OpenIdea: Give Spammers What They Want….
You have no idea how much I hate spam and spammers. I’m generally a friendly guy but spam makes me aggressive.
And with 85% of ALL my mail being spam (19.648 Good Messages, 111.961 Spam Messages (85%) on 405 Spam Messages Per Day) I spent a lot of time thinking about how to prevent any more from coming in.
Since January 2007 I have been using a fairly good Spam filter. It is 99.1% correct which means I have to wade my way through hundreds of spam messages every day to make sure I don’t miss stuff. So far I have rescued 869 messages from my spam folder our of a total of 111.961 spam messages.
Today I came up with a ’sort of’ solution to the Spam problem. Maybe. Probably not.
It occurred to me that one of the reasons spam still works for spammers is the low cost of doing it. After all, it costs close to nothing to send millions and millions of spam messages and if only 0.001% of receivers click through you still make some money.
So what if we would give spammers what they want?
What if we would ALL start visiting every link in every spam message? The cost of sending out millions of spam messages would suddenly start to rise. Servers would go down, pages would become unresponsive and bandwidth costs would go up.
Spamming is cheap BECAUSE people DON’T click on the links in the spam messages!
I don’t propose we actually start buying v!@ggra (how DO you actually spell that?) and cheap Rolexes online. But how about a mail plugin that loads every link in every spam message I receive, oh, about 10 times? How about making this plugin free and easy to install? What if a few thousand or hundred thousand people would install this plugin?
I imagine a spammer one day sending out a few thousand spam messages and before he even gets one order for his product his server goes down.
Yeah I know, what if a legitimate message accidently ends up in the spam folder? Well, if it only ends up in 1 spam box there wouldn’t be any problems.
So is this a real solution? Probably not.
But one can dream, right?
Filed under Business Theory, Developing, Fun, Innovation, OpenIdea, Personal, Programming |
10 Responses to “OpenIdea: Give Spammers What They Want….”
Leave a Reply
Subscribe to my Feed!
Powered by
And what about the ads on the landing pages behind those links in spam messages?
They would go up in value, no?
Hi Robin: good point! Usually these spammers show Google ads. So unless you click these ads they don’t make money. It would also be enough to just request the html for the website and not get all the images/banners.
Problem though with this is that you promote bad behaviour, making people and obviously more likely target for phishing/virusses. Your idea defeats the whole groundrule of never opening a mail and following a link of someone you don’t know.
Obviously we geeks with our Macs/Linux machines can go nuts, but how much of a DDoS can we bring along with this?
at least, it is a creative idea! who knows it would work.
So, if I send some spam with a link to a blog of someone I don’t like, his server gets hosed and if I’m very lucky, he gets a very scary bandwidth bill.
sweet!
No, this won’t work - same reason most ‘active spam deterrent’ has problems. It opens the door to use the very spam deterrents in place to DDoS someone.
I love the idea, but the spam-link has to be followed in a prisoned runtime on my computer. If you visit a link, you basically give away your IP address, and allow the possible spammer to run any script on your computer. That is what needs to be addressed. I am just wondering, who ordered a p3nis enlarger or Viagr@ through his email? it seems so difficult! ;) I would love gmail junkmail ‘processing’ like you discussed, would certainly add an extra problem for the spamfarmers…
@Joop: Hate to disappoint you, but they CAN’T take over your pc because they have your IP. They need a whole lot more than that ;)
@Cristiano, you are totally right;
Bad intentions need a lot of expertise, more than just a IP address. But let me explain why I mentioned that I don’t want to run any URL. Let me quote Steve Gibson on this one:
“So I guess my point is that the reason the browser is a focus point is it’s out there on the frontline. I mean, you’re literally, when you click a link, you are sending your browser off to somewhere it has never been before, maybe you’ve never been before. And it’s like, good’luck!
… what you’re really doing when you click the link is you are asking a server Lord knows where to send you a blob of stuff which your browser, running on your computer I mean, maybe this is even more scary, it’s the actual truth of what’s happening, is you’re saying, you know, let me have it. And so this blob of code comes down into your computer, and your browser says, okay, here we go. And with the best of intentions and in good faith it starts reading this page, displaying things and running scripts which may be included in that code. And who knows what’s going to happen? And so it’s not that the browser is worse code than any other code we have. It’s just that it’s the frontline. It’s right out there as you surf the Net, getting pounded with the stuff from any website that you visit.
…So from my way of thinking, I want my shields up.”
This discussion is not about the threats to browsers, I am just saying that it would be nice if those links are not followed with my default browsing system. What do you say?
Visit Retecool.com at times.
They do a DDOS every now and then against a spammer. Loads of visitors participate in the attacks …
I think the idea is nice, but this would be an open invitation to virusses and trojans and god knows what else.
Better if no-one ever clicked a spam link again.
/wishfull thinking off
@Joop: I bloody well know how browsers and security work, but honestly, your original idea of keeping your IP secret is bullshit. The most important thing is to keep your system updated and in gridlock, making sure someone doesn’t get your IP is just security by obscurity
Now I agree that your browser is there on the front-line, and it is hard to keep some systems (windows) completely secure, but if you have a secure browsers, anything they can do they can also do by just going around and scanning all the systems on the web. I used to run a webserver on a local server and if you see how many times a day you get polled for common exploits, it’s amazing. And I didn’t even have to press a link for that!
Viruses and exploits are way less common these days than fishing. People want money from you, not the honor of crashing your system and removing your data. I am simply afraid that this behaviour will teach people how to become more of a target for phishing attacks.