Posts by Shannon Jacobs

A suggestion for Google to fight spammers

The focus of this suggestion is that Gmail is losing value for all of us as it becomes spam soaked. Even their filtering is having troubles with false positives and false negatives--and the spam is just increasing--as always. Therefore I think Google should act more aggressively to drive the spammers away from Gmail.

My latest anti-spam idea is a SuperReport option. (Kind of like SpamCop, but not so lazy and laid back.) If you click on the SuperReport option, Gmail would explode the spam and try to analyze it for you to help go after the spammers more aggressively. The result would be returned to your browser as a webform of the expanded email to guide a more direct response to the spam. Here is one approach to implementing it:

The first pass analysis would be a low-cost quickie that would also act like a kind of CAPTCHA. This would just be an automated pass looking for obvious patterns like email addresses and URLs. The email would then be exploded and shown to the person making the report (= the targeted recipient of the spam AKA harassment victim). The thoughtful responses for the second pass would guide the system in going after the spammers--making Gmail a *VERY* hostile environment for spammers to the point that they would stop spamming Gmail.

For example, if the first pass analysis finds an email address in the header, the exploded options might be "Obvious fake, ignore", "Plausible fake used to improve delivery", "Apparently valid drop address for replies", "Possible Joe job", and "Other". (Of course there should be pop-up explanations for help, which would be easy if it's done as a radio button. Also, Google always needs to allow for "Other" because the spammers are so damn innovative. In the "Other" case, the second pass should call for an explanation of why it is "Other".)

If the first pass analysis finds a URL, the exploded options should be things like "Drugs", "Stock scam", "Software piracy", "Loan scam", "419 scam", "Prostitution", "Fake merchandise", "Reputation theft", "Possible Joe job", and "Other". I think URLs should include a second radio button for "Registered Domain" (default), "Redirection", "Possible redirection", "Dynamic DNS routing", and "Other". (Or perhaps that would be another second-pass option?)

If the first pass finds an email address in the body, the exploded options should include things like "Fake opt-out for address harvester", "419 reply path", "Joe job", and "Other".

At the bottom of the expanded first pass analysis there should be some general options about the kind of spam and suggested countermeasures, and the submit SuperReport button. This would trigger the heavier second pass where Gmail's system would take these detailed results of the human analysis of the spam and use them to really go after the spammers in a more serious way. Some of the second pass stuff should come back to the person who received the spam for confirmation of the suggested countermeasures.

Going beyond that? I think Gmail should also rate the spam reporters on their spam-fighting skills, and figure out how smart they are when they are analyzing the spam. I actually want to earn a "Spam Fighter First Class" merit badge!

If you agree with these ideas--or have better ones, I suggest you try to call them to Google's attention. Google still seems to be an innovative and responsive company--and they claim they want to fight evil, too. More so if many people write to them? (I even think they recently implemented one of my suggestions to improve the Groups... However, it doesn't matter who gets credit--what matters is annoying the spammers more than they annoy us.)

Why bother, even if it is a special case?

Why should they have to set up fake links? If they were doing their jobs properly, they should already know the illegal websites (and not just limiting it to kiddy porn) and they should be getting warrants to track the customers and wannabe customers, even if they don't want to arrest the customrs. Let the johns and druggies lead them to the *ROOT* criminals--and arrest the friggin' crooks who are stupid enough to commit crimes and spam the friggin' announcements of their criminal activities all over the Web.

I admit that child porn is a special case. The wannabe customers in this case should be given special consideration for arrest, but if not that much punishment, then intensive psychiatric treatment at a minimum. Throw in some long-term tracking, too. They've earned it. However, the people who are selling such vile goods and *ESPECIALLY* the people who create kiddy porn for money or for any other reason, those scumbags should be locked up--and some more besides.

So how is it possible to have "professional" law enforcement people and an Internet full of widely spamvertised crime?

No, heads off the spammers

Diabolical ingenuity should *NOT* be rewarded.

Spam email is an economic problem, and no technical or legal or medical or non-economic solution is going to fix it.

One solution would be to fine anyone who helps spammers. That would eliminate the free email accounts and free website hosts, but at this point I think it would be worth it. In Japan, I'd hope the ISP Dion would go bankrupt on their spam-support fines.

I spoke too soon?

Apparently the spam is continuing. Anyway, I'll look at it later to figure out if any of the regular garbage is missing.

Technology is morally neutral

I hope Anthony Eeles wises up to the implications of immoral use of technology before he gets hammered by it--but it's probably too late. I'm not saying that he's a criminal or anything. However, give me enough of his personal data, and I'd wager I can frame him easily enough. Of course, since this is the FBI, we'd assume they only want to secure his cooperation for purely legitimate reasons.

Wait, is that I flying pig over there?

Confusing honesty?

At first I thought SCO had lapsed into honesty--but they are only blaming the bad publicity, not admitting to their own incompetence in inviting the bad publicity.

I think I'm going to miss the entertainment value of the story, but it's time to bring down the final curtain.

I wanted an icon with "IP?", or something really confusing. What's the iconic picture for a liar? Dubya Bush? No, wait. Can't lie if you don't know (or care) about the truth. How about the Dick Cheney? I can't say Darl McBride of SCO, since I have no idea what he looks like. He never reached icon status.

Heck, Texans living abroad can't even vote

I actually asked for voting information a couple of weeks ago and the office of the Secretary of State of Texas basically told me it would be more convenient if I didn't bother. It's been getting harder every time, like trying to use a bucket trying to turn back the tide. Funny thing. I thought Americans were supposed to be encouraged to vote.

Silly me.

Should be called MicroYahoo!

At least that's how it feels to me. Now contemplating how to terminate all relationships with and use of Yahoo. I don't deal with Microsoft unless I am forced into it.

Or perhaps I should just promise never to deal with any company that runs a memorable ad on Yahoo/Microsoft. Might not sound like much, but when I'm annoyed at a company, I am seriously annoyed. I don't think I've done any business with any recognizable part of Exxon/Mobile in over 25 years. Long story, actually, but probably totals up to a good bit of lost business by now...

Stupid old judge?

Possible, but just as likely she's a fresh judicial appointment selected specifically for her religious rejection of evolution, etc. The American legal system has gone beyond unwell to quite sick.

As regards the anti-spammer's aggressive tactics, you have to be careful when you fight fire with fire. Knowing your enemy is one thing, but you must not become as aggressive and evil as your enemy. However, its really hard for me to blame him for being contaminated by the cursed spammers. Sometimes you need to have a few nasty guys working the line between good and evil, and I have *NO* doubt which side of the line the spammers are on.

Possible to ignore ACs?

If the anonymous coward would read before he started pounding with his fat fingers he would have noticed that the article said they used local control for takeoff and landing. That's when response time is critical. While flying at altitude, nothing happens very quickly. Not as sluggish as a ship, but there's plenty of time for responding even with a satellite delay.

Per the Title line:, I'd much prefer a setting to ignore comments from ACs.

A supersecret conspiracy of 12,000?

Not denying that there are more than 12,000 seriously deranged people out there, but I'm really hard-pressed to imagine that this could have been much of a secret. If the 'authorities' had wanted to, it would seem they easily could have nipped this in the bud way before that.

As regards the actual problem, my own feeling is that anyone who is turned on by child pornography is mentally sick to the degree where treatment should be strongly required. Anyone who sells it for profit should spend a few years in jail. The worst case criminals who actually make it should spend MANY years in jail. That would seem to be sufficient to deal with the problem, even if there's some squabbling about the details.

By the way, the icon is because I don't regard this as much of an IT topic. In philosophic terms, this is an easy form of evil to recognize, and the tools (IT tools in this case) remain philosophically neutral.

It's the competition they're afraid of!

Y'all don't understand. The Nigerian 419 scammers are suing to stop OLPC because they are *AFRAID* of the competition! Think of all the children who could learn to compete in their "business". Nothing personal against OLPC--it's the kids they need to nail.

Actually, I think Wirth should sue the Nigerians for using his idea. They used to call them Bucky bits because "Bucky" was his nickname when he came up with the idea. Unfortunately, that was so long ago that any patents must have lapsed.

http://en.wikipedia.org/wiki/Bucky_bits

No North American friends?

Come on, the Canadians are supposed to be pretty reasonable, even if you can't trust those crazy Americans. Or if you speak Spanish, you should be able to find a friend in Mexico.

I'm rather doubtful that the machine will replace my main machine, but it has a number of features that may make it attractive as a traveling machine, but especially the promiscuous networking capabilities. I may wind up using it mostly in the book reading mode... Or I may wind up donating my machine, but that wouldn't be a total loss, either. I don't really know if this machine is the revolution, but I'm willing to gamble a bit to find out.

The Register that Cried Wolf

Well, I kind of like the negative tone. Must go with my unfortunately negative personality--but it makes it hard to tell when they actually have some grounds for complaint.

Anyway, I haven't had any problems with a couple of Gutsy 7.10 upgrades, and haven't noticed any performance problems. There was one minor network-related glitch on one Sharp notebook, and the glitch wasn't cured by Gutsy, though it is slightly less glitchy now. I might do another machine today if my other work is low enough.

We keep expecting criminals to be obligingly stupid

Go someplace where the targeted person has been. Dust the area for fingerprints, photograph them, and quickly clean up. Take the images to some secure location and at your leisure construct a complete set of prints, put them on a set of fake fingers. Voila, you can penetrate the security at any time in the future without the slightest warning.

Yes, you do need to know a little bit about how the fingerprint scanner is set up, but anything it checks for can also be faked. The basic idea of using a security token that is left all over every bottle of beer you drink sounds pretty stupid, if you ask me.

Not sure what this icon is supposed to represent, but I'm taking it to be the criminal is in the coat room stealing the fingerprints from some paper the target has in his coat pocket.

Not a well written article

Actually sounds more like a good defensive strategy by the bad guys, and one of the main implications not touched upon by the article is that it makes it harder for other people to use those technologies for legitimate purposes. Were you thinking that encryption would add something good to a legitimate P2P service you are designing? Well, you better forget it now. However from the spammer's perspective, it puts their eggs into different baskets that are more strongly separated from each other, which may make it harder to get all of them.

I thought the article was another overly light populist approach to a complicated problem. Maybe the author does know his stuff--or maybe not. I'd have liked to see some links to heavier secondary sources that the Bleeding Edge Threats page.

Spin, spin, spin

Amusing to see the ranting against Al Gore. We all know he won in 2000, not just nationally, but even in Florida. At least we know it if we believe "the will of the voters" is supposed to count.

In a sense it doesn't matter. Reality ultimately prevails. The reality delivered by Dubya Bush is miserable failure.

By the way, I don't hate Dubya. I just love America and hate to see it harmed. Dubya is just grist for the historians' mills now--and his record of miserable failures will hopefully never be surpassed.

Regarding the actual ruler of America, the Dick Cheney just wants to die with the most toys. I hope he gets his wish--and as soon as possible.

Oh yeah. The joke. There should be a "poor joke" icon. Spam is Al Gore's fault. As a Senator, he was too good at getting money for them while they were developing the Internet. He kept telling them not to worry about the money, and he kept it flowing--and that's why SMTP has the built-in fantasy that email is "free". No such thing as free in a real economy. (Free is only for such things as ideas, but that's too tangential here.)