Interesting People mailing list archives
Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post
From: David Farber <dave () farber net>
Date: Sun, 30 Nov 2008 12:31:41 -0500
Begin forwarded message: From: Gordon Peterson <gep2 () terabites com> Date: November 30, 2008 11:24:14 AM EST To: dave () farber netSubject: Re: [IP] Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post
For starters, I agree completely that the right to free speech does NOT include the right to COMPEL others to listen.
Especially when some particularly pernicious spammers would happily monopolize the world's inboxes, given a chance.
I however STRONGLY disagree with Rich's claim about content inspection. as an antispam technique.
The trick, however, is to COMBINE content detection SPECIFIC TO THE SENDER.
For example, my dear old Aunt Gertrude might send me pictures of her poodle Fifi, but she is NEVER going to send me encrypted ZIP files, or obscured URLs, or messages containing JavaScript, or any kind of executables. Any of that kind of content claiming to come from her is clearly coming from her infected computer, or from someone impersonating her address. In either case, I don't really want to see it (but I will happily accept mail claiming to be from her which DOES "look like" the mail she always sends to me). (Though I might be willing to accept that kind of mail, coming from someone else who I knew and trusted!)
By the same token, most of the newsletters and other material I receive regularly has common formatting or mastheads or other content which makes it look "familiar" for mail from that sender. I can use that to determine if that mail is genuine or not.
Most importantly, if the default rule for mail from previously unknown senders is "no HTML, no attachments, and no more than (say) 50K bytes in size" then I can instantly eliminate virtually all phishing/spam/ virus/worm mail. (NO legitimate, reasonable sender will send HTML- burdened E-mail to a new recipient without first determining that they are willing and able to handle such mail).
By eliminating HTML, you also eliminate malicious ActiveX, malicious images, hidden/misrepresented links, and a lot more.
Most of the non-content-inspection schemes (like SPF, which is stupid) unreasonably (and unnecessarily) limit senders (who might, for example, be sending from an inhabitual location, such as a cruise ship Internet cafe), and do nothing to stop mail from zombie spambot armies which have commandeered friends' machines, and are sending their infected or objectionable mail under that legitimate user's qualifications or reputation.
By using a fine-grained "permissions" list, based on the sender of the mail (AND SET BY THE RECIPIENT!!), one can achieve FAR better antispam/ antivirus/antiworm defenses than are possible using either non-content- based, or only-content-based, antispam techniques by themselves. PLUS, this returns control of their Inbox to the owner of that Inbox, who ultimately is the only person whose opinion matters when deciding what kind of mail they want to receive, and from who.
And (for instance) I might be willing to visit a porn or other web site a familiar friend sent me a link to, while the EXACT SAME e-mail coming from a stranger would be spam that I would not want to see.
David Farber wrote:
Begin forwarded message: From: Rich Kulawiec <rsk () gsp org> Date: November 30, 2008 7:32:12 AM EST To: David Farber <dave () farber net>Subject: Re: [IP] WORTH READING James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington postThis is alarmist nonsense for two reasons. First:I contacted the company that distributes my newsletter, and a staff member explained that three sets of words among the issue's manyThe author has chosen to use a company which in turn has chosen to use a broken spam filter. His problem lies with his own choices. Second: The author has conflated his free speech right (as guaranteed under the Constitution) with an obligation of others to listen. If end users wish to make the same set of choices that he has, and make them equally poorly, then they might end up not receiving issues of his newsletter -- or many other pieces of email. If this becomes a problem for them (or for him) perhaps they'll revisit those choices. But in no way, shape or form is there a First Amendment issue of any kind here. Note: This should not be taken as advocacy for anti-spam measures that inspect content. I've long held that it's quite easy to implement robust anti-spam measures without resorting to content inspection. (Where "robust" implies low false positive and false negative rates.) I strongly suspect that when the spam/anti-spam arms race ratchets upanother notch or two, the shortcomings of content filtering will be evenmore apparent. ---Rsk
-- Gordon Peterson II http://personal.terabites.com 1977-2007: Thirty year anniversary of local area networking ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post David Farber (Nov 30)
- <Possible follow-ups>
- Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post David Farber (Nov 30)
- Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post David Farber (Nov 30)
- Re: James McGrath Morris - Spam Filters Threaten Free Speech on the Internet - washington post David Farber (Nov 30)