
Push Systems vs Pull Systems - sant0sk1
http://adam.blog.heroku.com/past/2009/3/16/push_systems_vs_pull_systems/
======
cduan
My undergrad thesis, written four years ago, was a taxonomy of anti-spam
systems. Since then, every anti-spam system that I've seen both (1) falls
neatly within one of my categories and (2) fails to account for the problems I
identified in that category.

This idea is an authentication-based system, because it relies on identifying
the message sender in order to prevent spam. Among other things, it fails to
account for identity theft.

For reference, here is my thesis:
<http://www.eecs.harvard.edu/~cduan/download/?file=thesis.pdf>

~~~
tomjen
It is an interesting thesis, but some of your points, such as the one that
people with spam filters gets as much spam as those without, seem a little
dated. Since I switched to GMail I have gotten practically no spam.

------
windsurfer
I think it is worth noting this form: <http://craphound.com/spamsolutions.txt>

And in short:

(X) users of email will not put up with it

(X) requires immediate total cooperation from everybody at once

(X) many email users cannot afford to lose business or alienate potential
employers

specifically, your plan fails to account for:

(X) extreme profitability of spam

(X) joe jobs and/or identity theft

(X) extreme stupidity on the part of people who do business with spammers

(X) dishonesty on the part of spammers themselves

(X) outlook

and the following philosophical objections may also apply:

(X) whitelists suck

I would like to conclude that this is _not_ some snarky elitist comment to
this insightful blog post. I'm simply stating that spam is a very old problem,
and _many_ people have spent a lot of time trying to stop it. This form exists
as a reminder that many of these options have been thought up before, tried,
and found to fail. We've learned from some of our mistakes :)

~~~
indiejade
Just because spam is an "old" problem doesn't mean it's not solvable. For
example, if someone were to build a working prototype or something that
demonstrates to advertisers that a pull method actually works _better_ for
generating sales/ interest/ revenue than spam, companies might be more willing
to invest in infrastructure conducive to pull.

Spam is "profitable" because of the low cost of spamming a bunch of random
people at once. I think the article is making the point that there are
alternative low-cost solutions which can be targeted more precisely to an
audience that is actually interested in the source of the "spam," thus making
it much less annoying.

------
ryanwaggoner
We already have this: Twitter DM

------
smanek
This is promising. Probably the best technical solution to spam I've heard.
Twitter + PGP + Good UI could work ....

~~~
eru
You don't want the security PGP provides. You probably want a different one:
<http://en.wikipedia.org/wiki/Off-the-Record_Messaging>

"The primary motivation behind the protocol was providing deniability for the
conversation participants while keeping conversations confidential, like a
private conversation in real life, or off the record in journalism sourcing.
This is in contrast with the majority of cryptography tools which resemble
more a signed writing on paper, which can be later used as a record to
demonstrate the communication event, the participants, and the topic of
communication. In most cases people using ordinary cryptography software are
not aware of this and might be better served by OTR tools instead. The initial
introductory paper was named "Off-the-Record Communication, or, Why Not To Use
PGP"."

------
neilo
If nothing else this is an interesting view of the problem. However, changing
the vast sea of legacy systems based on the crusty SMTP protocol is a
nightmarishly large task. Lately I've been enjoying things like Twitter which
are not bound to the old push methods of yore. :)

