funsec mailing list archives
Re: 95% of User Generated Content is spam or malicious
From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 22 Feb 2010 06:55:32 -0500
[ Please do not send redundant copies of on-list traffic. ] On Mon, Feb 22, 2010 at 12:15:43AM -0500, Dan Kaminsky wrote:
My sense is that SPAM filtering is ghettoizing, i.e. there's a very small community of extraordinarily miserable people whose job it now is to deal with SPAM for the rest of their users. They've been so successful, even at 98%, that now users have NO tolerance for SPAM. In other words, the SPAM war appears to be won, nobody seems to know it's still being fought.
First, the correct term is "spam", never "SPAM". The former refers to unsolicited bulk email, the latter refers to a Hormel product. Second, 99% of the people doing anti-spam work are quite incompetent. Many of them do not grasp even the rudiments of the field -- for example, the distinction between stopping spam and stopping spammers. Many of them do not know the correct definition of spam. Many of them deploy known-failed and/or known-abusive methods. Many of them fail to point their defenses inward as well as outward. Many of them use whatever the flavor-of-the-month is, even though spammers have defeated it before it was even put into production. Many of them buy garbage products from carpetbagging vendors eager to make a quick buck off the Internet's collective misery by peddling whatever half-ass crap they can. &etc. So no, the war's not being won. We are losing worse than ever thanks to the incompetence and stupidity of most of those who think they know something about spam but are little more than ignorant newbies. While *some* spammers are just as laughably inept, the professionals have repeatedly demonstrated far more intelligence, ingenuity and savvy than almost all of their opponents. And as one of the direct consequences, they've managed to cause the expenditure of ever-increasing amounts of money/time/effort/inconvenience for ever-decreasing results. We're only at the beginning of this fight. It's going to get much worse, because spammers hold all the strategic advantages, and because there is as yet no sign that their opponents, as a group, will get a clue. ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: 95% of User Generated Content is spam or malicious, (continued)
- Re: 95% of User Generated Content is spam or malicious Dan Kaminsky (Feb 24)
- Re: 95% of User Generated Content is spam or malicious Rich Kulawiec (Feb 25)
- Re: 95% of User Generated Content is spam or malicious Dan Kaminsky (Feb 25)
- Re: 95% of User Generated Content is spam or malicious Rich Kulawiec (Feb 25)
- Re: 95% of User Generated Content is spam or malicious Hubbard, Dan (Feb 25)
- Re: 95% of User Generated Content is spam or malicious Drsolly (Feb 10)
- Re: 95% of User Generated Content is spam or malicious rackow (Feb 10)
- Re: 95% of User Generated Content is spam or malicious der Mouse (Feb 10)
- Re: 95% of User Generated Content is spam or malicious Dan Kaminsky (Feb 21)
- Re: 95% of User Generated Content is spam or malicious Tomas L. Byrnes (Feb 21)
- Re: 95% of User Generated Content is spam or malicious Rich Kulawiec (Feb 22)
- Re: 95% of User Generated Content is spam or malicious Dan Kaminsky (Feb 22)
- Re: 95% of User Generated Content is spam or malicious Ned Fleming (Feb 11)
- Re: 95% of User Generated Content is spam or malicious Benjamin Brown (Feb 11)