Slashdot Mirror

← Back to Stories (view on slashdot.org)

The New Yorker On Spam

Posted by kdawson on from the they-don't-like-it-one-bit dept.

aqk notes an article in the Aug. 6th New Yorker surveying the spam problem up-to-date. The New Yorker may not be exactly the MSM, but it is pretty influential. The author got only one fact wrong that I noticed: Canter and Siegel's seminal spam was propagated through Usenet and not email. Still, it's a good look at the history of spam and the scale of the problem today. The amount of spam that "spam king" Robert Alan Soloway, indicted under the CAN-SPAM Act, is accused of sending over a period of four years is now pumped out about every 30 seconds, around the clock, around the world.

10 of 132 comments (clear)

  1. Proper verification of senders by morgan_greywolf · · Score: 5, Insightful

    Spam wouldn't be such a problem if we had proper verification of senders. Whether that's through some central identity or whatever. I realize this idea is extremely unpopular and is not in the spirit of the original Internet, but heck, if you had to essentially have an ID that verified who you were and if you sent out spam, you'd lose it, how much less spam would there be?

    --
    My blog
    1. Re:Proper verification of senders by morgan_greywolf · · Score: 3, Insightful

      If you ask me, nothing less than the total removal of all spamming should be acceptable. Filtering doesn't get it because you still have all of this spam and zombies wasting terabits of bandwidth. And you have spammers pwning all these clueless idiots' Windows boxes, turning them into spam zombies. Remove the ability to send spam without screwing yourself, and you'll solve all of the spam-related problems. Filtering is like putting makeup on a facial wound. Removing the ability to send spam in the first place is the cure.

      --
      My blog
    2. Re:Proper verification of senders by spikedvodka · · Score: 5, Insightful

      If you ask me, nothing less than the total removal of all spamming should be acceptable. Filtering doesn't get it because you still have all of this spam and zombies wasting terabits of bandwidth. And you have spammers pwning all these clueless idiots' Windows boxes, turning them into spam zombies. Remove the ability to send spam without screwing yourself, and you'll solve all of the spam-related problems. Filtering is like putting makeup on a facial wound. Removing the ability to send spam in the first place is the cure. Sounds great... where do I sign up? but seriously. There are a number of problems with "Removing the ability to send spam in the first place"
      1) What exactly is spam? -- Some people would say that spam is any e-mail they don't want. Others will say any e-mail they didn't ask for. yet others point to the dictionary and say "unsolicited usually commercial e-mail sent to a large number of addresses"
      This brings up the first problem... if we go with the last (and most technical) of those definitions, all a spammer has to do is start to "properly" personalize the messages (for some value of personalize)
      If we go with the first, how can you check on the sending end if the recipient wants it?
      if we go with the second, what about when I want to send e-mail to a friend I've lost touch with? he didn't ask for the e-mail, therefore my message is "spam"

      Even if we, as the GP suggested, impose a technical restriction on e-mail such that it has to be authenticated as to who it's from, all that does is make the filtering easier. What is going to prevent the dedicated spammer from "registering" a new identity? where would everybody's identities be registered? would you trust a centralized registry of "registered senders"? for some reason i think not.

      I've heard suggestions of using a "web-of-trust" method of "registering identities", but even with that idea, you're going to end up with many separate webs. and bog help you if you want to send e-mail between the webs, you'd be effectively unknown, and thus declared "SPAM".

      All to often the way it seems with technology is that we put band-aids on everything. Endless patch-Tuesdays, etc. and that when a new system is proposed and agreed upon it (a) takes forever to get off the ground ... IPv6 anyone?, or (b) is fored to be backwards compatible, which defeats the purpose.

      Maybe I'll have to think of an algorithm to dynamically and auto-magically create a positive, and negative web-of-trust, both for senders and for servers... but that's more for another time
      --
      I will not give in to the terrorists. I will not become fearful.
    3. Re:Proper verification of senders by Opportunist · · Score: 2, Insightful

      That will never happen. Never.

      Reason? Simple. Who would immediately lose their "internet rights"? Clueless people with spam sending trojans. The same people that pretty much everyone who earns money through the internet loves. ISPs love them, because they use little bandwidth and don't care if their connection speed and reliability is far below anything advertised. Internet shops love them, because they rather buy crap online than trying to find it for free. Governments love them for as long as they're occupied with internet games and internet gambling, they don't ponder looking at the real world and what runs wrong.

      This won't happen. For pretty much the same reasons why nobody will ever be held responsible if he is unable to keep his computer malware free. Pol Pot already knew it, and our politicians catch up, it's easier to govern fools than it is to govern people who are willing to learn. Learning leads to questioning, questioning leads to opposition.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Re:Need More Exposure to Ideas and Methods by morgan_greywolf · · Score: 5, Insightful

    I know Popular Mechanics is ... well, popular for lack of a better word so why aren't newspapers picking up on this and printing more tech-heavy articles? I


    Because such articles don't sell advertising. Popular Mechanics, Popular Science, Scientific American, etc., can sell ads because they have nothing but tech-heavy, jargon-laiden articles, and so the advertisers know exactly who they are targeting.

    Newspapers are general-purpose publications, written for the widest audience possible. It's hard enough for them to sell ads these days without having to have specialized sections for the tech reader.

    That being said, newspapers should be trying to innovate, because if they don't, well...it's the death knoll for newspapers.
    --
    My blog
  3. "Web of trust" won't work. by khasim · · Score: 3, Insightful
    Check out TFA. They even mention Hotmail.

    Hotmail is one of the world's largest providers of e-mail service, with two hundred and eighty-five million registered accounts in more than two hundred countries. "We filter them all, and that takes huge amounts of computer processing power and Internet bandwidth, and it requires us to work constantly to keep the numbers from getting worse," Scarrow said. "We do this to minimize the impact on our customers, but it's a hell of a job."

    Yet about half the spam that gets through my system comes from HotMail and GMail.

    And let's not forget the cute ads that Microsoft appends to outgoing Hotmail messages. So, someone sends spam through Hotmail, which ends up with the ad attached ... and it gets reported as spam ... so when a legitimate message comes through from Hotmail it also has the ad and so it gets flagged as spam by SpamAssassin.

    That's great. The spam gets through and the legitimate messages are blocked. Maybe Microsoft could have put a bit more thought into their process? No? Getting the ads out is too important?

    Here's a thought. How about Microsoft and Google throttle the outbound connections on their servers? One message every 5 seconds? And take an account off-line AND ALL ITS PENDING MESSAGES if they get a complaint? Google has smart people. I'm sure they could work out an automatic arrangement with the larger anti-spam sites.

    The only "web of trust" you can really trust is your own white list.

    I'd rather focus on the opposite. Identifying ranges that are 99.9%+ likely to be spammers. Like most of the home accounts on Comcast and Verizon and such.
  4. Re:Need More Exposure to Ideas and Methods by Philotechnia · · Score: 5, Insightful

    Let's step back from spam a second. If prostitution is the world's oldest profession, being a con artist is a close second. Before spam, these people were jumping out in front of cars to collect a paycheck, enticing people through telephone calls into shady business transactions, and so on. Spam is only a new form of an old trade. These people are always going to feed off the ignorant, the naive, the bleeding hearts, and the foolish. You will never regulate this kind of predatory behavior out of existence. All of us make bad choices. Some of those bad choices involve being the con artist, and some of those bad choices involve letting ourselves be duped. You can't stop this, you can only hope to contain it. That being said, the most effective approaches to spam are going to be those that assume the existence of the problem going forward - i.e. we can not stop nor get rid of spam - and manage it effectively while educating people against the tricks of the trade. I think spam is largely an overblown issue, that most competent sysadmins have tool sets that manage it very well, and that the average user is much more educated then us slashdotters assume. To put it briefly - spam is an overblown issue that just gives the government an excuse to get their grubby hands on our tubes. In Soviet Russia, the internet surfs you!

  5. Re:Track them and arrest them. by achbed · · Score: 2, Insightful

    Two problems with this.
    1) You assume that all nations want to cooperate and, as you so eloquently put it, "nail their collective goolies to a wall". That is very far from the truth. If we can't get a universal agreement about terrorists, how can we get a universal agreement about spammers/scammers? The only way one is going to be able to do this consisently is by doing vigilante justice - and then avoiding any law enforcement that wants to take you out for taking matters into your own hands. Good luck with that!
    2) You also assume that "sending the heavies round" means that the "heavies" and the spammers are not colluding. I'll be willing to bet that many illegal spam operations are now owned by the same "entrepreneurs" that own the "heavies" you are referring to. Any bets on if they would be willing to beat down their own people for a few bucks? Many fewer bucks than their spam operation is bringing in?

  6. Re:It'll be hard to change minds. by RobBebop · · Score: 3, Insightful

    I hope your friend's Ph.D isn't in a computer science related field. It seems logical that an acceptance of this would infect the rest of the world, though. Many businesses have enjoyed moderate success by sending out "mass-mail" through the USPS for years.

    In regards to your other point...

    Spamming has become so standard and everyday that people don't even give it a second look now and just consider it an annoyance at worst.

    I have found it increasingly annoying dealing with people who run pirated software because "they couldn't afford to pay for it". This "don't give it a second thought" mentality is, IMHO, something that should be reversed. Just because technology enables somebody to do something... it doesn't mean they should.

    --
    Support the 30 Hour Work Week!!!
  7. Re:It'll be hard to change minds. by gnunick · · Score: 2, Insightful
    Stealing bread when you can't afford it (and no one's giving it away) is difficult to condemn.

    Running pirated software because you can't afford it? Well, since you can get almost any software you could possibly need both free and legally, you're apparently either uninformed or not the sort of person to take responsibility for your own actions and choices (just like a spammer).

    --
    I have no special gift, I am only passionately curious. --Albert Einstein