– from Spam: A Shadow History of the Internet, by Finn Brunton
It’s difficult not to hate spam, but ironically, it’s hard not to love it, too. It gives us something to discuss around coffee machines, it’s often laughable, and when it isn’t threatening to tear down our firewalls, it’s just plain entertaining. In his book Spam: A Shadow History of the Internet (MIT Press, ISBN 978-0-262-01887-6), Finn Brunton takes a long hard look at the fascinating history of spam, offering some invaluable insights and more than a few chilling perspectives on the origins of spam.
We caught up with Brunton and spoke with him about the book, his observations and what we might be able to learn from the past to help us deal with spam in the future.
ASU: Spam has been with us since 1971. If it’s been around so long, why haven’t we managed to conquer it?
Brunton: There are two primary reasons: first, if we take spam generally, because we keep shifting the goalposts. “Spam” means so many different things over the history of the word, things that are technically and socially distinct from one another (aside from the general similarity of using information technology infrastructure to exploit existing aggregations of human attention). Every new platform – Facebook, Twitter, search, mobile apps – generates its own forms of behavior and predatory business models that are dubbed “spam.”
Second, if we’re talking specifically about email spam, because we’ve got a last mile problem. All the low-hanging fruit – the small-time “entrepreneurs” with U.S. business addresses, and so on – are gone; the remaining spammers are a much more robust and sophisticated group, building botnets, and using friendly banks and ISPs often in problematic jurisdictions. And they’re insinuated into infrastructure that’s harder to reform, like easily exploited pirate copies of Windows, and shady international money transfer operations. That said, their model is also quite brittle.
ASU: If there’s one takeaway about spam that you’d like your readers to glean from your book, what is it?
Brunton: The takeaway from the history of spam is that it’s ultimately about how much we decide our attention is worth – who gets to distract us, how much noise is an acceptable price to pay for technologies, and how we instrumentalize those choices into things like software and law enforcement. Allocating attention will be one of the big resource issues of the 21st century.
ASU: What’s the most interesting or disturbing thing that you learned about spam when researching your book?
Brunton: I was fascinated by the circadian cycle of spam campaigns – that the biggest botnets cover enough of the Earth’s surface that you can follow the planetary rotation (people in the evenings and at night powering down their computers, taking them offline) in the crests and troughs of global spam volume. David Dagon has done some great research on this.
ASU: Do you think the advent of social media has made the war against spam unwinnable?
Brunton: No… I think it was (in retrospect) a trade-off we made in favor of openness. We could have had a totally spam-free network if we had wanted it to be like Minitel, locked-down and specified in every detail in advance. The opportunity cost of that would have been so high. There’s no way to “win” against spam as such, no more than you can win against, say, poverty, but we can manage and contain it – make it more like a low-level chronic problem, keep the profit margins thin, and protect the people most vulnerable to being tricked and exploited by it.
ASU: Have you reached any conclusions about the future of spam?
Brunton: Increasingly sophisticated spearphishing and lightweight identity theft with hacked social network accounts will be bigger and bigger problems – very, very hard to filter. New systems for authentication and verification will be really important (the age of the password needs to end – not that I take lightly the work involved in shifting to other models!).
Finally, a pet theory that makes me laugh: I hope the value of bitcoin stabilizes and grows, because once BC mining starts generating more value than sending spam, we might start to see the botnets switch over. It’s still exploiting compromised computing power, but at least it’s doing proof-of-work rather than sending out pharma messages!