Google Says Spam Volumes On the Rise 187
alphadogg writes "Despite security researchers' efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google's e-mail filtering division Postini. Security researchers have won a few significant battles against the spammers in the last year, first against those hosting the spammers' control systems, and later against the control systems themselves, but they will have to change tactics again if they want to win the war. In the first half of last year, security researchers concentrated their efforts on identifying the ISPs or hosting companies that allowed command-and-control servers to operate, and shutting these botnet purveyors down. The success of that tactic was short-lived, however."
If One Person Clicks, We All Lose (Score:5, Insightful)
Now, maybe he makes that two grand back in his push and maybe he don't. Maybe your new method reduced his clicks from five hundred to five per month. Either way the best we can hope is that at some point that income shrinks to negative or so little it's not worth his time. The problem is that even if 0.0001% of his spam messages generates a click, he's making bank.
The battle for clean e-mail should be fought on a number of fronts. Public awareness is the key weak link in the chain in my opinion. And as a new net savvy generation arises, that will come naturally.
No matter how much I tell my friends and family to be safe on the net, my friend in Cairo had ten credit cards opened in her name and I had to help her clean it up over here. To make sure it didn't happen again we went over smart procedures like if your bank sends you an e-mail you should read it and then open up your browser by hand and type in the bank's URL as you know it by hand and look for the corresponding information on the site. Yeah, it's a pain in the ass but if you can't find it you can always just call them. Don't click the e-mail link and drop your username and password into some site you don't trust. If I had to guess how she got tripped up, it was when she went to Cairo for school she couldn't afford to talk on the phone and had gotten lazy and careless with doing all her banking online.
Re:What about... (Score:5, Insightful)
It still has to travel thru email servers & routers costing money via electrical & bandwidth costs.
Re:If One Person Clicks, We All Lose (Score:1, Insightful)
+1 Redundant.
God dammit, people, this isn’t rocket science. Learn to use the internet safely or stay off it.
Re:What about... (Score:4, Insightful)
It still has to travel thru email servers & routers costing money via electrical & bandwidth costs.
Aren't people around here rather fond of making the claim that bandwidth doesn't cost money, at least whenever we see a story pop up about some ISP wanting to impose caps or metered billing?
The bandwidth and electrial costs of spam are negligible. You would have made a better argument by pointing out the lost productivity when humans need to divert time away from useful tasks to clean out their inbox.
spam will be with us forever (Score:3, Insightful)
constantly fighting it is just one of those maintenance functions of civilization
you don't declare a war on spam, win it, and then spam is forever gone. thats not the nature of the problem. its forever reborn as some "brilliant idea" in the mind of some asshole out there who has no problem abusing the commons for selfish gain. it requires constant eradication. additionally, you can't completely automate the process of spam destruction. spam is created by creative human beings. human beings always find away around any locked door. and therefore it will require the constant effort of creative human beings dedicated to police work to forever fight these other creative beings who have no decency. that's just the way it is. its stasis: good guys versus bad guys, forever
the same applies to hard core drug addicts, pedophilia, terrorism, etc: you don't declare war on terrorism, pedophilia, or hard core drugs, win it, and then those phenomena are gone forever. thats not the nature of those problems. they will always be low grade problems that always reassert themselves. unless you stop fighting them: in which case they metastasize into worse problems
as long as civilization exists, certain classes of utterly intolerable problems (problems that you cannot in any way reclassify as tolerable problems) will continually reassert themselves in every generation, and, for the sake of the health of society, require constant hard effort to simply keep them as low grade issues that don't expand into worse problems
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
We need that kind of will in the fight against spam. It is expensive at first, but less expensive as people get out of the business.
The problem with your analogy is that kidnapping is a binary operation. You're either doing it or you're not. It's also often coupled with extortion and bodily harm and a host of other very serious crimes.
... where was the failure there?
... you get tax evasion or another white collar crime at best. Sometimes theft or grand larceny across all victims. But come on, the FBI isn't going to get the resources from the federal government to chase that rabbit down its hole when they need back hoes to dig up the whole internet.
... not a special FBI initiative to relentlessly track everyone who spams. Enforcement should be increased but not to the level of tracking kidnappers.
Spamming, on the other hand, is very hazy. What is unsolicited e-mail? People don't take the time to read shit. They just "click click oops, why am I getting these e-mail?" So if they clicked an ad and entered their e-mail address to get thirty thousand acres in farmwars by putting in their e-mail and checking a box that they understand
I just got five messages in a minute from Boingo this weekend. Followed by an apology letter. It was some database template test process run amok that informed me about my account (which I don't have with them). I used them once in an airport. They apologized to me today in another e-mail I didn't ask for! Do we vigilantly hunt them down and jail them?
The problem with your vigilance is that it's often objective to draw the line where spamming stops and legitimate business e-mails start. The crimes that come with spam aren't on the level of human trafficking
The government's CanSPAM act has increased the severity of it when we're sure you were doing it. That's the most you can ask for
Re:If One Person Clicks, We All Lose (Score:2, Insightful)
Actually, if you look at it purely in monetary terms, spam is probably a bigger problem in the United States than terrorism. Obviously, spam rarely kills anyone, but in terms of murder, terrorism is not as significant a driver of tragedy in America as the US government would like you to think.
Re:collateral damage (Score:4, Insightful)
Sounds like you switched to a less-than-reputable host...
Re:If One Person Clicks, We All Lose (Score:3, Insightful)
Spamming, on the other hand, is very hazy.
No, it is not.
Spammers try to make it appear hazy, but it isn't. 99.999999% of the spam volume is not from some overly zealous marketing temp who sends the company newsletter to a few more people than he should've. Pretty much all the spam you get is from address lists. You buy one of them to send those people mail, you fucking know that you're sending unsolicited mails.
The tiny fraction of mails that fall in the "you actually did sign in and forgot" category is so negliegable, you can ignore it for the general discussion. The only point where it ever comes in is if you want to define the line at "opt-in". That would be a very simple and elegant solution to the problem: $1000 fine per mail, payable to receiver unless you can produce evidence that he signed up for it. Of course, that's been discussed before and dumped due to the problem of collecting the money.
The problem with your vigilance is that it's often objective to draw the line where spamming stops and legitimate business e-mails start.
opt-in
If you send me advertisement that I didn't ask for, you are spamming. It is that simple.
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
Yes, because the inconvenience of mashing the 'delete" key a few times is exactly comparable to the inconvenience of having a family member kidnapped and held against their will.
You have heard about scaling factors sometime during your education, haven't you?
A small crime done to millions sums up. The math has been done before. The "few seconds" times the amount of spam just one of the major spammers sends out in a month comes to easily an entire human lifetime.
Re:If One Person Clicks, We All Lose (Score:1, Insightful)
Re:If One Person Clicks, We All Lose (Score:3, Insightful)
Traffic is a crime :-)
The difference is that in one case, someone is making a commercial profit off your expense. A spammer is essentially someone who steals half a cent from you and everyone else, every day. Sure, it's not much, but for him it adds up. And so does it for society as a whole. The damage to each individual is small, but to us all as a group, it is huge. Easily higher than a kidnapping.
Traffic jams, OTOH, are not something that someone has intentionally create in order to make a buck.
Re:collateral damage (Score:4, Insightful)
Contact your host, or switch. It isn’t Google’s fault if you signed up for a host which got its entire IP range blacklisted by allowing its customers to send spam and ignoring the subsequent spam complaints. I’m not saying that’s definitely what happened, but there’s a good likelihood it’s exactly what happened.
It’s unreasonable to expect Google to start white-listing customers from a sleazy host on an individual basis. Screening customers is the host’s job and they failed; now they got blacklisted and all their customers suffer. Yell at the hosting company, not Google. If enough of their customers leave because they aren’t cracking down on the spammers, they’ll suddenly realise that not doing anything about the spam is hurting them economically just as much as terminating a few spamming customers would. And if they don’t realise this, or if it wouldn’t... that isn’t the sort of host you want to be associated with.
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
Learn to use the internet safely or stay off it.
Unfortunately, staying OFF the net completely is becoming more and more difficult. From making your homework at school to searching for products for your job, it becomes increasingly hard for Joe Average NOT to use the Internet.
I think that we eventually will get most people aware of how to act safely on the Internet. But as in real life, there will always be fools who can't be educated.
Re:If One Person Clicks, We All Lose (Score:3, Insightful)
Normal murders don't shut down the national airspace for three days....
Re:If One Person Clicks, We All Lose (Score:3, Insightful)
So?
The cost that I just figured is pure loss.
Not a loss cut from a greater profit - this is stone cold 100% loss... and this is just to keep the stuff that deals with it ON. It gets even worse when you factor in the cost of people to manage/administer them, cost of bandwidth, cost of the equipment itself...
The list goes on, and the tally grows larger. Piracy is peanuts on this scale.
Re:If One Person Clicks, We All Lose (Score:2, Insightful)
Doing something extra for airplane security in the time immediately following a multi-plane incident makes sense. It should have been business as usual the day after.
It's very understandable that American leadership chose and continue to choose to overreact. If they overreact and there are no further incidents, no one will blame them for taking action in response to such terrible events. If they behave reasonably and there is another terrorist murder, people will blame them for not overreacting. The problem is that people don't want to face that crime happens whether we like it or not, and that applies as well to the most heinous of crimes imaginable.
Think of the response there would be if 4000 people died in the whole US over 10 years. Police would look into those murders, and there would be an effort to prevent them. Civil liberties would not be curtailed and industries would not be bankrupted. That is the appropriate level of response. Terrorism is just another crime and it needs to be treated as such. Especially because terrorism is perpetrated exactly in order to cause terror in people who were not victims of the crime, and having that be successful is in large part dependent on an inappropriate response from the authorities, media and populace. The 9/11 bombers CONTINUE to this day to be successful in having Americans terrorize themselves and influencing American politics, so many years after their deaths.
Re:If One Person Clicks, We All Lose (Score:3, Insightful)
If someone stops me on the street and tries to sell a product or get me to give to charity thats not truly spam, even though it is frustrating and at times unwanted.
Multiply that by 1000 or so and you see why spam is a problem.
What about businesses that buy qualified sales leads?
If that "lead" hasn't opted in to receive sales pitches, then for all I care they can die. Just because you made a business out of something doesn't mean you have an eternal subscription to stay in business. We don't have a moral problem about all the torturers and inquisitors that are out of a job because we don't do that kind of stuff anymore, do we?
What about when my Bank sends me promotional material for services they offer that they think might appropriate for me based on my current accounts? These are all advertisements that I didn't ask for, but not truly spam.
In my country, they can only do that if you said they could. It's usually a smallprint somewhere on the form you sign when you open your account, and most people don't bother, but you can X it out.