Monday, December 03, 2007

Steve Kirsch Solves the Spam Problem Once and For All, Dammit.

Steve Kirsch, a successful hardware and software entrepreneur and pretty rich dude, is the latest to have come up with the Final Ultimate Solution to the Spam Problem. This places him in good company, including other rich dudes like Paul Graham and sadly still un-rich dudes like me. He's put up at least $5M, which sounds like a lot but is in fact a smaller portion of his net worth than my quarterly bar tab is of mine. Not that that's unimpressive; I drink a lot of beer. In honor of his entry into this elite (*cough* not *cough*) club, I offer up The Form. Original author unknown. (Disclaimer: I work for the competition.)
Your post advocates a

( ) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work.
(One or more of the following may apply to your particular idea, and it may have
other flaws which used to vary from state to state before a bad federal law was

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Firefox still a shit-show.

The well-heeled open-sourcerers over at the Firefox Corporation have been releasing ultra-minor updates at a furious pace lately. Just days on the heels of 2.0.10, they shot me 2.0.11. And just minutes after that, my MacBook CPU spiked to >=100%, fans whirring, on a total of 8 open tabs, none of them exotic, in a single window. And the icing on this particular turd-cake: I use a Flash blocker because Adobe can't clean up Macromedia's code enough for it to run properly on a Mac. Yes, I click every single little Flash animation that I actually want to see, and yes, it's a pain, but it generally saves me from force-quitting my browser. So if Firefox blows so hard lately, why do I still use it as my primary browser? One word: Firebug. It's still the best JavaScript developer's tool anywhere... possibly the best client-side web developer's tool, period. The fact that a lot of the dumber webmasters of the universe still don't support Safari is a growing annoyance now that I'm one of the many people browsing via iPhone. Using Firefox as my primary browser was generally a safer bet. And yet, lately, with every expectation that 2.0.12 and 2.0.13 will be buggy as well, But is it buggy enough to make me give up my Firebug? It might be, at least for everyday browsing. I finally got around to AppleScripting command-number shortcuts for tab selection in Safari (a thing Apple, for some reason, doesn't get), so it's really just an acclimation question. Besides, Firefox renders fonts in Ugly-Sans no matter what you do. PS, why am I being so hard on the poor Firefox crew? Because when you make 74 million bucks a year and you're the number-one browser for even semi-clueful people around the world, you can afford to spend on engineering and QA. And you have, frankly, having built that lucrative business on the goodwill and technical help of your users, an obligation to not screw it up.