On Aug 26, 2013, at 2:54 PM, Ray Dillinger <b...@sonic.net> wrote:
> On 08/26/2013 10:39 AM, Jerry Leichter wrote:
>> On Aug 26, 2013, at 1:16 PM, Ray Dillinger <b...@sonic.net> wrote:
>
>>> Even a tiny one-percent-of-a-penny payment
>>> that is negligible between established correspondents or even on most email
>>> lists would break a spammer.
>
>> This (and variants, like a direct proof-of-work requirement) has been
>> proposed
>> time and again in the past. It's never worked, and it can't work, because
>> the
>> spammers don't use their own identities or infrastructure - they use botnets.
>> They don't care what it costs (in work or dollars or Bitcoins) to send their
>> message, because they aren't going to pay it - the machine they've taken over
>> is going to pay.
>
> Possible, but Doubtful. The bitcoin "wallet" is extraordinarily secure
> as software goes....
You're arguing about the security of the wrong component. The user runs some
program that can send mail. *You* have required that it have the ability to
access the user's Bitcoin wallet. At best, if everything about the wallet is
implemented correctly, that just means the spammer has to slip-stream in a
bunch of messages along with messages the user is already sending - while the
sending is being done, there's a window during with the wallet has to be open,
and you can't restrict it *too* much or the interface becomes annoying (how
many times do you want to type your passphrase while sending a bunch of replies
to different recipients in different domains?).
Keep in mind that individual spammer bot's don't have to send a very high
volume of mail; in fact, they don't *want* to as that trips too many alarms in
too many places. They want to look like the person whose machine they have
control of - and they want that machine to look the same as it always has to
the user. The line between me sending n messages a day, and me sending (say) 3n
messages a day, over many "me" instances, is enough to keep the spam masters
going - but without a really intrusive interface it's hard to see how you're
going to stop that. If you manage such an interface, the spammers will adjust
(as they have many time before) and maybe go after high-volume mailers - who
will have to have a high-threshold interface from their mail agent to their
Bitcoin wallets, and cannot rely on a user regularly typing a passphrase.
Somewhere or another on the net, there's a document that's intended to be sent
in response to someone with a brilliant idea for finally ending spam - showing
how what they thought of has not only be thought of before, but was actually
tried and didn't work. I can't seem to find it again, but the last time I read
it, I found it quite convincing. There's no one golden solution to the spam
problem; there's just the ongoing, boring, back and forth of attack and
defense. (Actually, relative to a number of years back, spam doesn't seem to
be all that bad - see Perry's and my messages on a parallel thread about our
own experiences.) (And if you find a contradiction between my claim that we
should be able to build a provably secure system, and this claim that there's
no final solution to spam: The difference between the problems is that "spam
or ham" is ultimately a *human* decision which we're trying to model. Some
spam these days is sophisticated enough that even humans aren'
t sure! That's by its nature a problem that will never have a completely
automated solution - well, maybe not until we can through close-to-human-level
AI at it.)
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
