Security Bites 106: McAfee plays with spam

McAfee released on Tuesday the results of a monthlong spam experiment. The security company provided 50 people worldwide with a clean laptop armed only with antivirus protection (no anti-spam protection) and a brand new domain for e-mail. McAfee then asked them to surf the Net and blog about their experiences.

Within the first 24 hours, the individuals received their first spam e-mail in the S.P.A.M. (Spammed Persistently All Month) Experiment.

Over the course of 30 days, McAfee's test subjects accumulated 104,000 spam e-mails, or roughly 70 spam messages per day per recipient. Put another way, 87 percent of all the e-mail captured on the test laptops was considered to be spam.

I spoke with Dave Marcus, director of security research and communications for McAfee Avert Labs, about the experiment and the results.
Listen now: Download today's podcast

[Penguinisto]

Heh - they'd hate me. I would've ripped out the OS on Day One and installed Ubuntu on it. Then I would have installed ClamAV to an internal SMTP relay on the laptop and had it shunt all the suspect spam off to one side... no sweat.

[alegr]

The point of that exercise was not to stop spam, but just estimate how much they would receive.

[nachurboy]

And how can this be? For he is the Kwisatz Haderach!

[i_made_this]

Who really cares about *spam*? It's such a 1998 thing. And, most import, whatever today's high-powered and ultra-modern internet security programs are up against, spam is the easiest security problem to deal with - so much so, that it's not even a consideration nowadays, when up against the likes of system killers like rootkits and so forth. Based on the unsolicited promo given their product by news outlets like C|NET, Hormel even released a Fat-Free Spam in 2003!

[Get_Bent]

I do, for one. I don't pay for a computer and Internet service to become a target for some moron's advertising drivel. This garbage wastes an untold amount of bandwidth and disk space across the 'net.

[Seaspray0]

And of course, the average person would also rip out their OS, install a different one, put in an internal SMTP relay, configured it, and shunted all their suspecte spam off to one side... no sweat. Or then again, they probably called their kids to show them how to turn on their computer and get their email in the first place. Which one do you think is more likely, Penguinisto? Maybe you should write a book... "How to do nerd things on a computer for dummies".

[bquad]

I just listened to "Security Bites 106: McAfee plays with spam" episode. The whole of the article was interesting. One thing I just don't get. At the beginning of the episode it was mentioned that we have had spam for 30 years. 30 years, since 1978? Come on, how long have we had spam? The Internet, which most of the public connect to, has only been open to the the public since the mid-90's. Is McAfee include BBS (bulletin board services)? Spam for 30 years just doesn't make since. I had an Internet e-mail address since the early 1990's. A .NET address I'm proud to say, when .NET e-mail addresses meant something. Anyway, those of us on the "net" then were in academia (.edu), government (controlling the net with .NET addresses), military (.mil), a few businesses ( a very few) and even fewer individuals (.com).

The only way it can be 30 years is if McAfee is including the DEC (Digital Equipment Corporation) salesman who sent a marketing message over Arpanet, the fore-father to the Internet, to the ARPANET subscribers on the west coast of the U.S. After that even we'll have to wait until the mid to late 1990's to get a prolific use of SPAM we know and hate today.

Peace,
B Quad

[MrMe003]

first realy intresting podcast what i hear :) and yes sign me up to 2009 check up :)