What To Do With Malicious Hackers and Cost-Imposing Spammers?

Computer Spam.JPG
That Does Not Compute…

John Tierney’s column in the New York Times (requires simple registration), “Worse Than Death,” is excellent. It’s amusing, but it’s about an important subject. Those oh-so-clever-but-harmless hackers, who are indeed clever, but hardly harmless. They cause millions of hours of lost labor. They disrupt information systems on which the lives of others depend. They are criminals who cause enormous harm.

The related question is what to do about spammers? Yes, I agree that there are technological fixes. The market can handle an awful lot of this without resort to lawsuits, much less to legislation. But they do cost me time every day, and that’s not counting the fear of the spam-containing viruses released by hackers. I’m only referring to the ads for refinancing, prescription drugs, pornography, time shares, industrial equipment (!!), and on and on and on. (I have also learned about “comment spam,” not just from the denizens of the Fever Swamp, but also from advertisers, and now “trackback spam,” which also leads one to advertising sites.) At some point, as the costs mount for individuals and, when aggregated, reach millions and millions of hours of lost time, one is tempted to ask, “Oughtn’t there to be a law?”



15 Responses to “What To Do With Malicious Hackers and Cost-Imposing Spammers?”

  1. Go ahead and ask. As long as you get the answer right!

    I actually do think there should be a legal framework that establishes rights to reject unsolicited interruptions whether by phone, email, website intrusions, etc.

    It does seem sensible to me that one should be able to have an electronic “No Solicitors” signal respected. I would hope that the law wouldn’t go too far and try to regulate particular solutions, though.

    Now that I think about it, junk mail in snail mail imposes costs too and should probably be treated similarly.

  2. Alan Gura

    We can respect freedom of movement and speech while still allowing laws forbidding advertisers from marching on your front lawn with bullhorns.

    Telemarketing, fax spam (already illegal), and email spam is the same. We install telephones, faxes, and email for our own convenience, not to invite harrassment. Our email boxes are not a public park. Without aggressive spam filtering, the entire medium would be useless. We cannot sacrifice technologies, abandon entire means of communicating with each other, for some bizarre egalitarian (yes, egalitarian!) notions of respect for spam.

    Even with the spam filtering (I use mailblocks), who should bear the externalities of spam? Right now, it is the victims. I must pay mailblocks to block out spam, and the cost of spam traffic is reflected in the cost of internet access. I also lose some desired email messages because some people won’t bother with the mailblocks screening or are turned off email completely.

    And just wait until you get SPIM (IM spam) or text message spam….

    Enough.

    The solution is to sentence advertisers who use spam to five years hard labor, first offense. Second offense, capital punishment.

    I use mailblocks, and it works

  3. As a person with a hotmail email address, I get a lot of spam, and I just deal with it. It’s very obnoxious, but I don’t think anything should be done, at least not on a legal level. If enough people are sufficiently annoyed, spam will be dealt with, and the Invisible Hand will administer to those responsible the smack in the face that they so richly deserve. For now it’s just annoying, but so are some small children.

    I do also get SPIM, and it’s very annoying, not to mention harder to combat. I’ve gotten the same message from at least 15 various “people,” all of whom claim to be a girl named “Mariah,” who wants to get to know me better and also has her own website, a claim made no less dubious by its word-for-word reduplication on numerous occasions. I’ve tried blocking the various “people” who’ve sent me the message, but it just gets sent by “someone” else.

    -sam

  4. Alan Gura

    So long as one person out of a billion forms a relationship with Mariah, the SPIM is economically rational for her.

    I love the invisible hand, but the market cannot solve the problem of stalking, harrassment, trespass, and disruptive conduct. There oughta be a law. A harsh law.

  5. How do we know when there oughta be a law?
    I mean, there are laws against stalking people and following them around, but I don’t think thre are laws against randomly bumping into people. I can call a stranger on the phone if I want, but I think I’d get in trouble if I called the same person every five minutes from midnignt to 8 in the morning. Is spamming like calling every five minutes?

  6. Alan Gura

    If you randomly bump into people because you are clumsy and have no intent to bump into them, you are still liable in tort.

    If you randomly AND INTENTIONALLY bump into people, you are committing criminal assault and battery.

  7. Alan Gura

    If you randomly bump into people because you are clumsy and have no intent to bump into them, you are still liable in tort.

    If you randomly AND INTENTIONALLY bump into people, you are committing criminal assault and battery.

  8. Aaron G.

    If you use Outlook (and possibly other mail programs), download Spambayes:

    http://spambayes.sourceforge.net/

    Properly trained, my Bayesian Spam filter kills 95% of the spam I get every day, which is in the realm of about 60 per day.

    For blogs, I recommend using Movable Type and then installing the MT-Blacklist add-in. Then you simply refresh the blacklist and it will automatically remove spam from your comments and block bad IPs.

    http://www.jayallen.org/projects/mt-blacklist/

  9. What about a payment system?

    This has been bandied about for a couple of years and if the dozen or so major e-mail providers jumped on board, this could take off.

    The way it works is each email sent is sent with a mathematical code that represents a payment in escrow (suggested values are $0.01). When that email is read, the reader decides if its spam or not. If it is, the sender looses that money. If it’s not, the sender has his/her money returned. As long as you choose a value that makes it too expensive for spam! Bam! You’re done!

  10. Aaron G.

    Bam! Armchair economics is fun! Throw enough indifference curves and social utility functions at the wall and we can make anything work! Bam!

    But wait, what about spam relays in countries that don’t use dollars? Or what about the difficulties of modifying existing email architecture to tie to everyone’s bank account? Or what about commercial senders like Amazon who I hardly read but aren’t spam? Or what about the fact I don’t have time to pick through every email and click “Verify” or “Don’t Verify” to make sure everyone gets their penny back?

    Oh, but those are realistic questions, so much more fun to say “Bam!” and pretend I did something today. Idiot. Shut up and don’t talk again until you’ve taken ECN 411: Economic Theory Meets Real Life. What’s that? It doesn’t exist? That’s because Post-Keynesianism is just another word for crap, and that’s what your idea is, john f. Freaking unbelievable.

  11. “what about spam relays in countries that don’t use dollars?”

    Oh yes, I forgot how un-international commerce is because not everyone uses dollars. Maybe someone will invent a mechanism to translate dollars into whatever currency they use, maybe they could call it exchange rates?

    “Or what about the difficulties of modifying existing email architecture to tie to everyone’s bank account? ”

    There’s something that will do that, what’s it called? A bill, yes, I think that’s what the kids call it these days.

    “Or what about the fact I don’t have time to pick through every email and click “Verify” or “Don’t Verify”

    How about you only select the ones that are spam and the ones that you don’t are considered not spam? You probably do that for your spam filter now.

    “Idiot. Shut up and don’t talk again until you’ve taken ECN 411: Economic Theory Meets Real Life. What’s that? It doesn’t exist? That’s because Post-Keynesianism is just another word for crap, and that’s what your idea is, john f. Freaking unbelievable.”

    ECN 411 huh? That’s what will allow me to anonymously belittle people because I live a pathetic life and have trouble rectifying how intelligent I know I am with how smart everyone else seems to think I am?

    Or is ECN 411 the class that will allow me to bring up minor technical questions about something I seem to have trouble understanding only because the person making them isn’t as brilliant as I am?

  12. Ross Levatter

    I, in my job, occasionally save lives. I’m not nearly as well rewarded as Bill Gates, who has made it very easy for people to change fonts. That’s because in my career I may save a dozen or so lives, while Gates helps millions of people make minor improvements daily. That’s a not uncommon market phenomenon.

    Similarly, I believe it was Charles Murray who pointed out some years back that he’d rather have a white-collar criminal who, by manipulating some computers, stole $10,000,000 by tranfering one penny from the accounts of 1 billion other people into his account, compared to a “blue-collar” criminal that stole $10,000 by threatening a dozen people with guns.

    I think of this when I read claims that hackers cost “us” tens of millions of man-hours. Don’t they really cost hundreds of millions of people a few minutes each, on average? I’m not happy about that, nor do I think it should go unnoticed or even unpunished, but I do think it’s important to keep it in perspective. Costs are subjective and individualized. I don’t know if adding them up this way is an accurate rendition of the problem.

    Ross

  13. Ross Levatter

    I, in my job, occasionally save lives. I’m not nearly as well rewarded as Bill Gates, who has made it very easy for people to change fonts. That’s because in my career I may save a dozen or so lives, while Gates helps millions of people make minor improvements daily. That’s a not uncommon market phenomenon.

    Similarly, I believe it was Charles Murray who pointed out some years back that he’d rather have a white-collar criminal who, by manipulating some computers, stole $10,000,000 by tranfering one penny from the accounts of 1 billion other people into his account, compared to a “blue-collar” criminal that stole $10,000 by threatening a dozen people with guns.

    I think of this when I read claims that hackers cost “us” tens of millions of man-hours. Don’t they really cost hundreds of millions of people a few minutes each, on average? I’m not happy about that, nor do I think it should go unnoticed or even unpunished, but I do think it’s important to keep it in perspective. Costs are subjective and individualized. I don’t know if adding them up this way is an accurate rendition of the problem.

    Ross

  14. Tom G. Palmer

    That’s a very fair point. I do suspect, however, that when you get up to the millions of hours of time (and it’s not a minute per person, but sometimes hours), you’re talking very serious destruction of wealth. The virus issue is much clearer than the spam issue; when computer networks crash, transportation lines are affected, hospital databases are corrupted, and so on, very serious harm is inflicted on people. In the spam case, we all have to buy and install spam filters, thousands of engineers have to devote their time to trying to keep up with the spammers, and I have to devote a considerable amount of time deleting unwanted material. I would certainly prefer technological anbd other fixes, but at some point the costs being inflicted by spammers reach a level at which some punitive action against the spammers seems justified.