Slashdot Mirror
Gmail is Now Blocking 100 Million Extra Spam Messages Every Day With AI (theverge.com)
Google has recruited its in-house machine learning framework, TensorFlow, to help train additional spam filters for Gmail users. With the new filters in place as of last month, the company claims Gmail is now blocking an extra 100 million spam messages every day. From a report: In the context of Gmail's 1 billion-plus users, this isn't necessarily a huge gain -- it works out as one extra blocked spam email per 10 users -- but Google says Gmail already blocks 99.99 percent of spam, so working out what constitutes that last sliver of a percentage is hard.
Use gmail for work for decade+, spam has certainly never been a problem.
Although, it does seem to be a bit aggressive sometimes.
Why is everything AI now a days? We have yet to see one singe spark of AI and still my car is sold as having it.
And by spam I mean, people signing up for shit with my e-mail address and then the companies never respect my requests to Unsubscribe.
Companies I have never done business with, such as: Apple and Priceline
Surprising that APPLE will send e-mails without ever requiring the person to authenticate the e-mail address is really theirs.
And this is indeed spam.
Maybe they should use the AI to target their own "users" who are abusing the service. We see literally thousands of gift card scam emails that originate from the gmail platform. Heck who needs AI, how about some more robust abuse reporting features!
And, the result is more false positives ...
In the past 6 to 8 weeks, I found several emails from people I know in the Spam folder.
The strange thing is that those were from email addresses are in my contact list, and have been communicating with me for years.
Bad move Google ...
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
No one will ever know the mail not seen.
And is that really such a bad thing?
that i use the same fucking computer, the same fucking browser, on the same fucking dsl connection, for the last decade....
and they still think something is 'wrong' and make me do the 'security verification' bullshit every fucking time i login.
I have had a GMail account since the invitation only days. I actually got an invite from someone giving them away on slashdot. I am careful about where I use the address and I get very little spam (about 10 / month or less).
When I read about GMail's great spam filters I wonder does that mean that the spam emails are actually blocked (ie. never make it to me at all) or just filtered to my Spam folder.
I say, so what. I've been using Popfile for years. Is this "new AI" some how a magical unicorn that's better than Bayesian style filtering? Probably the same thing.
How is this even news? Filtering is nothing special. Also not particularly difficult to 'train' up a filter.. just need a bunch of spam, and non-spam to feed it.
Isn't the biggest issue with Gmail not whether their users get spammed, but the fact that gmail is used to spam others? It's like they refuse to scan their outbound emails for spam, despite knowing that spammers use their service.
Also, they push everyone to use SPF/DKIM/DMARC, yet gmail itself doesn't use it, making it easier for spammers to send crap as gmail.
That's kind of fucked up.
Cookies, may dear madam. Cookies to remain if you want to be known forever, and ever, on and on, on and on.
google has failed! i had to hack gmail to not block messages, because it was so aggressively blocking real mails that i was losing important communications from real people - this is a total fail
"Google now indexes millions more of your emails, automatically, by AI and calssfies it according to their risk"
Get fucked Google.
And get very little SPAM. And the couple of SPAM messages that do arrive invariably come from Google GMAIL or from Microsoft's OUTLOOK.COM domains.
All you need to do to get rid of SPAM is to use appropriate BOGON filters (ie, don't talk to addresses on the BOGON list, or known ROSKU spammers on the DROP or EDROP lists), and use a couple of judiciously chosen blacklists. Though, most of the SPAM is prevented by simply requiring STRICT RFC compliance.
Of course, GMAIL will never require RFC Compliance because that would mean that gmail would be unable to send to or receive from the vast swath of badly configured SMTP servers out there on the Internet and that would be bad for their Advertizing and Privacy Invasion business. So rather than actually do something useful about SPAM (such as requiring RFC Compliance that would eliminate 90% or more of the problem) they use these stupid bandaids.
I always wonder if people who praise Gmail's filters are shills or sycophants, or they just never notice the failures. Anecdotal evidence, but here are a few low points of my experience with Gmail, which I continue to use only because the alternatives seem no better (though some are clearly worse).
(1) I just had another false negative this morning. Especially relevant to today's story because the slightest intelligence, artificial or otherwise, would have known it could not possibly be valid email for me.
(2) There has been a long stream of stupid phishing probes from the same source. My intelligence can clearly tell that they are NOT the google, but they all claim to be from Gmail admins with various kinds of threats of account termination and such.
(3) Biggest problem with false positives is a bit complicated to describe. One of my "professional" email addresses is actually an alumni email address which was switched to Gmail a couple of years ago. As a naive forwarder there had been no problems for many years, but my theory is the google made them an offer they couldn't refuse, so they switched. Therefore I set up the forwarding to my regular working address, which is my first Gmail account, and it seemed to be working normally. Later on I rejoined a professional organization using that alumni email address, but after a year of communication problems I finally discovered that some of the organization's email was being tossed as false positives and NOT being forwarded. I don't really know how much was lost, though I am sure it interfered with my involvement in the organization. Nor was I able to figure out the basis on which Gmail was tossing some of the email, but it certainly has become a major nuisance to try to work with yet another account because I can't trust the google, and even worse because the two accounts are fighting with each other. Near as I can understand the situation, the alumni email account is not a "real" google identity, but some kind of organizational account with slightly different functions.
(4) Other false positives and false negatives continue unabated. Usually they are tilted towards false negatives, which is probably better than more false positives--as long as I'm checking. Oh, wait. That kind of defeats the purpose of the filters, doesn't it?
(5) Perhaps most importantly on the filtering topic is that the spammers have proven that they can live with filters. Their marginal cost remains close enough to zero that they are always willing to spawn another million or billion spam messages. If the google is doing anything to put them out of business, they are certainly hiding it well. And don't give me the sob story about it being impossible before explaining where the pump-and-dump stock scam spam went. The spammers' business models CAN be broken, but the google don't care. (Of course that is sadly true of the alternatives, too. At least all the alternatives I currently know about.)
That's the spamming problem, but going on to other email features... There are a number of features I want, but I am absolutely convinced the google is incapable of moving in such directions. The features they have added over the last few years are mostly features I want to disable, especially this confidential mode garbage. If you don't trust me enough, then I do NOT want to receive your email. The only aspect of confidential email I want is to bounce any such email that is sent to me. (I am not sure if it is a positive thing that the spammers have not yet figured out how to abuse confidential email. But I'm sure they will, given the google's "Live and let spam" attitude.)
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Any reason not to just shoot spammers dead? What's the downside? After the first 5,000 bodies the spam-incident-rate would drop-thru-floor. THink also, most spammers are Trotsky-slut strivers whose broken faces best nourish tree-roots not kindergarten waifs.
It's making my business negotiations with Nigerian princes very difficult. Maybe I should go into boner pills instead.
Table-ized A.I.
You managed to remind me of what I still think is the best solution approach. It's actually another aspect of MEPR (Multidimensional Earned Public Reputation). In this application, the dimensions of concern are those that would indicate a particular person with ACTUAL human intelligence is (or is not) skilled at recognizing spam.
One implementation (but the google will never implement it) would be as an opt-in spammer-fighting tool beyond the incredibly naive Spam button. (The additional phishing-report option is not a real solution, but it's a tiny bit better than nothing.) The spammer-fighting tool I fantasize about would parse the suspected spam and let the human being help assess the various aspects of the spam (and recommend appropriate countermeasures) in a kind of automated dialog. MEPR is relevant so that the email server or website can weight the responses and respond appropriately.
Now it's time for some defeatist moron (or shill) to pop in with the idiotic options-based form letter explaining why you can't fight spam. (I'll ignore it, of course. I'm much too stupid to just give up--but again I remind you of the pump-and-dump stock scam spam.) Therefore I'll just bid you ADSAuPR, atAJG.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
So I just realized that maybe the best way to securely transmit data is to just spam it around the world to the point where all the filters just squash it. Nobody would know or care.
You know their AI is trash when they flag mail from noreply@google.com as Junk. Or is it?
Instead of filtering malmail, they should be fighting malmail in a way that matters.
* Every phishing email should receive an equal number of plausible (scripted/AI written) replies from dedicated email addresses and domains. (This poisons the well.)
* Every site employing "sign up for promotional emails by default" checkbox should be downranked on Google.
* Every site employing "signing up implies consent for promotional emails until you cancel them" should be delisted from Google.
* Every domain found to have hired spammers should be delisted from Google entirely (this requires an investigative unit).
Google enables malmailers to continue by not punishing their behavior.
Anons need not reply. Questions end with a question mark.
It always puts those in my spam folder, which it hides so I don't realize it put them there.
Other than that, it works fairly well.
I feel sorry for legitimate salespeople trying to sell you stuff personally, though.
-- Tigger warning: This post may contain tiggers! --
gmail's spam filtering used to be impeccable, but in the last 2-3 years I've seen it get a lot worse. Or the spammers have gotten a lot better. I get 1-3 spams leaking into my inbox now (granted, out of dozens or more per day).
Since the start of the year we have had a serious problem with sending emails to clients who have gmail accounts. All of a sudden they are routed to spam without fail. No other host does this, just gmail. Seems their brain dead AI has decided our legitimate business sends spam.
The monetization opportunity here is to simply charge various rates for emails sent, spam or otherwise. No AI required.
"Tempers are wearing thin. Let's just hope some robot doesn't kill everybody." --Bender
The problem with email spammers is the same one as with robocallers. It costs nothing to send email or call a million people. If the email providers and phone companies simply charged people for every call they make or email they send over some minimum (e.g. 100 per month) it would put and end to it almost immediately. It wouldn't even take much. Just a penny or two per message would stop the mass mailers and callers in their tracks. For the rest of us, it would rarely affect our costs. Even in months where you go over the limit, it would only cost you a couple bucks at most.
Can we just rule spam as a form of denial of service attack or wire fraud? That much spam being sent out in the first place must have some effect on the network, and using AI to filter spam is an unnecessary strain on the electricity network.
Those who do not learn from commit history are doomed to regress it.
I can't even begin to tell you how much these SPAM filters are resulting in lost emails. They're not even going to the SPAM box half the time. Legitimate messages that is.