FWIW, and I know it's not as good as patching the root cause, on Windows environment I have found relief in using AltDrag (and/or its fork AltSnap [1]). You can grab and move a window by pressing Alt and then clicking wherever you want on the window. There are also a few other tricks regarding window maximizing/resizing etc.
[1] https://github.com/RamonUnch/AltSnap
I believe this raises the issue of short-term solutions (such as filtering on 'click') for which spammers will eventually find turnarounds vs long-term solutions. But do we need really need long-term solutions if an update of filtering terms every year is enough to keep the pace? Also, does a long-term solution against spamming even exist? Since the Graham solution from 2002 doesn't seem to have been implemented yet, the answer is no?
Another issue is the carbon/energetic cost of spamming. I'm no expert, but given the probably high figures, should this issue be escalated to a higher level, e.g. an international agreement along with heavy penalty if caught running a larger spamming farm? Compared to the difficult issues of drug trafficking etc. I don't see how there could not be a consensus for spam.
The article has the merit of significantly reducing the size of the original essay, while IMO still retaining two strong messages:
1. The original (is it?) method used to prevent spam, and
2. The 'seed' factor, which is expected to make spammers work harder. At mid-page I was thinking "meh, spammers will just have to improve their writing then", but this may not be sufficient thanks to the user-specific seed.
[edit: I didn't realize the original article was from 2002. I agree the article is a bit obsolete at that point.]
Modern-day spam is typically generative, and modelling the distribution of "natural e-mail messages" is sadly too naive today. Human beings also understand text through vision, not through bits -- so 1oca1host is just me corrupting the word localhost, but making that inference requires a visual understanding of words. That also gave rise to what is probably a more common spam variant today: the text-embedded-as-an-image type. I've long been of the impression that the only proper way to do text analysis is by vision, a more end-to-end solution as it were.
> 1oca1host is just me corrupting the word localhost, but making that inference requires a visual understanding of words
No it doesn’t, and pg explains why in his essay. (Don’t know if the article states this too as since I’ve already read the essay before I didn’t bother to read a summarizing article about it. The essay is really excellent though.)
Quote from the essay:
> I'm more hopeful about Bayesian filters, because they evolve with the spam. So as spammers start using "c0ck" instead of "cock" to evade simple-minded spam filters based on individual words, Bayesian filters automatically notice. Indeed, "c0ck" is far more damning evidence than "cock", and Bayesian filters know precisely how much more.
> [...]
> To beat Bayesian filters, it would not be enough for spammers to make their emails unique or to stop using individual naughty words. They'd have to make their mails indistinguishable from your ordinary mail. And this I think would severely constrain them. Spam is mostly sales pitches, so unless your regular mail is all sales pitches, spams will inevitably have a different character. And the spammers would also, of course, have to change (and keep changing) their whole infrastructure, because otherwise the headers would look as bad to the Bayesian filters as ever, no matter what they did to the message body. I don't know enough about the infrastructure that spammers use to know how hard it would be to make the headers look innocent, but my guess is that it would be even harder than making the message look innocent.
What advice do you feel is missing? I read both and the pocket guide seems a fair high level summary to me. Given the nature of the problem all one can arguably do is point out consequences and provide a channel for reporting to the eff; real practical choices are thin on the ground for travellers today beyond travelling with wiped devices and restoring at destination.
I think the issue is maybe that today, there are no good options for travellers to the US concerned about data security, and that any form of non-compliance is likely going to ruin your day. Doubly so for non-citizens. The border agents have enormous amount of discretion today.
I'm a bit proud of having suggested the author to add the 2019 entry (thanks to https://news.ycombinator.com/item?id=19798678).
Hopefully there's another repo of Internet stories somewhere else?
reply