Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Haters Given Right of Reply

Posted by Zonk on from the hitting-back dept.

rk_cr wrote to mention an Israeli technology firm which has set up a system to allow harried email users the right to reply in force. The system "batters spam websites with thousands of complaints. The plan is to fill order forms on spam websites offering pills, porn and penile health tonics with complaints about the products advertised for sale in junk messages. The plan has been criticised by other anti-spam workers who say it amounts to vigilantism."

23 of 278 comments (clear)

  1. Legality? by gunpowda · · Score: 5, Insightful

    Would the users not then be liable for precisely the same kind of charges and punishment that the spammers are?

    1. Re:Legality? by bobbis.u · · Score: 4, Insightful
      They solicited the business by contacting you first, so there is clear cut difference.

      I'm not sure whether the law would reflect this, because as we all know, the law doesn't always reflect justice.

    2. Re:Legality? by kfg · · Score: 2, Insightful

      No, because the spammer has solicited. The repsonses are not spam, they are responses.

      KFG

    3. Re:Legality? by Anonymous Coward · · Score: 5, Insightful

      Parent's comment feeds nicely into the close of the article:

      But the scheme has been criticised by John Levine, a board member of the anti-spam Coalition Against Unsolicited Commercial E-mail.

      "It's the worst kind of vigilante approach," Mr Levine told the AP news service. "Deliberate attacks against people's websites are illegal."

      Except there's several minor problems with this supposed illegality:

      (1) The spammer has sent you email inviting you to the spammer's website. Under the law, this explicit consent makes you an invitee, and not a trespasser.

      (2) The company is filling out a form provided by the spammer's website. Arguably, there is implicit consent for the user to fill out the form, and the fact that the response rate has jumped from 0.1% to, say, 10% may be unusual, but it is a foreseeable consequence of the spammer's campaign. If you are replying in exactly the manner intended by the recipient, it's hard to classify the response as a denial of service.

      (3) The spam complaints may not be legal in and of themselves, so if the company is smart, it will include an unreasonable counteroffer ("Dear sir, I would like to purchase your product, but I am only willing to pay $0.01 per item, including shipping and handling. You may accept this offer by shipping the product to [P.O. box that nothing is likely to ever appear in anyway owned by company]"), which in fact will be perfectly reasonable because the offer invites counteroffers, and the subjective intent of the person making the counteroffer is irrelevant to a legal analysis of the contract (note: I am not arguing that there is no risk whatsoever, courts are not stupid, but they tend to employ 'cruel' ways of being fair).

      (4) The spammers haven't exactly shown that they are willing to disclose their identities. At some point, the spammer has to sue someone. That subjects them to both subject matter and personal jurisdiction for various claims like private nuisancce, misrepresentation, breach of contract, etc. by anyone willing to cooperate with the company based on the admissions that the spammer will have to include in the complaint. Even if a spam association chooses to file suit, the ORIGINAL spammer will have to be identified in the record when whoever brings suit attempts to authenticate the evidence. Given the paltry number of pro-spammer lawsuits based on commercial rather than constitutional theories (where it's easier to hide the identity of the real party in interest), does anyone think that there's a substantial likelihood of civil complaint or criminal prosecution?

  2. Re:Not just getting the spammers though by Detritus · · Score: 5, Insightful
    If you sleep with dogs, you wake up with fleas.

    Nuke them all. If you do business with a spam-friendly ISP, you are partly responsible for the spam.

    --
    Mea navis aericumbens anguillis abundat
  3. Of course spam fighters find this innapropriate by NeedleSurfer · · Score: 5, Insightful

    The plan has been criticised by other anti-spam workers who say it amounts to vigilantism.

    Have you noticed that everytime a brilliant solution arise, a solution that seems just right and appropriate. A solution that would maybe not stop but at least truly hinder spam or virii and stuff like that, security firm says its a bad idea, its vigilantism and crap like that. Who cares if its vigilantism, it works and thats all that count. The fact of the matter is that none of these company want virii gone or spam dead, they want to sell you stuff that gives you the impression its doing something usefull about it. deleting spam, filtering it, scanning for virii and removing the well known ones, it just doesnt do crap about the problems... retaliating might, so facing a technique that could work the "spam fighters" dismisses it...

  4. Catch a clue by DynaSoar · · Score: 5, Insightful

    A vigilante is someone who usurps ot assumes power or authority from where it rightfully
    exists.

    Now, show me an elected or appointed spam cop that this is taking authority away from. There is none. Don't even bother to pretend ISPs fulfill this role. Their role is to keep customers. Some do better than othres at cleaning the trash, but none can act beyond their boundries.

    And speaking of boundries, that's where your anti-spam laws stop. And that's as it should be.

    This is the emergence of a regulatory force in the absence of any. That is not vigilantism. The net should police itself, including the dirty work. If it doesn't, someone will.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
  5. Re:fight fire with fire? by FyRE666 · · Score: 2, Insightful

    Why not fight fire with fire? These scum have placed themselves outside of the "law" (such as it is when applied to the 'net), and so should not be protected by it. I say do whatever works. The sort of scum who send spam and run spamvertised sites care about nothing other than making money, no matter what the damage is. The only thing they will respond to is a force that affects their ability to make money. Forcing them to pay stratospheric bandwidth bills, or wade through tens of thousands of garbage "sales enquiries" will affect their "business model".

    As for the hand-wringers and navel gazers claiming it's "vigilantism", I'm assuming they also considered the US' attack on Afghanistan after 9/11 "vigilantism", or Europe fighting back against the Nazi's as "vigilantism" too? Yeah, we should just sit down and have nice pleasant debates with scum... sure... that'll work... <rolls eyes>

    --
    Code, Hardware, stuff like that.
  6. Spam Haters Given Right of Reply by wljones · · Score: 5, Insightful

    This is an old pattern. The bad guys (Spammers this time) inflict themselves on the public. Authority is asked to help, but cannot or will not do so. Victims then search for their own solutions. Authorities see their monopoly threatened and cry,"Vigilantes!" The authorities, whether government or private concerns, feel they have more to gain protecting their monopoly than by fighting the problem, and victims are an easier target than organized thugs. Notice that their protests against the victims do not offer a better solution, only name-calling and threats.

  7. Re:and what if it says by DogDaySunrise · · Score: 2, Insightful

    FTA: The plan is to fill order forms on spam websites...

    No 'From' header required...!

  8. Re:Let's get it done and over with... by ZorbaTHut · · Score: 2, Insightful

    Also missing . . .

    (x) Anyone could anonymously destroy anyone else's career or business

    (x) Joe jobs and/or identity theft

    (x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
    (x) Countermeasures should not involve sabotage of public networks

    --
    Breaking Into the Industry - A development log about starting a game studio.
  9. Same as the by jurt1235 · · Score: 2, Insightful

    1. DOS on spammers proposal: http://it.slashdot.org/article.pl?sid=05/07/18/121 4226&tid=111&tid=1;
    2. The, I believe english, innitiative to reply on spam by going to the websites and not buy anything (1/3 of users responds on spam advertising: http://it.slashdot.org/article.pl?sid=05/03/23/238 205&tid=95&tid=111)

    Somehow I do not feel like going after these spammers at all, but more for just better working ISPs to disconnect bots of the net, and disconnect spammers of the net.

    --

    My wife's sketchblog Blob[p]: Gastrono-me
  10. Re:fight fire with fire? by h4rm0ny · · Score: 5, Insightful


    Right now the Internet is an incivillised place, a sort of new colony, but settled by people who have the benefit of hindsight from the modern societies they have come from. I say let us fight it out for ourselves, establish our own rules, enforecements and bounds of behaviour, not have them imposed from the founding states (physical world).

    --

    Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
  11. Re:This is how the world works actually. by sim82 · · Score: 2, Insightful

    No there is a difference.
    Spammers misuse a cheap communication medium for unwanted advertising and nothing can stop them. So massive (mis)use of their own reply mechanism (btw. that was exactly what they wanted me to do by sending the spam in the first place) will drive the cost up for them (bandwidth etc.), so in theory at some point their action will be no longer profitable and they will stop.
    That's a different story than 'spam them becuse they spammed me'. It's about making spam unprofitable.

  12. I just won't buy anything from them by hydrino · · Score: 3, Insightful

    What an idea!
    Why OH WHY do people buy from them?

  13. Is it me by I_redwolf · · Score: 4, Insightful

    Or whenever someone speaks about standing up for themselves or protecting ones self. It amounts to some form of vigilante act or "Oh GEEBUS!! No, thats not the way to handle it!!!" It's in line with modern day cops. Sure, we'll make an attempt to protect you but if someone robs you or tries to physically harm you. The best thing to do is just give them your money or try to run away; the last thing you should do is try and protect yourself.

    I'm sorry to all the SpamProtectors out there but you have been ineffective. You've done nothing to protect the people who need it. Your tools are always one step behind. Seemingly asking one to not retaliate should come from the lips of others. Not you, one with vested interest in Spam. If there is no more Spam, there is no more SpamProtector. You will be out of a job and thats what you should be striving for.

    Now, i'm not recommended vigilante acts meaning putting a hot orange in ones eye socket or random acts of grotesque violence. However, I see nothing wrong with complaining or disabling a Spam server to protect not only myself but others who aren't able to protect themselves from this problem.

    1. The government has continously failed us
    2. You the Spam Protector has failed us
    3. Everything to date has FAILED.

    You then turn around and ask the honest abiding citizens to continue to be run over the coals at the expense of SPAM?

    Not today or tomorrow, so you could kiss my ass. The way I see it, the more vigilantes the better. At the very least they have not failed us and have taken the fight right to the spammers doorstep.

    They seemingly understand that the only way to win a war, is to fight one. The spamprotectors seemingly remind me of the weapons dealers who play both sides. You're as bad as the spammers.

    So; Cheers! To all the vigilantes out there standing up for the little guy and even the not so little guy! You are welcome round these parts anyday.

  14. Re:Legal crimes by nwbvt · · Score: 2, Insightful
    "To get hit, those companies would have to spam wouldn't they?"

    No, you are missing the point. Say Company A sells software. Lets say that for some reason (maybe my company competes with them, maybe I'm a disgruntled former employee or customer, who knows) I don't like Company A. I can just get a spammer to send out a chain of spam emails in the name of Company A. When people receive these emails they get pissed off and launch a counter-offensive. Their website goes down, they lose business, and people lose their jobs for doing nothing wrong other than working for a company that pissed of a creative vigilante.

    --
    Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
  15. Passivity does not work on lame spammers by canuck57 · · Score: 2, Insightful

    The plan has been criticised by other anti-spam workers who say it amounts to vigilantism."

    Being passive about spam simply does not work. It allows the sending host to continue operation and upstream providers to simply ignore the abuse.

    Now if each person who got a spam were to send 30 times as much bytes every minute for 1/2 hour back to the source connection in which the spam arrived it would not take spammers very long before their connection was congested and the upstream provider would close them down.

    Having the upstream providers shut down bad systems for a week is not a new concept, just one that needs to be brought back. Call this a collective protest, a collective DoS of a spamer to get their attention.

  16. Re:bullshit! by PsiPsiStar · · Score: 4, Insightful

    hey didn't invite you to visit the Web site to waste their computer resources. Saying "We were invited, so it's legal" is like saying that being invited to someone's house for dinner makes it 100% okay to show up, shit on the table, punch the other guests in the faces, and then break a few windows on the way out.

    These acts are crimes in themselves. Filling out a web form is not.

    The point was, replying with a garbage reply is not SPAM because you were invited to the page, explicitly. The spammer was not invited.

    If you believe your own arguments, why wouldn't the spam complaints be legal?

    The less clear cut their case, the less likely they are to retaliate legally. It would be hard for the government to make absurd business offers by invited parties illegal, no matter how odd the offers are. They can make DDOS attacks stick in court though. Personally, I don't think that replying to spam is illegal in the first place (unless, perhaps, you provide false information), but even if you do break the law, spammers are unlikely to waste money on legal expenses.

    Vigellanteism is okay if you can get away with it and noone is physically hurt and no property damaged.

    --

    ___
    It's the end of my comment as I know it and I feel fine.
  17. Re:Not just getting the spammers though by sector · · Score: 2, Insightful

    I don't think you have to worry about the latter. How many legitimate penis-pill and "get rich quick" websites are there anyways?

    I'm not sure how this is relevant.

    Let's say I'm the owner of Whozenflotz, Inc (appologies if there really is a Whozenflotz, Inc) and I notice that ACME Corp's web presence is luring my potential customers away. So I hire a spam outfit to send hundreds of thousands of spams purporting to come from ACME with the expectation that this automated response system will knock ACME's web servers offline (or at least make them sufficiently slow that those customers will return to my site). Note that at no point did I mention what Whozenflotz or ACME actually sells. Maybe the companies are online brokerage firms.

    The problem with this and all other automated response systems is that they generally do not (and one could argue that they simply cannot) completely verify that the address they're responding to was the originator of the spam. We receive a dozen or so automated responses per week informing us that our systems have been sending out emails infected with the Windows worm-of-the-month. Given that our machines are all BSD and Linux, this is pretty damned unlikely. It's simply a case of a spammer forging our contact address and the automated responders being fooled.

    This system, if deployed, will be abused.

  18. Terrorism by XAlba · · Score: 2, Insightful

    wait what? "Terrorism" in which no one is physically hurt and no property is damaged? Wouldn't that just be "protesting?"

    Threat of force is as valid a form of terrorism as force itself (which is actually secondary - the point of the violence is to induce fear).

    The point of terrorism is the use of terror, not necessarily violence, to achieve your aims. The clue's in the word.

    --

    All I want is to live in a world where everyone acknowledges my obvious superiority. Is that so much to ask?
  19. Sure it is by Tom · · Score: 2, Insightful

    It's the natural reaction. When the government or whoever else claims the monopoly on force can't defend the people anymore, they take up the weapons themselves.

    Governments the world over have made it very clear that they don't intend to pursue this problem seriously. We know who the spammers are, and yet they still run around free man. It doesn't get more clearer than that.

    --
    Assorted stuff I do sometimes: Lemuria.org
    1. Re:Sure it is by pe1chl · · Score: 2, Insightful

      Governments all over the world have more interest in multinational industry and commerce than in the wellbeing of individuals. Look how they keep a biased system like the patent system in place, while they do nothing about the spam problem.