• United States

Bill Gates falls flat on his spam

Feb 04, 20043 mins
Enterprise ApplicationsMalware

* Why Gates' spam-busting ideas would not work

It has been almost 10 years since Bill Gates discovered the Internet (in late 1995) and decided that Microsoft’s future lie in delivering the “Internet experience” to all of its users.

Six years later (January, 2002), Gates discovered computer viruses, worms and Trojans and so brought forth the Trustworthy Computing initiative, which, boiled down, meant making online computing safe for your Aunt Milly. Trustworthy Computing was, of course, built on top of the Microsoft vision of the Internet that emerged post-1995.

It appears that Bill has been looking around for new dragons to slay – maybe he just has more time since turning the reins of Microsoft over to Steve Ballmer, or maybe that shiny new knighthood the Queen of England gave him has spurred him on. For whatever reason, Bill has discovered spam.

Addressing the World Economic Conference in Davos, Switzerland a couple of weeks ago, Gates opined that he had figured out how to end spam in just three years ( His would be a three-pronged approach:

1) Filters – Filters could be used to sift real mail from spam (oy! Why didn’t I think of that!).

2) Human challenges – forcing the sender to solve a puzzle or the computer sending the e-mail to do a simple computation.

3) Payment at risk – make senders of e-mail pay a fee if their mail was rejected as spam.

Your e-mail administrator has probably already implemented No. 1. Filters are estimated, at best, to be able to weed out 60% of spam. Filters coupled with a “white list” (listing of addresses from which e-mail is considered “not spam”) can raise this to 90% for many people.

Human challenges come in different types. There’s the “please type the word you see in the box above,” challenge at many consumer sites such as Ticketmaster. Or e-mail from someone not on your white list could be quarantined while an acknowledgment was sent to the supposed sender which would require a further response to indicate a human (rather than some forged) originator. That’s three messages, just so someone can ask if you want to go to lunch.

Payment at risk, though, would appear to be ideal. Everyone endeavoring to send an e-mail would have to register and, perhaps, pay a deposit (or at least divulge a credit card number). If the e-mail they sent was acceptable, then no charge is incurred. But if the e-mail is deemed to be spam, then a charge is levied on the sender. Just think, if you didn’t agree with something I said in this newsletter you could claim it was spam and Network World would have to pay. That would definitely lead to my editors watching controversial topics more closely and have a decided “chilling effect” on what I wrote. Even so, it would be a pain to have to accuse the spammer and the whole task of setting up the e-mail charges – especially for a large organization – would be onerous. Who would bear the costs of setup?

The Internet idea was good, Bill, and the Trustworthy Computing initiative was brilliant but this spam thing could make you a laughing stock.