[ale] (no subject) SPAM talk...

George Carless kafka at antichri.st
Mon Apr 19 20:08:17 EDT 2004


> James!
> Do you really believe that a spammer will come to the ALE (out of the millions 
> of sites on the Internet) and take the time to learn our system, create a 
> form to trick our server into sending emails to our >1000 members?

And if we were to develop a (temporarily) effective means of obfuscation, do you really think it would _remain_ with us 
without spreading out to other sites etc.?
> 
> Well, to solve that problem, we can use the graphic challenge solution:
> ex: http://www.marketleap.com/publinkpop/default.htm
> While I feel that is OVERKILL . . .
> . . . the solution certainly trumps the problem you cited. 

There was a thing on /. a while ago about how spammers etc. were using tricks to fool unwary web users into solving these, 
basically by grabbing the images in question, and then putting them up on *other* sites for other users to 'solve'.  I forget 
the details, but that was the gist of it.  At any rate, it demonstrates the spiral of futility that this kind of approach 
seems to inexorably lead us to.  I mean, half the spam I get nowadays doesn't seem to _serve any purpose_ even to the spammer, 
_except_ that it aims at making the problem of spam prevention too great for the average sysadmin.  In the face of this, why 
do you think the spammers are going to quit?

> You're right - there's no technical solution, after all a spammer could:
> 1. simply HACK the ALE's server and get the email addresses that way. 
> 2. also pay an admin to release the data. 
> 3. go to ALE meetings, collect email addresses personally and spam them.
> 4. research the poster via the archives and in Geoffrey's case, find that he 
> posted on a similiar insecure mailing list, retrieve his email from there, 
> and spam Geoffrey.

These problems aren't even in the same ballpark as those we're discussing, so the attempt at satire doesn't really succeed...

--George



More information about the Ale mailing list