On Tue, 30 Dec 2003, Bill Stewart wrote:

> The reason it's partly a cryptographic problem is forgeries.
> Once everybody starts whitelisting, spammers are going to
> start forging headers to pretend to come from big mailing lists
> and popular machines and authors, so now you'll not only
> need to whitelist Dave Farber or Declan McCullough if you read their lists,
> or Bob Hettinga if you're Tim (:-), you'll need to verify the
> signature so that you can discard the forgeries that
> pretend to be from them.
> You'll also see spammers increasingly _joining_ large mailing lists,
> so that they can get around members-only features.

This has already happened:

Krazy Kevin pulled this stunt 5 years ago on at least one list I was on,
joining the list to harvest the most common posters, then spamming using
them as sender envelopes after he'd been kicked off.

> At least one large mailing list farm on which I've joined a list
> used a Turing-test GIF to make automated list joining difficult,

...discrimination against blind users - this is legally actionable in
several countries. There is a blind group in the UK taking action
against a number of companies for this and the Australian Olympic
committee ended up being fined several million AU$ for the same offence
in 1999.

> and Yahoo limits the number of Yahoogroups you can join in a day,
> but that's the kind of job which you hire groups of Indians
> or other English-speaking third-world-wagers to do for you.

To underscore that point, I've _watched_ cybercafes full of SE asians(*)
doing exactly this kind of thing for the princely sum of US$5/day -
twice the average wage of the area, even after the cafe fees were

(*) Philippines and east Malaysia.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to