"$MTP" and Extra Added Crypto(TM) (was Re: Throw away the Internet and start over?)

James Rogers jamesr at best.com
Wed Apr 23 11:54:30 PDT 2003


R. A. Hettinga wrote:
> Frankly, if you required a signed message you'd probably kill 
> 80% of all current spam. If you required the encryption of 
> each message to the recipient's key, you'd vastly overload 
> the outbound production capacity of even the biggest spammers 
> and kill 80% of the rest. 


Merely signing the message wouldn't slow them down much, though requiring
the encryption of the message to the recipient's key might.  In either case
it might make it easier to filter though.

I think people frequently underestimate the nature of the spam cartels.  One
that I am familiar with is burning around 1-Gbps of bandwidth at any given
part of the day.  Forcing them to run expensive compute operations against
their messages would slow them down, but not too much.  They use the Google
model of computation, buying scads of disposable boxes to maximize their
processor for the buck, completely foregoing quality.  If they needed more
compute cycles, they would find a way buy them on the cheap and happily
outsource if necessary.

The bottom line is that spam is profitable enough for a given spam cartel
(usually around a dozen members specializing in different things), that they
all make very nice money after paying for all the bandwidth and computers
they require.  They could easily afford to spend $100-200k per year on extra
compute cycles.  They wouldn't be happy about it, but they can definitely
afford to spend somewhere in that range.  You can buy a *lot* of crunch for
that much money.

Cheers,

-James Rogers
 jamesr at best.com



More information about the FoRK mailing list