A recurring scenario in science fiction involves humans making their machines more and more powerful until they are overthrown by them. Well, we are busy filling our online world with better and better Artificial Intelligence — designed to decide what is meaningful and what is not, what is good and what is evil. It seems that not a single open port or a single submittable form on the Internet these days can get away without some sort of AI to determine whether it is being greeted by a friend or foe. As a Christian engineering professor points out, spam is an expected consequence of sin. It should not surprise us that we must struggle with something like rampant spam.
The Internet revolves around two important nouns: bytes and addresses. All around us fly packets of data going from one point to another. The reasons spam is profitable are cheap data and rogue points. It’s efficient to send bytes across the wire and it’s simple to get an IP address. So if we plan to take on spam, then those are the obvious places to focus.
Most bytes aren’t paid for directly. One buys bandwidth — a maximum rate at which bytes can be sent — typically on a subscription basis. How many bytes you get for your buck depends on how close to the limit you feed the pipes(1). A professional spammer buys industrial-strength bandwidth and milks it for all it’s worth. To make spamming less profitable, we could start charging more for bandwidth and the price of each junk e-mail would go up correspondingly.
However, that suggestion has a serious flaw. Spam is outgoing data(2). I think charging for outgoing data is abhorrent. The Internet’s current business model is already terribly skewed *against* the content providers(3). Byte-wise, spam is insignificant compared to what businesses like Download.com, YouTube, Google Image Search and the iTunes Music Store demand. If we raise the prices for spammers, we also raise the prices for non-profits like the Internet Archive, Mozilla, Sourceforge and sponsoring universities, Wikipedia, &c &c. Spammers are getting paid, not hoping for donations!
The other obvious way to discourage spam is to tie an identity to each address. If you can trace the source, you can hold it responsible. This is some people’s worst nightmare, some citizens’ bad dream and some lawyers’ bread and butter. Needless to say, that method has privacy concerns that are beyond the scope of this essay. (Read: it might be a good solution but I’m not going there.)
Both of these solutions would only provide more incentive for another rearing of sin’s ugly head. While some spammers spend their budget on big pipes, others use it to break into other people’s computers and send spam from there. This can be one organization with a fast connection, or a bajillion Internet Explorer users with normal connections. Increasing the cost of the pipes would only encourage more botnet-building research and development against vulnerable computers(4). I’d rather be stuck next to a shady neighbor with a mega-decibel stereo system, than one who has access to my, and all the neighbors’, volume controls!
Both of the obvious solutions have serious drawbacks. Those into politics are busy debating privacy, power and pricing. Those into programming are engaged in a battle of wits; whether to the death, the pain, or the world getting taken over by robots I can’t say just yet. I eagerly await for all things to be made new. But in the meantime, I think there is a way we can discourage spam, and I believe my professor is close to the right idea.
The problem is a double case of wrong perspective. As humans, we think of spammers shipping us barges full of toxic waste. In response, we do our best to implement port security. Humans are discerning creatures, so this might work in real life. But for a computer, telling the difference between toxic waste and the sacks of coffee that get us to work every morning is a hard problem.(5) The second perspective issue is much more subtle. When a barge full of dirty bomb material makes it through our port, we fume and feel victimized. We might even feel hate. We’re mad at the barge, we’re mad at the port it came from. We’re mad at our computer because it’s not competent enough to keep our inbox safe. But here is where the analogy breaks down. Spam is not motivated by hatred posing as zeal. Spam is motivated by greed. And capitalism is all about squeezing something good out of greed. I hope to explain in detail how I think we can exploit the tariff model, as well as exploring a number of side-effects, good and bad.
- …and whether said bandwidth is actually available or just some imaginary number that a marketing department made up.
- from the spammer’s perspective
- The better your content, the more bandwidth you will need to buy. This is just as true for non-profit organizations, and one reason even-over content hosting sites like Flickr, YouTube and Blogger are such good deals for the end-user.
- I.e., all of them. Vulnerability is a rank, not a switch that can be turned off.
- I suspect Bruce Schneier of having a reductionist view of humanness, thus, his paranoia about our nation’s recent security attempts stems from his incredible knowledge of computer security. Of course, there may reason for concern regarding Motherland Security due to experience with things such as history and human nature!