Old and new ways of combatting spam — both from Microsoft

Posted on by

Old and new ways of combatting spam — both from Microsoft

First, the old-fashioned way. Earlier this month Microsoft and the New York attorney general went after a sprawling e-mail spam ring, saying they hoped to drive it into bankruptcy by exposing what they called its schemes of deception. The company and Attorney General Eliot Spitzer filed joint lawsuits in Manhattan against members of the ring, which they said has sent billions of unwanted and illegal e-mail messages.

Beyond simply being annoying and jamming e-mail inboxes, Spitzer and Microsoft officials said the spammers have repeatedly broken the law by deceiving consumers. “Deceptive and illegal spam, like the kind we’re attacking today, is overwhelming legitimate e-mail and threatening the promise and potential of the Internet for all of us,” Microsoft lawyer Brad Smith said.

Now comes an interesting idea — this time from Microsoft Research (a formidable outfit IMHO), which seeks to make the spammer pay for email in a way that doesn’t cripple legit users. According to this BBC report, “The basic idea is that we are trying to shift the equation to make it possible and necessary for a sender to ‘pay’ for e-mail,” explained Ted Wobber of the Microsoft Research group (MSR).

The payment is not made in the currency of money, but in the memory and the computer power required to work out cryptographic puzzles. “For any piece of e-mail I send, it will take a small amount computing power of about 10 to 20 seconds.”

It would work like this: Before an email program accepts a piece of email from an unknown sender, it sends the dispatching machine a small cryptographic puzzle to solve. If it solves it, then the recipient accepts the message.

“If I don’t know you, I have to prove to you that I have spent a little bit of time in resources to send you that e-mail. “When you see that proof, you treat that message with more priority.” Once senders have proved they have solved the required “puzzle”, they can be added to a “safe list” of senders. It means the spammer’s machine is slowed down, but legitimate e-mailers do not notice any delays.

Mr Wobber and his group calculated that if there are 80,000 seconds in a day, a computational “price” of a 10-second levy would mean spammers would only be able to send about 8,000 messages a day, at most.

In a nice touch, the Microsoft research project which led to these ideas is called The Penny Black Project — after the 1830s idea of making the sender rather than the recipient pay for mail that led to the formation of the British postal system.

Full marks for ingenuity, less for practicality, alas. For this to work, it would have to become a universal email standard — and one that was not owned by, er, Microsoft. Shame.

US gets mad cow disease

Posted on by

US gets mad cow disease

US consumers have traditionally been much more relaxed and trusting than Europeans (and especially Brits) about their food industry. That may be about to change. According to today’s NYT, “Agriculture officials pored through cattle sales records at two Washington State companies on Wednesday in hope of finding where a cow with mad cow disease was born so they could trace the extent of the outbreak.

Officials hope to be able to determine where, when and how the Holstein became infected with the disease as a clue to whether other animals were also infected. But they have faced slow going because of a lack of centralized records on the animal’s history, officials said.

Beef importers abroad were not waiting for the results. By early Wednesday, about two-thirds of the export market for beef had already dried up, with Japan, South Korea, Hong Kong, Taiwan, Singapore, Malaysia, Russia and South Africa all banning imports of American beef, agriculture officials said. About 10 percent of American beef, worth about $2.6 billion a year, is exported.”

Hmmm… given the importance of the US farming lobby, this could be interesting….

The SCO lawsuit…

Posted on by

The SCO lawsuit…

… gets curiouser and curiouser. Initially, I thought that while the SCO guys were unscrupulous at least they were smart. Now it’s beginning to look as though they are just clueless. In their latest attempt to shake down some Fortune 100 companies, they demand that they stop using Linux, or reach an agreement with SCO over what it claims are copyrighted “binary interfaces”.

“Any part of any Linux file that includes the copyrighted binary interface code must be removed,” says the demand. SCO identifies a number of files which, once machine-specific versions are discounted, boil down to simply four header files. The claim is that the files signal.h, ioctl.h, errno.h,stat.h and ctype.h contain copyright infringing code.

These files, according to SCO, “must carry USL / SCO copyright notices and may not be used in any GPL distribution, inasmuch as the affirmative consent of the copyright holder has not been obtained, and will not be obtained, for such a distribution under the GPL.”

This is interesting, because it’s not that long ago since SCO spokesman Blake Stowell denied that these binary interfaces contain allegedly infringing code.

“This code is under the GPL and it re-implements publicly documented interfaces”, he said. We do not have an issue with the Linux ABI modules.”

So what’s going on? Do these guys know what they’re doing? Linux/UNIX techies are falling about laughing over these particular claims. And Linus Torvalds has now weighed in. He writes:

“For example, SCO lists the files “include/linux/ctype.h” and “lib/ctype.h”, and some trivial digging shows that those files are actually there in the original 0.01 distribution of Linux (ie September of 1991). And I can state

– I wrote them (and looking at the original ones, I’m a bit ashamed: the “toupper()” and “tolower()” macros are so horribly ugly that I wouldn’t admit to writing them if it wasn’t because somebody else claimed to have done so ;)

– writing them is no more than five minutes of work (you can verify that with any C programmer, so you don’t have to take my word for it)

– the details in them aren’t even the same as in the BSD/UNIX files (the approach is the same, but if you look at actual implementation details you will notice that it’s not just that my original “tolower/toupper” were embarrassingly ugly, a number of other details differ too).

In short: for the files where I personally checked the history, I can definitely say that those files are trivially written by me personally, with no copying from any UNIX code _ever_.

So it’s definitely not a question of “all derivative branches”. It’s a question of the fact that I can show (and SCO should have been able to see) that the list they show clearly shows original work, not “copied”.”

So back to my question. Could it be that the SCO guys are really just clowns who are chancing their arms and hoping that FUD will persuade some companies to pay up just in case…? So far, the SCO lawsuit has proved a pretty expensive gamble. According to The Register, “SCO’s legal costs continue to wipe out its hard earned profit. SCOX reported a loss of $1.6 million for the quarter on sales of $24.3 million, after excluding a $9 million charge for legal fees. It would have posted a $7.4 million profit otherwise.”

Later:: Just noticed that the NYT also covers Linus’s response.

Still later:Novell has entered the fray. According to the NYT of 24 December, “Novell Inc. has quietly registered for the copyrights on many versions of the Unix computer operating system that the SCO Group already says it owns, further muddying the water surrounding a dispute that has embroiled the Linux open source world for almost a year.

[…]

SCO reacted on Monday to Novell’s decision to register for the Unix copyrights by calling the move a backdoor act to claim code that is rightfully SCO’s. “We see this as a fraudulent attempt by Novell to get something they don’t have,” said Darl C. McBride, president and chief executive of SCO. “It’s fraudulent to now go and say they have these” copyright registrations.

Mr. McBride contended that Novell was acting as a stalking horse for I.B.M., the biggest seller of Linux to corporations. “It’s not just Novell,” Mr. McBride said. “It’s an attack by I.B.M.””

Plus ca change…

Posted on by

Plus ca change…

Consider this quote:

“In fifteen years the Internet has superimposed itself upon civilization. Its future is limitless, not predictable. It is daily demonstrating its ability to extend the scope of our economic fabric to lengths undreamed of, and in ways which were but yesterday fantastic dreams. And it has already proved the power to destroy utterly the world as we have built it; has forced us to take sober and urgent thought as to how this mighty and as yet proportional and yet irresponsible force may be subordinated to the common good. The industrial changes following the introduction of steam and electrical machinery are trifling and infinitesimal compared with those already following in the wake of mankind’s new-found ability to communicate.”

So what’s funny about that? Answer: it was written by Kenneth Chafee McIntosh and published in The Altantic in September 1921. Eh? OK, I’ll come clean. McIntosh was writing about the aeroplane. I merely replaced all his references to aviation with references to the Net.

Malapropisms

Posted on by

Malapropisms

Quentin was looking for a B&B near Heathrow airport, and found a web page saying, “The bedrooms are specious…”. Hmmm… Wonder if they meant “plausible but false” or “based on pretense; deceptively pleasing”?