Selling Your Attention to Spammers 307
Dotnaught writes "Can the free market stop spam where technology has failed? As described in InformationWeek, Professor Marshall Van Alstyne of Boston University School of Management has co-authored a soon-to-be-published paper that proposes an "attention bond" -- money put up by email senders that recipients collect only if they consider the message a waste of time. Supposedly, this market-based filter performs better than a perfect technology-based solution, with no false positives or negatives. A company called Vanquish already has a working model. Is selling one's attention the answer to spam?"
Can they really afford my time? (Score:5, Interesting)
Sounds dumb (Score:3, Interesting)
Should be a money-maker (Score:4, Interesting)
The problem with spam is weak enforcement (Score:5, Interesting)
The US Federal Trade Commission says that over 80% of spam involves some violation of Federal law. Not just the CAN-SPAM act, but mail fraud, false advertising, money laundering, computer crime, drug counterfeiting, and racketeering. There should be no problem filing charges.
If we had an FBI director who made this a priority, most spam could be eliminated in a year. Just divert some of the FBI Baltimore people who do child pornography [fbi.gov], who are already experienced at tracking people on the Internet, off that job and onto tracking down the major spam operators.
In a sense, CAN-SPAM has been effective. Spamming by even vaguely legitimate companies is down. Almost all spamming now involves felony criminal activity of one kind or another.
Fraud Potential (Score:2, Interesting)
What's to stop me from biting the cost of a large mailing, collecting all those notices, and reselling them to other spammers as a list of verified active addresses? My customers could use the lists in a country not on board with the idea, since this will require legislation to enact (which is a problem too obvious to need explanation.)
Seems like a major problem, but I'll wait until the paper is released before making my final judgement.
Final Ultimate Solution to the Spam Problem (Score:3, Interesting)
Right.
People flag list traffic for which they subscribed as spam all the time. What is so special about putting up a financial bond that will cause people not to flag mail they requested in March as spam in May, or accidently marking mail from aunt Mildred as spam. I just don't see it.
This fails every test of an anti-spam proposal I can think of, including the most important: It doesn't stop spam.
--OgRe:The problem with spam is weak enforcement (Score:5, Interesting)
why does the casual observer allow objectivity and reasonable thought to fall by the wayside when dealing with the very things that require them the most?
I was a sexual abuse victim when I was young, and I dont see whats so bad about the parent post. Child pornography department just fills in the vacant slot or two and the experts train the newbies. Thats how it should be done
There doesn't seem to be much motivation to put that kind of knowledge on spam enforcement, but I think the parent poster is right: why isn't there? Obviously spam isn't nearly as bad as child pornography, but judging by some of the porn sites they advertise via unsolicited spam, the industries certainly intertwine. Its not like a potential victim becomes a stupid slut who made her own decision to sell her body the second she goes from non-legal to legal age. I've seen enough stuff in my lifetime to know that claiming you're a consentual adult isn't exactly 100% true if somebody is pulling your strings.
Great idea (Score:1, Interesting)
The Only Solution (Score:3, Interesting)
SMTP is an outdated, insecure protocol which is ill-suited to modern email.
We need to replace it with a protocol which is authenticated at both ends. A friend and I came up with the following; which although not perfect and probably subject to a few tweaks is a step in the right direction.
J Random Hacker/Company/Joe Sixpack leases a domain name from J Random Registrar. Let's call it jrh.com
That registrar provides a private key and a public key pair based on the domain name.
The CMTP (or Complex Mail Transport Protocol - I made that up) server on jrh.com wants to send an email to target.com. It signs the outgoing message with the private key (ie puts a hash in the header - and you could base it on time and date or other arbitrary data to make sure there's no forgery) and then connects to target.com. target.com then asks jrh.com's registrar for jrh.com's public key (either that or it's propagated over DNS). If the pair match up, the email is accepted. If not it's dropped at the door. No questions asked.
During the phase in period, SMTP traffic could be configured for a 15 minute delay on each target server, whereas CMTP traffic is dealt with immediately. I compare it to how Telnet was slowly phased out in favour of its more secure replacement, SSH.
So, if a spam zombie Windows box is spewing out SMTP traffic in a CMTP world, most servers would drop it at the door. The spammers can't go to CMTP because:
1) They can't use a private key they made up because it's checked against the public key held at the registrar.
2) If they use the private key of a domain they hold (ie install it as part of the worm infection) when people get even 1 spam from them (yes 1 spam - it would be that unusual) the server just ignores mail sent with that signature.
The solution works because the motivation would be there for companies to prevent spam on their networks. As soon as they switch to CMTP, they get no spam over it. And eventually they will get no SMTP email at all. Just as nobody uses Telnet anymore, SMTP will die out if replaced with something better. You can make all the laws you like but at the end of the day, the SPAM solution is a technical one.
Re:Automated Spam Response (Score:4, Interesting)
"Mailing lists and other legitimate email uses would be affected"
Under this plan, I could just subscribe to a bunch of mailing lists and get paid (by mailing list admin) for declaring the emails as spam.
It comes from way before Gates. (Score:3, Interesting)
Re:Should be a money-maker (Score:3, Interesting)