• Add a Comment
  • Edit
  • More Actions v
  • Quarantine this Entry

Comments (3)

1 localhost commented Trackback

Unfortunately, all so-called economic solutions to the spam problem are fundamentally flawed -- except as very long-term solutions that can only be implemented after nearly 100% of all computers (clients as well as servers) connected to the Internet are substantially upgraded or replaced.

There are two simple facts that guarantee this. First, spammers are criminals who were routinely violating multiple laws even before specific anti-spam laws were passed. Second, spammers have no difficulty using other people's computers to send their spam. These two facts lead to the inevitable conclusion that it will be child's play for criminal spammers to use other people's money to post their attention bonds.
The same is true for economic solutions to SPIM or SPIT, because IM and VoIP are running on the same fundamentally insecure computers as email.

2 localhost commented Permalink

If the internet had a decent global directory service which required all end users and mail servers 1. to be unique, 2. to be authenticated so they could not be anonymous or misrepresent their actual identity, then this would help to reduce the incidence of spam.

If this could link a particular person or server to a specific certificate (such as in Lotus Notes), then this could make things much harder for spammers and the like.
If we made it as hard to get an SSL certificate as an international passport, then identity theft might also be reduced by such an initiative.
I know that this might trigger a big brother alarm, but I feel that most legitimate users would welcome better security and more robust identity management strategies.
Criminals hate the concept of transparency.

3 localhost commented Trackback

Ted, the problem is that it WILL have an attention bond. A stolen one! Stolen from the owner of the hijacked zombie machine. Spammers steal machines. Phishers and malware writers steal passwords. Put these together -- and there is clear evidence that spammers, phishers, and malware writers are already together! -- and what do you have? The ability to steal access to both the machine and the account that generates and pays for the attention bonds.

All I can say is, no thank you! If a spammer takes over one of my machines, it's a problem that will cost me a lot of time and aggravation; but I sure don't want it to also cost me a lot of money!

Add a Comment Add a Comment