SpamArchive.org Launched 269
An anonymous reader writes "SpamArchive.org has just been launched. SpamArchive.org is a community resource that provides a database of known spam to be used for testing, developing, and benchmarking anti-spam tools. The goal of this project is to provide a large repository of spam that can be used by researchers and tool developers. In the past, there were a few small personal spam archives that were used. There was no large set of spam that could be used to test new anti-spam algorithms. Thus, developers could not sufficiently test their techniques across a range of messages. Also, the lack of a "standard" sample of spam made it difficult to effectively benchmark anti-spam tools."
So... (Score:5, Funny)
Tell everyone! (Score:5, Funny)
Legit? (Score:2)
Re:So... (Score:5, Insightful)
Don't you have enough already ? ^_^
Seriously, this sounds like a great idea.
I can see a few technical troubles to catalog spam, though.
Most obvious is that usually spam is personalized, that is the recipient's mail address (or part of it) often appears either in the subject or in the body. So will this archive store every variant of every spam, or just a 'global' model ?
Also need to define how catalog tools are supposed to access the archive, ie: grab from url ? ftp text file ?
And in any case, until spam filters are hooked directly on the smtp mail server itself, users will still have to take the time to configure their anti-spam tool, launch it regularly to clean the mailbox, and so on...
For instance Mozilla will incorpore spam filters, but from what i got you'll still have to download that freaking spam before it gets filtered, which can take some time if those are big spams (like viruses or such).
Ok, it sure beats having legitimate mails removed from the server without our knowledge...
Just my 2 cents of euro.
Quite obscure problem, actually. (Score:2)
I guess this could be easy to implement some "almost identical" recognition filter but the problem would be that somebody forwarding a funny spam to somebody else (hey, haven't you kept your very first "herbal alternative to viagra spam" spam message in order to show it to somebody ?
I personally consider the spam problem as overhyped as it doesn't take me more than 15 seconds a day to eliminate unwanted messages.
I have more problem in real life with these advertisers who dump their pizza-prices in my mailbox but here, in Switzerland, every one pay for every garbage he dumps.
Not intended purpose (Score:4, Informative)
So unless your antispam tool breaks on some names in personalized letters, I would think that it's okay.
Re:So... (Score:4, Funny)
No, but you can open a Hotmail account and receive a dayli dose of UP-TO-DATE spam message FOR FREE.
Re:So... (Score:3, Interesting)
I don't believe you.
I'll tell you why. First, my mom has an MSN account, and it's overloaded with spam daily. Now granted, that may be her own damn fault, she could have given it out in ways she shouldn't, etc. But, I also have a hotmail account. I made it a few months ago solely to have a login to the MSN chat thingy because one particular client wanted to contact me that way. I was very careful to make sure that I read every page during sign up, and un-checked all the appropriate boxes - I opted in to NOTHING. I NEVER gave it to ANYONE, I never posted it anywhere, I never even logged into it, I only know about the email that hits it because the chat program tells you how many new mails you have when you sign in. I haven't used that either in awhile, but two weeks after creating the account, it had over 380 new messages.
So I must say your claim is quite unbelievable.
Re:So... (Score:5, Interesting)
I guess that the spammers quite probably have a standard list of common names that they put in front of @hotmail.com, @aol.com, etc.
As a tip, though, I've just set my spam levels on hotmail to only recieve emails from people that are in my address book. I've not got a single spam on that account (except from MS themselves) since I did that.
Re:So... (Score:3, Interesting)
Re:So... (Score:2)
S
Re:So... (Score:3, Informative)
If you want to get a lot of spam to test your filters with, just check the archives [google.com] of NANAS [admin.net-....sightings] on Usenet. What precisely this new thing does that a spider of that archive couldn't give you I don't know.
wow (Score:2, Funny)
Re:wow (Score:2)
bzip2 would shae a few gigs off mine
A hotmail account is just as good (Score:5, Funny)
Whoever wrote this obviously doesn't have a Hotmail account.
Hard to get worked up about that (Score:5, Interesting)
Re:Hard to get worked up about that (Score:5, Informative)
Even I know how to buy a domain name and write a few paragraphs of text on a white background.
But you didn't, did you?
This is a
You're missing the point. The story is not on
What you can do:
SpamArchive.org's efficiency is proportional to the amount, quality, and variety of spam that is provided. End users can forward known spam to submit@spamarchive.org.
Re:Hard to get worked up about that (Score:5, Insightful)
1. Told me who they are so that I might trust them.
2. Told me anything about their technology/database so that I might know if it is really going to be useful. For all I know they haven't even thought about the collection, storage and retrival issues behind dealing with this.
3. Collected the archives supposedly uncoordinated that already exist and collated them.
4. Added even one link to a relevant site. You would assume that to undertake such a project they would at least have visited a few sites before concluding there was nothing out there. Posting couple of relevant URLs wouldn't be too much work.
In short, I am not impressed that someone who can do 20 minutes of work is the same someone who can undertake the huge project proposed here. It looks like they think that somehow all they need is for people to send them information by e-mail, and for a few other people to volunteer to do the work. Not a promising start.
Maybe I'm being cynical.... (Score:5, Interesting)
1) Produce a website pretending to be antispam.
2) Ask people to send their spam emails to the site (generally including a valid from address of course)
3) Publish on slashdot so as to get lots of interest.
4) ???
5) Profit!
(Unfortunately, we all know what stage 4 is for spammers...)
Whois.. (Score:5, Informative)
Domain Name: SPAMARCHIVE.ORG
Owner, Administrative Contact, Technical Contact, Billing Contact:
Guru Rajan (ID00024772)
11475 Great Oak Way
Suite 210
Alpharetta, GA 30022
us
Phone: +1.6789699399
Email: guru.rajan@ciphertrust.com
http://www.ciphertrust.com introduces itself as:
Protect Your Email Gateway
Anti-spam and email security for the enterprise
CipherTrust has integrated defenses for all email application-level threats into one, comprehensive device. Our IronMail appliance protects enterprise email systems such as Microsoft Exchange, Lotus Notes and Novell GroupWise against viruses, spam, and intruders, and provides message privacy and policy enforcement.
Re:Whois.. (Score:4, Insightful)
This database is run by a little-known company of [google.com]
mixed reputation that sells its own anti-spam tool.
It doesn't promise any new functionality that news.admin.net-abuse.* doesn't already provide. There's absolutely no reason to believe that the spams collected here will be any 'better' a sample than those collected by opening a random Hotmail account.
So, what's in it for Ciphertrust? As well as their own library of spam, they'll have a collection of e-mail addresses of people who are interested in fighting spam.
And what's in it for us? Anyone? Bueller? Anyone?
Database? (Score:5, Funny)
Seems cheaper.
Re:Database? (Score:3, Funny)
After they carefully posted the new Hotmail address all over the Web, they'd blow their quota in around 12 hours.
Re:Database? (Score:2, Informative)
Re:Database? (Score:2)
What? If a Bayesian script was having to go through significantly more than that per e-mail to check whether it was spam, you'd be waiting minutes just to get your e-mail classified.
I can picture a future... (Score:3, Funny)
"This one mentions sex... apparently, sex was a preoccupation of the early twenty-first century..."
Re:I can picture a future... (Score:2)
archive overload (Score:2, Interesting)
I wonder if anyone knows just how much of the stuff is out there, and if it's even possible to store all that. Of course, spam being mostly duplicates and all, maybe they have a chance. But with spammers staying ahead of the game and rotationg their text, I wouldn't count on it.
On the other hand, why not just set up a couple of hotmail accounts, bait them a bit, and just watch the spam come in? Why even bother asking for it?
Trade Spam! (Score:5, Funny)
What will someone give me for my rare "Help fund the freedom fighters in Chechnya!" complete with numbered bank accounts to send donations to?
Re:Trade Spam! (Score:3, Funny)
Yeah, it's called 'Gnutella'.
Who are these guys? (Score:5, Interesting)
Wouldnt it be great if the submit email address was forwarded to someone's ex girlfriend? Thats the ultimate form of revenge...
1) Register domain name.
2) Put up web page advertising some kind of anti-spam database.
3) Forward all email sent to the submit address to someone you dont like.
4) Get slashdotted.
The end result is that three million people send 100 spams the first hour to the submit address. Within a short amount of time, your foe has 300 million emails in his/her mailbox. Now that's spam.
Re:Who are these guys? (Score:2, Insightful)
Your ex is gonna love you for that. Not that *I* ever do such things... Don't be astonished if your car is keyed the next day, by the way.
Re:Who are these guys? (Score:2)
A scheme like this would have style.
Oh i thought it was a collection.... (Score:3, Interesting)
And there I was thinking they were creating a historical archive of all the funny worthless spam we get in our mailboxes every day...
See that could turn spam in to a fun thing! set up a site where spam is ranked most popular by the number of people forwarding in the same SPAMS they get.. i think it would be interesting to see a daily/hourly/weekly TOP 10 SPAM in the world graphs..
I would do this myself.. cept i suck at html.. anyone need a VoIP network built?
Re:Oh i thought it was a collection.... (Score:3, Funny)
Re:Oh i thought it was a collection.... (Score:2)
hey! i did'nt even think about that!! maybe some flash adds to that cover the screen? tell you what! your now Sr. Vice President in charge of marketing! Call X-10 RIGHT AWAY!!!!
recycled spam (Score:2, Insightful)
Soon we'll see old spam being recycled as the new breed of spam trolls mine the archive for inspiration - and maybe just material reuse.
Then, of course, it's not like we don't see recycled spam anyway, so maybe this isn't such a bad thing...
(And if I sound incoherant, it's 2 in the morning. I should be sleeping.)
They're asking for trouble (Score:3, Insightful)
Combine that with posting to some anti-spam newsgroups with their real email address, and bingo boingo, all the spam in the world will come right to them.
This site also creates a problem in that only the spam posted to that site might be used for research. There might be millions of spam emails overlooked because they don't make it onto that site. Think of those poor spammers that won't get filtered :)
Won't someone please think of the children!?!?
Re:They're asking for trouble (Score:2, Insightful)
Wrong. I've been setting up bogus e-mail accounts on a domain created exlusively for spam research/testing. I've gone through at least a dozen "unsubscribe" links and never received one spam out of it to those test accounts. Perhaps the spammers only highlight records for people who "unsubscribe" when those people were in their database in the first place.
(The most spam I've received so far in one of these test accounts was from signing up to freefootfetishezine.com.)
That doesn't make sense; they might not get a good sample of the spam if they don't solicit samples, just as much as they might not get a good sample if they do. It makes more sense that they would get more spam--and more diverse spam--from soliciting examples. Consider that submitted samples would come from all over the world, from a variety of sources, and in a variety of languages.
Anti-intuitive archive! (Score:2)
What about NANAS? (Score:5, Informative)
NANAS, or the newsgoup news.admin.net-abuse.sightings does just this. It is a public archive of spam which can be searched e.g. with Google Groups:
http://groups.google.com/groups?group=news.admin.n et-abuse.sightings [google.com]
Why reinvent the wheel? Or does this new spam archive have any new functionality to offer?
Great! (Score:2)
NANAS Google Archive (Score:5, Informative)
Well, there is already a pretty large Email and USENET Spam archive at the NANAS (news.admin.net-abuse.sightings) newsgroup.
You can check the Google Groups archive [google.com]
You can read the NANAS charter at http://www.killfile.org/~tskirvin/nana/charter/nan as.html [killfile.org]
spamarchive.com (Score:3, Informative)
Want it? - I have no use for it.....
The opposite (Score:5, Insightful)
Spam is really easy to find, everyone knows that, create a hotmail account fill out some web forms, post to some newsgroups, put a mailto: on a web page. Wait a little while. Bingo, lots of spam.
However, non-spam email is harder to find. Using your own makes techniques that work with your particular type of email and not other people's.
Non-spam is harder to collect. Since email is often private in nature. Removing identifiers from the headers is easy enough, but the body also can contain things like addresses, emails, phone numbers, comparisons of the boss to bacteria, etc.
A collection of real emails, from which personal information has been replaced with fake data would be of great use. A few people I know are working on creating such a data set of email. It is aimed at more general email filtering though, not just spam detection, and hence requires categorisation. And is from academia and hence will probably lose the race with the heat death of universe for completion.
I do note they have a 'non-spam' heading on the very sparse web page which is encouraging.
Spam and anti-spam (Score:5, Funny)
Ian
Re:Spam and anti-spam (Score:2)
-- This posting is ACCORDANCE with slasdot law 2.8.
Re:Spam and anti-spam (Score:2)
Re:Spam and anti-spam (Score:2)
I'm already contemplating to submit submit@spamarchive.org to "daily-word-of-the-bible mailinglists"
A project like this needs funding (Score:2, Funny)
Non-spam messages for false hit testing (Score:3, Insightful)
The purpose of the samples of non-spam messages would be to help preventing false hit testing for the spam filtering algorithms, just as real spam messages are used to tune the algos for detecting spam.
What about the others ? (Score:2, Interesting)
Are YOU a spammer? (Score:2, Funny)
What if... (Score:5, Interesting)
...spammers use the anti-spam tools to create spam that doesn't trigger the automatic spam filters.
Re:What if... (Score:3, Insightful)
Even then, a hypothetical "widely used" spam filter will probably include a user-specific Bayesian filter, so you can create your own local database of what tends to be spam, and more importantly, what tends not to be spam -- and your own "real mail" keywords will probably be highly specific to your interests/career. So you're basically "evolving" a personal blacklist/whitelist to go along with the global filter.
But probably the most interesting thing about "spam evolution" is that if spam can get through a spam filter, it's going to be really toned-down and bland. That may not make a difference to you, but it'll drastically lower the spammers' response rates because their ads aren't as flashy. Less profit = less spammers. (This last paragraph wasn't "my idea" -- forget where on the web I saw it.)
I think it's already been done, but in reverse... (Score:5, Interesting)
Sure enough, I have received false positives. But only from one source: my filter traps the Network Solutions email asking for confirmation to proceed with the transfer away of a domain to another registrar. Net$ol changed the format of these emails a while back: they now start off by talking about a "special offer" and it's only towards the end that the real purpose of the message is revealed. My suspicious mind wonders whether these emails are intentionally designed to look like spam to reduce the number of successful transfers... sneaky
That could be heaven for spammers.. (Score:4, Insightful)
Consider this one: You forward a spam to submit@spamarchive.org. The forwarded mail is now a part of the archive. Spammers snoop the archive for email addresses.
Does that mean... ? (Score:2)
Oh, the joy! 300 copies of "make money fa$t", "enlarge the size of your penis" and "Amazing investment opportunities", delivered lovingly every day to this archive, to be preserved for the good of humanity forever more!
(Clicking hysterically on the "forward" button...)
Spam archive and stats (Score:4, Informative)
His page of graphs [xtdnet.nl] shows the exponential growth of spam over the past few years.
Bandwidth friendly Spam.... (Score:2)
Of course, it would make filtering easier too.....
Good idea (Score:3, Interesting)
Aside from all the bashing these guys are getting here for not having any working code, this kind of database would actually be quite a good idea.
One main problem for anti-spam is this: humans are very good at telling spam from legitimate messages. Comupters are nowhere close. Why not? Well, humans are simply better at certain types of problems like pattern recognition because of centuries of evolution. But there are ways around this: genetic algorithms and neural nets are two that I can think of. Both of these are "learning" strategies and need large databases to get started. We're talking about billions of messages or more, not the hundreds that you get everyday.
So the kind of database (one for spam, one for non-spam) that these guys are talking about would be an excellent way to develop intelligent spam-detectors.
Sorry if this is unpopular opinion, but we are against legal and in favor of technolgical solutions for most of the problems of the internet, aren't we? Then why are we waiting for anti-spam legislation to fall like manna from the sky? The best way to fight spam is using technology. Methinks this is a step in the right direction. So get off your ass and contribute. Forward your spam to them. Think of clever algorithms that can make good use of a large database. And code them. And submit patches. Isn't that what open source is for? Hey, may be this is going to be a killer app for open source, considering how big a problem spam is going to be in the next few years
Geekiness (Score:2, Funny)
Geekiness has reached a new high! Or should that be low...?
Benchmarking "False Positives" (Score:3, Insightful)
If anyone writes an anti-spam tool, I need to distinguish between spam and non-spam, making non-spam equally valuable for spam-filter benchmarking.
Having a log with only spam makes it quite easy to achieve a 100% benchmark (simply reject it all!).
Couldn't find anything about this on the site, so unless I'm missing something, the value of such a log is limited at best.
Won't make a difference (Score:2, Interesting)
What people are starting to do is block EVERYTHING that isn't on a 'whitelist'. That way granny and Junior don't get mail from anyone unless they're pre-approved. If they get mail from J.Random Stranger it's bounced with a request to put a short random token in the subject line. Thanks to marketing a good third of Internet mail traffic is useless crap. Thanks marketers!
To show just how evil and desperate unemployed, cash strapped, deep in debt spawns of satan those people are - yesterday I got a letter from my mortage holder, Chase Manhattan bank, marked "IMPORTANT ACCOUNT DOCUMENTS ENCLOSED". It turned out to be yet another credit card pitch. ("You qualify to give us even more money!!") Bastards. It's not my fault the Msft office automation vision they bought into turned out to be way more expensive than the sales flak led them to believe.
I wish unemployed marketers would turn to prostitution and drugs instead of spam - at least they'd be supplying things people actually WANT.
As Admiral Ackbar says... (Score:4, Funny)
1) Set up story about new site accepting spam to assist in creating better anti-spam tools.
2) accept all the submissions from the teeming millions(tm) at a popular tech site or two.
3) cull all the email addresses from those duped to forward spam to you.
4) sell said email addresses to spammers.
5) PROFIT!!!!
Re:As Admiral Ackbar says... (Score:3, Funny)
I think this is just going to make spam more annoy (Score:3, Interesting)
And you'll need to read the whole message before you realize its Spam
You might not like to believe it, but spammers (or at least some spammers) are hackers, in both senses of the word. ESRs supposed "hacker ethics" are as much bullshit as anything else he says.
The only way these things will work is if the vast majority of people do not use these things. I don't know how likely that will be, with MSN already promoting it's 'less Spam' features.
I think what we need is a fundamental change in the way email is handled. The current system is just way to prone to abuse, and should be replaced entirely. The new standard could use things like digital certificates and other technology to make sure you're talking to an individual (while protecting anonymity in some cases, although the receipt of anon email could be optional, etc, etc)
Spam works. (Score:2)
So long as enough people are suckered by the adverts, the spammers get enough to pay their bandwith bills, and they can continue to spam us.
What's needed is education for the naive: just ignore unsolicited adverts. TOTALLY. I mean, when was the last time you opened a credit card mailshot? Or one of those "Espescially for you" things in real life?
Exactly. Trial by error is not a good learning solution for spam. It should be mandatory that all ISP sign-up procedures inform new customers that any unsolicited emails can safely be ignored, hopefully that way the spam industry will start to wither and die.
-Mark
Is it me or (Score:2, Insightful)
BoD
What's the point? (Score:5, Insightful)
Anybody can write a filter for bulk mail. How do you differentiate between solicited and unsolicited bulk mail?
Too Bizarre (Score:2)
How to end spam (Score:5, Interesting)
How does this work, you ask? I create a new email address each time I give out my email address. We have a sendmail setup that allows you to make "username+foo@example.com" go to "username@example.com" where "foo" is any arbitrary string.
So, amazon.com thinks I'm "username+amazon@example.com", securityfocus thinks I'm "username+bugtraq@example.com" and so on. Once I receive spam on one of the addresses, it's trivial to write a filter that matches with near 100% confidence ("username+bugtraq@example.com" should only receive messages originating from securityfocus, etc.). Most times, if an address receives a spam, I can just procmail all mail to the address to /dev/null (eg, no complex rules like for the bugtraq example). This also allows me to track where spammers get their lists.
We use sendmail. Equivalently, qmail allows "username-foo@example.com" and if you own your own domain, just use "foo@example.com".
I find this advanced filtering stuff fascinating, from a completely academic point of view. I, of course, can't apply any of it since I don't receive any spam, but it's interesting nonetheless. I just read through how the Bayesian filter works. It is very simple: it only filters based on word (token) probabilities. So, it would assign a value to "make," "money" and "fast," but not "make money fast". Seems like you could get much better results if you do something more advanced like Markov chains or a neural net. There's lots of research out there on textual matching, and I'm not sure why people would start out with such a simple algorithm when there may be better things available (where "better" is measured not only by accuracy, but also by training time).
Re:How to end spam (Score:3, Insightful)
You and I resent the time we spend deleting rude/crude/criminal/porno spam, but at the end of the day if you've got broadband you only notice the TIME lost.
A user using a cheap Linux handheld in India can't afford the bandwidth to download a hundred graphic-rich spams a day.
Bandwidth costs.
Shouldn't we therefore be looking at ways to stop the spam being sent, or at least limit the propagation of it by filtering it early in the routing process?
Unfortunately I'd guess this messing with other people's email would have legal implications, but can we work round it?
Re:How to end spam (Score:4, Insightful)
With an advanced spam filter, you set it up and forget about it...sometimes checking your spamfolder if there are any false positives.
How do you create new email addresses? Do you have a CGI script interfaced with your alias file or so to easily make new email addresses? That would be useful.
For me it still is too much work to set up email addresses that way. And you need to start doing this from the beginning, otherwise there will still be an amount of spam that gets sent to your username@example.com address (as is the case with me).
Cheers,
Costyn.
Re:How to end spam (Score:2)
Re:How to end spam (Score:2)
try spamgourmet (Score:2, Funny)
not too much work.
FALSE STATEMENTS (Score:4, Insightful)
Once I receive spam on one of the addresses...
I also advertise the email address widely
So, you receive no spam, but when you do receive spam, you edit procmail. Which is it?
Also, you widely advertise your email address, but you don't actually use your email address, but made-up aliases. Which is it?
You're simply masking the problem, and going thru a moderate amount of gyrations (which most average joe 'net users won't/can't go through) to do so.
Copyright (Score:2, Insightful)
Couldn't the spammers sue for copyright infringement?
Are they legit? (Score:5, Informative)
According to WHOIS, "spamarchive.org" was registered by one Guru Rajan, who has an email address at "ciphertrust.com". Also according to WHOIS, "ciphertrust.com" has the same person as technical contact and if you check the website you find they are the vendors of "IronMail: The Secure Internet Email Gateway", an established if not well known product.
In short, yes, it seem legit, and it probably took me less time to find that out than the time taken by the myriad people asking "is it legit" took to post the question. ;)
um, why not just use the FTC? (Score:3, Interesting)
Why not just make that available to the public for creating training sets for spam?
The idea of a central archive is good, but I don't see why there's a need to reinvent a New! Improved! wheel.
storage is not free yet (Score:2)
An old idea... (Score:2, Funny)
"New indian health care enables you to have more lovers"
"New solution for your economical problems found"
- and throw in a hoax section too...
For profit? (Score:2, Informative)
Resistant Strains? (Score:3, Interesting)
If we deal with a little spam by hand today, will that keep us from having to deal with undetectable spam later? I can imagine spam systems that probe you (using actual system probes of you and your contacts, marketing history and social engineering) to target spam that you may actually believe is a recommendation for the Sony(tm) handicam from your Uncle Bowser, or really is your wife asking you to pick up some Clorox(tm) brand bleach and fabric softener on the way home...
Luckily, neither of them is likely to be sending information about my penis to me at work.
Much like modding the Xbox (and thus giving MS the practice they need to harden Palladium), giving the hard fight to the spammers might just backfire on us.
Next - Spammers Use DMCA to Get SPAMS removed (Score:3, Funny)
What license??? (Score:2)
--LP
There are already many spam archives (Score:2, Informative)
Rich.
Large collection of legitimate e-mail needed more? (Score:2, Insightful)
I don't thing that a large archive of spam is hard to come by. You don't need to publicly invite submissions either - just acquire a domain and hosting with catchall e-mail service, set up e-mail forwarding to an address for your database, then publish several addresses under that domain where spammers are bound to pick them up (newsgroups, FFA lists) and register them with services who sell their e-mail lists with a lot of different demographic information vectors. You'll get as much input as you have a use for.
For calibrating spam filters you'll probably only want spam from the last few months as spam does evolve - e.g. it's mostly herb*l vi*gra these days.
What is at least equally needful but much more hard to come by is a large, representative collection of legitimate e-mail, to test spam filters for false positives. This collection would need to cover diverse languages, cultures and contexts (private, business/x-industry, business/y-industry, system error messages, automatic notification messages etc.)
What is hard about this collection of legitimate e-mail is that the privacy of both sender and recipient is affected, and that, if confidential information is masked or deleted, the e-mail isn't the original one and spam filters might evaluate it differently.
There is one subset of legitimate e-mail available: public archives of mailing lists. But these e-mails don't cover the style of e-mail in other contexts.
U n i v e r s i t y D i p o l m a s (Score:3, Funny)
Get your now! You gate to betta rife. Moa pay, wok wess.
www.dipwomas.tw
archive of spam not all that useful (Score:2, Insightful)
Service is already available on the windows side (Score:2, Informative)
news.admin.net-abuse.sightings already exists... (Score:2, Informative)
- Google Groups: NANAS [google.com]
- Charter [killfile.org]
- Newsgroup Public Key [dtype.org]
- nana.* Homepage [killfile.org]
(Yes, I know others have stated some of this stuff, but it's worth mentioning it again.)Copyright Infringment Here? (Score:2)
Re:Top 20 spammers in the country. (Score:2)
Bah, I say.
Re:Top 20 spammers in the country, or just a troll (Score:2)
The parent is a troll, folks. This same email list has been posted to multiple discussions, probably by the same loser. I'd really like to see moderators show a little bit judicious. A quick search on wired.com turns up nothing looking like the supposed article. This is completely fake and some of those names should look familiar (but not for spam). Will someone more reasonable please mod this one down?
Re:Top 20 spammers in the country. (Score:2)
McPherson, Craig [linuxnewbie.org], doesnt look like a spammer - I remember a couple of years ago at LNO. He's a decent troll.
trollmastah@hotmail.com - Really, one of the countrys top spammers with a hopmail address?
*@adequacy.org - that well known site isn't spam central.
Re:Top 20 spammers in the country. ??? (Score:2)
Re:S-P-A-M, again and again and again and again (Score:3, Funny)
Lovely Spaaam! Wonderful Spaaam!
Lovely Spaaam! Wonderful Spam.
Spa-a-a-a-a-a-a-am.
Spa-a-a-a-a-a-a-am.
Spa-a-a-a-a-a-a-am.
Spa-a-a-a-a-a-a-am.
Lovely Spaaam! (Lovely Spam!)
Lovely Spaaam! (Lovely Spam!)
Lovely Spaaam!
Spaaam, Spaaam, Spaaam, Spaaaaaam!
Totally different problems. (Score:2)
All problems are not the same - some have solutions and some don't. Take spam and piracy for example.
There's a system out there right now for spam blocking (I forget the name or URL at the moment, but it's been mentioned before on slashdot) that maintains a whitelist of people that are allowed to contact you, and when it receives an email from a person that is not on the whitelist, it stores that email in a temporary area and emails the sender asking for a confirmation email in return. If the spam-blocker receives a confirmation email (i.e. the actual person gets the return email, hits reply, and hits send as per the directions) then the original email gets through to your inbox. Right now this is a 100% effective spam-blocker. No good email is filtered out, and no spam is let through because spammers forge their return addresses and therefore never get confirmation emails. It has the added bonus of not requiring the user to look through a "junk mail" folder. Implementing this system universally (1) server-side would solve the spam problem. The only way spammers could get through would be to provide actual "from" email addresses which open them up to lawsuits, and (as they have to check incoming messages and reply to them, meaning they have to either host the "from" account themselves or have fast access to a server that does) it would open them up to all sorts of DDoS attacks. Got a 1KB spam email that slipped through with a from address of from@spammer.dynamicdnsservice.com? Hit that ever so satisfying "Can The Spammer" button and blast spammer.dynamicdnsservice.com with 100KB of data. The more spam the spammer pushes out, the more clogged its downstream pipe gets.
(1) Ok, not this system, as a spammer could always find out who your friends are and put their email addresses in the from: header, but a system based on public key cryptography would do the job nicely. That would mean client-side software updates and a protocol change, but it's still a solvable problem.
Now, take a look at piracy. There is a property of information (or data, or bits, or whatever you want to call it) that is so absolute and inviolable that I would go so far as to call it a law of the physics of information. It is: The only way to control the distribution of information is to ensure that the people and machines that have access to that information all agree to control its distribution. That's it - think about it. It means every technology-based digital restriction mechanism can be broken. (2) Yeah, you could put telescreens in all homes and watch everyone 1984 style, but that's a very poor solution. The best way to deal with "piracy" is to stop thinking along the lines of trying to control information like a physical good and find an alternative business model. No endless wasteful competition between DRM designers and hackers, and no more buying expensive DRM snake oil for businesses.
(2) Yes, even palladium can be broken. Here's an easy three-step process for breaking a palladium system:
(1) De-solder the TCPA components from the motherboard except the CTRM (yes, including the cpu if necessary), attach them to an add-in pci card along with a power connector (again, if necessary) and a pci interface chip that talks to the bus and simulates a CTRM that has "measured" a trusted system.
(1.5) Not really a "step". Design and fabricate the above chip.
(2) Write a kernel level driver for the OS of your choice that diverts calls to the trusted hardware subsystem in loaded applications to calls to the driver itself which simulates the trusted subsystem. Any time it needs a "Yes, I am a trusted system." certificate signed, the driver should call upon the pci card to perform this function. (Yes, you can install your own drivers. You just have to boot your system in untrusted mode [where applications would normally not receive services from trusted hardware])
(3) Download "protected files" and let your trusted applications happily place them (in encrypted format) on your hard disk. When you want to directly access the unencrypted data, snag the decryption key directly from the driver.
Yeah, it's complicated, and not all people have the necessary skills to pull it off, but keep in mind that:
*It only has to be done once to release information from DRM jail and make it available to anyone.
*Once the step 1.5 chip has been designed and the driver written (along with a userspace "data recovery" tool), they can be sold fairly easily as the equivalents of "mod chips" in game consoles.
Two last important notes:
*Yes, I've read the TCPA specs and I know this will work. If you would like to verify this for yourself (a smart move), they're freely available for download in pdf format from the TCPA web site [trustedcomputing.org].
*This does not mean palladium can be safely ignored - quite the opposite. When the only legal way to access certain content and services is an attempt to violate the physics of information by a single convicted but unpunished monopoly, everyone is in trouble. I'm sure you can think of other terrible consequences, but here's something to get you thinking in another direction. What will happen when everyone trusts the "Trusted Computing Platform Alliance" enough to put their personal (medical, financial, etc...) information into the system?