The future of spam
A research paper by academics from the University of Calgary forecasts 
the future of spam.
The researchers suggest that new and more sophisticated data mining of saved emails and address book contacts combined with natural language processing techniques will produce zombie PCs that send out emails which look like emails that owner of the PC has written to particular contacts before.
The authors predict that this smarter spam will hard to detect, although they offer a few suggestions on how it might be combatted.
The future of spyware and email worms is also covered.
[Via Slashdot ]
Related posts
May 2nd, 2006 at 1:51 am
Can I be biased and blame Window’s poorly secure system on the growth of spam, contrary to what Bill Gates should suggest?
May 2nd, 2006 at 6:05 am
If Windows zombies are such a significant source of spam then why are they allowed to roam with seemingly relative freedom and wreak havoc around the net? Is there enough serious effort/action being taken to successfully quarantine these zombies instead of relying too heavily on better methods to defend against them?
Liability-related issues are obviously important and I suppose we do what we can to handle the consequences of them being so unclear.
May 2nd, 2006 at 6:14 am
It’s a good question, I think maybe that no company wants to take the blame — we had a good example at a client recently. They had an older security camera system, ran on a PC — that PC software could not run anti-virus or firewall software while it was recording, so it’s protection was a firewall, that was invaded without them knowing, and a source of sending spam out to the world then. No one knew it — then they asked me to take a peek at it and give it an evaulation — first we switched our internet from SBC to Speakeasy (much brighter company to work with); as soon as we did that, Speakeasy shut the internet access down as it noticed the spam activity. That computer had been up for almost 2 years, I can imagine how much trash it was sending the world.
In that case it was:
- Windows weakness all around (but of course, they’re not held liable)
- SBC was not monitoring traffic on it’s information highways
- Software company did not allow for extra programs to protect it’s system
- Ignorance on the company (or previous IT rep) on how to protect/control it’s system
I think the large blame falls in Windows for it’s weakness in the first place, then I blame SBC for not just looking at it’s traffic to stop illegal activity (obviously they don’t care what you use their network for), the software company may not be the best, but it’s not their fault to have to work with all the weaknesses in a system, and the company should have kept better track of it, but there’s a simple level of knowledge there (they also didn’t know that the anti-virus was not running, the software company didn’t mention it — but they still could have checked).
It’s a hard arguement, that’s just an example, but in the end, I’m not even sure who to blame, so I stick it to MS in the first place, which is arguably fair.
May 2nd, 2006 at 2:20 pm
I agree that MS is worthy of at least the original blame although I sure won’t bet on them ever being held accountable. If Windows weren’t the favorite swiss cheese for security exploits we’d be having a different discussion.
No answers for lack of liability and accountability when there’s someone else to take the blame. It’s their problem. ;-)
Is there’s hope for a relatively spam-free future? Would that require some significant changes and compromises? The risks and inconveniences of such an undertaking may generally be deemed more worthwhile than sustaining and tolerating the current spam infestation.
Maybe service providers will eventually have a heavier burden of responsibility, with more specific technical boundaries and legislative enforcement. The new roles and rules still seem just as speculative as tangible. Old ones won’t fit or work.
And, if allowed to, dynamic interactions of the net can reveal plans and willingness for certain kinds of change better than they can be mandated by some centralized overarching authority.
Time to stop before my thoughts get even more mishmashed.