[ ... ]

Spam is not just a nuisance. It absorbs bandwidth and overwhelms Internet service providers. Corporate tech staffs labor to deploy filtering technology to protect their networks. The cost is now widely estimated (though all such estimates are largely guesswork) at billions of dollars a year. The social costs are immeasurable: people fear participating in the collective life of the Internet, they withdraw or they learn to conceal their e-mail addresses, identifying themselves as user@domain.invalid or someone@nospam.com. The signal-to-noise ratio nears zero, and trust is destroyed.

[ ... ]

If your own experience doesn't seem this bad, just wait. You may be a recent convert to e-mail; your address may not yet have percolated through the deep swamp of spammer databases (truly a land of no return). Quantity matters, psychologically. If five daily spams seem merely annoying, 20 or 30 will be maddening, creepy -- and chilling. Some avid Internet users report a hundred or more a day. (ed. Persoanally I get over 150 a day ... sigh)

[ ... ]

How this bane came to sully the greatest revolution in personal communication since the telephone makes for a complex and troubling story, with no promise of a happy ending. From the beginning, the Internet has tried to fight spam with grass-roots vigilantism. Software companies now routinely build spam-filtering technology into their e-mail programs, and independent programmers are struggling to devise more creative methods for separating wheat from chaff. Millions of individual e-mail users are trying to devise coping strategies of their own. Consumer advocates are working mostly in vain to persuade lawmakers to take action in what should, after all, be a popular cause.

[ ... ]

Many programmers are working to automate the filtering of spam. The spammers, of course, are working to stay ahead. They forge identifying headers; some of your spam now appears to have been sent to you by you. They continually change the content, even adding random text. They make their subject lines sound real, or at least plausible:

[ ... ]

More troublesome, however, is the problem of false positives -- legitimate mail that is blocked. If your filter deletes what it thinks is spam, you may never see the message from your long-lost high-school sweetheart, who finally wants to make contact but uses too many exclamation points, or calls you a dear friend, or mentions sex.

[ ... ]

One of the best tools for network administrators is an ever-evolving program called SpamAssassin, which uses a range of tests and a point system to identify spam. This is subtler than simple yes-no filtering. Messages get points for capitalized words like AMAZING and GUARANTEE and PROFITS. They get points for mentioning Viagra -- especially ''natural'' or ''herbal'' -- or penises or breasts. They get points for requesting a credit-card number, for including a toll-free number and for offering a full refund. They get points for odd-looking dates: much spam appears to have been sent in 1941; much appears to have been sent from the future. They get points for lively font colors and embedded scripts or links.

In a delightful SpamAssassin irony, a message gets extra points for declaring that it is not spam. After all, such statements are invariably lies.[ ... ]

[ ... ]

If you wonder why words like ''Viag.a'' and ''pen-s'' have started appearing in your spam, this is why. It's the spammers trying to outwit the filters. They have also begun appending random chunks of innocent text.

[ ... ]

During the Clinton administration, the commission set up an e-mail address, uce@ftc.gov , for consumers to forward samples of their spam. The database now contains 27.5 million of these, and 85,000 more arrive daily. Every month or so, the commission files an enforcement action against someone, leading to a warning letter, or a promise by the spammer to cease and desist, or even, occasionally, a ''disgorgement of ill-gotten gains.'' No one really imagines any of this makes a dent.

The agency can't help noticing that, by and large, spam is not illegal. Its enforcers can go after only the most obvious forms of fraud, of which there is, after all, no shortage. The fact that you may not want to get this stuff is not their problem. ''From the F.T.C.'s point of view, whether it's wanted or unwanted, what we're concerned about is whether it's deceptive,'' Huseman says.

Slashdot | Your Rights Online - NYTimes: Tangled Up in Spam.

ezekieldas writes "Congratulations to the SpamAssassin developers and community! There's a mention of SA in the NYTMag as "one of the best tools for network administrators..." in an extensive article entitled Tangled Up in Spam. The article is quite substantial and the author, James Gleick, is more technically educated than what we've come to expect from the big press. Central to the story is the complexity in dealing with spam effectively in both technical and legal terms and the confusion it brings upon the neophyte. The conclusion drawn may be oversimplified but nonetheless pragmatic: 1) forged headers should be illegal 2) a specific header entry should identify the email as unsolicited."

SourceForge.net: Project Info - OpenPGP Public Key Server: Summary .

SourceForge.net: PKS 0.9.6 Released.

PKS is an OpenPGP Public Key Server. It allows users to store and lookup public keys from the server's database. It can also synchronize with other servers. This release is intended to be a solid, stable bugfix and feature upgrade to 0.9.5.

New York Times - free registration required Progress Seen in Border Tests of ID System.

Immigration officials say they are moving rapidly to meet a congressionally mandated deadline for a sophisticated new identification system to be in use at its 100 most porous entry points over the next year.

The system will use ID cards encrypted with digital photos, signatures, biographical information and fingerprints that have been issued by the State Department and the Immigration and Naturalization Service by the millions over the last five years. Until recently, the immigration service has not had the machines to read the information on the cards -- a shortcoming that came to light in Congressional hearings into the 2001 terror attacks. The machines cost $8,500 each.

[ ... ]

Each card is much like a driver's license, except it has a 1.4-inch metallic strip that holds digitized information much the way a CD holds data. The cards hold 10,000 times the information on a common magnetic strip on most credit cards.

"Overnight it will be the largest biometric-based border clearance system ever attempted," said Richard Norton of the International Biometric Industry Association.

[ ... ]

More notably, the act requires the immigration service to integrate its databases into a single system that uses the government-defined biometric standard and can be shared with other agencies, such as the State Department and the Federal Bureau of Investigation.

The legislation also requires foreign governments to use biometric technology in passports.

The lack of uniform standards across the states has largely stymied efforts to bring biometric technology into common use in the United States. But the push toward computer-encrypted identity cards worries civil liberties groups.

"With more information systems, there are more opportunities for abuse," said Marc Rotenberg, executive director of the Electronic Privacy Information Center, which is pushing the government to release more information on its biometric plans.

Slashdot | US Immigration Implements Biometric-based Border.

scubacuda writes "The NY Times reports (free registration) that immigrations officials are putting in place a sophisticated new identification system that uses ID cards encrypted with digital photos, signatures, biographical information and fingerprints that have been issued by the State Department and the Immigration and Naturalization Service by the millions over the last five years. "With more information systems, there are more opportunities for abuse," said Marc Rotenberg, executive director of the Electronic Privacy Information Center, which is pushing the government to release more information on its biometric plans."