« President Bush Quotes Mohammad and Omar at Iraq the Model | Main | MC Rove »

State of the vermin

The other day I happened to encounter this fine fellow, who is doing something that I briefly dabbled in -- fighting spam. In fact, he's been wading in virtual sewers, dealing with the dreck and offal that would put the Palestinians' "turdnami" to shame, for seven years, studying, analyzing, and creating a taxonomy of spam -- and lemme tell ya, it's downright ugly.

During the course of our conversation, we noted three things:

1) The infamous "CAN-SPAM Act" of 2003, in which the utterly immoral, downright indefensible practice of "opt-out" was enshrined into law, had a tremendous affect on the spam problem -- it sent it skyrocketing through the roof.

2) The drop-off in "stealing cable" spams was quite probably linked to the rise in popularity of digital cable and satellite TV service, both considerably more difficult to steal.

3) Spammers are are scumbags.

Just to clarify point #1, "opt-out" is the electronic version of "negative option" marketing -- "congratulations, you're on our list! We're going to keep sending you our crap until you beg and plead and jump through these hoops to get off it." To me, it's a violation of a fundamental principle -- no one should have to actively seek to be left alone. That should be the default.

Unfortunately, our Congress, in its infinite wisdom (and infinite pocket-space for "campaign contributions"), decided that every spammer should be entitled to one free spam, and can continue spamming you until you follow THEIR rules and get off THEIR list, that you never asked to be one.

That's every spammer. Potentially, that's every single company in the United States -- and the last count I heard listed that number was in excess of 22,000 different companies. Assuming that they take turns sending the spam, and only spam once inside the 10-day window they have to process opt-out requests, that means that you can receive 60 spams a day, every day, all year.

And don't even think of hoping that your state might decide to protect you better than Congress. Another part of the law specifically prevents that. Should the CAN-SPAM act conflict with any state law, the federal law takes precedence and trumps state laws.


My favorite analogy: "Congratulations! You're now a member of the 'Punch In The Nose' club! Once a day, a very large man named Guido will come by and punch you in the nose. If you don't wish to continue your membership, click here and enter your e-mail address on the form that comes up. Please allow up to 10 days for your request to be processed -- and during that time Guido will continue to share with you the benefits of your membership. And your request will be good for 30 days only, at which time we may choose to renew your membership and start this whole thing over again."

And what is so wrong with spam? It's because it is "free" to the sender. It's just as cheap to send a single e-mail as it is to send a zillion. The real cost of the spam is paid by the companies that carry the e-mail -- and sooner or later, they're going to look at the cost-benefit ratio and simply stop carrying the traffic entirely.

The cost is shared by the recipients, who pay for their computers, their internet connections, their e-mail, and have to watch the spammers use those resources without their consent -- and they can't do a goddamned thing about it, thanks to Congress and that "CAN-SPAM" act.

This whole situation has confirmed a few beliefs of mine:

If you want to find the absolute worst, most inefficient, most cumbersome, most easily perverted solution to a problem, have the federal government do it. There are times when this is the only solution, but as a general rule it's a bad idea.

Any time Congress passes a law with a tortuous acronym such as CAN-SPAM ("Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003") or the USA PATRIOT Act ("Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001"), the ensuing legislation is pretty much guaranteed to be a dog's breakfast of untested ideas, loopholes, earmarks, sneaky exceptions for favored individuals and groups, and in general cause more problems than it cures.

In this case, according to e-mail giant Postini, we have reached the point where 90% of all e-mails are spam. The signal-to-noise ratio in e-mail is decreasing to the point where it very well might destroy the utility of e-mail entirely -- meaning that these "marketing" scumbags are on the verge of killing off something that has become an essential part of so many people's and businesses' lives.

Mr. Stearns has done a tremendous job, looking at the sort of thing most of us (myself shamefully included) "just hit delete" on. He's given us a good look at just what the spam problem looks like -- and where it's heading.


Comments (13)

Ending e-mail and comment/t... (Below threshold)

Ending e-mail and comment/trackback spam would be simple if ISPs and hosting services wanted it ended. All it would take would be for providers to block access to any site that spams their customers for all their users. A 'if you spam one of our customers nobody using our service will be able to access your site' policy would end it completely. Spam only works because they don't do that. Nobody would go to the trouble of spamming if it meant that the people they sent it to wouldn't be able to visit their site. Other users of the hosting companies that host spammers would pressure their hosts stop spam at the source so people could access their sites. They'd either stop hosting spammers or end up only hosting spammers who couldn't get traffic. As easy as spamming is to do it wouldn't be worth doing if if there wasn't even a remote possibility of gaining something from it. Business from spammers wouldn't justify losing every legit customer you had and eventually losing the spammers too.

Ending e-mail and commen... (Below threshold)
wolfwalker:

Ending e-mail and comment/trackback spam would be simple if ISPs and hosting services wanted it ended. All it would take would be for providers to block access to any site that spams their customers for all their users.

Sorry, the spammers beat this idea years ago. Many spams don't come from the business directly anymore. They're subcontracted out, in the best capitalist tradition, to the filth that run "spambot" networks. The way it works is this: Spammer company sends their spam form letter to a botnet operator. The botnet operator sends the text to all the little zombie PCs on his botnet. Each zombie sends out ten or twenty spams to a few dozen email addresses. There's no mass emailing to arouse suspicion, and no evidence trail back to the source company, therefore no legal way to attack it. If you make it legal to base a blackout of the company's site on a mere appearance of guilt, then you simply open the door to spam-blackmail: a botnet operator says "I will fake a spam attack from your company unless you pay me a lot of money." Meanwhile, the spammers will continue their operations from noncompliant countries, and/or steal space on legitimate countries' webservers to host their operations. Many companies do a horrible job of securing their webservers.

On top of all that, the current major round of spam doesn't even depend on selling anything directly. They're stock pump-and-dump schemes, which don't require any feedback and therefore there's no way at all to tell what sites to blacklist. Look at Stearns's list: three-quarters of it is stock spams.

Chances are, too, we all kn... (Below threshold)

Chances are, too, we all know someone who sends spam emails. They would never admit it of course. I would take great pleasure in signing up said person to my own "I-get-to-punch-you-in-the-nose-daily" club even if it's my own brother.

Would you contract spamming... (Below threshold)

Would you contract spamming out if it was going to get your site blocked? Doesn't matter where it originates, there'd be no benefit from doing it no matter where the spam came from. If spam blackmail starts then maybe the government would step in and enforce blackmail laws if they won't enforce anti-spamming laws. The blackmailers have to collect the money somehow so they should be pretty easy to catch. I'd be happy if they just put a stop to the wiener pill and gay pron ads like I just finished deleting over 500 of. Those certainly link back to sites that could be blocked.

"If you want to find the ab... (Below threshold)
Mike:

"If you want to find the absolute worst, most inefficient, most cumbersome, most easily perverted solution to a problem, have the federal government do it. There are times when this is the only solution, but as a general rule it's a bad idea."

Jay, I apologize for changing the subject, but just can't resist. If you think spam is problem, just wait until we get "universal health care". People that think health care can't get worse need to think again.

Spam is so offensive that i... (Below threshold)

Spam is so offensive that it draws together a great bipartisan coalition of liberals and conservatives alike. Spam ranks right between Sanjaya and Al Qaeda as one of the greatest threats of our time.

Luckilly, my ISP takes care... (Below threshold)
Sabba Hillel:

Luckilly, my ISP takes care of spam at the server level. Thus, I do not see most spam messages. Every so often I double check the spam folder to make sure i do not miss a real message (once in a blue moon), but normally, I just hit "empty the folder".

Similarly with gmail. Of course, if this gets too burdensome for the ISP, perhaps the economy of scale would kick in and they could buy enough congresscritters. Then again, maybe forwarding all spam to Nancy Reid (sic) and Harry Pelosi (sic) would work.

60 spams a day? H... (Below threshold)
Lugnut:

60 spams a day?

Heck, that ain't nothin'. One of my mail accounts got 193 spams in a 24 hour period a few weeks ago.

One of my mail acc... (Below threshold)
One of my mail accounts got 193 spams in a 24 hour period a few weeks ago.

Heck, I routinely find 300+ spam emails waiting for me when I arrive at work on Monday mornings.

I arrived here at work just... (Below threshold)

I arrived here at work just a few minutes ago and I had 78 emails waiting for me, and 76 turned out to be spam. That is since 4:00 pm yesterday. That's only 16 hours. 76 spam emails. I wonder if I qualify for some sort of prize?

OregonMuse: Alas, 76 spams ... (Below threshold)
wolfwalker:

OregonMuse: Alas, 76 spams in 16 hours is small potatoes. Some people can get hundreds of spams in that timespan.

Oyster: Chances are good you know somebody whose computer is sending spam and they don't know it. A frightening number of people don't secure their computers from intrustion, and their computers are rapidly zombified and co-opted into one or more botnets. Zombie-bot programs have gotten so sophisticated that some of them actually search for and remove other bot programs from the computers they infect, so no other bots are stealing computer resources from them while they steal resources from the hapless users.

You want to kill spam, this will hurt it more than any law: secure all personal PCs. A firewall (hardware or software) and an anti-malware program are all it takes. Maybe fifty bucks and an hour's worth of work per PC.

While CAN-SPAM certainly ha... (Below threshold)
kbiel:

While CAN-SPAM certainly hasn't helped, I'm not so sure that it has done any harm. Does anyone here actually receive spam form legitmate companies with a tangible U.S. presence? I certainly don't. Almost all of my spam falls into two buckets, penny stock pump-and-dump scams or [email protected]@ crap. In the case of the pump-and-dump, there is no site or contact that needs to be made between the scammer and the mark. As for the drug stuff, all of the ones I've actually opened point to some off-shore website or phone number. I do occasionally still receive the Nigerian 419 missive. Obviously none of these types of spammers are going to care one whit whether the CAN-SPAM act says they can spam me once or not.

Time was I used to amuse my... (Below threshold)

Time was I used to amuse myself by poring over spam email and reporting the abuse to the actual ISP I could find buried in the header, but these days, it's all coming from offshore. Or, as wolfwalker points out, it's coming from multitudes of ignorant boobs who don't think it's important to secure their computers from malware




Advertisements









rightads.gif

beltwaybloggers.gif

insiderslogo.jpg

mba_blue.gif

Follow Wizbang

Follow Wizbang on FacebookFollow Wizbang on TwitterSubscribe to Wizbang feedWizbang Mobile

Contact

Send e-mail tips to us:

[email protected]

Fresh Links

Credits

Section Editor: Maggie Whitton

Editors: Jay Tea, Lorie Byrd, Kim Priestap, DJ Drummond, Michael Laprarie, Baron Von Ottomatic, Shawn Mallow, Rick, Dan Karipides, Michael Avitablile, Charlie Quidnunc, Steve Schippert

Emeritus: Paul, Mary Katherine Ham, Jim Addison, Alexander K. McClure, Cassy Fiano, Bill Jempty, John Stansbury, Rob Port

In Memorium: HughS

All original content copyright © 2003-2010 by Wizbang®, LLC. All rights reserved. Wizbang® is a registered service mark.

Powered by Movable Type Pro 4.361

Hosting by ServInt

Ratings on this site are powered by the Ajax Ratings Pro plugin for Movable Type.

Search on this site is powered by the FastSearch plugin for Movable Type.

Blogrolls on this site are powered by the MT-Blogroll.

Temporary site design is based on Cutline and Cutline for MT. Graphics by Apothegm Designs.

Author Login



Terms Of Service

DCMA Compliance Notice

Privacy Policy