taint.org: Justin Mason’s Weblog

Hmm. The Irish branch of the BSA claims that the percentage of illegal software used in Ireland stood at 42 percent for 2002.

Does that mean 42 percent of all software running in Ireland is a pirate copy? I wonder if anyone ever audits this figures — qui custodiet etc. The article continues:

‘The lack of improvement on Ireland’s piracy rate can be attributed to the proliferation of Internet piracy … and a certain amount of apathy,’ said Julian McMenamin, BSA Ireland chairman. ‘But whatever the excuse, a piracy rate of 42 percent is appalling.’

Is internet piracy really that widespread in the workplace? I can imagine your typical 15-year-old firing up KaZaa or whatever, but is this really likely for your typical Irish IT staffer? I doubt it, to be honest.

And given Ireland’s broadband woes, it’d probably be cheaper to hop in the car, drive to the local Compustore, and buy it over the counter, just to avoid paying those ISDN charges. ;)

Just to contradict the ‘internet piracy’ statement, in this story, McMenamin then states that ‘a particular problem in Ireland was small and medium-sized companies purchasing a licence that is too small, or not upgrading their licence as their companies grow. An offending company might typically have a 10-user licence but allow 50 people to use the software.’

This is a hell of a lot more likely than the ’scary internet’ bugbear, but I would still find it very hard to imagine that this is a uniquely Irish problem that could account for Ireland supposedly having nearly twice the rate of piracy of the UK (42% in Ireland vs. the UK’s 26%).

While taking a look at the BSA site, I note that their automated tool, GASP, now exposes the illegal distribution and storage of copyrighted music, apparently: ‘new features in GASP v6.5 include reports that show a complete listing of MP3 files on audited systems’.

I wonder if my collection of MP3s downloaded from eMusic.com, and ripped from albums I bought, would set off its alarms. Given that the MP3 format has no way to differentiate between pirated and non-pirated music, I would imagine so. False positives a go-go!

Patents: Eamon O’Tuathail’s call for action against software patents. The vote of the Legal Affairs Committee of the EP was yesterday, apparently. Wonder how it went…

Tags: bsa, gasp, internet, licence, percent, piracy, problem, rate, software, wonder

Declan McCullagh: A modest proposal to end spam. Good article on Larry Lessig’s ’spam bounties’ proposal.

Lofgren’s plan won’t give everyone who gets spammed new rights to sue (although spam victims may already may have some rights under state antispam or other laws). Instead, it states that people sending unsolicited commercial e-mail must label it with ‘ADV:’ in the subject line or run the risk of being sued by the Federal Trade Commission. If you are the first to report an unlabeled spam-o-gram to the government, you will get a bounty of ‘not less than 20 percent’ of the fine the spammer pays, assuming it can ever be collected.

There are problems with this. As far as I know, the FTC is not having a problem collecting spam — the figures I’ve seen (can’t recall them right now) indicate that they get hundreds of megs a day. (Even the SpamAssassin.org spamtraps get over 100Mb a day.)

The difficulty is chasing down the perpetrator, and prosecuting. That takes law-enforcement manpower, and that’s just not there right now — because, let’s face it, spam is not a serious offence like rape or murder.

Anyway, Declan says that the major problem is that the spammers are offshore:

For one thing, an increasing percentage of it comes from overseas, and you can be certain that offshore bulk mailers will gleefully thumb their noses at Congress. Ken Schneider, chief technical officer of antispam company Brightmail, estimates that 30 percent to 50 percent of the spam his company tracks comes from outside the United States. ‘It’s a big number,’ Schneider said. ‘It’s a global economy, and spammers are certainly taking advantage of it.’

This is a frequent misapprehension. This is not the case. It’s true that much spam is relayed through machines in Asia and South America, but the originators — the people who are writing the spam and sending it to compromised relay machines and proxies — are US-based. In fact, a vast quantity of ‘em seem to be based in Florida. (This is the thing about country-code blacklists. In reality, if we could track a message all the way back to the origin, a state-code blacklist for FL would probably work much better ;)

In other news from the same article:

… Sen. Chuck Schumer, D-N.Y., is expected to introduce a bill this week to create an national ‘do not e-mail’ list–an idea that the New Democrats touted earlier this month.

OK, while I’m here, let’s debunk ‘do no mail’ lists too. ;) ‘Do not call’ lists work well for telephones, since you typically have only one phone number. But for email:

• one can have thousands of valid email addresses forwarding to you (I do). There’s a variety of methods to address even one user, for example ‘foo@jmason.org‘, ‘foo@jmason.org.’, ‘foo%jmason.org@localhost‘, ‘foo@212.17.35.15‘, ‘foo@dogma.slashnull.org‘ will all reach me. That’s not even considering ‘role’ addresses, like ’sales@’, ‘info@’, etc., or single-use addresses set up for particular transactions, like ‘onetime-buying-stuff-from-ecommerce-site-example@jmason.org‘.

• mailing lists and ‘exploders’ are widespread, and frequently spammed.

• ‘do not mail’ lists are hard to implement, since they may be vulnerable to scraping (if naively done) or dictionary attacks (less naive).

In summary, I’m not confident a ‘do not mail’ list could actually be operable.

Finally — The SBL’s answer to the EMarketersAmerica.org SLAPP lawsuit.

Tags: antispam, article, company, day, lofgren, percent, plan, problem, proposal, spam

In the last few weeks, there’s been a growing discussion of what’s being perceived as an ‘anti-American’ point of view in Europe; see Thomas Friedman on the subject. On the other side, The New York Review of Books carries an interesting essay on this subject: Anti-Europeanism in America. It contains this revealing summary of a December 2002 study:

Asked to choose one of four statements about American versus European approaches to diplomacy and war, 30 percent of Democratic voters but only 6 percent of Republican voters chose ‘The Europeans seem to prefer diplomatic solutions over war and that is a positive value Americans could learn from.’ By contrast only 13 percent of Democrats but 35 percent of Republicans (the largest single group) chose ‘The Europeans are too willing to seek compromise rather than to stand up for freedom even if it means war, and that is a negative thing.’

The divide was even clearer when respondents were asked to pick between two statements about ‘the way in which the war on Iraq should be conducted.’ Fifty-nine percent of Republicans as opposed to just 33 percent of Democrats chose ‘The US must remain in control of all operations and prevent its European allies from limiting the States’ room to maneuver.’ By contrast, 55 percent of Democrats and just 34 percent of Republicans chose ‘It is imperative that the United States allies itself with European countries, even if it limits its ability to make its own decisions.’

It seems a hypothesis worth investigating that actually it’s Republicans who are from Mars and Democrats who are from Venus.

Tags: american, contrast, discussion, new, percent, point, side, subject, view, war

FTC: “Spam Harvest” Results Reap Help for Consumers Trying To Avoid Spam. Some good prosecutions (yay!):

The FTC alleged that NetSource One and James R. Haddaway, operating as WorldRemove, used spam and the Internet to sell a service they claimed would reduce or eliminate spam from consumers’ e-mail. The claims were false. In fact, using an undercover account to test the claims, the FTC found it received more spam after signing up for the service. The agency charged the defendants with violations of the FTC Act.

Plus some good official studies to back up our own, unscientific research:

In an effort to determine what online activities place consumers at risk for receiving spam, Northeast Netforce investigators seeded 175 different locations on the Internet with 250 new, undercover e-mail addresses and monitored the addresses for six weeks. The sites included chat rooms, newsgroups, Web pages, free personal Web-page services, message boards and e-mail service directories. One hundred percent of the e-mail addresses posted in chat rooms received spam; the first received spam only eight minutes after the address was posted. Eighty-six percent of the e-mail addresses posted at newsgroups and Web pages received spam; as did 50 percent of addresses at free personal Web page services; 27 percent from message board postings; and nine percent of e-mail service directories.

Plus, the lie of “targeting”:

Spam Harvest partners also found that the type of spam received was not related to the sites where the e-mail addresses were posted. For example, e-mail addresses posted to children’s newsgroups received a large amount of adult content and work-at-home spam.

Tags: ftc, harvest, internet, message, percent, plus, reap, service, spam, web