hi Doug
Your scheme is easily poisoned. Covert accounts are free and can exchange
messages with other accounts over some period and be indistinguishable from
normal users. Unfortunately, the art of saying something without saying
anything has become a forte for many, like adding +1 to a thread. ;^)
I dont see how. You mean those 1) covert accounts will be used to generate
false
reports? Or 2) will they not be detectable as spammers because they look like
normal users?
For 1: users who file false reports can have their accounts suspended/cancelled.
For 2: its not possible to not be detected as a spammer. Anyone can be reported
as a spammer. The evidence (offending messages) will be gathered. People who
have been wrongly reported can appeal.
I didnt understand your message.
________________________________
From: Douglas Otis <dotis(_at_)mail-abuse(_dot_)org>
To: asrg(_at_)irtf(_dot_)org
Sent: Mon, September 27, 2010 12:17:31 PM
Subject: Re: [Asrg] Ideas for anti-spam
On 9/27/10 8:07 AM, Swaying Trees wrote:
I have some experience in fighting off intentional internet crime of a few
different types so I have that mentality and I'm interested in stop spam. I
love
creating systems to catch the bad guys and I've been successful at it in a few
different arenas.
Types of spam being targeted:
1. Forum/comment/website/blog spam
2. Video spam (youtube)
3. Basically most spam but not email spam.
Basic idea: USE the eyes of the public. The public is the target of spam.
They're the ones that see it. Let THEM take care of the spam problem. They
will
be happy to do so.
All we need to do is this: Let 3 established users of that website flag the
spam and hide it. If reporters abuse this feature, their accounts will be
canceled or suspended so they have to be sure its really spam. Only let users
with a certain account age flag spam (3 or 6 months, for example). People with
new accounts can also flag it but it doesn't hide it right away. Instead it
goes
into an Spam approval que where more experienced users can take action. The
problem is complex because these are human spammers so the solution has to be
significant as well.
Scenario: Spammer posts comments on message board. 3 people flag it and its
deleted automatically and the spammer's account is disabled. It can be
renabled
in case of a false alarm and if the user confirms they're not a spammer. No
system is perfect but if it stops 95% of the spam coming in, its good enough.
Spammers will realize that its simply not worth it if only 3 people can see
their message and have the account disabled.
This would work for Yahoo messenger also. 3 people flag an account as spam
and
that's it. Different checks and balances can be created to take care of
different "what if" situations.
Create a central website for example "flag the spam.com<http://spam.com>"
(FTS). This is how it would work: On every piece of user created content
(comments, videos), there is a "report" button, that makes a link to the FTS
site. For example there's a spammer on Facebook or Youtube. When the FTS site
receives reports from 3 people, it sends back an email to the website
reporting
the spammer's username). Facebook/Youtube automatically takes immediate
action,
deletes the comments and spam and disables the user account. The flag icon
(looking like a trash can icon) would become a universal "report spam" symbol.
Website owners could either let FTS do the work, or buy the software from FTS
to
install it on their websites. I've thought of creating a system like this and
testing it out on smaller websites to the bigger ones can see it really works.
As mentioned, checks and balances could be created to take care of security
and
false alarms as much as possible. Secure keys and codes can be exchanged to
make
sure messages being exchanges are genuine and not fake. When there is so much
spam going around, even if 3% of all reports are false, its still ok.
For spammers who create fake blogs or websites for traffic generation, the
same
approach can be used to send reports to Google so their site can be excluded
from searches. The goal once again: Make spam reporting quick and easy for the
public.
This is not true right now. Its difficult to report a certain website to
Google
for spam. Similarly, Facebook spam gets reported to admins who take action.
Thats slow and there arent enough admins. Its very hard to report spam
comments
on Yahoo news. Also, action taken is slow.
For email spam, let each email server obtain an anti-spam certification which
means, they take action against people who spam. Anyone who doesnt have that
certification, will get a "spam" point meaning, their email will be more
easily
caught in spam filters. This creates a motive for email server admins to get
certified. Black listed email servers which dont take any action against
should
not be entertained by other servers. They'll be left out of the internet cloud
with no choice but to fix themselves. A system can be created to take care of
cheats and other things.
Email spam is 95% of all emails sent. We cant fix this serious problem
without
having a serious solution.
Does anyone have any thoughts?
Your scheme is easily poisoned. Covert accounts are free and can exchange
messages with other accounts over some period and be indistinguishable from
normal users. Unfortunately, the art of saying something without saying
anything has become a forte for many, like adding +1 to a thread. ;^)
-Doug
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg