Solution: Add copyright notice to Turing test and sue malefactors.
Yes, because we all know how well copyright protects everything else
in the digital realm, like music and movies.
Actually this is a rather different case.
There is already a pretty successful spam litigation bar. Folk like Jon
Praed who go and sue spammers and get huge damages awards for AOL, Microsoft
etc.
Copyright is not very effective when it is used in a scattergun fashion. The
risk of being selected for prosecution is not a deterent when you have
millions of infringers.
The point of the copyright notice is to notify the end user who is being
fooled into answering the test on the spammer's behalf. The purpose of the
XBox is to give the end-user an incentive to turn them in.
It is a consequence based security measure and so it is less satisfactory
than crypto. But it still works to protect Yahoo and hotmail signups.
Real security analysis is risk mitigation, not risk elimination.
Now that the attack has been broadcast on slashdot it is only a matter of
days before it gets tried. So we will see how effective the response is.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg