Hi Gadi Evron wrote: > On 5/23/10 4:53 PM, der Mouse wrote: >> Also notable (in that it vitiates your casting of them as just a >> somewhat unusual webmailer) is that I can't think of a case in which I >> had any clue who the nominally provoking person - the name Facebook >> sticks in the From: - was. Of the three examples I find in my incoming >> mail that hasn't yet rolled off the end of my historical records, two >> were sent to mailing lists I'm on and the third was sent to my NetBSD >> address; in none of these cases do I recognize the name in the From:. > > That is abuse by the users of the service, not the service itself.
Depends how you look at it. If during registration facebook suggests providing your gmail (for example) user+pass so that they could scrape your address book and invite everyone (not sure if they actually do this, I haven't tried giving them an address), it is clear it is indeed spam (unsolicited + bulk if you can send to your hundreds contancts - is there a limit?) but it's not clear who is the spammer in this situation. It may be the registering user, as they are the ones providing the credentials and triggering the send. On the other hand, facebook definitely has their own agenda of getting as many users as possible. You could look at it as facebook tricking misinformed users into providing them address lists to spam to. The slight webmailish customization possibilities don't really make a difference here - they could be considered facebook outsourcing their spam body mutation engine (once again, by tricking users into thinking that THEY want to do it). Of course facebook may be better than this - feel free to substitute in a more evil social network site if it makes more sense that way. Siim _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
