At 12:38 AM 9/13/03 +0100, Jonathan Morton wrote:
I like the idea of hashcash as an increase-spammer-costs strategy, but
there's one big fly in the ointment. The computational requirements
effectively make a hashcash-based system impractical for small,
ultra-portable or autonomous devices.
No problem - compute power is cheap.
I can, today, buy an 800 Megahertz PC for $200.
Assuming I buy a new one every year, that's still over 1200 seconds of
compute time for a penny. Adding two minutes of compute time
to a delivery means adding one 1/10 of a cent to the cost.
A 20 bit hashcash stamp would take less than 5 seconds, about 0.005 cents.
I'd be happy to generate 20 bit hashcash stamps for your low power
device for 1/10 of a cent,
provided you bought them in batches of at least 5000.
And therein lies the real problem -
Spammers won't have any trouble generating 20 bit hashcash stamps.
adding 1/200 of a cent to the cost of a spam isn't going to be much
of a deterrent, and that assumes that spammers are using
off the self hardware, and actually paying for the equipment.
They could build custom hardware to generate stamps for less,
but given that most spam is being sent via trojaned machines,
I think they'd just use the boxes they already "own3d" to send spam
to generate the stamps. Clearly 100,000 trojaned machines can
send 100,000 pieces of spam in the same time it takes a normal
user to send 1. Open proxies / trojaned boxes used to send spam
is currently estimated in the millions.
Scott Nelson <scott(_at_)spamwolf(_dot_)com>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg