Nicolas Mailhot wrote:
If you call carpet-bombing effective, it is. Retail paper flyers are the
true spam ancestors.
It's cost effective is what I mean. But, you don't have to believe me.
From the April 2005 issue of Scientific American --
http://www.sciam.com/article.cfm?articleID=000F3A4B-BF70-1238-BF7083414B7FFE9F&sc=I100322
"The proliferation of fraudulent e-mail results directly from favorable
market forces: spam is exceedingly cheap to distribute. It is not
altogether free, though. We estimate that a message costs about one
hundredth of a cent to send. At these cut-rate prices a spammer can earn
only $11 per sale and still make a profit, even if the response rate is
as low as one in 100,000. Hence, although very few e-mail users ever buy
anything advertised in spam, all of us suffer because of those who do."
Look. Spam is *not* a technological problem and treating it as such only
creates an escalating cold war. Spam is an *economic* problem, and the
cause can be summed up in two words: free email. It's the tragedy of the
commons updated to the 21st century.
Sure, and windows has no security problems and the answer to virii is
Bill Gates offering bounties for virus writers.
What I mean is that spam is not *particularly* a technological problem.
See above. Also, from the same article:
"One of the most infuriating aspects of spam is that it changes
continually to adapt to new attempts to stop it. Each time software
engineers attack spam in some way, spammers find a way around their
methods. This spam arms race has led to a continuous coevolution of the
two, which has resulted in ever increasing sophistication on both sides."
This is analogous to the War on Drugs -- a medical and public health
crisis that has been co-opted by politicians and turned into a
law-enforcement issue. The result has been the same in both cases. Failure.
The solution is a "fee-bate" system. Each email message should require a
micro-payment of, say, $0.25 -- basically postage.
This fails in the same trap as SPF : as long as you got zombie networks
the spammers won't care. They're not the ones charged. (but this could
be solved by getting rid of windows).
In the first place, that isn't going to happen anytime soon (getting rid
of windows). Zombie networks are created by viruses. Viruses are *not*
transmitted via html. They walk right in the front door via mail
attachments (among other vectors, but that's the primary one). It's like
carrying in botulism with the groceries.
If *more* people used clear-text formats to transmit complexly formatted
documents and sent *fewer* attachments, there would be fewer viruses out
there. My original thesis was that flat xml (odf) could be more safely
used for that purpose.
Also, if people *were* charged as a result of letting their boxes become
spam zombies (it *can* be avoided, even on Windows boxes) then maybe
more folks would take security more seriously.
Plus the cost of printing paper
flyers has not stopped businesses from stuffing my mailbox with them so
far.
But it's more tightly targeted -- either by geography or demography. You
don't get flyers for grocery stores in far-flung cities, do you? When we
recently moved, we got ads and flyers for products and services relevant
to those who have recently moved. Same thing happened when we had a baby
eighteen months ago.
The solution is generalised digital signatures with mandatory passwords
so one can not sent a message from a computer without typing a password
at the start of its session.
How *precisely* would you enforce how software is going to operate on
*my* computer? Especially if it's open-source?
Charging a postage fee of some sort, whether my fee-bate system or
something else, has the side effect of mandating exactly the
authentication mechanisms you desire while simultaneously making spam
much less profitable.
--
Rod
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
