2. #1: “Thank the Spammers”
William James is an anD‐spam acDvist. In 2003, he wrote an
essay, “Thank the Spammers”, about abuse of Internet
resources:
“Then came the spammers. Because they abused the relays,
like they abuse everything else, the relays had to be turned
off. They found that they could abuse the relays and cost
others hundreds or even thousands of dollars, but it
prevented them from losing the $10 dialup account or free
NetZero account…Old soVware which ran perfectly well had
to be replaced just to close the hole…Yeah, thank the
spammers for that.”
He submiZed to the FTC’s Spam Forum a
list of 29 opportuniDes he feels “the spammers have
ruined”
3. So what?
“Thank the spammers” is a cop‐out.
This mess is really our
(engineers’) fault.
We created an e‐mail system that
provided incredible incenDves for
abuse. We completely failed to
consider the economic issue of
how (ab)users would respond to
these incenDves.
I’m not saying the spammers are
without fault; that’s absurd. I’m
saying the system provided
aZracDve opportuniDes, and we
shouldn’t be surprised that
spammers took advantage of
those opportuniDes.
4. #2: From my inbox
From: Bruce Pacheco <represent@cliffvalleyschool.org>
Date: Wed, Jun 27, 2007 at 8:56 AM
Subject: Nie mehr zu frueh kommen?
Nimm die Pille, sei kein Dummer, sonst schaffst du nie 'ne gute Nummer!
Meinung von unserem Kunden:
Viagra wirkt Wunder! Sie ahnen nicht, wie glücklich ich bin. Viagra hat
mein Leben verändert. Endlich keine Angst mehr wegen der ErrekDon.
Und auch das Problem mit dem vorzeiDgen Samenerguss ist weg.
Lust über zwei Stunden nicht zu kommen?
I don’t speak German, and I don’t need Viagra. I regularly get spam
wriZen in Chinese and Russian.
6. #3: From Facebook
From: Facebook <wallmaster@facebookmail.com>
Date: Thu, Aug 7, 2008 at 4:02 PM
Subject: Laurie Caires wrote on your Wall…
Laurie wrote on your Wall:
quot;HEY I JUST GOT MYSELF A FREE PS‐3 THE STEPS ARE EASY THIS IS SO COOL! ALL YOU GUYS
HAVE TO DO IS SIGN UP BELOW hZp://img515.imageshack.us/img515/7760/gouar8.swf
GET ONE BEFORE IT'S TOO LATE!quot;
To see your Wall or to write on Laurie's Wall, follow the link below:
hZp://www.facebook.com/n/?profile.php&id=1932892#wall
Thanks,
The Facebook Team
In August, Laurie’s Facebook account was commandeered by a spammer, who used it
to write on her friends’ walls.
8. #4: Facebook applicaDon issues
There are serious privacy issues with third‐party Facebook
applicaDons. (Hey, that’s my thesis!) From my IRB form:
“In January 2008, Facebook had 68 million registered users and was
the fiVh most‐visited website in the world. Facebook allows its
users to create online quot;profilesquot; with informaDon like their favorite
books, their work history, their relaDonship status, and
photographs…
…third‐party developers can access an unprecedented amount of
sensiDve social data about their customers. Furthermore,
applicaDons can oVen access data about users' friends and peers –
even if those targets have not explicitly acknowledged or
authorized this transfer. While Facebook does have policies
governing applicaDon developers' use and storage of the data, their
policies do not provide comprehensive protecDon for this sensiDve
informaDon.”
10. #5: chi.mp
Someone on IRC sent me this link last week: chi.mp. It’s
some sort of idenDty management service. On its front
page, it rails against “walled garden” social networking
sites. They explain:
“…Instead of creaDng a locked off network inside one
parDcular site, chi.mp creates an open and
interoperable network between sites. We use open
standards and protocols such as OpenID, Oauth,
AZribute Exchange and Atom so that anyone from any
service that embraces the same standards of freedom
and openness can connect with you.”
12. #6: Acxiom
A few years ago, PBS’s “Frontline” aired “The Persuaders”, a fascinaDng
documentary about adverDsing. One segment focuses on the
Acxiom CorporaDon’s data‐gathering efforts.
“If you're a company, a bank, a retailer, what you would do is say you
want leV‐handed people of a certain ethnic group, and they're
going to be able to do a list for you. You can get markeDng lists of
Hispanics who make between $20,000 and $40,000 who are U.S.
ciDzens. You can get markeDng lists of people who suffer from
inconDnence and have bought those kinds of products in the
pharmacy. You can get all sorts of things that can be very narrow.”
The reporter, media expert Douglas Rushkoff, confesses: “what Acxiom
is promising is nothing less than the soluDon to cluZer: Send us ads
only for products we really want, and anDcipate just when we will
want them.”
15. #7: The “Greek life” e‐mail hoax
Prompted a statement from Public Affairs:
From: Robin Kaler <publicaffairs@illinois.edu>
Date: Mon, Sep 1, 2008 at 10:00 PM
Subject: MASSMAIL ‐ email hoax
To: All Faculty & All Academic Professionals & All Civil Service Staff & All Undergrad Students & All
Grad Students <everybody@uiuc.edu>
Dear members of the campus community:
You may have received an email Dtled: Regarding Greek life on campus.
This message was a hoax and was NOT sent by Chancellor Richard Herman and
was NOT authorized by the campus administraDon.
Robin Kaler
Associate Chancellor for Public Affairs
19. #8: Friend of a Friend
“What is FOAF?
The basic idea behind FOAF is simple: the Web is all about
making connecDons between things. FOAF provides some
basic machinery to help us tell the Web about the
connecDons between the things that maZer to us.
Thousands of people already do this on the Web by describing
themselves and their lives on their home page. Using FOAF,
you can help machines understand your home page, and
through doing so, learn about the relaDonships that
connect people, places and things described on the Web.
FOAF…integrates informaDon from your home page with
that of your friends, and the friends of your friends, and
their friends…”
23. #9: Public‐key infrastructure
If we had a reliable public‐key infrastructure, we
could do strong authenDcaDon, secure e‐mail…
Why don’t we have a PKI? Peter Gutmann calls out
some “grand challenges” The first one? Key
lookup
If you want to talk securely to someone, you need
their public key. Diffie and Hellman propose
pu|ng it in the phone book. Ronald Rivest et al
admit this has problems and is unlikely to
happen.
25. A predicDon
Steve’s a good friend. I trust his opinions. We’re friends on a social‐
networking site, and it’s not hard to find our e‐mails, interests, and
physical addresses.
I expect to see e‐mail like this in the next few years:
From: Steve Bezek <sbezek2@uiuc.edu>
To: Alex Lambert
Subject: food
Hey, I saw your status earlier, and it said you were hungry. Grizzlebee’s is just a
few blocks from your apartment, and their quesadillas are awesome. You
should go there tonight. ‐‐ Steve
Except Steve never sent this e‐mail. Spammers will harvest my social
networking data for targeDng. They’ll send it from Steve’s address,
because they know I’m friends with him and will trust him. This is scary.
27. A proposal
If Steve had digitally signed his messages with his
public key, I’d know this message was bogus.
(In a few years: “If I’m ge|ng a message from a
friend, and it’s signed with their public key, don’t
mark it as spam. Otherwise, assume it’s spam.”)
So how can I get Steve’s public key?
Answer: Through Facebook. Use social networking
websites to bootstrap a public‐key infrastructure.
(And make signing messages so easy that your
mom could do it…crypto has huge usability
problems right now.)
28. Summary
• Public keys are published to social networking
sites
• Outgoing messages are (easily) signed
• Incoming messages are (easily) verified
• Finally, we get secure e‐mail (and this paves
the way for other secure services)
30. The carrot: a richer address book
• Facebook friends/etc are automaDcally added to address book
– …and so are their public keys (but the user doesn’t care)
– This is cool! Look at all the Facebook groups/events for “hey, I lost my
phone”
• Address book details are enhanced by social networking data
– Picture of the user
– IM/phone
• Technically, all of this is orthogonal to the PKI side
– A more holisDc, user‐centered design perspecDve cauDons: if it’s not
adopted, it might as well not exist
– Needs to provide immediate, tangible, compelling benefit, or users
won’t bother
31. Simple changes
• Add assurance mechanisms to exisDng client
– Don’t disturb the underlying metaphor
– In fact, use exisDng (mis)concepDon that e‐mail is
secure for our benefit
• Simple, understandable:
– Avoid technical terms like “signed”, “encrypted”
– Avoid silly opDons like encrypDon without
authenDcaDon