certain number of hours/days. But for quick signups that just require some sort of e-mail address, it works.

2002 was a big year for spam

[Basehart]

2002 must be the year when Florida got connected to the internet.

Only 67 spams on his *worst* day? Wow!

[sakeneko]

I think it was before 2000 that I last had that few spams in a day. <wry grin> That's what happens when you have an old email address and like to post to Usenet....

Graph could have been better

[Sivaram_Velauthapill]

I think the graph isn't too helpful. Size vs time may be interesting to look at but it doesn't really say much. I think a more useful plot would be a frequency chart or a histogram or something like that.

I'm not dissing the work--just saying how it could have been better...