[conspire] (forw) Re: [TAG] link suggestion - blog banned by Google

Rick Moen rick at linuxmafia.com
Tue Dec 19 23:13:03 PST 2006 

Some thoughts about "spam-proofing".

The irony I carefully am not dwelling on, here, is that
"tag at lists.linuxgazette.net" (Linux Gazette's "The Answer Gang" mailing
list, hosted right here on my server) is a non-publicly-archived list,
over my objections.  (I asked if the list could be taken public and 
offered to do all the work, a couple of the regulars objected angrily,
the editor-in-chief decided in their favour, and I dropped the subject.)


----- Forwarded message from rick -----

Date: Tue, 19 Dec 2006 20:24:29 -0800
To: tag at lists.linuxgazette.net
Subject: Re: [TAG] link suggestion - blog banned by Google

Quoting list at grabtech.net (list at grabtech.net):

> Hi. My name is Eugene Gershin. Perhaps we have met online, but more
> probably you don't know me from Adam. I monitor blogs for
> SamsonBlinded, and came across your post.

Wow, this is the most cannily constructed automated spam I've seen in a
good long while.  He almost carries it off.  And then:

[snip several short paragraphs of memetic payload]

> Please help us spread Obadiah's message, and mention the blog in one
> of your posts, or link to us from linuxgazette.net/131/lg_mail.html. 

The feet of clay show in this concluding paragraph, this being where
"Eugene Gershin" fails the Turing Test, and is revealed to be just
another mailbot parsing millions of Web pages and then spamming 
mailto hyperlinks found there.

My MTA will accordingly be autorejecting all future mail from that
source.

-- 
Cheers,       "What a pity [Standard Oil exec] H. H. Rogers's money is tainted."
Rick Moen                 -- some commentator of the day    "It's twice tainted:
rick at linuxmafia.com  'Tain't yours, and 'tain't mine."  -- Mark Twain, replying.

----- End forwarded message -----
----- Forwarded message from rick -----

Date: Tue, 19 Dec 2006 22:28:07 -0800
To: tag at lists.linuxgazette.net
Subject: Re: [TAG] link suggestion - blog banned by Google

Quoting Jason Creighton (jcreigh at gmail.com):

> ...the s/@/ at / obfuscation probably shouldn't be counted upon.

No, it certainly should not.

Any form of e-mail address obfuscation that gets used widely, as the
"rick at linuxmafia.com" format is by (e.g.) GNU Mailman, is trivially
hackable by spammers' tools such as address harvesting scripts.
Actually, the real legitimate use for those rather silly forms of
obfuscation is entirely different -- and utterly cynical:

It's a device to aid listadmins in overcoming knee-jerk objections to 
keeping mailing lists "open" (publicly archived).  In any online
community, there will always be at least one participant who really
doesn't "get" how spammers work, but is absolutely convinced that the
rest of the world must "protect his[/her] privacy", by scrambling to
expunge it from public view, every time it pops up.

The dutiful, intellectually honest, community-knowledge-minded answer to
that person goes as follows:  "Sir [/ma'am], if you think you can use an
e-mail address even minimally on the Internet in 2006 and hide it from
spammers, you're kidding yourself.  Ask yourself:  Can you absolutely
guarantee that nobody will ever add your address to an MS-Wind0ws
"address book" of the sort used by MS-Outlook Express and MS-Outlook, or
other MAPI clients?  No?  Well, then logic obliges you to acknowledge
that statistically that is very, very likely to happen, and multiple
such people are very likely to get their MS-Wind0ws machines
virus-infected, at which point the zombified Wind0ws box _will_ report
your e-mail address directly to the spammers.  Game over.  Finis.  And
this happens very quickly in today's Internet."

That would be the _correct_, relevant counter-argument.  The problem is:  
The logic is complex and requires paying attention -- and so it
invariably fails to convince those who raise that objection.

So, instead you say "Oh, no problem.  See here?  Mailman will _obscure_
your address, and thus the bad guys won't be able to get it."

One completely irrational analysis, convincingly rebutted by a bogus but 
generally accepted answer -- thereby carrying out the good office of
permitting mailing lists to be open, thus better benefiting the public
by being publicly searchable.

But, here, I've given you both answers, pro bono publico.  Go forth and
do evil, or not, as you think best.  Far be it from me to say which is
which.

-- 
Cheers,             
Rick Moen                 Support your local medical examiner:  Die strangely.
rick at linuxmafia.com

----- End forwarded message -----
----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----

Date: Tue, 19 Dec 2006 22:55:12 -0800
From: Rick Moen <rick at linuxmafia.com>
To: tag at lists.linuxgazette.net
Subject: Re: [TAG] link suggestion - blog banned by Google

I wrote:

> Any form of e-mail address obfuscation that gets used widely, as the
> "rick at linuxmafia.com" format is by (e.g.) GNU Mailman is trivially
> hackable by spammers' tools such as address harvesting scripts.

And I forgot to add an important footnote to that comment:

By contrast, obfuscation methods that _aren't_ used widely may be very,
very useful.

Jeremy Zawodny uses an utterly brilliant local modification to MovableType 
on his blog (http://jeremy.zawodny.com/, that completely defeats the 60% of 
Web comment spam that is from automated spammer processes:
http://jeremy.zawodny.com/blog/archives/002836.html  In short, Jeremy 
modified MT's standard comment form to ask "What's Jeremy's first name?"

Humans type "Jeremy" (or "jeremy") and are not significantly impeded.
Bots, by contrast, get foiled.

Obviously, if spam-tool authors start custom-coding their scripts 
(the ones they sell to spammers) for Jeremy's one-off locally modified
version of MovableType, he can trivially change the question
occasionally, e.g., to ask "What colour is a ripe banana?"

That still leaves the other 40%, the spam posted individually by humans
saying "I really like your site, and wanted to recommend [URL] to all
your readers" and such.  Jeremy has to use other means to combat those.

-- 
Cheers,                 Katrina's Law:  Any sufficiently advanced incompetence
Rick Moen               is indistinguishable from malice.  
rick at linuxmafia.com                           (coinage attrib. to Paul Ciszek)

----- End forwarded message -----

More information about the conspire mailing list