i’ve been keeping track. this month, i have received 1454 spam messages this month, which is an average of 133 a day. it’s getting so that i have to warn potential customers and new contacts to put something distinctive in the subject line so that they don’t get spam-filtered, and frequently they do anyway. i’ve not received (potentially spam filtered) messages from my own wife in the past few days, and i think i may have spam-filtered at least two legitimate customers as well. the biggest culprit has also involved chinese characters in the subject line and something in the message which makes KMail crash when i select it, which is one reason i have been toying with the idea of upgrading to a newer version of linux, as mandrake 9.2 is around three years old now. i haven’t been able to figure out what, though, because the message contains nothing but unescaped unicode characters. these messages, combined with the fact that i don’t get that many email messages anyway, have caused me to think about just not having an email address any longer. the only problem is what to do about the incense business… 8P
Gates: Spam To Be Canned By 2006
January 24, 2004
(AP) A spam-free world by 2006? That’s what Microsoft Corp. chairman Bill Gates is promising.
“Two years from now, spam will be solved,” he told a select group of World Economic Forum participants at this Alpine ski resort. “And a lot of progress this year,” he added at the event late Friday, hosted by U.S. talk show host Charlie Rose.
Gates said Microsoft, where he has the title of chief software designer, is working on a solution based on the concept of “proof,” or identifying the sender of the e-mail.
One method involves a human challenge, or requiring the sender of an electronic pitch to solve a puzzle that only a flesh-and-blood person can handle. Another is a so-called “computational puzzle” that a computer sending only a few messages could easily handle, but that would be prohibitively expensive for a mass-mailer.
But the most promising, Gates said, was a method that would hit the sender of an e-mail in the pocketbook.
People would set a level of monetary risk – low or high, depending on their choice – for receiving e-mail from strangers. If the e-mail turns out to be from a long-lost relative, for example, the recipient would charge nothing. But if it is unwanted spam, the sender would have to fork over the cash.
“In the long run, the monetary (method) will be dominant,” Gates predicted.
He conceded, however, that his prognostications have not always been on the mark. Notable misjudgments include the rising popularity of open-source software, epitomized by Linux, and the success of the Google search engine.
“They kicked our butts,” he said, while promising a better next-generation Internet search engine from Microsoft, due as early as next year.
At the forum itself, Gates announced a partnership with the United Nations to bring computer technology and literacy to developing countries.
Drawing on a $1 billion Microsoft fund, the U.S. software giant will work with the U.N. Development Program to provide software, computer training and cash to establish computer centers in poor communities, starting with pilot projects in Egypt, Mozambique and Morocco.
Gates told a news conference the centers would not have to use only Microsoft products.
Egypt’s minister of communication and information technology, Ahmed Mahmoud Nazif, welcomed the help, noting that about 500 to 600 centers have already been set up in Egypt.
Gates told the smaller group he thought Microsoft’s team of software engineers was outrunning the hackers that have caused havoc by unleashing increasingly destructive viruses to attack networked computers. But he said it was tough to stay ahead. “If only the bad guys would just do the same stuff they did last year,” he moaned.
While the Windows desktop operating system has become a “very powerful standard,” he said Microsoft was more open today about its source code to allow other companies to develop competing products. That was partly due, he said, to the rise of Linux and antitrust actions in the United States and Europe.
Gates said he had not met with European Union antitrust commissioner Mario Monti, who is also attending the forum in Davos, but would be willing to if it would help settle the long-running EU antitrust case against Microsoft.
EU regulators charge that Microsoft’s decision to tie its Media Player into Windows, which runs about 90 percent of desktop computers, “weakens competition on the merits, stifles product innovation and ultimately reduces consumer choice.”
They are threatening fines that could reach up to $3 billion, as well as a far-reaching order for Microsoft to strip the multimedia application from Windows to give rivals such as RealNetworks’ RealPlayer or Apple’s Quicktime more of a chance.
“We’re doing what we can to come to some amicable settlement,” Gates said.
After three days of hearings last November, the European Commission is expected to issue its decision early this year.
The meaning of spam
2006-12-12
By Annalee Newitz
TECHSPLOITATION
I spend an inordinate amount of time wondering why my spam looks the way it does. Until quite recently, I received about 20,000 spam e-mails every day. The poor little Bayesean filter in my Thunderbird e-mail program couldn’t keep up and would routinely barf when confronted with such huge piles of crap from “Nuclear R. Accomplishment” with the subject line “$subject” and a message body full of random quotes from Beowulf.
Before I finally fixed my spam problem — oh blissfully small inbox! — I developed a few vaguely paranoid theories. Briefly, I imagined spammers were spying on my inbox and culling sender names from it that matched those of my friends. In my saner moments, I would wonder why exactly spam evolved to look the way it does. Why do spammers keep sending me pictures of pink, bouncy letters that spell “mortgage,” followed by text from a random Web site? And why, oh why, do they send me e-mails containing nothing but the cryptic line, “he said from the doorway, where she”? How can that be good business sense?
So I called expert Daniel Quinlan, who is an antispam architect at Ironport Systems as well as a contributor to open-source antispam system Spam Assassin. He patiently listened to me rant about my e-mail problems — I think antispam experts are sort of like geek therapists — then explained why I receive spam from random dictionary words strung together into a name like Elephant Q. Thermodynamic. It’s done to fool any spam filter that refuses to receive e-mail from somebody who has already sent you spam in the past. “They want to create a name that your spam filter has never seen before,” Quinlan said. It turns out every weirdness in my spam is “probably there for a good reason,” he said. In the arms race between spammers and antispammers, spammers try every trick they can to circumvent filtering software.
Often, the spam you get is the result of months or years of this arms race. For example, spammers of yesteryear started sending images instead of text, so that spam filters looking for text like “viagra” would be fooled. Instead, the image would contain the word “viagra,” but filters would see only an image and let it through. In response, antispam software began tossing e-mails that contained only an image, since spam containing an image typically has some text with it like “check out my pictures from Hawaii” or whatever. Rarely does a real person send just an image.
Quinlan said spammers figured out their pictures were being chucked, so they started adding a few random words to their mail and got through the filters again. Then antispammers started chucking e-mails with images that also contained random words that didn’t make sentences. And that’s why, today, you get images with chunks of text taken from random books and Web sites. As long as the text fits into sentences and isn’t random words strung together, spam filters have a harder time figuring out if the mail is spam or ham. Spammers also send slightly different images every time, so that spam filters can’t identify the image itself as spam. And they fill the images with bouncy, pink letters advertising their crap because character recognition software can’t read bouncy letters. So any spam filter that uses character recognition software to look at text in images to find spam will be fooled.
OK, so there is a reason behind the madness. But how could Quinlan explain the spam I get that contains no advertisement for anything, no links nor images, and instead merely quotes some random passage from Dostoyevsky? Quinlan said there’s no way to know for sure, but the reigning theory among antispam experts is that it’s part of what’s called a “directory harvest attack” in which the spammer tries to figure out if there’s a real person behind a randomly chosen e-mail address. The spammer sends out millions of innocuous e-mails and may get a slightly different response from the mail server if the mail has reached an actual person. Once the spammer has established that certain addresses are valid, he can send his real spam and be sure that he’s reaching an inbox.
All of this sounds perfectly reasonable. Spammers are doing bizarro things to get their messages out. But why do I sometimes get a spam with the subject line “$subject”? Why would I ever be fooled into thinking that was a piece of legitimate e-mail? “That’s just some spammer who doesn’t know how to use his spamware,” Quinlan said. “Sometimes spammers do things that are — for lack of a better word — dumb.”