Security Information Vulnerability Research Security Blog

Rotten Meat

October 20th, 2005 by ido, Filed under: Commentary, Spam

We all know this situation: Junk emails.

Usually it’s just annoying commercial stuff (do you want Viagra and then find a sex partner ?), or the phising type such as Lottery wins (Bill Gates, look behind you), and of course it might have some XSS attacks or an ActiveX that allows attackers to hijack users’ machines and make them zombies.

There is Blue Security’s suggestion to DoS spammers, where it will not be the Blue Security hands that pull the trigger - it will be the user that is sick and tired from spammers that will do it for them.

There are many Pros and Cons for that solution, and I think that the murder of the Russian spammer set a new level for what people are willing to do to spammers. While this specifically is too much, it displays the problem that spammers create for users.

Recently the Israeli court (the same country that Blue Security comes from), decided that if you published somehow your email address it is OK for businesses to spam you (whats the email of the Judge, I wonder?).

My idea is to create a big database that users can register themselves into what ads and other junkmail they are willing to receive in their email, and only this type of email will be sent to them, while users that are not registered to this services, will not get any spam at all.
Anyone that will spam users that are not listed, will need to pay a huge amount of money to the that user, and to the ISP that they sent the email using their services (500% of the annual income of the company).

Another idea, is to close ISP’s that allow such actions of sending mass emails to users. We need to close them for a month, in order to make them bankrupt (customers will leave them, and not many customers will join such service providers). That way most ISP’s will stop allowing such things, and also start to offer their clients protection as part of the email address deal.

Now we need to test it, in order to see how it works.

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Is your site safe from SQL Injection attaks? Sign up for Beyond Security’s Automated Vulnerability Detection Service today!

2 Comments:

  1. robert s., on October 23rd, 2005 at 5:51 am Said:

    Does my email here gets published? I don’t see a link to a privacy website.. :D

  2. aviram, on October 23rd, 2005 at 12:58 pm Said:

    Good point, and certainly valid. We’ll have the privacy link up in a few minutes.

    Thanks ;-)

Leave a Comment

Security RSS Subscribe


Vulnerability Scanner