|
|
A major scourge of the Internet these days is spam. Unfortunately, this situation has only grown more complicated by the fact that a majority of popular sites now require users to register with them and force them to provide an email address in order to do so. So which sites do we trust? Who's turning around and making an extra buck by selling email addresses to spammers? Can you trust those "Send this article to a friend" links? As of today, there's no way for anyone to definitively tell.
Unfortunately, it is not just the people who send out spam who are responsible for its widespread proliferation. These individuals have to get their email lists from somewhere. For a long time, they would harvest addresses from usenet and websites, but a majority of internet webpage/usenet authors have wised up to this practice and now either do not provide an email address, or provide one that is sufficiently mangled to prevent a spam harvester bot from obtaining it. They achieve this by putting bogus characters in the address, or just having the address be an image instead of text.
Spammers have been increasingly turning to other means to get emails, especially ones that are considered "live," in other words, addresses that are confirmed to be valid and active. What better place to turn to than high traffic websites that require users to register and provide an email? These sites deviously force users to input valid emails, because in order to use an account on them, one must first input an "activation code" which is sent to the email address that was provided at registration. Some particularly nasty sites even go one step further, and prevent users from registering with accounts from free email providers, leaving most people with the choice of either not using the site, or providing an ISP email address. Spammers can only drool at this set up: A large number of email addresses, all confirmed to be valid and active. The outcome of this little story from here is obvious. The spammer pays a sizable sum of money to the site in question and receives the email addresses.
It's a win-win for both the spammer and the site in question. The spammer gets a large number of fresh, new emails to spam, and the site makes a tidy little profit with a zero percent chance of being caught. If the sites are called on the practice, all they have to say is that there's no way to prove it was them who shared the email address in question. The losers, of course, are the users, who now have that much more incoming spam to combat, and the Internet at large, as spam consumes more network bandwidth.
How can we hold websites accountable for this deplorable practice? By setting up a system to definitively expose which sites are responsible. This will be a valued resource on the Internet, a place where someone can go to find out who to trust, and who not. Our project will start with an initial list of high volume websites that employ compulsory website registration, and store it in a database. On the back end, an email server will have three semi random email accounts (comprised of a word or noun followed by a sufficient number of random characters and numbers as to not be easily guessed randomly by Spam bots) for each site, which will each be used to register at these sites for accounts. While registering, if there are "opt in" options selected, they will be deselected.
Once registration has been completed for each site, the three addresses per site will be subsequently monitored. On a regular basis, the median of the tally of messages received in each of the 3 addresses per site will be obtained. It's an easy process from this point to determine which sites are the worst offenders, and which ones don't engage in the practice. The end result is, finally, there will be a definitive way to hold these websites accountable for their disreputable tactics regarding our personal email addresses.
| Amazon
| IGN
| New York Times
| YouTube
|
|
|