Written by
I was working for a multinational organisation recently on a project of a sensitive nature concerning a new product launch. The customer asked us (and all other suppliers and subcontractors) to make sure that all e-mail was encrypted and signed. This is a good policy. I don’t think they were particularly worried that international hackers were monitoring the e-mail servers (although they might well have been) but they were concerned about information being sent to the wrong people. This happened to me only last week when I got an e-mail from a company that we work with. The the e-mail contained minutes from a board meeting and an attachment concerning problems in meeting a service level agreement, and was meant for another Dave entirely. Naturally, I deleted the e-mail and informed the sender. This is just the sort of problem that would be solved if the mail had been encrypted to “the Board” (or whatever) and since I wouldn’t have the key for “the Board” I wouldn’t be able to read it. Anyway, we dutifully swapped the swapped the keys after a bit of messing around, and we’re soon up and running. The secure regime lasted a week: after a few days we were asked to stop encrypting because encrypted e-mails were causing problems with the e-mail firewall (because it couldn’t read them, obviosuly) and then after a few more days we were asked to stop signing as well because it was causing problems for Blackberry users in some way. Back to square one.
So what are we to do? We live in a world where you can’t even send your personal data to Her Majesties Revenue and Customs in encrypted form, where your bank can’t send you a digitally-signed e-mail despite the fact that you can’t buy an e-mail package that doesn’t have S/MIME in it and confidential corporate data is left on laptops. I know it’s Monday morning, but sometimes I think we’re not making any progress at all. Are lawyers at the root of this problem?
I was at a discussion about privacy recently. The group were discussing a response to the Ministry of Justice Thomas/ Walport data sharing review consultation. Pete Bramhall from HP sagely noted that the consultation document began with the statement that it assumed a familiarity with the Data Protection Act and other relevant legislation. How come, he pointed out, it did not assume a familiarity with rudimentary information technology, basic data security, elementary cryptography or, indeed, anything else that might help to develop a privacy-enhancing infrastructure for the modern world. Quite. Anything that comes out of this review will be by lawyers and for lawyers and, however much it may be subconscious, in the interests of lawyers.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]
Apologies, as I don’t really feel qualified to post this, but the Internet would probably cease to be if certain forms were not observed…
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won’t work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we’ll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
(X) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don’t care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else’s career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don’t want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don’t think it would work.
( ) This is a stupid idea, and you’re a stupid person for suggesting it.
( ) Nice try, assh0le! I’m going to find out where you live and burn your house down!
(X) Users of email will not put up with it
I will. If other people want to carry on receiving spam, that’s fine by me.
(X) The police will not put up with it
Why? Are they sending out a lot of spam? I don’t understand this objection.
(X) Requires immediate total cooperation from everybody at once
No. It requires the co-operation of a few key people. I can easily show my brother how to turn on S/MIME in Outlook so that I will receive his mails.
(X) Lack of centrally controlling authority for email
But my plan doesn’t call for this, so that’s not really an objection. My plan calls for anyone sending me an e-mail to encrypt using my public key.
(X) Huge existing software investment in SMTP
I’m not sure you understand how S/MIME works, it has nothing to do with SMTP.
(X) Armies of worm riddled broadband-connected Windows boxes
These are, indeed, the foot soldiers in the arms race, but we only have to tilt the economics a little. If each of these boxes went from 1% utilisation sending spam to 100% utilisation sending spam (because of the need for asymmetric encryption), then one by one they might get turned off. But you’re right: it’s the numbers here that are a problem.
(X) Extreme profitability of spam
At zero cents per message. But at 0.01 cents per message? If a spammer has to buy a hundred PCs where he was using three before, that’s what it amounts to.
( ) Extreme stupidity on the part of people who do business with spammers
This box should always be checked: I have no technological defence against people who genuinely believe that the widow of the late Nigerian strongman Abacha wants to give them a million dollars.
(X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
Well, there’s always a first time. As I point out in the message, just turning on S/MIME doesn’t work, but I can’t help feeling that the answer is in here somewhere. We don’t need to make spam impossible or even difficult. We just need to make it not free.
(X) Sorry dude, but I don’t think it would work.
Thanks for joining in the debate, it’s genuinely appreciated.
I’ve written many posts on getting S/MIME to work, as an exercise. I actually use it these days, and it is no surprise that it doesn’t function in the market. Every couple of weeks it breaks down because of the assumptions. It’s a good pedagogical tool, it is an important case study in how not to do it, because so much is wrong.
In contrast, Skype delivers a spam-free system, for free. To fix S/MIME, just draw a line from S/MIME across to Skype and start changing things. Every little thing, all things.
Pretty soon you discover the answer: leave. If you want to stop spam, don’t change the tools, move somewhere where there is no spam.