Re: [Mailman-Users] The economics of spam
From: Rich Kulawiec <rsk@gsp.org>
On Tue, Dec 23, 2008 at 10:15:43AM -0800, Jan Steinman wrote:
I would willingly pay a hundredth of a cent (or so) per email sent
if it would reduce spam to near-zero.This is a thoroughly-discredited, utterly broken idea... based on
the ludicrous notion that abusers... will, for absolutely no reason whatsoever, suddenly and magically behave honestly and pay to send
mail.
No, it is based upon the idea that a system could be implemented
whereby it would be impossible to avoid the payment.
Or should we just admit that any crook can hack any arbitrary ATM
machine, or that any mass-marketer can send paper mail without a stamp?
I don't believe anyone in this discussion was relying on the ethics of
voluntary payments to reduce spam.
:::: If vegetarians eat only vegetables, what do humanitarians eat? :::: Jan Steinman <http://www.Bytesmiths.com/Item/99-3033-17-18>
Jan Steinman wrote:
From: Rich Kulawiec <rsk@gsp.org>
On Tue, Dec 23, 2008 at 10:15:43AM -0800, Jan Steinman wrote:
I would willingly pay a hundredth of a cent (or so) per email sent
if it would reduce spam to near-zero.This is a thoroughly-discredited, utterly broken idea... based on
the ludicrous notion that abusers... will, for absolutely no reason whatsoever, suddenly and magically behave honestly and pay to send
mail.No, it is based upon the idea that a system could be implemented
whereby it would be impossible to avoid the payment.Or should we just admit that any crook can hack any arbitrary ATM
machine, or that any mass-marketer can send paper mail without a stamp?
That's not an apt analogy. The issue here is not whether a system can be developed that would require mail delivery to be paid for. The issue is whether the spammers can figure a way to shift the payment to someone else in the same way that they already hijack the resources of unsuspecting user's machines to enable them to send much more spam than if they actually had to pay for the hardware.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Sat, 3 Jan 2009, Mark Sapiro wrote:
That's not an apt analogy. The issue here is not whether a system can be developed that would require mail delivery to be paid for. The
//alif
-- Yours, J.A. Terranson sysadmin_at_mfn.org 0xpgp_key_mgmt_is_broken-dont_bother
"Never belong to any party, always oppose privileged classes and public plunderers, never lack sympathy with the poor, always remain devoted to the public welfare, never be satisfied with merely printing news, always be drastically independent, never be afraid to attack wrong, whether by predatory plutocracy or predatory poverty."
Joseph Pulitzer 1907 Speech
On 3 Jan 09, at 18:23, J.A. Terranson wrote:
On Sat, 3 Jan 2009, Mark Sapiro wrote:
That's not an apt analogy. The issue here is not whether a system can be developed that would require mail delivery to be paid for. The
So it seems one way of guaranteeing that one would only receive email
that had been paid for is implemented, or at least prototyped. I'm
going to look into this hashcash a bit, just out of curiosity.
I was thinking more on the level of a new, incompatible SMTP standard,
or possibly even at lower levels of the ISO stack -- possibly at the
TCP/IP level. Or perhaps as part of IP6 protocol, coming to you Any
Day Now.
Perhaps I know just enough about the underpinnings of the Internet to
see the possibilities, rather than the impossibilities. Sorry if my
examples were impractical, but I continue to dis-believe that it would
be impossible to implement a system whereby spam could be made
uneconomical.
:::: Never fear failure! If inevitable, embrace it! :::: :::: Jan Steinman http://www.EcoReality.org ::::
on 1/4/09 2:44 PM, Jan Steinman said:
Perhaps I know just enough about the underpinnings of the Internet to see the possibilities, rather than the impossibilities. Sorry if my examples were impractical, but I continue to dis-believe that it would be impossible to implement a system whereby spam could be made uneconomical.
This subject is off-topic for this list. Please see the archives of the spam-l and ASRG mailing lists, and if you have any further questions or issues you'd like to discuss, then post your messages to one of them.
-- Brad Knowles <brad@shub-internet.org> If you like Jazz/R&B guitar, check out LinkedIn Profile: my friend bigsbytracks on YouTube at <http://tinyurl.com/y8kpxu> http://preview.tinyurl.com/bigsbytracks
Jan Steinman writes:
Perhaps I know just enough about the underpinnings of the Internet to
see the possibilities, rather than the impossibilities. Sorry if my
examples were impractical, but I continue to dis-believe that it would
be impossible to implement a system whereby spam could be made
uneconomical.
On the contrary, it's very easy to make spam uneconomical. Just make all email uneconomical. The trick is to get a clean bath without losing the baby, which may be possible, but not by any of the schemes proposed in this thread, nor a host of related ones.
At the risk of incurring Brad's wrath, let me point out (I think for the second time in this thread) that policies that make it hard for unregistered parties to have mail delivered have a decidedly negative effect on GNU Mailman. Long before the spammers feel pain, many lists like this one will be long past feeling any pain.
Even worse, Mailman-Users might survive, but can you really see an ISP client going to Customer Service with "Hi, I'm a member of the PASS (Physically Abused Spouses and Siblings) mailing list. Will you please let it through?" Survival of the fittest is all very well, but I don't think that the winner of the <I-Don't-Feel-Like-Looking-It-Up> Prize for greatest contribution to society in open source (or something like that, congratulations again, Barry, Mark, Tokio, et cie.!) will be very happy about advocating measures that discriminate against use of Mailman by non-technical volunteers for charitable purposes. No clearly acceptable proposal has been made to deal with these important uses of email (to me and many others, YMMV).
By the way, my day job is Practitioner of the Dismal Science, and as a professional economist I can assure you that this particular idea, while not "dumb" in my opinion, rather the reverse, has been thoroughly debunked (see other references). It is what we call an example of the "Theorem" of the Second Best: while removing one commons (or other market failure) to get a perfect market economy always makes things "better for everybody", fixing one market failure to get an economy that still has market failures "usually" makes things worse.
(The phrases in quotation marks are trolls: as stated, it's not a theorem, "better for everybody" is defined in a very peculiar fashion, and "usually" is deliberately ambiguous. So don't call me on them, as stated it's just a sort of proverb that the pros need to keep in mind to avoid embarrassing themselves in front of their peers.)
On Sat, Jan 03, 2009 at 02:52:21PM -0800, Jan Steinman wrote:
No, it is based upon the idea that a system could be implemented whereby it would be impossible to avoid the payment.
It can't.
This idiotic idea resurfaces periodically (see "hashcash" and other similar products of the wishful thinking of clueless newbies [1]). It is one of the very stupidest anti-spam ideas -- and there's a lot of competition for that "honor", unfortunately. [2] I suggest that you refer to the archives of the spam-l and irtf-asrg mailing lists for a quite thorough debunking of this nonsense by the most senior and experienced people working in the field.
---Rsk
[1] Hashcash fails on inspection because attackers control vastly more computing resources than defenders, by several orders of magnitude.
[2] Including "anti-spam" ideas which actually make the problem worse. See "C/R" and "SAV", for example.
[1] Hashcash fails on inspection because attackers control vastly more computing resources than defenders, by several orders of magnitude.
The idea behind Hascash is *not* that it will *stop* the flow: it, by itself, most certainly will not. However, no successful security strategy relies on any single modality for successful coverage of any issue.
Hascash is another of the various forms of tarpitting, which also does not stop anyone, but it does slow it down, and every little bit helps.
I realise I may well be just another "stupid newbie" in your eyes, so please explain why something that can enforce a fixed amount of work to each and every transaction on the SENDER's side is a bad idea by itself.
Currently, almost 100% of the cost of protecting yourself falls to your own machines and systems. On the scale of a modern spam run (tens of millions to hundreds of millions of emails per run) the offloading of even a minor workload onto the sender would be a significant overhead transferred to the spammer.
Like everything else in the security mileiu, hascash is yet another layer.
But more importantly, it is a layer than can be provably shown to affect
Mallory more than it will Jane.
No matter how many stolen cycles are used to bypass a hascash like scheme, those cycles still *must* be expended by the spammers resource pool.
This can *only* be a Good Thing.
-- Yours, J.A. Terranson sysadmin_at_mfn.org 0xpgp_key_mgmt_is_broken-dont_bother
"Never belong to any party, always oppose privileged classes and public plunderers, never lack sympathy with the poor, always remain devoted to the public welfare, never be satisfied with merely printing news, always be drastically independent, never be afraid to attack wrong, whether by predatory plutocracy or predatory poverty."
Joseph Pulitzer 1907 Speech
On Sun, Jan 04, 2009 at 11:15:19AM -0600, J.A. Terranson wrote:
I realise I may well be just another "stupid newbie" in your eyes, so please explain why something that can enforce a fixed amount of work to each and every transaction on the SENDER's side is a bad idea by itself.
I've covered this in detail elsewhere, and it's not really appropriate for this list, so I'll be brief. I suggest those interested in such schemes peruse the archives of various spam-related mailing lists and newsgroups.
Hashcash is an attempt to drown people who own the ocean. Spammers control, in the aggregate, several orders of magnitude more computing horsepower than anyone else. (And could, if they deemed it desirable or necessary, increase that computing pool even further.) I'm talking, of course, about the ~10e8 hijacked systems out there ("zombies") and will note in passing that this is an order-of-magnitude estimate: based on my research as well as that of others, I wouldn't be surprised if the actual number was in the 2x10e8 to 4x10e8 range. [1]
The activities that these systems are currently engaged in (sending spam, hosting DNS for spamvertised web sites, hosting spamvertised web sites, harvesting email addresses, conducting DoS attacks, etc.) consume only a small fraction of their available computing capacity -- that is, the overwhelming majority is left over. There is plenty left to maintain the illusion for their former owners [2] that they actually still control these systems -- and there is certainly plenty left to deal with any additional computational burden imposed on an SMTP transaction.
Note as well that each time the former owners of these systems upgrade them, their new owners acquire a free performance increase. Similarly, when they replace them, the same poor computing practices (e.g., use of inferior operating systems, careless downloading, missing or incorrect firewall configuration, etc.) that led to the compromise of the old system quite often lead to compromise of the new one, once again resulting in a free performance increase for the new -- that is, the real -- owners.
Thus we see that imposing such a requirement will not impede spammers in the slightest -- while it *will* impede nearly everyone else.
Note as well that in the several years since it first became clear that spammers (and other abusers) had acquired these resources, no reasons have surfaced to indicate that the problem is getting or will get any better. On the contrary, there is every reason to believe that the problem is getting steadily worse. [3] Spammers/abusers now control an essentially-unbounded pool of computing resources -- not just CPU, but memory, disk, bandwidth, etc.
So all that hashcash and other similar schemes would do is burn a lot of CPU in a lot of places...for absolutely nothing.
---Rsk
[1] Note that the actual number is not only unknown, but unknowable, since a system which provides no externally-visible evidence of its hijacked state will not be detected. Neither will a system which does provide such evidence, but does not provide it to a suitable detector. Note as well that there is substantial evidence which suggests that hijackers have long since learned to hold many systems in reserve against the possibility that some are lost to them; clearly, this is a basic strategic concept well within their grasp, so it would be surprising if they *didn't*.
[2] If someone else can run arbitrary code of their choice on your system, it's not YOUR system any more.
[3] It's not necessary to take my or anyone else's word for this. Anyone running a mail server can acquire their own sample by using passive OS fingerprinting, rDNS lookups, and spam logging in combination.
Also myt last comment, unless a listowner somehow believes this is appropos for *this* list.
You're argument boils down to "it's not wholly effective, and it's super easy for the sspammer to overwhelm, so don't bother using it". The same is true of every blocklist, blacklist, firewall, tarpit, etc., ad infinitum.
Hashcash and tools like it are merely that: Tools. You should use your tools where they are most effective. if a tool does *nothing* then it's not a tool, and can be discarded. But a tool that works, just not perfectly, is what we have used to reach foreign bodies (moon, mars), build national infrastructure, etc.
Layered tools always work better than unlayered tools.
The fact that Mallory will always have superior firepower does not mean you do not go to war using the tools available: you simply apply these tools in an asymmetric manner. hashcash was specifically designed for asymmetric use - you can ask for anywhere from zero to infinite work from each connection,m based solely on your individual criteria. If it's a connection on a whitelist, you can ask for zero work, while also asking for highly significant (computationally speaking) work from unknown connections. Since the work is all done by the connection initiator, this scales well, and meets it's design goal of simply applying the most interference to those who have the highest likelyhood of being unwanted.
To dismiss this out of hand as the work of "clueless newbies" shows a certain bias. You may not *like* the idea, but HashCash is certainly not "clueless newbie" material. Look at the people who worked on this.
//Alif
-- Yours, J.A. Terranson sysadmin_at_mfn.org 0xpgp_key_mgmt_is_broken-dont_bother
"Never belong to any party, always oppose privileged classes and public plunderers, never lack sympathy with the poor, always remain devoted to the public welfare, never be satisfied with merely printing news, always be drastically independent, never be afraid to attack wrong, whether by predatory plutocracy or predatory poverty."
Joseph Pulitzer 1907 Speech
On Sun, Jan 04, 2009 at 02:56:40PM -0600, J.A. Terranson wrote:
You're argument boils down to "it's not wholly effective, [snip]
Actually, my primary argument is that it has/would have zero effect. There's no point in deploying something that the enemy completely defeated years ago.
My secondary argument, which I didn't bother to articulate here, but have gone into elsewhere, is that it may well make the spam and related abuse problem *worse*. (One of the most common mistakes made by those proposing anti-spam measures is that they presume the enemy will passively or actively accomodate those measures, despite decades of evidence suggesting that at best, such measures will encounter passive resistance, and at worse, they'll be actively subverted to suit the enemy's purposes.)
---Rsk
on 1/4/09 11:15 AM, J.A. Terranson said:
Hascash is another of the various forms of tarpitting, which also does not stop anyone, but it does slow it down, and every little bit helps.
This subject is off-topic for this list. Please consult the archives of spam-l and the ASRG, and if you still have anything left to say on the subject, then post your messages on one of those lists.
-- Brad Knowles <brad@shub-internet.org> If you like Jazz/R&B guitar, check out LinkedIn Profile: my friend bigsbytracks on YouTube at <http://tinyurl.com/y8kpxu> http://preview.tinyurl.com/bigsbytracks
on 1/4/09 7:27 AM, Rich Kulawiec said:
This idiotic idea resurfaces periodically (see "hashcash" and other similar products of the wishful thinking of clueless newbies [1]). It is one of the very stupidest anti-spam ideas -- and there's a lot of competition for that "honor", unfortunately. [2]
Personally, I'd add SPF to that list.
I suggest thatyou refer to the archives of the spam-l and irtf-asrg mailing lists for a quite thorough debunking of this nonsense by the most senior and experienced people working in the field.
Which is where discussions regarding spam belong. Except when related to the anti-spam tools that Mailman provides, this subject is off-topic for this list.
-- Brad Knowles <brad@shub-internet.org> If you like Jazz/R&B guitar, check out LinkedIn Profile: my friend bigsbytracks on YouTube at <http://tinyurl.com/y8kpxu> http://preview.tinyurl.com/bigsbytracks
participants (6)
-
Brad Knowles -
J.A. Terranson -
Jan Steinman -
Mark Sapiro -
Rich Kulawiec -
Stephen J. Turnbull