Month: March 2004

Do you hear what I hear?

The “fat lady” is not singing.

Not yet anyway.

But that sound you hear is her accompanist’s overture.

John Kerry had a fabulous “Super Tuesday,” winning 9 of the 10 races. His closest opponent, John Edwards, has scheduled a 4 PM press conference at which he is almost universally expected to drop out of the race. Kerry is expected to be the Democratic Presidential Candidate. He is starting to talk about how he will pick the Vice Presidential Candidate. The international press is reporting that Kerry has won the candidacy.

But here’s the thing. Kerry hasn’t actually got the necessary delegates yet. As of this writing, he only has 1361 of the 2162 he needs to be officially anointed. It is true that the remaining candidates have less than 100 delegates combined. However, it is also true that before yesterday’s contests, Howard Dean still had more delegates than John Edwards. Dean, you probably recall, dropped out of the race weeks ago. At least he keeps his blog current. And speaking of Dean, guess who won the one Primary that Kerry did not take yesterday? Yes, that would be Howard Dean.

In fact, by my read of CNN’s handy chart of delegates, Kerry isn’t even quite the winner if all the delegates earned by candidates no longer in the race are released to support Kerry. Edwards and Dean are still in a position to force some of their opinions into the Party Platform.

This also means that Bush will have to actually spend time worrying about campaigning, spending from his vast war-chest, as opposed to “looking presidential” in the Rose Garden. The TV blitz starts right about….. now.

Kerry had better be ready to talk about job creation, offshoring, the weak dollar, Social Security, and schools.

Oh, and he’d better be ready to go on Jon Stewart’s “Daily Show,” “Where more Americans get their news than probably should.” Maybe even consider a blog.

“I’ll take his Spam! I love it!”

Got Spam?

If you’ve got an email account, chances are you have received some spam — unsolicited commercial email — over the years. In fact, in February of 2004, over 90% of all email sent was spam. This figure is rising, despite the fact that the United States has a nice new anti-spamming law on the books. Indeed, over half of all spam is proudly made in the USA.

Of course it is an annoyance to delete all the unwanted offers for mortgages, debt consolidation, “herbal viagra”, and other stuff you don’t want. Of course office workers collectively spend many hours doing the same at work — time they could be spending doing actual work. Spam costs money by using bandwidth and storage space that could be used for much more important things. Nobody feels this more than ISPs, who unwillingly transmit gigabytes of spam each and every day.

Spam prevention as we know it usually relies on blacklists of servers known to send spam. This technique works acceptably for most users, but depends on a continually upgraded list combating continually moving spammers. An alternate technique, sometimes used alongside a blacklist, is the algorithmic approach. In this method, a smart program looks at your email, analyses it, compares it to known spam, and decides how likely it is to be spam. The program might take the liberty of routing suspected spam directly to your “deleted items” folder. This carries the risk of accidentally deleting something important.

Part of the problem is that spam is very cheap to send. All it takes is one person to submit a credit card number, and the day is profitable. Another part of the problem fighting spam is the anonymous nature of the internet. It’s easy to be nobody, or anybody. You might get spam with a “forged header” that makes it look like it came from somebody famous, somebody you know, maybe even from yourself.

The next wave of spam control, we are told, will be about identifying senders. This will make it possible to prosecute spammers who break the law. This will also open the door to charging spammers. A Microsoft solution to this problem is expected tomorrow.

The “caller ID” paradigm of spam prevention is doomed before it begins. First, the vast majority of them do not verify that someone is John Doe, they verify that someone is at John Doe’s computer. This same flaw plagued the much protested security features of the Pentium 3 chip some years ago. This distinction is critically important. Not only might somebody else be at the computer, the computer might be under the control of a virus. You knew viruses could use email to send themselves to all your contacts, but maybe you didn’t know that a virus can use your computer to send spam. In fact, some experts think as much as 30% of spam is sent by “zombie-bot” virus infected computers. There you have it, the reason most computer security experts consider spam and virus control related.

There is another reason that “being at your computer means being you” will not control spam. It doesn’t allow for the possibility that you might not be at your computer, sending mail from your email client. Anyone who uses a web-mail client, anybody who must use email remotely, anybody who uses the “send this link to a friend” feature of a website may find themselves shut out of a “caller ID” model of spam filtering. Although some sites that run web-based email services appear to be sensitive to that, most people forget that there are many reasons you and your computer are not the same thing.

There is one sure way to keep spam and viruses off your computer. Unplug it.