Slashdot Mirror
Selling Your Attention to Spammers
Dotnaught writes "Can the free market stop spam where technology has failed? As described in InformationWeek, Professor Marshall Van Alstyne of Boston University School of Management has co-authored a soon-to-be-published paper that proposes an "attention bond" -- money put up by email senders that recipients collect only if they consider the message a waste of time. Supposedly, this market-based filter performs better than a perfect technology-based solution, with no false positives or negatives. A company called Vanquish already has a working model. Is selling one's attention the answer to spam?"
Your post advocates a
(*) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
(*) Mailing lists and other legitimate email uses would be affected
(*) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(*) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(*) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(*) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
what? what I thought we were in the trust tree in the nest, were we not?
I must be missing something...it seems like the same tactics spammers use to evade law enforcement today could be used to evade the imposition of this "attention bond mechanism".
____
~ |rip/\/\aster /\/\onkey
money put up by email senders that recipients collect only if they consider the message a waste of time
I get that already, it's called "my salary".
Trolling is a art,
I bill triple digits per hour (but still less than a phone sex operator at $4.99/min). Doctors and lawyers charge even more. Unsolicted messages are an uncompensable waste of time and a theft of network resources.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Why is a spammer going to put up money when relaying through a zombie net or open relay is easy and free?
I don't need no instructions to know how to rock!!!!
I'm sorry, the whole "fee" idea just doesn't work for me... What is to stop someone signing up for a whole load of mailing lists, and then claiming that they were all a waste of time? The only time anyone would not bother taking that cash is if there was someone they knew on the other end, getting pissed off.
It sounds like a good idea, but it's not a solution any more than CAN-SPAM. Spammers will not cooperate if it's just going to hurt them. Until you crack down on spam in the same way that the telemarketer do-not-call list has, you won't see any improvement. And that's not even realistic given the ease with which email can be masked or forged.
It's similar to the argument that gun rights advocates make - stricter gun control laws or programs will hurt legitimate owners, but the real problems will still lie with the criminals who don't abide by those laws anyway.
Crack down on spammers. Make spam outright illegal and make penalties for ISPs that fail to comply.
While it'd be inconsequential to me to put up 10c to send each message (or probably even $1 if my employment related emails didn't count) it doesn't scale well between different countries.
Third world countries will find that sort of money a huge barrier to entry for sending email.
Similarly this will be open to google ad type exploitation. People will set up email addresses and sign up to all sorts of solicited and unsolicited email just to collect the cash. Again for people in poorer countries this might be a practical job.
What's to stop someone from signing up for every mailing list everywhere and setting up an automated application to flag it as spam so the money starts rolling in? Three or four thousand such flags per day, even at a few cents each should start to add up fairly quickly.
I'm a big tall mofo.
My time is free! I'll give them all the time they want and then some! They just need to come over to this dark alley... say, have I shown you my baseball bat? Look at these fine details... now just hold still.
I'd like to try this on Slashdot. I can collect money for articles that I think are a complete waste of my time. Then this money can be used to post messages like this, which are a complete waste of other people's time.
While it's not a great idea, it's a fairly obvious one. Papers on this go back decades. I was one of the earliest to propose it in the Unix community almost a decade ago, but later denounced my own ideas.
But what amazes me is that like clockwork, somebody will publish an article on this "great new idea" for dealing with spam, several times a year it seems. They have clearly read none of the spam literature, nor done a search. And on top of that, journals and magazines also think it's new and publish the items, even slashdot publishes them.
What gives?
Has it been over a year since you last donated to the Electronic Frontier Foundation
Ah, I see...
Professor Marshall Van Alstyne of Boston University School of Management
That pretty much explains it.
Great...three people managed to post this bright idea before me.
Last time I answer the phone at work!
____
~ |rip/\/\aster /\/\onkey
I bill four digits an hour while reading Slashdot.
Unfortunately, there's a decimal point involved....
^_^
____
~ |rip/\/\aster /\/\onkey
The US Federal Trade Commission says that over 80% of spam involves some violation of Federal law. Not just the CAN-SPAM act, but mail fraud, false advertising, money laundering, computer crime, drug counterfeiting, and racketeering. There should be no problem filing charges.
If we had an FBI director who made this a priority, most spam could be eliminated in a year. Just divert some of the FBI Baltimore people who do child pornography, who are already experienced at tracking people on the Internet, off that job and onto tracking down the major spam operators.
In a sense, CAN-SPAM has been effective. Spamming by even vaguely legitimate companies is down. Almost all spamming now involves felony criminal activity of one kind or another.
Robert Heinlein in one of his stories required that telephone callers post a bond before the hero would answer the phone. If the hero agreed that the phone call was worth it, he'd reverse the charges.
In his 1996(?) book The Road Ahead. It was exactly the same, the recipient would have the choice to not collect if the message was wanted. For example, if it was from a long-lost friend. So it only took nine years to write a paper on this idea which was published by on e of the most famous figures in the technology industry?
Walt
Right.
People flag list traffic for which they subscribed as spam all the time. What is so special about putting up a financial bond that will cause people not to flag mail they requested in March as spam in May, or accidently marking mail from aunt Mildred as spam. I just don't see it.
This fails every test of an anti-spam proposal I can think of, including the most important: It doesn't stop spam.
--OgOverly complex, ineffective, and useless.
Who collects and distributes these (micro)payments?
Who enforces that the mailserver supports this?
In the event of someone getting zombied, who is liable? Especially in the event that the zombied box is fully patched.
How does a 13 year old from a dirt poor country send an email from the shared village PC to a uni professor in London or NYC? Where is his escrow acct?
What about anon email accts? How is my bank/paypal/whatever tied to that? (Not that I want it that way)
How does a free, but popular mailing list afford the escrow acct needed to cover new recipients?
There are a host of other problems that we haven't even begun to consider.
() Lack of centrally controlling authority for email
-- it doesn't appear to use this - it appears to be recipient's-end charging, which can be deployed in a decentralized manner
() Open relays in foreign countries
-- those don't matter here - if they sender doesn't pay, the recipient doesn't read it, and relays only make it harder to pay.
(*) Mailing lists and other legitimate email uses would be affected
-- you correctly marked "whitelists suck", which is part of why it's hard to implement this one correctly.
(*) Users of email will not put up with it
-- this is the big problem with TMDA, hashcash, and many similar systems
(*) Many email users cannot afford to lose business or alienate potential employers
-- you missed this one too. See previous.
() Requires too much cooperation from spammers
-- not a problem. This one requires cooperation from non-spammers.
() Unpopularity of weird new taxes
-- unless I grossly misread the article, this doesn't apply here - the sender pays the recipient or recipient's ISP, not some third party.
(*) Public reluctance to accept weird new forms of money
-- Yup. Either you need weird new money or old-fashioned real money, and the latter is usually too expensive per transaction.
(??) Armies of worm riddled broadband-connected Windows boxes
-- Maybe. If enough people start using this, and there's a convenient mail-sender interface so senders don't need to pay attention very often, then worms will start to abuse it. Otherwise they won't care, and the five people who still use it will have whitelisted each other.
() Dishonesty on the part of spammers themselves
-- Doesn't hurt the recipient, who sets the price high enough that he's willing to read an occasional Nigerian Herbal Fake Vi***a ad and keep their $5 just to annoy them. This proposal suffers from dishonest recipients, who convince legitimate that they should be willing to pay the money to get the recipient's attention. It's a serious enough problem that it can even lead to "Make Money Fast By Reading Email At Home" spammers inviting you to become a recipient
() Why should we have to trust you and your servers?
-- Because you want me to read your mail. Don't care? Don't send money, and I'll ignore you. If I'm a sufficiently interesting public figure, like Rush Limbaugh or Daily Kos or the Editor of the New York Times or Britney Spears, maybe you'll pay to get my attention. Alternatively, maybe the fact that I'm charging for my attention will make you think I'm some over-inflated ego who's not worth the effort, and my 15 minutes of fame will time out faster.
(*) Sorry dude, but I don't think it would work.
-- My conclusions's a bit more positive than yours
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks