paying for email?

By agrav8r
Dec 27, 2003
Topic Status:
Not open for further replies.
  1. This sounds like a good ideal , but with all the bugs that have been popping up in all the added features of MS, I would be leery that the puzzle wouldn't allow a hacker access to my accounts info.



    http://news.bbc.co.uk/2/hi/technology/3324883.stm

    Microsoft aims to make spammers pay

    By Jo Twist
    BBC News Online technology reporter


    Despite efforts to stem the billions of spam e-mails flooding inboxes, unwanted messages are still turning e-mail into a quagmire of misery.

    The Penny Black revolutionised the British postal service
    Spammers send out tens of millions of e-mails to unsuspecting computer users every day, employing a myriad of methods to ensure their pills, loans and "requests for our lord" pleas fox e-mail filters.

    Some are even turning to prose and poetry to fool the technological safeguards people put in place.

    But a group of researchers at Microsoft think they may have come up with a solution that could, at least, slow down and deter the spammers.

    The development has been called the Penny Black project, because it works on the idea that revolutionised the British postage system in the 1830s - that senders of mail should have to pay for it, not whoever is on the receiving end.

    Stamp of approval

    "The basic idea is that we are trying to shift the equation to make it possible and necessary for a sender to 'pay' for e-mail," explained Ted Wobber of the Microsoft Research group (MSR).

    The payment is not made in the currency of money, but in the memory and the computer power required to work out cryptographic puzzles.

    "For any piece of e-mail I send, it will take a small amount computing power of about 10 to 20 seconds."

    For this scheme to work, it would want to be something all mail agents would want to do

    Ted Wobber, MSR
    "If I don't know you, I have to prove to you that I have spent a little bit of time in resources to send you that e-mail.

    "When you see that proof, you treat that message with more priority."

    Once senders have proved they have solved the required "puzzle", they can be added to a "safe list" of senders.

    It means the spammer's machine is slowed down, but legitimate e-mailers do not notice any delays.

    Mr Wobber and his group calculated that if there are 80,000 seconds in a day, a computational "price" of a 10-second levy would mean spammers would only be able to send about 8,000 messages a day, at most.

    "Spammers are sending tens of millions of e-mails, so if they had to do that with all the messages, they would have to invest heavily in machines."

    As a result of this extra investment, spamming would become less profitable because costs would skyrocket in order to send as many e-mails.

    All this clever puzzle-solving is done without the recipient of the e-mail being affected.

    Bogging them down

    The idea was originally formulated to use CPU memory cycles by team member Cynthia Dwork in 1992.

    But they soon realised it was better to use memory latency - the time it takes for the computer's processor to get information from its memory chip - than CPU power.


    Spam accounts for more than half of e-mails sent
    That way, it does not matter how old or new a computer is because the system does not rely on processor chip speeds, which can improve at rapid rates.

    A cryptographic puzzle that is simple enough not to bog down the processor too much, but that requires information to be accessed from memory, levels the difference between older and newer computers.

    It all sounds like a good idea, said Paul Wood, chief analyst at e-mail security firm MessageLabs.

    "One of the fundamental problems with spam is that it costs nothing to send, but has associated costs for the recipient which include loss of bandwidth, problems with usage, and lost productivity," he said.

    "Microsoft's idea is to shift this cost burden from the recipient to the sender, which in itself seems like a reasonable sentiment."

    But, he said, for such a scheme to be all-encompassing, there would have to be some provision for open standards, so that it is not proprietary to Microsoft.

    Work for all

    MSR is in talks with various people to put the system into a useful anti-spam product.

    It could easily be built into e-mail software like Outlook, e-mail servers or web browsers, said Mr Wobber.

    "For this scheme to work, it would want to be something all mail agents would want to do," explained Mr Wobber.

    And because it is the receiver who sets the puzzle requirement, spammers will not have any advantage by using non-Microsoft products.

    It is certainly not going to stop all spam for good, admitted Mr Wobber.

    "I don't think any one spam scheme is a panacea, we have to use a wide variety of schemes to be successful in stopping spam."

    "Spam is probably going to get worse before it gets better, and I really hope it does not get to a point that it deters people using e-mail."
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.