Spiced Ham
August 3, 2007 7:18 PM   Subscribe

The New Yorker dives deep into the world of Spiced Ham: "'You buy your spamming program and your spamming network. You obtain a list of mailing addresses. Anyone can do this in an hour. Then you put them all together and set up a Web site or go to a service provider. You can buy a server for a few hundred dollars and spam from that. Usually, the provider will shut you down quickly and you will be blacklisted. But then you move on to the next.' Among the systems that have been infected by networks of remote computers in the past two years were computers at the weapons division of the United States Naval Air Warfare Center and many machines operated by the Department of Defense."
posted by JPowers (14 comments total) 1 user marked this as a favorite
I think the solution to spamming is simple.

Step One: Spam the world.

Step Two: Beat down *everybody* who actually responds to your spam.

Step Three: Beat down yourself, you effing spammer.

(Note. This is not actually a solution to spamming. But hey, beatdowns.)
posted by eriko at 7:23 PM on August 3, 2007

This post is a flagration violation of the Arpanet.
posted by goodnewsfortheinsane at 7:26 PM on August 3, 2007 [2 favorites]

Great read too, thanks.
posted by goodnewsfortheinsane at 7:46 PM on August 3, 2007

The problem is, if you actually pay for all those things, there would be less chance of actually turning a buck. You pay for hosting, and you'll get cut off very quickly. You can move on, but you will have paid for a months worth of hosting for just a few hours.
posted by delmoi at 8:19 PM on August 3, 2007

Email needs the equivalent of a postage stamp in order to stop spam — the cost of an email has to be greater than the return on spamming. And no loopholes of the kind that let bulk mailers litter the paper world.
posted by Blazecock Pileon at 9:04 PM on August 3, 2007

This is what happens when you put people with degrees in economics in charge of technical assets...
posted by SweetJesus at 9:29 PM on August 3, 2007

You know what's more annoying than spam? Your dad, trying to diagnose the mystery of spam.

"How do they make it seem like it came from me? Did they break into my computer?"
posted by dhartung at 10:35 PM on August 3, 2007 [1 favorite]

And spammers can be amazingly stupid as well. I'm contributing to dsbl and to uribl, and earlier this week I could add almost 300 URL's to uribl because of one single message. dot-info domains are (too) cheap these days, but throwing away 300 in one go is pushing it..
posted by DreamerFi at 11:48 PM on August 3, 2007

Spam is one of globalization’s true success stories. Servers can operate from anywhere, and spam gangs sell lists of “fresh proxies” (newly infected PCs), offer “bullet-proof hosting” (spam service Web sites, often based in China), and advise each other on new spam techniques and on which networks are “spam-friendly” (those which will host spammers in exchange for the spammers’ paying for high-priced services they don’t need).

Spammers need three things; a machine to send the emails, a server to host the website for those spams to link to, and a domain to link the two together. Nowadays they can either use spam-friendly ISPs (which are quite often blacklisted by the rest of the internet) or use other people's home and business PCs.

Using people's infected pcs to relay the spam itself (to hide the spammers IP) has been going on for several years. Now, they whole operation can be run off botnets. The spam is sent from home pcs, the website is hosted on a number of them, and load-balancing DNS is used to point to them - rather like google.com is actually many different IPs. Even the domain records can be hosted on the botnet pcs. Plus the whole fake headers business.

The better the anti-spam systems get, the more decentralised, anonymous and harder to stop the spam becomes. The latest wheeze hitting my systems is pdf spam; image spam, but inside pdf files, which are 10 times the size and harder to block.

There simply isn't an answer to spam, as long as there are unscrupulous marketers, and a tiny tiny percentage of idiots willing to buy their products, the rest of us will have to pay the price. I know a number of people who have simply abandoned email because real messages are either drowned in spam, or caught by anti-spam mechanisms by mistake. How much longer before email itself simply becomes completely untenable for the majority of people? And what kind of gated community system will replace it?

(checks his records - 99.97% of my personal mailbox is spam; 15% of my work mail system is spam, but that goes up to 92% if you include the mails that were blocked by the blacklist and greylists before they even finished connecting)
posted by ArkhanJG at 2:27 AM on August 4, 2007

What I would like to know is: who buys from spammers? If there were no customers the whole spam business would evaporate. Even if it's cheap and easy to send billions of e-mails, it still costs something, and spammers wouldn't spend their time doing it if they didn't made enough money to make it worth while.

If you want your Viagra so much, why not buy it from a reliable source? If the seller calls it V1@gr!a why do you think he's going to give you the real thing instead of just taking your money and run?
posted by Termite at 5:40 AM on August 4, 2007

Did somebody say steamed hams?
posted by Civil_Disobedient at 6:02 AM on August 4, 2007

If you want your Viagra so much, why not buy it from a reliable source?

Yet another problem remedied if the US had universal healthcare.
posted by ao4047 at 8:17 AM on August 4, 2007

Termite: It's entirely possible that the people trying to sell Viagra are losing money hand over fist. As long as the people who operate the botnets are able to convince a steady stream of suckers that buying a spam run will increase their sales, though, we'll keep getting spam.
posted by hattifattener at 10:32 AM on August 4, 2007

I thought the article was good, but a little too "OMG, spam is taking over the world." What makes spam so interesting to me is how good filters are at catching it. My gmail and my work mail let through about one a day, tops. And they catch hundreds.

That's pretty cool.
posted by Duluth?! I Hardly Know Her! at 6:50 PM on August 5, 2007

« Older Shit's getting all crazy   |   One inch punch Newer »

This thread has been archived and is closed to new comments