Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lessig On Bounties For Spamhunters

timothy posted more than 11 years ago | from the pay-pal dept.

Spam 317

An anonymous reader submits: "Digital rights (as in yours, not the RIAA's) guru Lawrence Lessig comes up with a Swiftian idea of how to fight spammers -- $10,000 for the first ubergeek to hunt the offender down. The column is at CIO Insight. Wonder if it'll reach its audience there."

cancel ×

317 comments

Sorry! There are no comments related to the filter you selected.

How much... (5, Funny)

T3kno (51315) | more than 11 years ago | (#4323411)

How much would I get if I blew up the building that housed hotmail.com?

Re:How much... (0)

Anonymous Coward | more than 11 years ago | (#4323422)

Earth to genius, Hotmail isn't where spam originates, it's where it goes or the return address is used.

Re:How much... (0)

jbottero (585319) | more than 11 years ago | (#4323458)

Yes, but it *is* a primary tool of spamers.

Re:How much... (1)

pythas (75383) | more than 11 years ago | (#4323642)

No, no it's not.

By your logic, we should blow up the university of washington for developing pine, because some people read spam mail in it. It could also be used for *gasp* SENDING EMAIL.

Re:How much... (0)

jbottero (585319) | more than 11 years ago | (#4323753)

Come on now, show me a spammer that uses Pine.

Related point: (2)

mmol_6453 (231450) | more than 11 years ago | (#4323504)

Does my family get paid compensation if I get gunned down while searching?

This is big business...with only slightly more positive moral compunctions than drugs.

Re:How much... (5, Informative)

Tackhead (54550) | more than 11 years ago | (#4323521)

> How much would I get if I blew up the building that housed hotmail.com?

Nothing. The spam doesn't come from Hotmail. Spammers forge hotmail.com dropboxes into the headers, but typically spam through dedicated machines hosted by spam-friendly providers.

If someone were to go apeshit with a SuperSoaker full of saline solution in ELI.NET's or Level3's datacenter, for instance, your load of inbound spam would probably decrease substantially.

There are some "ISPs" allegedly in Mexico and Brazil (but hosted via US-based backbones) that are no more than spammer fronts.

Re:How much... (0)

Anonymous Coward | more than 11 years ago | (#4323587)

Please don't hose down level3's data center, I would lose my internet access. They do have a few honest customers, like my ISP. Also your mutual fund might drop as the company is now linked to Berkshire Hathaway, which it probably owns, in most investor's minds.

Re:How much... (3, Funny)

Doppler00 (534739) | more than 11 years ago | (#4323736)

Probably 20 years to life in prison.

Good idea (1)

chainrust (610064) | more than 11 years ago | (#4323412)

Good idea, except how would you know if the spammer had been already reported? Also, who would fund it? No one really has an incentive to.

Re:Good idea (2)

shess (31691) | more than 11 years ago | (#4323463)

Huh, so I guess that means you didn't read the article, eh?

Re:Good idea (0, Troll)

chainrust (610064) | more than 11 years ago | (#4323490)

Actually, I did.
I guess you weren't thinking when you read my comment, eh? Fucking canuck.
I'll spell it out for you: What incentive would Congress have to pass a law requiring spammers to pay $10,000 the the reporter?

Re:Good idea (1)

IMarvinTPA (104941) | more than 11 years ago | (#4323807)

Income Tax
IMarv

Re:Good idea (0)

Anonymous Coward | more than 11 years ago | (#4323857)

isp's have an incentive - but there would need to be a united effort. spam is a theft of service and looses my company customers even though we have spam assassin (spamassassin.org) and the best privacy agreement possible. then there are the employee costs for guys like me who have to sort it out from legit mail to support@isp.com

well, it's a start (4, Interesting)

Em Emalb (452530) | more than 11 years ago | (#4323413)

but it will only catch the stupid ones. The "smarter" ones, and I use the term loosely, will endure.

Re:well, it's a start (1)

susano_otter (123650) | more than 11 years ago | (#4323760)

The stupid ones, of course, being those that provide a way for you to send them money. The smart ones won't do that, and so will be much harder to trace.

fp? (0)

Anonymous Coward | more than 11 years ago | (#4323418)

ncc

phirst poast (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4323421)

fp, bitch

booyahh, w00t an' all dat schiznidt.

peace out and word to ya momz and propz to all ded homiez.

i wanna be a bounty hunter, too. like in star wars? kewl.

-ac

Take a lesson from astronomy (5, Funny)

PD (9577) | more than 11 years ago | (#4323427)

The first one to find a spammer gets to name it. Well, maybe not such a good idea after all...

Lawrence never looked so good. (0)

Anonymous Coward | more than 11 years ago | (#4323429)

As he does in the charicature at the top of the article.

More by John Kascht (the cartooner) (2)

scubacuda (411898) | more than 11 years ago | (#4323549)

See more of his stuff here [caricature.org] . They're great!

Bounty Application for BC (2)

FFFish (7567) | more than 11 years ago | (#4323432)

I've been thinking the same thing, but applied to my Provincial Government. Start up a pool, a buck per citizen. Whoever removes Gordon Campbell, our current, fascist prick-in-office, takes the pot.

I'm pretty sure there'd be enough donations to make it well worth someone's time...

Re:Bounty Application for BC (0)

Anonymous Coward | more than 11 years ago | (#4323510)

I agree brother, we need to get some neo-nazis in office.

Re:Bounty Application for BC (0)

Anonymous Coward | more than 11 years ago | (#4323518)

Shut up you socialist motherfucker, get a job, and get off welfare. Just because he won't let you live in the woodwards building doesn't make him a facist. Bleeding heart liberals make me sick.

Re:Bounty Application for BC (0)

Anonymous Coward | more than 11 years ago | (#4323617)

Hear hear.

This province has been so F***ed up by 10 years of NDP stupidity.

Re:Bounty Application for BC (0)

Anonymous Coward | more than 11 years ago | (#4323812)

In this day and age that statment makes you one hell of a dumbass and a target for the R.C.M.P.

Shit if you hate him that much he must be doing something right. Go Campbell!!

The opposite is needed (5, Interesting)

PD (9577) | more than 11 years ago | (#4323444)

For a period of one month, all filters on spam and spam hunting should be suspended. Part of the problem is that anti-spam activities are masking the true magnitude of the problem. A wake-up call is needed. When people realize just how much spam is being sent out, the villagers will take to the streets with pitchforks and torches.

yes,but... (1)

kg439. (609744) | more than 11 years ago | (#4323556)

this would do nothing but piss off those people who cannot fight the spam. only the "ubergeeks", who already know about the spam, would be able to fight/hunt/track the spammers, and this tactic would be mostly useless.

Re:The opposite is needed (1)

letxa2000 (215841) | more than 11 years ago | (#4323584)

Either that or stop checking their email. I'd bet they'd stop checking their email before they took to the streets with pitchforks. Probably even before calling their senator.

Re:The opposite is needed (5, Funny)

taernim (557097) | more than 11 years ago | (#4323634)

In a related story:

tired of spam?
we am sure you are too! my government has agreed to pay the sum of $34,004,267 to help you fight these spam persons. yes, it sounds much too good. but yes, this is truth. if you would like to join the fight, we only need your bank routing number and complete address. we will soon win by helping you help us help you.

(Check out this article [slashdot.org] if you somehow miss the irony...)

Re:The opposite is needed (2, Interesting)

neuroticia (557805) | more than 11 years ago | (#4323646)

No. For a period of one month, the Government needs to cease and desist anti-spam filters, and Bush needs to read his own email.

After the 908'th offer for viagra, he'll either cave and buy it (and then hire an intern) or get pissed off and do something about it.

Stopping the filters on the accounts of people who know about Spam isn't going to do a goddamned thing. WE're already pissed off by it. It's the gov't officials whose email is pre-filtered, sanitized, and delivered for their viewing pleasure, who need to experience the deluge.

Better yet- remove their filters, and put their email addresses on the internet. Someplace like Slashdot.

-Sara

Privacy implications are dire (3, Interesting)

I Am The Owl (531076) | more than 11 years ago | (#4323445)

Why the sudden turn around in Slashdot rhetoric?

I can see the sense in promoting our rights to privacy online, as michael and timothy (bless them) are wont to do, but then we see a sudden reversal. Sure, I guess it's a real pain when spammers send hundreds of unwanted messages over the Internet every day, but is offering a bounty to rob them of their right to privacy really the answer? This is just the government turning citizen against fellow citizen in a foul ploy to get us to turn in our rights to online privacy. Let's look at what's happened so far:

  • Spammers send spam
  • Geek gets pissed, deletes spam
Now that isn't that terrible, is it? Do we really need to go out and promote a database state and tie together all a person's Constitutionally private information into one big heap of spying and ratting out? I dislike spam as much as the next man, but I draw the line at violating others' online rights. It's a line nobody should be willing to cross.

Re:Privacy implications are dire (1)

plierhead (570797) | more than 11 years ago | (#4323503)

"I Am The Owl" ?

You Are The Goat ! (or perhaps, the troll)

If you engage in criminal acts you LOSE the right to privacy. Spammers have no rights. ALL THEIR TESTICLE ARE BELONG TO US.

Re:Privacy implications are dire (0)

Anonymous Coward | more than 11 years ago | (#4323649)

Spam isn't illegal, you corporate whore.

Re:Privacy implications are dire (2)

kevin lyda (4803) | more than 11 years ago | (#4323506)

in normal human interaction i get to see who i'm talking to. no one has the right to one-way communication between private parties.

there might be some concern about communications between a private person and a person acting on behalf of the government, but then again that's not what we're talking about.

to put it more directly: you've dressed up mr. strawman all cute-n-cuddly but ya know what? he's still a fucking bundle of straw. piss off.

it's a stretch to claim that spam is a right (4, Insightful)

keithmoore (106078) | more than 11 years ago | (#4323535)

I don't think that spam is a right any more than driving around in a loudspeaker-laden truck that is playing incessant advertisements in the middle of the night is a right. and I don't think that spammers have any more right to privacy than others who disturb the peace or engage in petty theft. the public has a greater interest in having the names of accused be in the public record than in keeping their names secret. (this actually helps discourage false accusations by the government)

having said that, it's also clear that having a way to identify the source of a potential spam would create serious privacy concerns - what's to stop that method from being used to identify the source of any email? nor does "identifying the spammer" seem to be as useful as "marginalizing the spammer" - i.e. making sure that spammers are likely to have to pay so dearly that it's not profitable for them. strictly speaking, we may not need to identify them to achieve this result.

so what we really need is a way to marginalize real spammers without sacrificing others' privacy rights in the process.

different kind of privacy (1)

drewstyle (610956) | more than 11 years ago | (#4323552)

I don't think that this is about their right to privacy; instead, this is our right to have a private email accout. I know from personal experience that I have email accounts that are listed only on my resume online and I don't give them out to anyone. When my account gets spammed all of a sudden, it is an invasion of my privacy. I want to have a private email address for a specific purpose, but some spammer and his mailbot that collects random email addresses can find these things. This is an invasion of my privacy. I don't give my resume to just anyone and I don't think that I should have to take it offline, but this is unacceptible. They are invading my privacy. I can understand telephone calls because at least I can make them take my name off of the list. In the case of the spammer, I don't know who they are, or how to make them stop sending things to me without being inconvenienced by creating a new email address. This is totally an invasion of my privacy, not theirs. Bounty Hunt Away in my book, cause the spammers don't know what the right to privacy is in the first place -- or they just don't care.

Re:Privacy implications are dire (3, Interesting)

Lord_Slepnir (585350) | more than 11 years ago | (#4323565)

What about my rights to not have my inbox clogged up with offers for inkjets and penis enlargements. 10 spams a day is an annoyance, but my university account gets 50-60+ a day if i turn off the spam filters. So now not only do i have to configure my spam filters on my mail server and waste CPU time and disk space, (I know that they're small, but my mail server is a P/166 that i got for $30, so every bit counts) but I have to figure out which ones of the few that get through are legit and which ones aren't.

It wasn't so bad before, with spammers being blatent, but now that they are using more under-handed by disguising their addresses and subjects to look legit. Do you know how many times I've opened an e-mail that has a subject as just "hi" or "a quick question" and having some really disgusting porn pop up [goatse.cx] on my computer.

In short, a spammer does have a right to free speech, but that right ends where my right to not be harrassed begins. (yes, i know that the right to not be harrassed isn't a constitutionally protected right)

Re:Privacy implications are dire (2)

silentbozo (542534) | more than 11 years ago | (#4323908)

Do you know how many times I've opened an e-mail that has a subject as just "hi" or "a quick question" and having some really disgusting porn pop up [goatse.cx] on my computer.

I run Eudora 1.5.1 to avoid HTML and nasty javascript payloads like that. That maybe taking things a little far, but I like having a mail client that doesn't spread worms, and is able to hold an inbox of 8000 messages without crashing. On another note, I really need to take some vacation time and get through that backlog of e-mail...

Oh, and if you have shell access to your mail account, and procmail capability, consider installing Spamassassin. It catches 95% of the spam that comes my way, with maybe a .5% false positive (both of which are easily adjusted by adding and subtracting names and domains from the user-configurable whitelist/blacklists.)

Re:Privacy implications are dire (1)

inode_buddha (576844) | more than 11 years ago | (#4323876)

Too bad that line was already crossed a zillion times over by such businesses as USsearch.com. (Look at the Yahoo! people search...). Even my state (NY) sells information as a sideline business. If I could get iptables to filter on inline content also, it would make my day - and the rest of the year after that too. As you said, I delete spam out of course. However, both my bandwidth and my ISP's bandwidth have already been consumed by that point -- you need to receive it in order to delete it. And no, I'm _NOT_ going to continue changing _MY_ addy or using drop-boxes. The reason why? Because I pay for my access and my accounts for _MY_ convenience and pleasure, no one else's. 'Nuff said.

uhh, missing something here (5, Interesting)

Telastyn (206146) | more than 11 years ago | (#4323462)

from the article:

But at least with the spam problem, there is a much simpler solution that, so far, Congress has failed to see. Imagine a law that had two parts--a labeling part and a bounty part. Part A says that any unsolicited commercial e-mail must include in its subject line the tag [ADV:]. Part B says that the first person to track down a spammer violating the labeling requirement will, upon providing proof to the Federal Trade Commission, be entitled to $10,000 to be paid by the spammer.


From California Spam law:
(g) In the case of e-mail that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, the subject line of each and every message shall include "ADV:" as the first four characters. If these messages contain information that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, that may only be viewed, purchased, rented, leased, or held in possession by an individual 18 years of age and older, the subject line of each and every message shall include "ADV:ADLT" as the first eight characters.


and

(f) (1) In addition to any other action available under law, any electronic mail service provider whose policy on unsolicited electronic mail advertisements is violated as provided in this section may bring a civil action to recover the actual monetary loss suffered by that provider by reason of that violation, or liquidated damages of fifty dollars ($50) for each electronic mail message initiated or delivered in violation of this section, up to a maximum of twenty-five thousand dollars ($25,000) per day, whichever amount is greater.


Very similar...

Re:uhh, missing something here (0)

critter_hunter (568942) | more than 11 years ago | (#4323629)

fifty dollars ($50) for each electronic mail message initiated or delivered in violation of this section, up to a maximum of twenty-five thousand dollars ($25,000) per day, whichever amount is greater.

That doesn't make sense. Just read it carefully. If you send under 25,000$ worth of spam, you have to pay 25,000$ (whichever amount is greater). But, if I send over 25,000$ worth, I don't pay the greater amount because the maximum is 25,000$. So basically you always pay 25,000$... so why not just say it plainly?

Did you make up that law yourself?

Re:uhh, missing something here (1, Insightful)

Anonymous Coward | more than 11 years ago | (#4323692)

There are 2 options here:

1- "recover the actual monetary loss suffered by that provider by reason of that violation"

2- "fifty dollars ($50) for each electronic mail message initiated or delivered in violation of this section, up to a maximum of twenty-five thousand dollars ($25,000) per day"

There is no maximum on the first option. If they have greater than $25,000 in damages, thats what they collect.

Re:uhh, missing something here (5, Insightful)

Alsee (515537) | more than 11 years ago | (#4323742)

($50) for each electronic mail message initiated or delivered in violation of this section, up to a maximum of twenty-five thousand dollars ($25,000) per day

That part of the law is severely broken. They hit the $25,000 cap after the first 500 spams per day. The bigger spammers send MILLIONS of spams per day. At 1 millions spams per day the fine is 2.5 cents per spam, and at 10 millions spams per day the fine is one-fourth of a cent.

As they can crank up the volume of spam the fine approaches zero. The fine becomes an acceptable cost of doing bussiness.

Before anyone replies to point out the phrase "whichever amount is greater", that phrase reffers to proving "actual monetary loss suffered" which aint gonna happen.

-

Re:uhh, missing something here (0)

Anonymous Coward | more than 11 years ago | (#4323829)

We don't even want to receive [ADV] labeled SPAM. We get enough spam saying that it is legal referencing that fictitious S.1618 Section 301 "law". Heck that standard S.1618 Section 301 law has even been translated into argentinean spam!
Spammers should have to compensate us for the priviledge to send us spam and it should be enough for the receipients to make a profit just for receiving it.

Offtopic, but... (0, Offtopic)

jimhill (7277) | more than 11 years ago | (#4323471)

Lessig's a heck of a guy and a darned good fella to have on the side of the angels, but someone ought to let him know that beginning an address or article with any variation on "$DICTIONARY defines $TERM as $DEFINITION" is considered (and rightly so) to be oratorically weak. It's the dishrag introduction.

Go forth, eloquent slashdotters, and purge this offense from your own pulpit-poundings.

First Caught Spammer (5, Funny)

DarkHelmet (120004) | more than 11 years ago | (#4323476)

I have a bunch of female friends that forward letters endlessly to the point that they're no longer my friends. I'd love to put one of their heads on a stick and turn them in for 10k. Do they count? :)

Re:First Caught Spammer (2)

fobbman (131816) | more than 11 years ago | (#4323641)

I filter emails looking for the character sequence FW in the subject. Gets `em every time.

Re:First Caught Spammer (0)

Anonymous Coward | more than 11 years ago | (#4323731)


If you have any nice female friends you like to sell complete (not just heads) for $10,000, I'm willing to buy. Where should I send the check? :)

Re:First Caught Spammer (2)

unicron (20286) | more than 11 years ago | (#4323745)

You lie, you don't know any chicks. :)

Triumph: Have you ever talked to a woman without first having to give your credit card number?

Re:First Caught Spammer (1)

saskboy (600063) | more than 11 years ago | (#4323815)

I hope this bounty doesn't apply to Grandma sending email jokes to the family, a dozen times, because she wouldn't stop double clicking the send button?
If it does, then Grandma is going to make me rich.

uh... (0, Redundant)

Profe55or Booty (540761) | more than 11 years ago | (#4323478)

i could be wrong, but that isn't at all what the article says. the article is saying that California Congressman Howard Berman is trying to pass a bill that forces the companies to pay you $10,000.

you may not want to start praising him yet, though, as the article also says

In July, Berman, a Democrat, introduced a bill to deputize the recording industry and other copyright holders to help fight copyright violations. Through his bill, these vigilantes would be granted immunity from liability as they deployed tools to hack peer-to-peer systems that they "reasonably believe" violate copyright laws. Run a Morpheus server with content that recording industry executives think is theirs, and you may find your machine doesn't run much content at all.

well. now that the article is explained for you all; comment.

This problem cannot be solved! (4, Insightful)

FreeLinux (555387) | more than 11 years ago | (#4323485)

The thing is that SPAM works! If it wasn't profitable no one would bother with it but, it is profitable. Highly profitable! So long as people keep buying from spammers spam will continue to infest the internet.

Just like the Nigerian money scam, so long as people continue to fall for it, it will continue to circulate. Blacklists and other technology solutions will never be able to keep out all the spam. Legislation will never be effective against it. The only way to make it die is for people to stop buying from it and so far, it seems that there are far too many people who are insecure about their penis size for the spam to stop.

Re:This problem cannot be solved! (2, Insightful)

jon787 (512497) | more than 11 years ago | (#4323694)

It is profitable only because it is so cheap to do. If a spammer sends out 1 million messages and 1 person buys something he is making a profit!

Re:This problem cannot be solved! (0)

Anonymous Coward | more than 11 years ago | (#4323720)

so we should start charging for email. a buck a message -- how's that sound?

Re:This problem cannot be solved! (1)

Trillian_1138 (221423) | more than 11 years ago | (#4323747)

FreeLinux wrote: The thing is that SPAM works! If it wasn't profitable no one would bother with it but, it is profitable. Highly profitable! So long as people keep buying from spammers spam will continue to infest the internet.

I simply don't believe this. Because spamming is so goddamned _cheap_, it doesn't have to be profitable in the normal sense of the word. Technically, 'profitable' is doing more than breaking even. So, if I make a product, price it at $30, and send THOUSANDS of spam emails, I could sell _one_ and the spamming still would have been 'profitable.' I could have spent a grand total of nothing (other than 20 minutes coming up with a shitty email advertising my product and 30 seconds finding an anonymous spamming program online) on the spamming experience.

Until there's some real way to detract from the wonderful pleasure of spamming, we won't see an end to it. One example is paying a bounty on spammers.

-Trillian

How much (0)

Anonymous Coward | more than 11 years ago | (#4323488)

for blowing the place whence most 'first posts' come from? With emphasis on the lame ones that come like 5th.

Re:How much (0)

Anonymous Coward | more than 11 years ago | (#4323698)

do you not like my troll "phirst poast". i think it's the cat's ass. hi-larious, i tell you.

smiles and giggles,

-ac

Disgusting. (2, Interesting)

Fat Casper (260409) | more than 11 years ago | (#4323489)

I think I'm going to be sick.

The author compares the bill that the RIAA bought to allow them to crack any box they want with the "spam vigilantes" that blacklist sites that don't obey "proper" e-mail etiquette and then by organizing automated boycotts of the sites on the list.

His explanation of the bill is Through his bill, these vigilantes would be granted immunity from liability as they deployed tools to hack peer-to-peer systems that they "reasonably believe" violate copyright laws. He compares the two as unaccountable processes that wrongfully victimize people.

He then proposes (drum roll) a law that spammers would have to follow, and a reward for geeks who catch them if they don't. Like they'll follow laws. Blacklisting servers is better; it slaps the stupid admins pretty hard for victimizing everyone else. It also slaps folks like that stupid "internet lawyer" and Bernie Schifman. There's a public good- actual, relevant punishment for offenders.

Re:Disgusting. (2)

Sylver Dragon (445237) | more than 11 years ago | (#4323717)

Not to mention that he missed one very important difference between hacking my system and blocklists.
Choice.
I don't have to subscribe to a blocklist. I can choose to accept all e-mail or to use the list and block the servers listed on it. Even on free e-mail sites, such as Yahoo!, I can turn the spam filter on or off, at my discresion. The filtering of e-mail through the use of block lists is a very good way of exercising my rights. Sure, you have the right to say what you want, but I don't have to listen to you.
There is nothing being done, with blocklists, that prohibits, or detracts from free-speech. All it does is provide a ready-made filter that removes content which the subscriber does not want to hear.
On the other hand, Lessing brings up the Berman bill. Which, as we all know, allows people to access your system, without your consent, or knowledge. And protects them from liability if they do any damage in the process. I don't have any choice in the matter, they decide they want to format my hard-drive, they can do it.
The article is comparing two completly disseparate things. Apples and oranges, as the saying goes. A service that I can pay for if I want it, and a free license to DoS someone.
Though, on a side note, if Berman's bill does pass, anyone up for starting a group that holds patents, and then goes around the net cracking un-protected systems and deleting the entire contents of people's hard-drives. Maybe start off poking around the RIAA's and MPAA's networks. Afterall, they might have had some of the copyrighted works on thier system, and we would not be held liable for losses or damages if Berman get's his way.

Hunt them down... and then what? (2)

MongooseCN (139203) | more than 11 years ago | (#4323509)

Does he want them dead or alive? Or maybe just their head?

Re:Hunt them down... and then what? (1)

sys$manager (25156) | more than 11 years ago | (#4323603)

The Bon Jovi story was last Tuesday.

One small flaw... (5, Insightful)

nautical9 (469723) | more than 11 years ago | (#4323527)

The one thing we know about the vast majority of spammers is that they are in business to make money. And the only way to get money from the sap who received the spam is to provide a simple way for the sap to link back to the spammer. If there's a way to buy something from the spammer, there's a way to charge the spammer if you catch him.

So, Company ABC doesn't like the competition of Company XYZ. Company ABC makes up a dummy spam email advertsing Company XYZ's products and spams a few million addresses (with an easy-to-find return address for XYZ). Company XYZ, unable to prove that they are innocent, pays the $10k.

I assume Lessig's scenario would have to use a guilty-until-proven-innocent scheme, as it would be as ineffectual as the rest of the laws/anti-spam filters if it were the other way around. To prove someone guilty of spamming, you'd need logs and other evidence from their computers - not easy to get without search-and-ceisure permits. Anything less than that is too easy to duplicate from a malicious hacker's perspective.

Re:One small flaw... (2, Insightful)

plierhead (570797) | more than 11 years ago | (#4323654)

I don't think he's proposing a "guilty until proven innocent" thing. The $10K is just the bounty paid to the bounty hunter. The miscreants could still get their asses kicked with the fully weighted boot of the law, so all the normal discovery, court proceedings, etc. would still apply. If Company ABC maliciously created spam pretending to be from Company ABC, then Company ABC would be committing a very serious felony that could earn their execs gaol time. Very unlikely they could persuade the geeks to take part.

A bigger problem I see is some kind of sense of proportion. Most businesses perform some kind of cold calling. Seems to me like if you sell, say, emergency powergenerators, and you send personalized email to the three businesses in your town who might be potential customers, thats a lot different from sending 2M "enlarge your penis" mails to a database of emails you bought off some other spamming mofo.

As annoying as spam (4, Insightful)

letxa2000 (215841) | more than 11 years ago | (#4323529)

The site that article is from is as annoying as spam itself. You go to read the article and you get a banner ad to the right that occasionally "grows" to occupy 1/4th of your screen. You click "next" and you get a pop-up banner.

Sites like these shouldn't be linked to by Slashdot.

Amen (0)

Anonymous Coward | more than 11 years ago | (#4323568)

And it keeps wanting you to install Flash.

Pop-ups? (1)

sulli (195030) | more than 11 years ago | (#4323606)

What are those? I use Mozilla.

ADV tagging useless to real advertisers (2)

gentlewizard (300741) | more than 11 years ago | (#4323531)

The problem with tagging all commercial email with an identifier such as "ADV:" is that most recipients will simply create an email rule to auto-delete it and never even know it arrived.

That's great for the recipients, but it does nothing to reduce the load on ISP servers; in fact, it may increase it as the advertisers will have to send out MORE mail to make sure at least somebody opens it.

Also, such a solution does nothing to help legitimate advertisers, who need to know the demographics of who is actually reading their ad. If there is an easy way to filter, they may buy a list that is 90% middle class professional office workers, but they have no way of telling what mix actually read their ad. So they would never buy a service that operated under the "ADV" rules. Result: only the scam companies would ever send the mail.

Re:ADV tagging useless to real advertisers (1)

Chaltek (610920) | more than 11 years ago | (#4323621)

I think the key word "unsolicited" commercial mail. So legitimate mail will be unaffected.

Re:ADV tagging useless to real advertisers (2)

Anonvmous Coward (589068) | more than 11 years ago | (#4323706)

"I think the key word "unsolicited" commercial mail. So legitimate mail will be unaffected."

Slightly off topic, but I've had good luck filtering SPAM by deleting mails with the word 'unsolicited' in them. I've never gotten a message that said "This mail was not sent unsolicited" and have it be true.

Re:ADV tagging useless to real advertisers (0)

Anonymous Coward | more than 11 years ago | (#4323849)

Most spammers will swear up and down their mail is solicited and that they have the proof that you've opted-in to their mailings. Granted, the proof is typically a joke (you've signed up with our affiliate partner in China when your e-mail address passed through their system).

In all my years of abuse handling experience at an ISP, I think I heard one customer fess up that their mail was pure, unsolicited bulk advertisement.

There's technical and organizational definitions of unsolicited mail out there, but is there good legal definition? If I register a login at company website X, never check any box saying I do/don't want mail, but buried deep within their fine-print usage policy they say they reserve the right to sell addresses to their "affiliates" around the globe, who I am therefore allowing to conduct marketing with me, is that legit?

My point is there's more than enough people willing to talk at great length about how we need better legal and financial reprocussions to fight spam. But how are we going to achieve that if the practice isn't more thoughtfully defined first? For example, California Business & Professions Code 17538.45 says mail is unsolicited if "It is not sent at the request of or with the express consent of the recipient." Do these bogus affiliate programs then bypass this? And if so, should this really be allowed?

Re:ADV tagging useless to real advertisers (2)

thogard (43403) | more than 11 years ago | (#4323638)

It would reduce the load on my server. The regex filters in sendmail can be triggered before the body is read. All the spam headers a week still aren't even as big as just one of the bodies from marketing I bounce because of its size.

I've got patches [abnormal.com] for sendmail that let you filter the message body as well but you have to let it in first but you can bounce the messages at the SMTP transport level.

True (2)

scubacuda (411898) | more than 11 years ago | (#4323689)

...and if a fraction of the people (such as myself) who get that ADV e-mail set up an auto-reply ("Don't ever send me this shit again!"), the problem could get MUCH worse in terms of mail server loads...

Re:ADV tagging useless to real advertisers (2)

Adam9 (93947) | more than 11 years ago | (#4323713)

The real point is that if everyone's deleting spam marked as ADV, then it becomes unprofitable. Guess what happens next? No spam.

Beats Berman's proposal (2)

scubacuda (411898) | more than 11 years ago | (#4323534)

With Berman's proposal, the "vigilante" does the damage (DoS, etc.) before there is any proven wrongdoing. (What if a legit song happened to be labeled the same as a pirated one?)

With Lessig's idea, the vigilante reports the wrongdoing and lets the proper authority take care of it. (A solution I like better. Imagine if there was an all out DoS war between the vigilantes, RIAA, MP3 traders, and all of us in between.)

One can't help but wonder: if this works for spammers, why couldn't it work for MP3s?

A bill like this is perilously close, if you ask me. If this works, the RIAA could start handing out $$$$ incentives for ratting out (illegal) MP3 traders.

Of course, all spam comes from the US (1)

badboy_tw2002 (524611) | more than 11 years ago | (#4323542)

And I'm sure the ones from other countries will happily stamp [ADV:] on their subject lines...

Fine for the USA, but... (1)

nautical9 (469723) | more than 11 years ago | (#4323544)

... but what about the rest of the world?

Re:Fine for the USA, but... (0)

Anonymous Coward | more than 11 years ago | (#4323819)

simple use a email rule that filters out the $ sign
eliminates 99.98% of spam in my email box :)

interesting idea... (2)

Kunta Kinte (323399) | more than 11 years ago | (#4323553)

I think is not a bad idea at all. The reward is high though, so I suspect a few people might find some way to abuse the system.

But what if someone creates a site were you can put a bounty on a particular spam message and add to the pot on locating the spammer ( for legal action, of course ). I don't mean just finding originating network, but the real contact information of the individual or company responsible.

So say you get a particular "work at home" message once a day. You can post your message on there and put $5 in the collection for finding the prick who's harassing you. If he/she is annoying you, chances are there are others who are being annoyed as well. If there is a match in the database, then your money is added to others.

I am sure there are lots of capabable people out there, given $100 bucks to find a spammer *will* find them.

This site could also be used to organize groups of people who would like to sue spammers. So instead of one person footing the bill, if your spammer is being sued, you can join the fun as well.

good idea (2)

scubacuda (411898) | more than 11 years ago | (#4323622)

This is a really good idea.

There are lots of us who want to stop this kinda shit, but have no idea where/how to start.

Reminds me of... (1)

lyingidle (592062) | more than 11 years ago | (#4323751)

Assassination Politics [zolatimes.com]

Which can also be used to get rid of our good friend Berman.

I personally think the whole thing stinks. No one wants the RIAA snooping around on their machine, so how can you justify it being OK for hackers to snoop out spammers? Another brilliant Berman solution is all this is. This guy just needs to shut up.

Now I hate spam as much as the next guy, but there has to be another answer. I mean seriously, I'm still trying to find a way to get away from unsolicited phone calls and snail mail, I don't see much legislation going around trying to stop that.

...just think

Theres a catch (1)

I_am_Rambi (536614) | more than 11 years ago | (#4323567)

Spam is a blight on our high-tech civilization. Lawrence Lessig has an idea: force spammers who don't label their junk e-mail to pay $10,000 to the first recipient who finds them.

I don't know about you, but I don't have alot of time to hunt someone down. Yes the money is worth it, but the question would be to find them. A good hacker can use a laptop, and a pay phone and send out tons of spam and move on (to another state or pay phone). It will be extrememly hard to catch someone who is good at spamming people and doesn't want to get caught. So how can we catch them if they keep moving and send only a few emails to use? Its highly unlikely that from a few emails, someone could catch a spammer.

$10,000 would pay for my college bill though. O well.

Re:Theres a catch (0)

Anonymous Coward | more than 11 years ago | (#4323705)

"A good hacker can use a laptop"

No, would not even take a good hacker. Just someone with Win2k and IIS installed...

Automating vigilante process? (2)

scubacuda (411898) | more than 11 years ago | (#4323600)

What would you do to automate the hunting-down-spammers process?

Perhaps something you could put on your servers? Once certain thresholds and/or parameters are reached, you could have another program kick in that could track them down.

A $10K reward would definitely get people working together in novel ways. Imagine if several ISPs/homeusers/businesses started working together to track these fuckers down.

I know I will get modded down for this, but..... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4323612)

Fuck you. All of you.

(See, now it's the moderator's job to mod me UP, because I said I was afraid of being moderated DOWN)

of course... (1)

tobo (307569) | more than 11 years ago | (#4323625)

And naturally there were extremely annoying ads on the page with the story. Pop-up too.

2 YRO in a row? (1)

c4tp (526292) | more than 11 years ago | (#4323639)

Wow, two Your Rights Online articles in a row. Our legal rights being threatened twice ine one hour. What kind of world are we living in?

Re:2 YRO in a row? (2)

Anonvmous Coward (589068) | more than 11 years ago | (#4323770)

"Wow, two Your Rights Online articles in a row. Our legal rights being threatened twice ine one hour. What kind of world are we living in?"

Sorry Mr. Spade, I don't think any +1 Funnys will be flung your way.

RBL bad? (4, Insightful)

phriedom (561200) | more than 11 years ago | (#4323640)

I don't understand his objection to the RBL. It has checks and balances. It is democratic. Use of the RBL is volentary. It doesn't involve expensive court actions or investigations paid for by taxpayers. It takes no direct action. But if you don't play nice, then others may choose not to play with you. If you don't self-police, others stop listening. Its quite a stretch to say that "restricts the freedom of email" and that it has not "done anything except make e-mailing more difficult." The RBL sure hasn't made my emailing more difficult or restricted my freedom.

I think good laws would add to the effectiveness of the RBL, don't get me wrong. But to hear the spammers tell it, the RBL has made their cost of business much higher, so I wouldn't say it is a detriment.

Overture is the best way to advertise. (0)

Anonymous Coward | more than 11 years ago | (#4323650)

This is what I get for reading slashdot from a locked-down library PC. Man, that Overture popup is freaking annoying!

the fine line... (1)

nautical9 (469723) | more than 11 years ago | (#4323675)

Ok, so does this mean that an email containing ANY advertisement within it must be prefixed with ADV:... what about the many legitimate mailing lists (for jokes, stock quotes, music/dvd/game schedules, etc), that use these banner-ads and text-ads within the message to fund their production (like 90% of the Web uses). The main content of the email is NOT unsolicited, yet it does contain unsolicited pieces.

Every SysAdmin in the world is going to automatically send any ADV: emails to the bit bucket, making the delivery of these types of lists a virtual nightmare (and subsequently causing them to go to a subscription model, meaning we lose even more of the wonderful freebies the Net is known for.)

To be fair, Lessig does point out that there needs to be human intervention, but I'm where is the line drawn?

Re:the fine line... (2)

scubacuda (411898) | more than 11 years ago | (#4323725)

The trick will be *where* you draw the line. Who has to use the ADV header and who doesn't? The mailings you're talking about are solicited e-mails.

I'm cool with people getting bulk e-mails if they've signed up for free shit. I'm NOT cool with people getting bulk e-mail if they A) haven't enlisted, or B) can't ever opt out.

I think that Lessig is getting at the lists that never let you opt out. Someone gets your name, spams you, you reply with REMOVE, you get on their short list, and then they sell you (at a premium) to another spammer. That's the shit that should be regulated with the ADV header.

Legit opt-in mailing lists should NOT be affected.

Here's MY deal. (5, Funny)

unicron (20286) | more than 11 years ago | (#4323759)

"Alright. I'll kindnap him for 50, deprogram him for 50, and I'll kill him for 100!"

"No, just the first 2!"

"Alright, I'll throw in the killin' for free."

License to spam??? (1)

Black Copter Control (464012) | more than 11 years ago | (#4323761)

It can't just be $10K to the FIRST person to track them down. Otherwise, it's just a $10K license to spam. Once you pay the fee, you'd be free to spam all you want.

The real problem with this, however, is that spam is a volume based business. On a 10megabit line you can push spam to hundreds, if not thousands, of recipient a second (With a 2K message, this would give a theoretical maximum of 500 transmits/megabyte. With 20 recipients/transmit that would be ~10,000 recipients/second). If only one of those thousands of people is going to get the $10K, it's going to be like playing the lottery to get a bounty -- In other words, not worth it.

Far better than that would be $100/message recieved by a user with no limit on the number of fines. That way, a person would know that they would get some value from hunting down a spammer. Given that I get, perhaps, a dozen spams per day, tracking down a handfull of spammers each afternoon would keep me well fed.

Re:License to spam??? (2)

scubacuda (411898) | more than 11 years ago | (#4323873)

That's true.

Lessig's idea would only encourage many spammers to get together mail out all their shit together, rather than do it on their own.

There needs to be a way to make the punishment to better fit the total number of spammed e-mails...

What an asshole (5, Insightful)

Gruturo (141223) | more than 11 years ago | (#4323809)

Once added to the list, there is no way to appeal the blocking or to fight such policies

This is bullshit, and he knows it, but he has to exaggerate and distort the truth in order to highlight his fashionable Bounty idea.
I inadvertedly ran an open relay and quickly ended up on Ordb [ordb.org] , and rightfully, I might add. My mail server logs had this nice explanation given in the error message from other servers, complete with a helpful link explaining how to fix and get delisted (fix your server, resubmit its IP for checking, get automatically removed).

3 hours and a sendmail.cf later I was back with the good guys, and had this nice warm feeling :-)

Bounty hunters! (1)

dpt (165990) | more than 11 years ago | (#4323851)

Piett: "We don't need that scum!"

Officer: "Yes, sir."

Vader: "A substantial reward will be offered to the one who captures the spammers. You are free to use any means necessary, but I want them alive ...[Stops at MAPS] ... no blackholing!"

MAPS: "As you wish."

Check those headers! (1)

Icephreak1 (267199) | more than 11 years ago | (#4323859)

Granted we're all busy, we all could do the more well-meaning Internet a duty by checking the headers of even five or ten a day of those SPAM messages and submitting any open SMTP relays you find to at least one [ordb.org] realtime blackhole list. This is what I've been doing for over a year. This is precisely what the article meant about e-mail vigilante-ism. You'd be surprised to find out how much of the SPAM you receive are sent through ill-configured mail relays.

It also quite likely means YOU have received one less SPAM message because of ME!

And how does one confirm a mail host is an open relay? I shall not explain, but if you know of telnet and a bit of Simple Mail Transfer Protocol, you could manually check this.

Quite honestly, if even half the Slashdot population did this sort of thing consistently for two weeks, the entire Internet could conceivably see a tremendous decrease in SPAM flow. Not impossible.

- IP

Hunt them down? (1)

umask077 (122989) | more than 11 years ago | (#4323867)

*starts loading his G3*

Ok, the top 10 spammers are basicly known entities. Whats hunting them down gonna do. They skip town, dont show up in court, etc. Unless we really mean hunting them down and killing them which I am in full support of, however unless I've missed something its still a tad on the illegal side in the United States. Paying a bounty to find them is all well and good but the courts dont do much about them even when you get them into court. These people are scum who hide thier identity constantly. They are good at it. Ok perhaps we can be better at finding them but they still skip out on court hearings all the time.

I dont think it will help any.

Lessig has not done his research (2, Informative)

gorbachev (512743) | more than 11 years ago | (#4323885)

SPEWS does not "block with any appeal allowed".

First of all, SPEWS doesn't block anything. SPEWS only provides the list of scumbags. Its users then decide what they do with the information. Some block Email, some flag Email for filtering by end users, some use the list as evidence of anti-spammer evils.

Second of all, there is an appeal process. The spammer just needs to stop spamming.

Thirdly, he seems to imply that it would be common to be listed in SPEWS by mistake. This is simply not true at all. Usually a spammer has to exhibit a pattern of abusive behavior to get listed. There appears to be a human process involved in getting listed by SPEWS, which seems to be very effective in weeding out mistakes and joe-jobs.

Proletariat of the world, unite to kill spammers. The slower, the better. The more painful, the better. Remember, knees first, so they can't run away.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>