Slashdot Mirror
Spam King Pleads Guilty in Seattle
arbitraryaardvark writes "The Seattle Times reports that spammer Robert Soloway has pled guilty to mail fraud and tax evasion, in exchange for the state dropping multiple counts of identify theft. 'The electronic-mail fraud charge is punishable by up to five years in prison. The tax charge is a misdemeanor and carries a maximum one-year sentence. The law also allows for fines against Soloway and his business of up to $625,000 on all charges. Both sides agreed to let U.S. District Court Judge Marsha Pechman determine not just the amount of prison time Soloway, 28, might serve but also the number of his victims, the size of any fine and the amount of restitution he may be ordered to pay.' We've previously discussed his arrest and mention in the New Yorker. The wire fraud felony count is based on selling $500 packages to wannabe spammers."
That's all fair and well if you're only expecting email from certain servers, but for most of us a deny-by-all service doesn't cut it.
He shares a jail cell with men who have enlarged their penises, taken Viagra, and are looking for a new relationship.
And you guarantee inclusion of legit traffic from mobile sources, how? You don't know what IP address or ISP will be used. What about legit mailing lists, where the originator is indeterminate?
X.400 provides much better authentication, and offers an API for repudiation, but if that's what people really wanted, we'd be using it. Or maybe everyone would use SMTP-over-SSL where client-side and server-side certificates were validated. We don't use them because people need the privacy, anonymity and flexibility of the existing system, although I'd argue almost anything is technically superior to the existing system.
In the end, although a totally secure option should exist, an insecure option should also exist that is controlled by policy rather than technology, and that ultimately means laws.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Comment removed based on user account deletion
The major charge in this case seems to be that he defrauded a bunch of other spammers. For that, he faces serious time - conning a bunch of nasty people who had every intent to spam a lot of genuinely innocent people if they could. He faces only much more minor time and fines for not paying his fair share of taxes or for spamming anybody who wasn't themselves out to con people. The guy's pond scum, and a few years in medium security looks reasonable, but isn't this all sort of like arresting Clyde Barrow and threatening him with 30 days for each murder, 180 days each for the robberies, and 20 years+ for shortening shotguns?
Who is John Cabal?
The problem with this? The depressing number of office workers who use their accounts for personal type mail. A company uses your smtpx protocol and promptly sees their rating drop due to the dozen fifty year old ladies in accounting forwarding on every piece of cute spam and donate-to-save-the-children mail they get.
There's too many comments suggesting he should be killed, raped, or otherwise hurt. If you seriously approve of that kind of punishment, either
a) move to a country with Sharia law
b) save it for the worst offenders, those that actually murder others, like some US states do
c) grow up. At worst he's annoyed you, and maybe cost you a bit of time or money.
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. your idea will not work. here is why it won't work. (one or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) spammers can easily use it to harvest email addresses
( ) mailing lists and other legitimate email uses would be affected
( ) no one will be able to find the guy or collect the money
( ) it is defenseless against brute force attacks
( ) it will stop spam for two weeks and then we'll be stuck with it
(X) users of email will not put up with it
( ) microsoft will not put up with it
( ) the police will not put up with it
( ) requires too much cooperation from spammers
(X) requires immediate total cooperation from everybody at once
(X) many email users cannot afford to lose business or alienate potential employers
( ) spammers don't care about invalid addresses in their lists
( ) anyone could anonymously destroy anyone else's career or business
specifically, your plan fails to account for
( ) laws expressly prohibiting it
(X) lack of centrally controlling authority for email
( ) open relays in foreign countries
( ) ease of searching tiny alphanumeric address space of all email addresses
( ) asshats
( ) jurisdictional problems
( ) unpopularity of weird new taxes
( ) public reluctance to accept weird new forms of money
(X) huge existing software investment in smtp
(X) susceptibility of protocols other than smtp to attack
(X) willingness of users to install os patches received by email
( ) armies of worm riddled broadband-connected windows boxes
( ) eternal arms race involved in all filtering approaches
( ) extreme profitability of spam
( ) joe jobs and/or identity theft
( ) technically illiterate politicians
( ) extreme stupidity on the part of people who do business with spammers
( ) dishonesty on the part of spammers themselves
( ) bandwidth costs that are unaffected by client filtering
( ) outlook
(X) botnets
and the following philosophical objections may also apply:
(X) ideas similar to yours are easy to come up with, yet none have ever been shown practical
(X) any scheme based on opt-out is unacceptable
( ) smtp headers should not be the subject of legislation
( ) blacklists suck
( ) whitelists suck
( ) we should be able to talk about viagra without being censored
( ) countermeasures should not involve wire fraud or credit card fraud
( ) countermeasures should not involve sabotage of public networks
( ) countermeasures must work if phased in gradually
( ) sending email should be free
( ) why should we have to trust you and your servers?
( ) incompatiblity with open source or open source licenses
( ) feel-good measures do nothing to solve the problem
( ) temporary/one-time email addresses are cumbersome
( ) i don't want the government reading my email
( ) killing them that way is not slow and painful enough
furthermore, this is what i think about you:
(X) sorry dude, but i don't think it would work.
( ) this is a stupid idea, and you're a stupid person for suggesting it.
( ) nice try, assh0le! i'm going to find out where you live and burn your house down!
Who cares if someone sends junk faxes, the phone network is an open system and it's designed to indiscriminately deliver messages - making junk faxes illegal is a terrible idea. If you don't want wasted toner, just don't accept phone calls from every bozo on the phone system.
And yet, oddly, junk faxes are illegal, because they cause a significant amount of cost for the receiver. Just like junk email does.
The law won't [i]fix[/i] things, of course. Junk faxing still occurs. But it might help, if it's designed properly.
Breaking Into the Industry - A development log about starting a game studio.