Selling Your Attention to Spammers

Dotnaught writes "Can the free market stop spam where technology has failed? As described in InformationWeek, Professor Marshall Van Alstyne of Boston University School of Management has co-authored a soon-to-be-published paper that proposes an "attention bond" -- money put up by email senders that recipients collect only if they consider the message a waste of time. Supposedly, this market-based filter performs better than a perfect technology-based solution, with no false positives or negatives. A company called Vanquish already has a working model. Is selling one's attention the answer to spam?"

Automated Spam Response

[EggMan2000]

Your post advocates a

(*) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(*) Mailing lists and other legitimate email uses would be affected
(*) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(*) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(*) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(*) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Automated Spam Response

I never see people complain about dupe comments...

In Soviet Russia, people pay attention.

Re:Automated Spam Response

[nacturation]

Supposedly, this market-based filter performs better than a perfect technology-based solution.

So it performs better than perfect? How does that work?

Re:Automated Spam Response

[booch]

If you're going to fill out the form, please fill it out CORRECTLTY:

Your post advocates a

( ) technical ( ) legislative (*) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(*) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(*) Lack of centrally controlling authority for email
(*) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(*) Asshats
( ) Jurisdictional problems
(*) Unpopularity of weird new taxes
(*) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(*) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
(*) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(*) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
(*) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
(*) Sending email should be free
(*) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(*) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Can they really afford my time?

[Rude+Turnip]

I bill triple digits per hour (but still less than a phone sex operator at $4.99/min). Doctors and lawyers charge even more. Unsolicted messages are an uncompensable waste of time and a theft of network resources.

Yet another misguided solution

[lukewarmfusion]

It sounds like a good idea, but it's not a solution any more than CAN-SPAM. Spammers will not cooperate if it's just going to hurt them. Until you crack down on spam in the same way that the telemarketer do-not-call list has, you won't see any improvement. And that's not even realistic given the ease with which email can be masked or forged.

It's similar to the argument that gun rights advocates make - stricter gun control laws or programs will hurt legitimate owners, but the real problems will still lie with the criminals who don't abide by those laws anyway.

Crack down on spammers. Make spam outright illegal and make penalties for ISPs that fail to comply.

Let's try it out on Slashdot

[pcraven]

I'd like to try this on Slashdot. I can collect money for articles that I think are a complete waste of my time. Then this money can be used to post messages like this, which are a complete waste of other people's time.

Re:Let's try it out on Slashdot

[Shadow+Wrought]

You owe me $1.00.

What is it with the money-for-email idea?

[btempleton]

While it's not a great idea, it's a fairly obvious one. Papers on this go back decades. I was one of the earliest to propose it in the Unix community almost a decade ago, but later denounced my own ideas.

But what amazes me is that like clockwork, somebody will publish an article on this "great new idea" for dealing with spam, several times a year it seems. They have clearly read none of the spam literature, nor done a search. And on top of that, journals and magazines also think it's new and publish the items, even slashdot publishes them.

What gives?

Ah!

Ah, I see...
Professor Marshall Van Alstyne of Boston University School of Management

That pretty much explains it.

The problem with spam is weak enforcement

[Animats]

Spamhaus points out that 200 known spam operations are responsible for 80% of spam. They have names for most of the key people involved. Most of them are in the US, even though "bulletproof web hosting" services in China and money laundering in some tax haven may make them appear to be offshore.

The US Federal Trade Commission says that over 80% of spam involves some violation of Federal law. Not just the CAN-SPAM act, but mail fraud, false advertising, money laundering, computer crime, drug counterfeiting, and racketeering. There should be no problem filing charges.

If we had an FBI director who made this a priority, most spam could be eliminated in a year. Just divert some of the FBI Baltimore people who do child pornography, who are already experienced at tracking people on the Internet, off that job and onto tracking down the major spam operators.

In a sense, CAN-SPAM has been effective. Spamming by even vaguely legitimate companies is down. Almost all spamming now involves felony criminal activity of one kind or another.

Re:The problem with spam is weak enforcement

[SirSlud]

[sarcasm]In fact, I advocate taking anybody working on anything deemed less bad than child pornography and put them on it. In fact, we should not be working on anything except for child pornography. Actually, there are some dudes working on petty things like identity theft, corperate misdeeds, murders, grand theft auto, etc .... [/sarcasm]

why does the casual observer allow objectivity and reasonable thought to fall by the wayside when dealing with the very things that require them the most?

I was a sexual abuse victim when I was young, and I dont see whats so bad about the parent post. Child pornography department just fills in the vacant slot or two and the experts train the newbies. Thats how it should be done .. let the domain knowledge permeate the entire law enforcement departments that deal with online crime. You're not dismantling the original group, you're just letting them share some of their expertise with other departments that so clearly need them .. expertise they had no choice in gaining from working in such an important field.

There doesn't seem to be much motivation to put that kind of knowledge on spam enforcement, but I think the parent poster is right: why isn't there? Obviously spam isn't nearly as bad as child pornography, but judging by some of the porn sites they advertise via unsolicited spam, the industries certainly intertwine. Its not like a potential victim becomes a stupid slut who made her own decision to sell her body the second she goes from non-legal to legal age. I've seen enough stuff in my lifetime to know that claiming you're a consentual adult isn't exactly 100% true if somebody is pulling your strings.

Robert Heinlein invented this

[alw53]

Robert Heinlein in one of his stories required that telephone callers post a bond before the hero would answer the phone. If the hero agreed that the phone call was worth it, he'd reverse the charges.