Spam: Give me a break
by Perry Carpenter, More posts from Perry Carpenter
Sat, 2007-03-24 01:25
Topic(s): |

-----BEGIN MINDLESS RANT-----
Hash: BYORL

Spam is a four-letter word.  It is so foul that it further denigrates the name of the potted meat industry; which, in my mind, is pretty hard to do (no offense intended to those who produce or consume potted meat).

I've had it up to here (virtually speaking) with spam, spammers, and the inadequacy of spam filtering technologies.  Recent research indicates that up to 90% of Internet email is spam; and the worst thing is that we have all, to some extent, resigned ourselves to accepting the problem as the "status quo."  I know that there are some good products out there, but the industry is just unable to keep pace with those out to cram our inbox full of ads hocking performance enhancement drugs, cheap prescriptions, penny stocks, and offers to share in the vast riches of deceased Lithuanian statesmen.  Even now, those in the blogging world are noticing an increase in the levels of comment spam.  I've seen it through my personal blog -- the mindless zombie's attempt to spew their content even though my blog explicitly states that all comments must be approved before appearing.

The problem stems from the fact that the folks behind this deluge of virtual dung win each-and-every-time they successfully circumvent a spam filter and someone clicks on an link, replies to the message, or purchases a stock.  Even worse, there is an inherent benefit to some spammers in simply sending the message.  The fact that they don't receive a bounce-back is an effective way of validating good email addresses.

I've heard some compare the security industry's efforts in combating spam and malware to an old-fashioned "arms race."  Security researchers develop countermeasures to current spam and malware techniques, so the other side alters their tactics.  Thus, each side is in a constantly reactive cycle; simultaneously trying to catch-up, outrun, or anticipate the other's next move.

I hate ranting about something without at least trying to offer some type of solution; but, I am somewhat at a loss.  Google's Gmail system seems to do a pretty good job at detecting spam; I've used it for over two years now and have probably received less than 10 spam messages in my inbox.  Blacklisting, whitelisting, graylisting, heuristics, signatures, Bayseian filters, collaborative filters, and other spam filtering methods have proven to be somewhat ineffective (even when used in combination) -- no silver bullet in sight.

So I end this rant with a question:  what do you propose we do about the proliferation of spam?  Please remember that bodily harm to spammers is not an option (at least not yet).

-----END MINDLESS RANT-----

» read more from Perry Carpenter | post a comment
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
* Denotes a required field
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast