Armoring Spam Against Anti-Spam Filters 511
moggyf points to a BBC article about how spam can be successfully tweaked to slip past current filtering methods, excerpting "To finding out how to beat the filters Mr Graham-Cumming sent himself the same message 10,000 times but to each one added a fixed number of random words. When a message got through he trained an 'evil' filter that helped to tune the perfect collection of additional words."
iluvspam adds "It's an interview with POPFile author John Graham-Cumming that summarizes his talk at the recent MIT Spam Conference. You can still listen to the technical details here (choose the Afternoon 1 session, he starts about 75 minutes in)."
Obligatory POPFile Link (Score:5, Interesting)
Great (Score:3, Interesting)
I don't mind him trying to defeat the filters, if it comes up with a method of improving them, but the BBC should be shot for including the words that made it through
Guess which words all tomorrows SPAM will contain...
Here's a sneaky one... (Score:5, Interesting)
Mainstream Media Coverage (Score:3, Interesting)
Typlically they include a large image at the top which is the entire intended content of the image and then a bunch of dictionary words at the bottom. It's basically impossible to filter these out unless you filter out ALL HTML e-mail because they don't contain any typical spam text.
Re:Here's a sneaky one... (Score:3, Interesting)
Re:nice name (Score:4, Interesting)
John.
Re:Ok fuck it (Score:3, Interesting)
He hasn't, actually -- those laws don't apply extraterritorially, and Tom's in Canada.
Re:Here's a sneaky one... (Score:2, Interesting)
Educate the people (Score:2, Interesting)
Why bother? (Score:2, Interesting)
Re:Discovering Keyword Demographics (Score:4, Interesting)
The keywords would be different for each person.
But I suppose you could discover a select set of keywords for specific demographics, if you defined them very precisely. This would move spam out of the normal "spew it everywhere" phase, where they would have to pay for real marketing data.
Which sort of misses the point of free advertising in the first point, at least for the small guy. Of course, the big boys can pay for this sort of thing.
Sigh. It's depressingly predictable (Score:4, Interesting)
The question should be: how do we live in a world where 99.9(n)% of email is spam? When the virus writers and zombie masters and spysters start using their communications infrastructure for its intended goal of delivering advertising?
It's inevitable, and no amount of spam filtering will avoid it.
Here's a prediction I made maybe 6 months ago on Slashdot: we're going to start seeing viruses that modify real outgoing emails to include their advertising messages. (And no Outlook jokes, thanks...) How does one filter spam when real emails are also infected?
Re:Here's a sneaky one... (Score:2, Interesting)
A lot of spam works that way. I get stuff headed "Re: your account", "Credit Card Overdue", etc. Spammers accept incredibly low response rates, because sending is so cheap. So the chances are that they're going to have some header you really don't want to filter.
The odds are almost good enough that perhaps someday they'll randomly send me (and many other people) a header with my own credit card number, just by blind chance.
Let them do so and beat them where it hurts... (Score:3, Interesting)
What is more, if you multiply Bayesian or "word list" spam scores with results obtained with other methods, spammers may put "non-spammy" words into their spams as they like, but they only score their crap up instead of down.
Nowhere near as effective as my attack (Score:4, Interesting)
It even counters the "personalization" quality of Bayes filters by finding the "common core" of personalization that we all share.
Fortunately, spammers continue to be too stupid to understand this attack. Last time I posted this on Slashdot I got joe jobbed [jerf.org], because apparently it's easier to do that then to actually figure out what I was talking about.
In summary, I wouldn't worry about your Bayes filters for a while: While they are attackable, spammers are too stupid to understand the attacks. (My article has been posted for over a year.) Thank goodness, sort of. (This will eventually be a temporary situation... but I see no particular evidence that the breakthrough will happen anytime soon.)
Re:One word: WHITELIST. (Score:3, Interesting)
Re:Ok fuck it (Score:3, Interesting)
At a minimum, he would be arrested if he came to the states. However, if someone actually went through with the crime, I'm sure Canada would be willing to extradite him. Canada doesn't want maniacs running around free, anymore than the US does.
Re:That's dedication... :( (Score:4, Interesting)
Aren't we the ones our friend(s) and co-workers ask about computer stuff?
I have taken this a step further and contacted a few "computer journalists" locally and suggested that they make the spam/virus connection the next time they are writing about the latest virus. It's natural to answer the question 'where do these virusses come from' when talking about the latest scource of the internet.
Re:Hmmm... (Score:2, Interesting)
Granted, it may increase the number of false positives, but a relatively small change in the values assigned to 'ham' words might make a big difference to the amount of work required by the spammer.
I'm not an expert on Bayesian filtering, but I seem to remember that there were a few tweakable parameters.
Spam - CounterSpam (Score:2, Interesting)
Roughly once each week, I go fishing through the spam that has been filtered out of my various accounts for URLs. (Sometimes this involves a little digging to get to the final site.) I extract the host names from the URLs and for each hostname, I create 10 fake email addresses.
I pack these emails into messages that I post to Usenet in groups likely to be trolled by Spammers. The spammers scrape these addresses from Usenet and add them to their database. Thus, future mailings will also spam the spammer's clients.
If enough people do this, the generated traffic will begin to overload the client's mail server. After a while the spammer's clients will figure out that every time they employ a spammer, they themselves get spammed.
Even if nothing comes of this, I get the satisfaction of knowing the real perpetrator (the spammer's client) gets to share some of my pain.
Re:Ok fuck it (Score:3, Interesting)
Re:Ok fuck it (Score:3, Interesting)
[sarcasm]Yeah, let's just trust the government to take care of every aspect of our lives and never go against anything it says.[/sarcasm]
Saying something's "vigilante justice" doesn't automatically make it bad. In order to make that conclusion, you have to start with the assumption that the gov't will always do the right thing.
Since that's not the case, one must realize that sometimes the rules need to be broken and other solutions applied to the problem.
Look at it this way:
You live in a country named dystopia. In this country rape is legal. Every day on the way to school, your daughter gets raped by the same guy. You go to the police, but they do nothing about it because it's not illegal. You try to get a law passed but it gets knocked down. This rape is causing your family real harm ever day. How long are you going to wait before you resort to vigilante justice?.....and more importantly is it a bad thing when you do?
Now back to the spam problem:
Spam is pretty much legal (the canspam act was a joke...it made things worse). The gov't is doing basically nothing to stop it. It is causing real harm to internet users around the world. Now I'm not necessarily saying that vigilanteism is the answer, but what I am saying is that your response is an extremely oversimplistic view of the world.
They law is not always right, nor is it carved in stone. Sure, society is supposed to follow the law, but the law is also supposed to follow society. The law is not this thing a guy came down from a mountain and handed us. It is constant tug-of-war.
Re:Hmmm... (Score:2, Interesting)
It's not rocket science. The statistical filter I've been writing doesn't ignore random words in general (during scoring they just get counted like any other token), but it will ignore them on incoming mail.
I think trying to classify email as spam/not-spam based on characteristics (which you seem to be suggesting) is a big waste of time. Have you ever tried to wade through Spam::Assassin to see what it actually does? It's painful... and not just because it's written in Perl. Trying to classify based on rules is an arms race with the spammers.
I'm in the process of replacing S::A with about 100 lines of Ruby code. I stopped using S::A immediately after I realized it had trashed emails from my daughter based on some broken-ness in her email client (the default client on a new Windows XP computer). Obviously the fault was mine for sending spam to the trash folder where it got deleted when I closed KMail, but I don't like that a default S::A called those mails spam in the first place. But it just points up the problems with rules-based filtering approaches.
The hardest part of a statistical spam filter is not the math, but writing a good "tokenizer" routine. I think mine works well because I push HTML tags to the end and discriminate against header-tokens uniquely (as suggested by Paul Graham). By pushing HTML tags to the end I defeat the attempts by spammers to break up obvious spam words by infixing them with nonsense (i.e. non-displayed) HTML tags.
Re:Tch tch... (Score:3, Interesting)
Just that certain technical protections are of the nature that it's not a "I try some random protection, the idiots and/or hackers try random ways to break in, with various techniques being better than others but we really only know by testing them out in the real world."
But spam unfortunately doesn't fall into that area unless we completely remove anonymity from email, which isn't necessarily the greatest idea. Though I know there are academic proposals for ways to anonymously vote and anonymously send cash in ways that satisfy certain very important criteria (eg. one person can't vote more than once, the receiver of anonymous cash can't retrieve the cash twice from the sender's bank account, the sender can't send a given transaction twice, etc). Do any of these techniques apply to allowing anonymous individual mail and bulk solicited email using a technically verifiable method?
Re; Phase matched noise - invert and cancel (Score:3, Interesting)
Apply this to a mail server. Hold all mail for about 5 minutes (from outside only). Compare them all. Look for matches of more than 50%. Cancel the matches out and filter the incomming for the same. This nails lots of the worms and spam by rejecting the common mode noise. Most spammers create a message and mass mail the same message, not create new messages for each reciepent (except some boilerplate name use).
Hotmail could catch a lot of spam this way and yank it out of mailboxes before they are retreived and halt the remaining incomming very effeciently. Only the first few would make it past the filter, but then be recalled back out of mailboxes if the user hasn't retrieved them yet.
Sending the same mail from dozens of relays would have no effect on the filter. Where it comes from simply doesn't matter. If it has a large protion that is a match, it's dead. Newsgroup mail lists would have to be white listed on a case by case basis.
Personally I prefer SpamBayes (Score:3, Interesting)
In particular, I like their "unsure" categorization. All the "false positives" go in there, and cleaning that one folder out regularly is easy.
Re:Ok fuck it (Score:3, Interesting)
In all liklihood the judge would declare a mistrial. I'm not familiar (we weren't told) with the judge's powers over a jury and what laws apply to jury conduct. It might be possible for the judge to declare the jury in contempt for disregarding the judge's instructions on how the law(s) are to be applied.
It's not like you go to court and do whatever you want and interpret the law any way you want. The judge has total control of the rules of interpretation used by the jury. The court and the trial are kind of the judge's own little kingdom, and you mess with a federal judge at your own peril.
I am building my own (Score:3, Interesting)
Just the other day I found one spam that used a white font to put in legitamate-sounding text that would not visually show up on the screen. The spam text was a mix of graphics and pieces of real text. Thus, the word "penis" might start out with "pen" and end with a graphic for "is". Bayesian might start looking for the word "pen" after a while, but by that time the spammers will have a new trick up their sleeve. For example, if it looks for white fonts, then spammers might start using slightly off-white fonts, or black fonts on a black background. The combinations are probably endless.
Thus, by making my own, my gizmo is not the target of spammers. They don't know about my filter nor care.
The only alternative I can see is filter vendors constantly changing their algorithms every month or so, which would probably get expensive and risky. It is not like virus checking software that mostly just adds to their database and only tweak the algorithm a bit once every few years; it is like having to completely rewrite the virus filtering algorithms, not just the data.
Ultimately, I think some sort of monetary postage system is the only effective solution. ISP and backbone makers will only have an incentive to track down spammers if they lose money on anonymous or forged spammers. This will make mass spamming far less lucrative.
Either that, people will eventually find out the hard way that penis enlargers don't work and stop wanting to refinance their house. (I wonder if I can refinance all those expensive penis enlargers that I bought?)
Re:Here's a sneaky one... (Score:1, Interesting)
MS's idea is as harebrained as most of their solutions. SPF and filtering armours more than well enough against spam. With SPF, spammers will no longer be able to forge sender addresses -- you will be surprised what that'll do for their legitimacy.
(And, it doesn't require something as completely fucking satanic as "estamps.")
How about something a little more legal? (Score:3, Interesting)
Re:infinite monkeys (Score:2, Interesting)
Even if the HTML business didn't work, spammers still have a mechanism for gauging effectiveness - money. They can assume a fairly even distribution of suckers and start sending out groups of messages with random words and, with some analysis, probably eventually come up with some statistically significant ham words.
Perhaps in addition to trading email addresses, ham word lists will also start to be traded. The anti-spam/spam industry will evolve like insurance and re-insurance : whoever has the best actuary will win.
Over time the ham words would also change - I wonder if the fight against spam will start having a noticable effect on our use of language?
Re:I agree, there is no problem. (Score:5, Interesting)
That's one of the strengths of pushing bayesian filtering to as close to the final recipient as possible. Millions of customized bayesian scoring databases are much more difficult to defeat then a single centralized database. Bayesian databases are pretty much maintenance free, as long as the junk/not-junk/might-be user-interface is intuitive and makes life as easy for the user as possible.
There is some value in putting the bayesian filtering at a workgroup level, where it helps that there's a bit of shared knowledge and everyone in the group pretty much agrees on their personal definition of what is/isn't spam. However, once you get past around 10-25 people, I'd say that bayesian is going to start becoming ineffective due to either over-zealous users, or overly-broad ham/spam classifications.
What I'd be interested in is a bayesian that works both on the individual level and the workgroup level. With some sort of flag/switch/setting that tells the engine how much to consider the workgroup database as opposed to my personal database. This would be useful when adding a new member to the group, initially they'd rely heavily on the groups opinion as to what is ham/spam, but as time goes on it would adapt to their choices (as well as the group database slowly adapting to everyone elses).
Now spam can be targeted advertising ... (Score:2, Interesting)
Exactly which words will be a function of job, life style, income level
So when I use my anti-anti-spam filter, I can generate lists of words that will target specific populations, w/o having to figure out who on my (huge) list of recipients is in which population.
Big news