Kevin Brosius on 22 Oct 2003 18:46:02 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: Spam


gr wrote:
> 
> More importantly, though, the study that Stephen Gran references:
> 
> On Thu, Oct 16, 2003 at 07:44:16PM -0400, Stephen Gran wrote:
> > What you can do is put up an obfuscated address, link heavily to it, and
> > wait - if you get spam to that address, obfuscation does not work. See
> > this page for a study of that type:
> > http://www.keybuk.com/2003/06/26/obfuscation.html
> 
> handily contradicts your example.
> 

Well, honestly, I can see problems with both the studies, the one I
linked and this one.

> He said exactly what I would about this. In summary, negative
> results are meaningless in this case. Positive results are
> meaningful.
> 

Maybe, if you take a very strict view.  But I don't look at it as one
big spammer.  So yeah, some will de-munge addresses.  Other's will not. 
Depends on what you think the ratio is.

> The other problem, which I neglected to explain as clearly as I'd
> like to have, with munging is that it puts you in an arms race. I
> don't care if you can munge an email address in a way that current
> webscraping tools can't un-munge; at some point after such time as
> any decent repository of email addresses (say, the PLUG mailing
> list archive) is munged in that way, a human being will notice,
> determinte the pattern (there has to be a pattern if the munging
> was an automated process, and I doubt you're volunteering to manually
> munge the PLUG archives) and simply include a test for that munging
> and a process to demunge it into his webscraping software.

Seems to me that spam filtering is in the same arms race.  I don't think
this argument applies just to de-munging.  (So, yes, I agree with you
about the arms race.  I just don't see how you can apply against one of
the methods and not the other.)

<snip>

> > Plus, your knowing it's true doesn't prove to me that spammers
> > are using it. It's a short leap, I admit.
> 
> No, but the study to which Stephen pointed does.
> 

Welllll, I can think of at least one flaw in that study that would prove
otherwise.  But with the little information available on the page I
couldn't prove or disprove it.

<snip>
> > Easily crawl-able web archives are just to simple a target.
> 
> I would counter that by pointing out that easily readable web
> archives are serving the purpose for which they were designed.
> Making them less easily crawl-able also damages that purpose. I'm
> willing to trade useability for security in circumstances where it
> makes sense, but it doesn't make sense to me here. I'm apparently
> not alone in that, though I'm maybe shouting the loudest about it.
> 

You've failed to help me understand how the munging makes web archives
less "easily readable".  Have you used MARC[1]?  What is less readable
about their munging?

-- 
Kevin

[1] http://marc.theaimsgroup.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug