Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam Microsoft The Internet Your Rights Online

Bill Gates Forecasts Victory Over Spam 445

nfk writes "BBC reports from the World Economic Forum at Davos, where Bill Gates said spam will be a thing of the past in two years' time, thanks to a three-pronged approach to the problem: filters, expensive computation for e-mail and the digital equivalent to stamps, paid if the receiver considers he is being spammed. He also expects to catch up with Google, although he praises the company and the IQ of its research team. Finally, he announces mind blowing developments for the next XBox generation and says that, in a decade from now, 'we will laugh at personal computing as we know it.' No need to wait, I do it every day." (We've mentioned Microsoft's sender's-option payment scheme before.)
This discussion has been archived. No new comments can be posted.

Bill Gates Forecasts Victory Over Spam

Comments Filter:
  • by JessLeah ( 625838 ) on Saturday January 24, 2004 @03:20PM (#8076516)
    ...by requiring all emails to use Microsoft's proprietary, heavily patented, closed-source "SMTP++" technology, which runs only under Windows... Thereby, of course, locking out all non-Windows users...

    Don't laugh, it could happen!
    • by aTMsA ( 188604 ) on Saturday January 24, 2004 @03:33PM (#8076629)
      Bill Gates will find that that approach is infeasible even for him.

      E-Mail has an enormous and heterogeneous install base, and while outlook has a strong grip on the client market, that's not the only place where it counts. There are a lot of servers which use non-microsoft software, and making even a sizable majority of them swap will be a daunting task.

      That said, for one time i hope Bill is right.

      • What's funny (Score:5, Interesting)

        by einhverfr ( 238914 ) <chris.traversNO@SPAMgmail.com> on Sunday January 25, 2004 @02:12AM (#8079776) Homepage Journal
        Is that every one of Bill's solutions have been done FIRST in the Open Source community. The BBC mentioned two concepts that I remember:

        1: Filters (Since when does Outlook or OE have Bayesian filtering capabilities?)

        2: Causing spammers to pay a certain price. This is also being done for example, by requiring every subsequent attempt to send an email to a non-existant address forceing a cumulative delay in responding to the next attempt from the same host (this has been discussed on the Qmail lists quite a bit).

        MS EXchange, IIRC, doesn't even check to see if there is an MX record for the originating domain! Sendmail even does that. How many hotmail messages do we get from xdtty@weftre.wdt (obviously nonexistant domains). Obviously Hotmail doesn't check either (when I pointed this out to them, I also pointed out that Sendmail DOES check these things)

        Bill should mean "We want to be the first proprietary vendor to copy the methods of the Open Source solutions to the Spam Problem." It would have been more accurate.

        Note that the above solutions are SMTP compatible and require no protocol extensions. They would have the effect of rendering SPAM less effective, and harvesting email addresses more costly.
    • by kinsoa ( 550794 ) on Saturday January 24, 2004 @04:09PM (#8076885)
      > ...by requiring all emails to use Microsoft's proprietary, heavily patented, closed-source "SMTP++" technology,

      I've heard the name will be "VisualSMTP.NET".

    • No (Score:5, Funny)

      by A nonymous Coward ( 7548 ) * on Saturday January 24, 2004 @04:46PM (#8077147)
      SMTP# you silly man.
    • by jazman ( 9111 ) on Saturday January 24, 2004 @05:16PM (#8077306)
      I don't think that would bother most people. By "most people" I don't of course mean "most slashdotters." I mean all those who are already locked into Windows and don't mind, to whom the vast majority of spam is directed, and which most likely contains all the people who are actually dumb enough to respond to spam. Make spam infeasible for that group of people, and you make spam infeasible full stop.
  • by Nucleon500 ( 628631 ) <tcfelker@example.com> on Saturday January 24, 2004 @03:21PM (#8076521) Homepage
    I'm usually a fan of spam filters. But the key is that they must be trainable - a far cry from Outlook 2003's filter, which relies on a fixed spamminess table. For those of use with real mail clients, spam filtering is already here.

    And I don't think micropayments will stop spam - wouldn't the spammers just use servers that didn't require that? And would email be as useful if you could only get mail from someone who bought into a particular micropayment system?

    • by aheath ( 628369 ) *
      I suspect that any e-mail payment scheme will be less than succesful until there are multiple reciprocal micropayment systems.

      I am more intrested in an approach that can rank the level of attention that I should pay to e-mail. I'd like to have a white list that allows me to set different priority levels based upon the sender. I'd like to give a higher priority to mail that has a valid signature. I'd also give a higher priority to mail from people in my address list.

      By the way, which e-mail clients meet yo

      • by p2sam ( 139950 )
        SpamAssassin uses a scoring system to determine the "spamminess" of a piece of mail. Each test in SA has a score assigned to it by some fancy GA algorithm. The way I do it is sort my incoming mail by the SA score and pay attention accordingly.
      • Real email clients? There are tons, but almost anything is better than Outlook and OE. Outlook's fixed wordlist amazed me - once you know the hammy words, its easy to bypass. Moreover, expecting that md5summing individual words will hide them shows a real commitment to security by obscurity. (Of course, I shouldn't be talking.) Also, the HTML output is ugly, the word wrap in quoted text is abominable, and the handling of attachments has historically been so bad that attachments are no longer useful, be
    • by MBCook ( 132727 )
      I USE Outlook 2k3 and have used it's spam filtering. It does work, cutting my spam down to 1/3 to 1/4 of it's volume, and it's simple to use.

      That said, I didn't want that last 1/3 to 1/4 of spam, we all know that it can be a LOT better than that. I used Cloudmark's SpamNet, which was great untill they charged for it and turned their back on their community. So from there I went to SpamAssassian which was nice but still not perfect or right. Next I went to Popfile which I have fell in love with. Great UI, f

      • by Safety Cap ( 253500 ) on Saturday January 24, 2004 @03:52PM (#8076781) Homepage Journal
        That would not work, as the spammers would just set up their own sendmail servers and pump out spam to their heart's content.

        Effective countermeasures to spam include better spam filters (like Popfile [sourceforge.net], as you mentioned), and ensuring that all routers drop invalid packets: packets with impossible (from a subnet stance) source or destination addresses. The latter will prevent most forged headers.

        Micropayments cannot work unless SMTP is redefined. Switching over the installed base (it has to be all-or-nothing, or it doesn't work because you can't have a micropay server talk to one that is not, or the whole scenario breaks down) will be problematic at best.

        • Micropayments don't have to change SMTP at all. The client can discard or bounce the message if it doesn't have appropriate payment. In fact, this is probably the better way to do things since it puts control of what to receive in the hands of the recipient, not the sender or some mail server (which is what caused the spam problem in the first place).
          • Micropayments don't have to change SMTP at all.

            Bill did not suggest Micropayments. He suggested great big honking huge penalty payments to be paid by spammers. Completely different issue.

            I have spent a lot of time trying to get micropayments to work and it is a really hard problem. Applied to email it would raise costs to levels that would eliminate many of the current uses of the net. Nobody could ever afford to run a mailing list like cipherpunks as a hobby.

            Penalty payments is another issue, that c

    • by meta-monkey ( 321000 ) * on Saturday January 24, 2004 @03:41PM (#8076712) Journal
      Damn straight. I use Mail.app on my Macs. After a few weeks of training, these days I essentially receive no spam. About one message every two weeks will get through. Usually when that happens it reminds me to empty the 700 spam messages out of my junk folder. A quick scan assures me that, once again, no false positives.

      For Mac users, spam is already a thing of the past.
    • by jfengel ( 409917 ) on Saturday January 24, 2004 @05:07PM (#8077269) Homepage Journal
      And I don't think micropayments will stop spam - wouldn't the spammers just use servers that didn't require that?

      It's your server at mailinator.that counts. It can refuse to accept email except from people (or other mail servers) who pay.

      And would email be as useful if you could only get mail from someone who bought into a particular micropayment system?

      The payments Microsoft is proposing aren't necessarily monetary. Sometimes it can be a hard computational problem, which takes you a few seconds to compute. Spam depends on the very low cost of email. If you have to buy 10 computers to send your spam, instead of just one, it's suddenly far less profitable. Whereas you yourself can easily afford a few seconds added to each of the few dozen emails you send each day, since almost every personal computer has free cycles.

      Of course, that depends on spammers to use their own computers. If they're using yours, a problem which plagues Microsoft-based computers, you're still stuck.
  • congrats (Score:2, Interesting)

    by CGP314 ( 672613 )
    Asked whether Microsoft missed the boat in the field of search technology, Mr Gates admitted that he had to take the blame for losing out to Google.

    "We took an approach that I now realise was wrong," he said.


    I may not like Bill Gates and the way his company acts, but I have to give credit to a man who can admit his mistakes. It's not an easy thing to do.

    --
    In London? Need a Physics Tutor? [colingregorypalmer.net]

    American Weblog in London [colingregorypalmer.net]
    • Now he just needs to admit to the lies in his FUD. For every admittance to failure he makes, he makes much more FUD.
    • I may not like Bill Gates and the way his company acts, but I have to give credit to a man who can admit his mistakes. It's not an easy thing to do.

      Really ?? Please go a bit down and see what is he saying about google

      Mr Gates claimed that Microsoft was better on the 80% of common queries, although Google was "pretty good" as well.

      Now tell me what does this 80% include ?
    • he didn't say "I was wrong". He said "[the approach] I now realize was wrong" big difference.
  • by ScottSpeaks! ( 707844 ) * on Saturday January 24, 2004 @03:21PM (#8076524) Homepage Journal
    "What is holding things back right now is software," Mr Gates said

    So kindly get out of the way, and let the rest of us fix it.

    • by randyest ( 589159 ) on Saturday January 24, 2004 @03:45PM (#8076738) Homepage
      That's an interesting comment, but at the risk of getting modded down, I have to ask:

      In what ways do Bill and/or Microsoft impede yours (or anyone's) ability to improve software?

      I'm not trolling here, I'm seriously cusious. Thanks in advance for your reply.
      • by interiot ( 50685 ) on Saturday January 24, 2004 @04:29PM (#8077018) Homepage
        MS has 95% of users hooked on an ancient browser, which means my web-based applications must continue to use old old techniques.
      • by ottffssent ( 18387 ) on Saturday January 24, 2004 @05:31PM (#8077394)
        Well, for starters, ol' Bill owns patents and copyrights and the source code to a lot of the world's most frequently-compromised software, and doesn't have a sterling history in the patching department himself. So not only is Microsoft enormously contributing to the problem, it's deliberately standing in the way of solutions.
      • by ScottSpeaks! ( 707844 ) * on Saturday January 24, 2004 @05:44PM (#8077456) Homepage Journal
        In what ways do Bill and/or Microsoft impede yours (or anyone's) ability to improve software?

        First, understand that it was a silly request, on par with asking [insert political party here] to get out of government and let the [insert another party here] fix everything. I don't seriously expect it to happen, and yeah, there'd be bad side effects. But to answer your legitimate question:

        One of the most obvious ways they impede us is by denying us access to the source code for their software. I can't (for example) fix the security holes in IE, because it's closed-source.

        Another way is by requiring - by dint of their command of the marketplace - that software to be written for - and deployed on - their operating system. If I need (for example) a real-time, never-gonna-crash platform for my better mousetrap to work, and all that's out there in sufficient numbers is Windows, I'm stuck.

        Another is by keeping competing products from reaching their intended market. I might develop a superlative word processor, but when MS Office is included "free" (i.e. bundled and included in the price) with so many PC purchases, I have little chance of successfully marketing it. Like happened to Netscape, or BeOS.

        Sure, it's theoretically possible to get around all of these obstacles MS presents to innovation. And one could argue that some of them aren't necessarily MS's fault. But it would be so much easier for others to improve upon what we have now if Microsoft were to (as I kiddingly put it) "get out of the way". Release the code, shut the doors, and retire. If you really want revolutionary advances in software, that'd do it.

        If Gates says that the software is holding us back, and it's mostly his software, doesn't that suggest that maybe he's part of the problem?

    • I realize you're trying to be funny, but the sad reality is that whatever the solution is(if there is one), it will only work if there's enough mail clients and servers that apply it, and the matter of fact is that Microsoft holds the keys to a very large client base. While they alone can't do it, they must certainly be part of the solution for it to work. So while we may despise Microsoft, the fact is on this issue they both are on our side, and we WANT them here.
      • "I realize you're trying to be funny, but the sad reality is that whatever the solution is(if there is one), it will only work if there's enough mail clients and servers that apply it, and the matter of fact is that Microsoft holds the keys to a very large client base."

        That sounds like a false premiss.

        Current Baysian (sp?) filtering works just fine without a lot of users. In fact, now that so many mail programs are using this technique the spammers have adapted to it by including words in their messages
  • Neat (Score:5, Funny)

    by Dark Lord Seth ( 584963 ) on Saturday January 24, 2004 @03:23PM (#8076536) Journal

    Next thing you know Bill will show the world Microsoft Cold Fusion Reactors, the Microsoft Space Agency, Microsoft Manual of Women and Microsoft Anti-Hangover Tablets! Go Bill!

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Saturday January 24, 2004 @03:23PM (#8076538)
    Comment removed based on user account deletion
  • by jeffskyrunner ( 701044 ) on Saturday January 24, 2004 @03:24PM (#8076541)
    He expects to catch up with google? this looks more like a huge wish then a prediction
    • Really, how many hired goons would you need to beat up the google employees?
      Hell, it would be cheaper then inovating?(and easier then spelling)

      Obligatory quote:

      Bill Gates: Mr. Simpson?

      Homer: You don't look so rich.

      Bill Gates: Don't let the haircut fool you, I am exceedingly wealthy. Your Internet ad was brought to my attention, but I can't figure out what, if anything, Compu-global-hyper-meganet does, so rather than risk competing with you, I've decided simply to buy you out.

      Homer: I reluctantly accept your proposal!
      Bill Gates: Well everyone always does. Buy 'em out, boys!

      [Gates' lackeys trash the room.]
      Homer: Hey, what the hell's going on!

      Bill Gates: Oh, I didn't get rich by writing a lot of checks!
    • by Erratio ( 570164 ) on Saturday January 24, 2004 @03:35PM (#8076641)
      More like a huge waste of resources. Rather than working with the great ideas that Google has rather worked out (like most IT companies) and maybe actually contributing something to the future of computers, they'll come up with their own proprietary clone with their own quirks and features and then try to compete with Google, and the cycle will continue with whatever new innovations are released. His statement about Google shows that Microsoft is really just out to compete with the world. Competition is of course a good thing, but that's with new things, not reinventing the wheel just so you can say your's is rounder.
      • by mingot ( 665080 ) on Saturday January 24, 2004 @03:46PM (#8076743)
        So all of the OSS projects that are attempting to replicate microsoft functionality should just pack it in and fold?

        You know building a better mousetrap starts with the basics and if another company or project has the basics down pat you pretty much have to re-invent that wheel before you can innovate. It's why being able to read MS file formats has always been pretty high on the list of features that have to be working for all of the MS Office knock-offs (until they get the basics down pat and begin to really innovate).
    • for real...google is like crack, one wiff/sniff of it and you are hooked. I can't honestly be productive at work without using google.

      I'm afraid it is too late Bill...good luck.
    • He expects to catch up with google? this looks more like a huge wish then a prediction

      Well, Google has been sliding lately. They are not quite as intouchable as they were only a few months ago.
  • by dupper ( 470576 )
    Let's say that a billion pieces of spam are sent every day. All MS needs to do is send a few duotrigintillion 'Try MSN 9.0 Today' E-Mail per day, and, boom, the spam is effectively nonexistent. After all, anything MS sends is legitimate and solicited, right?
  • by killbill! ( 154539 ) on Saturday January 24, 2004 @03:26PM (#8076565) Homepage
    ... or merely free e-mail services?

    But ultimately, Mr Gates predicted, spam would be killed through the electronic equivalent of a stamp, also known as "payment at risk".

    This would force the sender of an e-mail to pay up when an e-mail was rejected as spam, but would not deter senders of real e-mail because they could be confident that their mail would be accepted.

    "Microsoft is pursuing all three approaches, and spam will soon be a thing of the past," Mr Gates asserted.


    I'm going to create several hotmail accounts, send hundreds of e-mails between them, and then reject them as "spam".
  • by mykepredko ( 40154 ) on Saturday January 24, 2004 @03:26PM (#8076566) Homepage
    Rather than using a three pronged approach using filters, expensive computation and digital stamps to combat spammers, how about a simple tool that has three prongs?

    myke
  • by rivaldufus ( 634820 ) on Saturday January 24, 2004 @03:26PM (#8076567)
    Are they shutting down hotmail in a couple of years, or what?
  • Not filters (Score:5, Insightful)

    by AndroidCat ( 229562 ) on Saturday January 24, 2004 @03:27PM (#8076569) Homepage
    In the "filters, expensive computation for e-mail and the digital equivalent to stamps" bit, his first solution is actually a puzzle/challenge-response system rather than filters.

    From this article: [realcities.com]

    One, which he called human interaction, would send a puzzle back to the sender. The puzzle would be designed so that only a human could solve it. The e-mail would be accepted only if the puzzle were solved.
    None of his solutions are very new or stunning. All of these have been subjected to the Hash of Death on Slashdot before. I'd say step one should be to fix all those trojaned boxes acting as spammer proxies. Can you and your associates arrange that for me, Mr. Gates?
    • Re:Not filters (Score:5, Informative)

      by Kyouryuu ( 685884 ) on Saturday January 24, 2004 @04:19PM (#8076932) Homepage
      I think a "puzzle" would be more like the randomly-generated authorization codes that we frequently see when we sign up for free services in order to verify that a human signed up and not a bot.

      For example, if you sent an e-mail, you'd be hit back with some alphanumeric code to put into a box in order to verify the ongoing mail.

      It would work in theory, until the criminal spammers figure out how to read the incoming code and enter it automatically. I have a feeling that it works on Geocities because, short of link farms, there's little virtue in signing up for a hundred Geocities accounts. But if a code blocks the way between the spammers and the people they harass, they'll no doubt dedicate their efforts towards breaking it.

      For reasons like this, Gates is right to assume that a "puzzle" alone would not be the sole solution. We'd still need intelligent spam filtering on the client end that learns to classify spam by example. We would also need significant and prompt fixes to any exploits in the dominant operating system so as to prevent this new wave of Sobig virus-spam hybrids from proliferating any more than they already have.

      It is also mandatory for that above reason that we diversify how we use the Internet, e-mail, and the computer in general. This need not necessarily mean "switch from Windows to Linux." It could be as basic as "use Mozilla instead of IE." By introducing variety, it becomes more difficult for spammers to lock onto a single exploitation.

      It is unfortunate that our "representatives" in the federal government, instead of fighting spam, have instead gone out and legalized it. The fight against it is something we have to do ourselves because we clearly cannot rely on the government to institute any meaningful legislation.

  • And I'm sure we'll continue to laugh at Microsoft.
  • Won't work I bet (Score:3, Interesting)

    by Ken Broadfoot ( 3675 ) on Saturday January 24, 2004 @03:30PM (#8076594) Homepage Journal

    If microsoft managed to find a way to make money off of spammers then "geeks" who don't currently spam now, may start doing so just to mess with them.

    Sort of like trying to thwart the microsoft security initiative.

    I am not saying it is right, but that it would happen.

    However, spam is a problem. It is almost impossible to have a "permanent" address anymore and that sucks.

    I would like to hear about solutions that don't involve paying microsoft anything.

    --ken

    --ken

  • by Meneudo ( 661337 ) on Saturday January 24, 2004 @03:33PM (#8076625)
    I don't really care if he says it. Many other professionals are saying it as well, I trust them. I could care less how much somebody predicts something, unless they have research to back it up and/or are some kind of spamologist. Bill obviously has no more legitimacy over anyone else. Yet this comes from a big figure and so it *must* be true. I say give credit where credit is due and respect the people who have been fighting against spam, instead of one person with a lot of money. If I had billions of dollars for screwing people over, would that make my opinion count any more than someone else's? No... Wait... corporate america...
  • by rivaldufus ( 634820 ) on Saturday January 24, 2004 @03:33PM (#8076626)
    I mean, I never get junk mail at home in my mailbox - I'm sure I would if the US post delivered for free.
    • Granted, you do get some spam in your snail-mailbox. But basically, it's seems like a given right now that the amount of spam that an email-box is recieving will double every year or two. There's no reason for spammers to not keep spraying more and more shit onto the internet, since it's free. I have a couple spam emails that are very likely from the same spam author (SpamAssassin hits the same thing in them every time) that get sent to me EVERY SINGLE DAY. If companies had to pay for stamps for online
  • what spam? (Score:3, Informative)

    by ejaw5 ( 570071 ) on Saturday January 24, 2004 @03:35PM (#8076651)
    not to serve as an inviation for any, but I don't get spam in my primary email address, and maybe just a few in my free web-based email that go to the "bulk folder" ...which is far from what the media and everyone proclaims how bad spam is. If you're haphazardly posting your email address in public forums, websites, contests, etc etc then you probably get spammed a lot. Just be careful who/where you give out your email address, and if you do get any spam, don't load the images (or any HTML content for that matter), and certainly don't click on the "remove from list" link.
    • Re:what spam? (Score:5, Interesting)

      by JaredOfEuropa ( 526365 ) on Saturday January 24, 2004 @03:52PM (#8076783) Journal
      Just be careful
      I'd prefer a world where I didn't have to be careful with my email address. I want to post it on a website so that people can just click it and send me a mail, without bots harvesting the adress and crapflooding my inbox. I want to put it in my .sig on sites such as this one, and Usenet.

      I applaud any effort that will reduce spam and send the spammers to jail. Perhaps some day, we can have spam-free email again like in the good old days...
  • no no no... (Score:2, Funny)

    by plams ( 744927 )
    ...there must be some hidden agenda here. My theory is that Microsoft patented certain penis enlargement techniques and want to get rid of the competition.
  • by bigberk ( 547360 ) <bigberk@users.pc9.org> on Saturday January 24, 2004 @03:37PM (#8076664)
    There's lots of great filtering technologies available out there, and the best ones are non-commercial in nature. Microsoft or Yahoo have not helped my spam situation; but spamprobe [sourceforge.net], bogofilter [sourceforge.net], spamassassin [spamassassin.org], and spambayes [sourceforge.net] definitely have helped me, in very real terms: > 99% accuracy, with (generally) zero false positives depending on the quality of configuration.

    Now an appeal to you folks out there who use these filters I've mentioned with similar good results (w.r.t. accuracy): we no longer see spam thanks to our filters. How about taking it one step further? Join the WPBL project [pc9.org] and help us centrally collect IP addresses of spammers. It's an automated system to determine real-time spam sources using reliable, trusted data contributors. We are currently tracking over 15,000 IPs.

  • Yea right, what are they gonna do, buy out Hormel or something?
  • by Pig Hogger ( 10379 ) <pig@hogger.gmail@com> on Saturday January 24, 2004 @03:39PM (#8076693) Journal
    ... if Microsoft would drop dead tomorrow morning.

    No more:

    • Insecure OSes that can be trojaned by viral spam-relaying malware
    • Stupid non-standard e-mail clients that will automatically display tracking web-bugs that confirm dictionnary-attacked e-mail addresses.
    • Stupid lame e-mail delivery agents that can be cracked from outside.
    • Internetworking standards that are denatured beyond usefulness.
    • Crappy web-browsers that install all sorts of malware on user computers.
    • You are absolutely right. Windows insecurities are what primarily feed Internet spam, in the ways you have pointed out. Outlook alone is probably among the most blameworthy when it comes to facilitating world-wide spam (through worm vulnerability and intergration with Internet Explorer). Open SMTP relays are passe; who needs to find open relays when you (the spammer) can craft and distribute your own spamming software to millions of Windows users?
  • It's tragic that Gate's inadequate solutions will be taken seriously by the movers and shakers at Davos, who will never hear about the other solutions (and original sources of Microsoft's solutions) to spam, just because Gates is so rich and Microsoft is so powerful. There is no meritocracy in these influences, and so little merit to their policies.
  • by holy_smoke ( 694875 ) on Saturday January 24, 2004 @03:48PM (#8076760)
    "...stamps, paid if the receiver considers he is being spammed"

    What if I accidently type in "joe@yahoo.com" instead of "joel@yahoo.com" and joe decides I am spamming him? Should I be required to pay up becuase of a mistake? Who's going to enforce payment (really)?

    I fear that if we make email more difficult to use then it begins to lose its appeal (think instand messaging alternatives).
    • by bluGill ( 862 )

      For a micropayment, the cost to a single mistake would be small enough that you wouldn't care. It costs me about 30 cents to mail a letter, if once in a while I had to pay 2 cents because someone mistook my email, I can afford it. A spammer cannot however afford all the recipents of his spam charging 2 cents because it adds up

      Unfortunatly I don't know if it is worth the effort to hit the charge sender button. Means I have to sign up for a lot of things, for little appearent gain.

      The bigger problem w

  • So with this payment at risk system, you basically have to reject all unpaid emails as the receiver to be guaranteed not to receive spam (or much of it). What happens if, as the sender, you don't have a credit card? I used email a lot when I was younger.

    That said, this system does seem to be pretty good.
  • Most times that I've heard the fee mentioned, it's been a fee that's levied on every e-mail, not conditionally. The conditional model is a little more acceptable to me, if implemented nicely. Though I still prefer non-monetary methods.

    What would be really nice is if some percentage of the spammer's fee went to the spammee. So, for those spammer's not dissuaded by it, we at least get something in return for having to deal with the junkmail. There would of course need to be a lot of extras to guard agai

  • by pipingguy ( 566974 ) on Saturday January 24, 2004 @04:05PM (#8076857)
    What REALLY pisses me off is that the *real*, legitimate penis enlargement comapanies are being painted with this broad brush.

    Don't bomb me - the above is a joke.
  • by Animats ( 122034 ) on Saturday January 24, 2004 @04:09PM (#8076886) Homepage
    Spam key generation is an ideal application for "grid computing" - very distributed, compute-intensive, moderate data traffic, tolerant of failure. Spammers are already used to capturing the machines of others and using them for their own purposes. Effectively, they already have a "grid".

    If it takes some massive computation to generate a key to send an e-mail, spammers will just have their captured zombies do it. All on Windows home machines, of course, where most users won't notice.

    For the "legal" spammers (as legalized by the CAN-SPAM act), there's another alternative - unloading the task onto customers. Sharman Networks could make all tke Kazaa clients do it. Legally - read the Kazaa EULA.

  • Stop spam, how? (Score:3, Interesting)

    by miffo.swe ( 547642 ) <{moc.liamg} {ta} {molbdeh.leinad}> on Saturday January 24, 2004 @04:17PM (#8076922) Homepage Journal
    Until it is illegal to send someone email i cant really fathom how you could stop spam? If sending email becomes hard or expensive some bozo will reinvent email and people will flock there instead.

    A ban against email while regular IRL spam is allowed is also pretty inconsistent. Maybe if we put some pressure on the companies SENDING the spam we could get some results. Just plain boycott any company that sends spam and the problem will stop pretty fast. Why not start a list with the worst offenders (companies, not the spammers).

    Without companies giving the spammers money the problem wouldnt exist.

    Cure the illness not the symptoms!
  • by MeerCat ( 5914 ) on Saturday January 24, 2004 @04:35PM (#8077070) Homepage
    My idea for reducing spam by at least getting rid of a whole load of joe-jobbing would be to let people announce how to verify emails from them (I've received something like 50,000 bounces as a result of some spammer sending mails from hijacked machines claiming to be from [random-word]@schmerg.com).

    I own all email sent from schmerg.com, so I add a (new type of) DNS record of my public key, and then every email that I send I add a header "X-WonderSchemeEncyrptedChecksum" with the value of the SHA-1 checksum of that message's body as sent, encrypted with my corresponding private key.

    If your mail system doesn't know about this, nothing changes, but if you DO know about the scheme, then whenever you receive an email you do a DNS lookup on the sender's domain. If that domain has no key listed, then you're none the wiser, but if they DO have a key listed (and here my domain schmerg.com does) then you can safely reject any emails that don't have the new header, or where decrypting the checksum fails to match the body.

    This way an organisation can still add their crappy sigs or whatever, and then sign all their email, and spammers will learn not to use that domain in their From address.

    Big ISPs and people like HotMail can sign all the email their users send thru their system, and we start to reduce the ability of spammers to have false From addresses. If you want to send email claiming to be from a domain protecting itself in this way, you have to send it thru that domain at some point (or know the private key yourself).

    It's nowhere near a complete solution to spam, but it makes life harder for spammers (and phishers and the rest), and it rewards those willing to make the effort without punishing those who don't.

    To get round various implementation issues you'd probably want to add multiple keys to your DNS record and then describe which one you were using for each email (so you can rotate keys, or use different keys for different locations, and phase out old keys regularly if you're Hotmail.com or similar), but DNS propagation, caching and lookup is a given on today's internet.

    If you can't be bothered checking the identity of the sender you don't have to, but if you want to (and you can afford the DNS lookup and the cycles to checksum the message etc.), then you can.

    --
    Tim

  • by josepha48 ( 13953 ) on Saturday January 24, 2004 @04:37PM (#8077087) Journal
    Who pays if someone starts sending email using my email address? I have already had this happen and as such I have had to change my email address. But what if you work for a company and the company uses bobm@floobla.com? Then someone starts sending email as bobm@floobla.com. Who pays for phoney reply-to addresses?

    The real and only solution is email sending authorization. If you are going to get your pop mail you must send USER and PASS commands. These need to be part of the SMTP somehow. Then they need to be adopted by ISP's across the GLOBE. Then they need to be required and any email that does not meet this does not get sent. Yes people will have to upgrade email programs, but it is a small price to pay!

  • spam fines (Score:3, Insightful)

    by Andy Smith ( 55346 ) on Saturday January 24, 2004 @04:37PM (#8077091)
    But ultimately, Mr Gates predicted, spam would be killed through the electronic equivalent of a stamp, also known as "payment at risk".

    This would force the sender of an e-mail to pay up when an e-mail was rejected as spam, but would not deter senders of real e-mail because they could be confident that their mail would be accepted.
    I applaud any efforts to combat spam but there seems to be a problem with these payments.

    Aren't most spammers criminals? In future, if legislation continues as it has recently, won't all spammers be criminals? Therefore, doesn't it make sense that these criminals will find a way to avoid paying the fines?

    On the other hand, with an up-front payment scheme, costing say a tenth of one pence per e-mail, that at least removes the option for criminal spammers to simply not pay. Of course they may pay using stolen credit cards or some other form of fraud, but that exposes them to an even greater wrath of the law and may lead to them being stopped a lot sooner than if all they had done was refuse to pay an ISP's e-mail fine.
  • by steveha ( 103154 ) on Saturday January 24, 2004 @05:27PM (#8077371) Homepage
    Problem: email is cheap, almost free, so a 0.00001% response rate on spam is still enough to make money.

    Solution: make email cost something.

    How?

    Government? No no no no no. We want full control over our own email. Government should only be used to solve problems that only government can solve, and email doesn't rise to that level.

    So, the solution:

    A new protocol to replace SMTP. Someone sends you an email, and your server replies with the amount of the micropayment required for the email to go through. Then they can pay or decline. Most people would leve this set to a low amount (five cents sounds good to me), but famous people might set the bar higher to reduce the amount of email they get. The server has a "white list" of people you won't charge for email; this will use digital signatures, not an easily-forged header field.

    Your email client has three toolbar buttons: refund the fee for this message and add the sender to the white list, refund the fee for this message, and delete message without refunding the fee.

    We would have to run this in parallel with SMTP for a while, but it will be hugely popular. People using this will find no penis enlargement (excuse me, "pen1s en.la.rg.em.en.t") emails in their new inbox, even as their SMTP inbox gets worse and worse with spam. The word-of-mouth on this would be incredible: "I only check my spambox every other day or so, if you want to get in touch with me quickly you will need to use the new email format."

    Quick numbers:

    Let's assume some wild numbers (I have done no research, I just made these up). Suppose a typical spam run sends out 100,000 pieces of spam, and 30 people are dumb enough to bite (sounds high, but let's assume it) and each of those people sends $30 (hoping to "get bigger now"). That's $900, which is a clear profit if you are simply blasting emails over SMTP. But if the average person charges five cents to receive an email, it would cost 5,000 dollars to send out that spam run, for a net loss of $4,100. This is why spam would no longer work.

    Note that you might receive ads in your inbox, but they would be ads where the sender is confident that the ad is worth five cents. If someone sent me a coupon good for $20 off something I actually want to buy, I'd even refund the five cents.

    steveha
  • Lets make a FAQ (Score:5, Insightful)

    by dasunt ( 249686 ) on Saturday January 24, 2004 @05:27PM (#8077374)

    SPAM-Solution FAQ v.01

    Congratulations, you have an EMAIL SPAM Solution.

    Now, before you release it to the world, why don't you consider these points:

    1. Not all mass-mailings are spam. Will your solution break high-volume mailing lists?
    2. Not all computer generated mails are spam. Will your solution break order status updates from web businesses? What happens if the business does not use the same domain for emailing? support@customers.example.com instead of store.example.com?
    3. Speaking of which, will your solution break messages sent from computers without an external email server? What happens if the cronjob on gateway.example.com wants to send bob@example.com an email?
    4. Spamming is worldwide. Will your solution include a spammer in, say, South Africa?
    5. A spammer can use more then one machine in order to send email. Does your solution still work if the spammer is controlling 10 machines? 100 machines? 1000 machines?
    6. Inversely, will your solution bog down my cellphone's anemic processor when I check my mail? Or will it cause my ISP to purchase faster hardware and pass the price on to me?
    7. Finally, if I forge the address someone_i_hate@example.com on all my spam, will your solution bury their server in spam or not?

    (c) 2004 by Jesse Meyer ( dasunt [a] hotmail [.] guess ).
    Permission to redistribute is freely granted as long as this disclaimer is included.

    PS: Feel free to suggest other points, I'll add them to the list.

  • by dbIII ( 701233 ) on Saturday January 24, 2004 @06:15PM (#8077604)
    640,000 spam emails is enough for anyone.
  • And how, exactly? (Score:3, Insightful)

    by JRHelgeson ( 576325 ) on Saturday January 24, 2004 @06:16PM (#8077615) Homepage Journal
    How can Bill Gates/M$ forecast the death of spam, when they can't even predict when their products will be 'secure', much less their product launch dates...
  • by Flyboy Connor ( 741764 ) on Saturday January 24, 2004 @07:11PM (#8077916)
    ...about the wedding night of Bill and Melinda Gates. She was very disappointed because all Bill did was sit on the edge of the bed and tell her how good it would be when she would finally get it.

    Microsoft has always been good on promises. The fact is that spam is getting worse and worse. Microsoft at the moment does absolutely nothing about it. I had to let go of my hotmail address because I got so much spam in it that the mailbox would overflow twice a day. I have tried several freemail providers and hotmail is absolutely the worst in every respect, certainly regarding spam.

    But Gates flashes a big smile and says Microsoft solves the spam problem! Yes, it will be gone Real Soon Now. Don't worry but trust Microsoft! Have we ever let you down?

  • by davburns ( 49244 ) <davburns+slashdo ... l.com minus city> on Saturday January 24, 2004 @07:57PM (#8078151) Journal
    There are problems with all of these solutions.

    The biggest problem that they all break the simple model that makes email work. Users can pass an "email address" by any means (inband or out of band) they want, and then they can exchange messages. Any kind of payment system will require a security relationship between the email-exchanging parties. Security realationships are expensive, and tend to scale as O(N^2).

    Increasing the cost (CPU or money) would still let "rich" spammers spam, but would shut down mailing lists, and make a big extra barrier for people to freely email each other. (And no, whitelisting the mailing lists won't work -- because the spammers would just forge mail from those mailing lists.) Getting rid of the "poor" spammers would be nice (no more herbal viagra...) but would encorage big companies to spam (and they would claim that this is legitimate.) Consider this, as well: much spam these days is delivered by zombies -- is it really costing the spammer anything if his network of zombies has to do a little more CPU intensive work?

    If you require a micropayment with each email, that means you either have an extra step to take with each email (insert smartcard, type pin, or whatever) or your MUA does that for you. The previous is enough difficulty to kick many non-technical users off the 'net. The later would imply that malmalware or a social engineer can steal all your email money.

    There are lots of ways to help reduce spam (currenly more than 50% of email is spam.) Filters help a lot, and the ASRG is working on new barriers to spammers. If CAN-SPAM were enforced, it would make a large dent in the amount of spam (and make the rest easier to filter.) I think that has to be the magic bullet for spam, if there is going to be one. Filters and other barriers may slow spammers down, but if there is no penalty for trying, they'll keep coming until they find a way to circumvent the filters, the payment schemes, etc. The magic bullet canot be filtering alone -- I'm pretty sure that well-written spam would require a turing test to distinguish from ordinary email.

  • by Pseudonymus Bosch ( 3479 ) on Saturday January 24, 2004 @09:21PM (#8078618) Homepage
  • by adrianbaugh ( 696007 ) on Saturday January 24, 2004 @09:44PM (#8078719) Homepage Journal
    by introducing its all-new Secure Proprietary Advanced Mail protocol. Oh, wait...
  • Baysian... (Score:3, Interesting)

    by adriantam ( 566025 ) on Saturday January 24, 2004 @09:46PM (#8078729)
    Did Bill means his team is going to *invent* Baysian spam filtering? I am used to this in Mozilla for a long time.

Were there fewer fools, knaves would starve. - Anonymous

Working...