Liudvikas Bukys

Targeted Email Newsletters Show Continued Strength (Jakob Nielsen’s Alertbox):

We’ve also found that users often employ their spam filters to avoid newsletters that they no longer want. Instead of unsubscribing, which users often view as too cumbersome, they simply tell their spam-blocker that the newsletter is spam. Voila: the newsletter no longer arrives in the inbox.

The fact that many users will declare a newsletter to be spam when they tire of it has terrifying implications: legitimate newsletters might get blacklisted and thus ISPs might block their delivery to other subscribers. This is a compelling reason to increase the usability of the unsubscribe process: better to lose a subscriber than to be listed as spam.

See also Techdirt on the same subject.

Gary Robinson, inventor of the novel clever and useful chi-squared non-bayesian evidence combination method, that in practice seems to work pretty darned well for classifying spam (better than Naive Bayes), has written an article on Training to Exhaustion.

I think he has re-invented a less general version of the AdaBoost algorithm, in which training inputs are weighted according to classification error. The specific weight adjustments in AdaBoost will probably converge much more quickly than the small incremental reweighting in training to exhaustion, and Schapire’s paper shows some nice properties overall.

While bag-of-words models work remarkably well considering how simple they are, I think that progress will come from elsewhere. Instead of training harder (weighting hard examples in the training set), an algorithm could train “smarter” (applying more expensive techniques [e.g. extending n-gram length] but only for the hard examples). I’ve been contemplating experimenting with the tradeoffs in cost/performance but haven’t had the time (yet).

More aggressive email tokenization and parsing from commercial vendor corvigo; Purdue is an early evaluator.

Via Dave Farber: [IP] 25,000 ton spam relay, with photos of it!]:

The Rise of the Spammers:

The person who has coded both the client and the master server (I think that is the same person) is an intelligent person, with strong knowledge of technology, just because there are too many things involved: thread and network programming, mail server modification adding new commands, mask feature, reports, binary auto-removal, UPX compression, …, she also reads the security vulnerabilities mailing lists (bugtraq, full-disclosure, …), and somehow finds out another ones (I haven’t been able to find my vulnerability described in the Internet).

Yahoo Proposes New Internet Anti-Spam Structure:

Yahoo said its “Domain Keys” software, which it hopes to launch in 2004, will be made available freely to the developers of the Web’s major open-source e-mail software and systems. … Under Yahoo’s new architecture, a system sending an e-mail message would embed a secure, private key in a message header. The receiving system would check the Internet’s Domain Name System for the public key registered to the sending domain.

Dan Gillmor’s eJournal - AT&T’s Anti-Anti-Spam Patent:

“A system and method for circumventing schemes that use duplication detection to detect and block unsolicited e-mail (spam.) An address on a list is assigned to one of m sublists, where m is an integer that is greater than one. A set of m different messages are created. A different message from the set of m different messages is sent to the addresses on each sublist. In this way, spam countermeasures based upon duplicate detection schemes are foiled.”

The mind boggles at the willingness of the U.S. Patent & Trademark Office to grant patents to the most trivial ideas. Some commentators note that perhaps the patent can be used for good and not evil.

The Advocate - Bethel woman snares Canadian man charged with e-mail hoax:

Evans met Horvath-Howard in Bethel, where she said he expected to pick up more than $200,000. Instead, Bethel police were waiting for Horvath-Howard and charged him with first-degree attempted larceny.

Horvath-Howard was arraigned in Danbury Superior Court on Monday. Bond was set at $250,000 and his case was continued until Nov. 10.

I know that law enforcement must prioritize, but I hypothesize that making examples of a few tens of these criminals would deter quite a few more.

Note: My own personal observation is that many of my Nigerian 419 spam actually involves web crawlers with Nigerian IP addresses. I can’t say whether or not those are merely proxies.

California Court Issues First Anti-Spam Judgment:

On October 24, 2003, the Superior Court of California for the County of Santa Clara issued a final judgment and injunction in the civil case of People v. Willis, ordering defendants to jointly and severally pay a $2 million fine for violating California’s anti-spam, consumer protection, and unfair business practice laws and enjoining them from sending unsolicited commercial e-mail messages and other practices that would violate the law. The judgment — entered by default because defendants failed to appear in court or defend themselves in a timely way — marks the end of California’s first ever anti-spam lawsuit.
…
Besides assessing $2 million in fines, the court enjoined defendants from nine specific business practices. Several of the injunction’s provisions require defendants to comply with existing law. However, the injunction also bars defendants from a) sending unsolicited commercial e-mail; b) sending any e-mail for which the sender appears to be something other than the actual sender, or for which replies could not be received by the sender, or which includes misleading information about the country/mail server sending the message; c) using false or misleading information to register an Internet domain name; or d) selling or otherwise distributing lists of e-mail addresses for use in sending unsolicited commercial e-mail. The injunction also prevents either Willis or Griffin from owning or operating any business (other than a publicly-traded business) that advertises over the Internet for ten years.

Carl Hutzler and Ron da Silva, AOL Time Warner, at NANOG: The Relationship Between Network Security and Spam:

• Large ISPs like AOL have deployed sophisticated blocking, rate limiting, and filtering technologies which are forcing spammers to find new methods.

• In order to blend in, spammers like finding IP space and/or accounts on major ISPs. We are forcing them to the ISPs

• Spammers are likely paying hackers to provide IP space for them to utilize with the goal being to spread out the volume across many IPs to blend in.
  • Many of the techniques hackers use are more and more criminal and disruptive in nature

Network and Application Security are more important than ever.

The presentation’s last slide includes instructions on how owners of networks can register to receive realtime AOL spam complaints (the Complaint Feedback Loop).