Lycos pulls anti-spam campaign, better idea

TOP del.icio.us digg

Damn. Looks like Lycos gave into outside pressure and pulled the spam-fighting campaign that I blogged about earlier. It’s a shame. This was probably the best way so far to end spam, and it was working before they pulled it.

No worries. I have a better idea anyway. Someone (me, if I get time) should write an Open Source cross-platform stand-alone app that starts with the same functionality but adds some new tricks:

  • The program should be capable of running all the time with idle-priority instead of just running as a screensaver. The user should be given the option of letting the app run all the time instead of just when the screensaver is active.
  • The program should have the ability to minimize to the system tray.
  • The program should allow the user to select the level of aggressiveness. Some users, like myself, would be willing to dedicate a great amount of resources. This might allow the program to be effective with as few as a couple dozen users.
  • The program should be completely decentralized. Since almost everyone receives spam, an email client plugin could be created to keep track of URLs, and if you wanted to take it even farther (maybe to far) you could use a peer to peer network to vote on URLs. Decentralizing would alleviate some of the liability issues and could be more effective at catching all spam instead of just some.

Since the program would be open source, it would be almost impossible to stop. There’d be no one group or campaign to put a stop to. Once people have copies of the source code, anyone could pick up the torch and run with it. Also, since it would be open source, anyone could contribute features.

Anyway, just an idea. If anyone is interested in coding such an app, I would be very willing to provide free high-speed hosting for it.

7 comments to “Lycos pulls anti-spam campaign, better idea”

  1. Comment by Anonymatt:

    Hey Chris,

    I dont think that getting back at spammers like that is the best way. I’m not sure what is but that seems that it is fighting fire with fire.

    If say 5% of all internet traffic is spam, then we start to attack them back and use another 5% of traffic. That means that people who use cable (eg, you) will have lesser bandwidth because all your neighbors will be sending out tons of packets with not much use.

    Spammers use a lot of hackedcompromised sites and then we will be adding a lot of unwanted traffic to people that are being already swamped. (I can see an argument here saying they should already be taken off the internet so DDoS’n them into non-existance would be good…)

    I think a lot of better help against spam would be to write letters to where major centralized (eg, non hacked) spammers connect to the internet and tell them how they are filling the internet full of trash. I found a site once that had this stuff written (just a few days ago) but I cant remember where I got it.

    I’m done rambling and its there isn’t anything better to do it at 3:30am…

    -Matt

  2. Comment by Chris:

    Hi Matt,
    Thanks for your comment. I happen to strongly disagree with much of what you’ve said.

    As far as your bandwidth argument goes, unless we see twenty million people flock to my website and download the proposed program, we’re not even going to see a full percent increase of overall internet traffic. (For some reason I’m a bit doubtful.) BitTorrent increased the amount of internet traffic by over 30%! Have you felt the effects? My DSL line is just as fast. My co-located connection this site is on is just as fast. Even my cable connection isn’t any slower, and prices have just gone down. We don’t need millions of people to run a program like this to be successful. A single person could make a difference and a thousand people could take a tremendous chunk out of the spam problem.

    Your suggestion to write letters was almost funny, no offense intended. Right now, there is money in spam. That’s the only reason it still exists! Hosting providers and data centers in foreign countries have incentive to ignore the spam problem as long as spammers are making money and paying their bills. This is exactly why the proposed program would work so well. By using up spammer’s bandwidth, one of two things will happen. Either the spammer will go bankrupt because he can no long afford the bandwidth costs of sending out spam, or spammers will begin to skip out on their hosting bills and cause hosting companies to crack down. Either way, this would be very, very effective. Even in a situation where compromised boxen are being used to spew spam, a bandwidth spike would no doubt get someone’s attention which would cause the issue to be cleared up faster.

    Thanks for your opinions, but I feel very strongly that the proposed program would directly result in a major decrease in spam. I would dare suggest that it would take less than half a million people running this simple program in the background to almost completely get rid of spam. To put that into perspective, keep in mind that eDonkey was downloaded almost 200,000 times last week from Download.com alone.

    Destroy the profits and the spam will follow.

  3. Comment by Joshua Street:

    I’d download and use such an app, but you would have to *manually* specify ALL URL’s for use, in order to prevent auto-detection of the wrong URL’s (e.g. if a spammer were to send a message with two links in it — one to Yahoo! or something and the other to their website, you’d wind up attacking both).

    I’ve written a post on my personal website regarding the MLNS saga, which is relatively neutral in intent — having said that, I’d love to run such an app, as I don’t believe it’d have any substantial detrimental impact on the Internet as a whole — logically, if the campaign were successful, the opposite would occur. IF, on the other hand, the idea was a dismal failure, then people would stop using it (well, maybe…) and everything is no worse for the wear. I rant about THAT at some length in this comment.

    I don’t perceive any liability issues, as the action is so far decentralised that it would be difficult — if any one user becomes a problem, then they are completely free to block the source IP address (heh, for dynamic IP people such as myself, this can potentially create a whole bundle of fun). The bottom line is, they sent you a URL, and you’re visiting it… twenty thousand times per day. :P

    I’d love to see this implemented…

  4. Comment by Joe:

    I like the idea of flooding spam sites with requests, what concerns me is that you propose is essentialy handing out the ability to perform DDoS attacks through a nice simple user interfaceon any url the user chooses. The potential for abuse is massive, people will find ways to exploit, abuse or negate the effects of the technology if it becomes too successful.

  5. Comment by Beryllium:

    I would welcome such an app.

    It has been criticised as vigelante justice, and so it is, but this is what the net needs to do to police itself. Laws and polititions ane not going to do it for us… and I, for one wouldn’t want them to.

    Remember too, the spammers are just foot-soldiers. It is their paymasters who sell the goods that are the target, not the hidden spammers themselves. Get rid of them and spammers will shrink back to being minor irritants.

  6. Comment by nick:

    kuro5hin readers raised some interesting points about ddosing innocent zombie boxes and servers proxying (although if you open relay, perhaps being ddosed would make you change your server config).

    Perhaps a trust metric system would help to only ddos ip addresses that are _actually_ sending out mail. You start off with a group of ‘trusted’ ip-editors who can crypto sign messages containing ip addresses to be dossed (dossed?), if that group becomes draconian, people could choose a different group of ip editors to trust from now on.

    Everybody would still flag email as junk, common IP addresses (and/or emails) from the big baddies would bubble to the top, making it easier for ip editors to target emails and ip addresses that should be targetted, after that, nail ‘em to the wall.

    Like I said, the end-user would choose which bunch of editors to trust their ddossing efforts to, so hopefully hard-core anti-spam groups (a certain spam blacklisting group comes to mind, but i can’t remember who) would eventually beconme untrusted.

    This type of thing carte-blanche probably would cause major headaches (I have worked at small web-hosting company who was innocently blacklisted), so moving forward with a ‘sane’ solution should be a priority.

  7. Comment by Alexis:

    The new app should decentralize not only the attack tool (makelovenotspam already did), but also the spammers list (makelovenotspam failed and so died).

    “Spammers List Files” (SLF) should be created by a reliable organization (like lycos, spamcop or a hero) and encoded with a verification algorithm before being delivered by P2P nets. The app should be able to identify a true SLF and refuse fakes using this algorithm.

    The app would download a SLF identified by date and extension(like 190105.sfl) from P2P, try it and, if it’s a fake, delete it and download a new one with a different HASH. Doing so would increase the number of true fonts and stop the proliferation of false fonts.

    I have the idea, but not the programming skill. Feel free to develope it, my Hero!

    From Spain,
    putowindows98 at hotmail

Leave a Reply