Sunday, July 24, 2016

Some impressions from having finished read Finn Brunton's Spam: A Shadow History of the Internet (see also the New Books Network interview):

I suspect that there is a strong difference between early e-mail spam, more recent forms of content spam, and even Philip Parker's book spam (which Brunton footnotes in the conclusion and mentions in the NBN interview) on the one hand and DDoS attacks, electronic warfare, and malware on the other. Though this latter group of threats may be spread by spam, they can in no way be interpreted as providing any benefit for the gullible or less educated computer users who constituted the traditional audience of spammers.

After all, as Brunton emphasized, during the earlier years of spam people who bought into scams often received a product or service in exchange for their payment, however poor or degraded in quality it was. People who buy automatically generated books drawn from information on the surface web also receive some kind of information for their purchase. However, the only beneficiaries of malware or electronic warfare are the parties who commission the attacks. In its nature this type of spam shares more in common with 419 attacks in that the recipients can only be victims. Thus, we need to distinguish between spam as shady marketing of substandard products and services and spam as pure scam and crime. Can we use the same word for both of these things?

I also wanted to note that I suspect that e-mail spam is still being categorized using rules other than Bayesian filters. For example, I work as a Russian translator with a number of legitimate companies in Russia and eastern Europe. However, I have to set up filters in both Gmail as well as in my professional e-mail (Fastmail) to avoid having certain messages tagged as spam just because they come from a .ru address or contain Cyrillic characters. There would appear to be nothing else about these messages that would justify classifying them as spam otherwise.