The United States is in a league of its own when it comes to sending junk mail to e-mail users.
Researchers at security software company Sophos found that 42 percent of all spam sent this year came from the United States, based on a scan by its researchers of a global network of honey pots--computers designed to attract spam e-mails and viruses.
Sophos said this is evidence that America's antispam legislation simply isn't working.
"When we released the first report back in February, the U.S. had the excuse that the Can-Spam Act had been in existence for only three months," said Graham Cluley, senior technology consultant for Sophos, on Friday.
Source of spam
Machines in the United States generate by far the largest amount of junk e-mail and other online pests.
Country
Share of spam (percent)
United States
42.11
South Korea
13.43
China
8.44
Canada
5.71
Brazil
3.34
Japan
2.57
France
1.37
Spain
1.18
United Kingdom
1.13
Germany
1.03
Taiwan
1
Mexico
0.89
Source: Sophos
"Almost a year and millions of spam messages later, it is quite evident that that the Can-Spam legislation has made very little headway in damming the flood of spam," he said.
South Korea and China came in second and third place, respectively, but together they sent just half as much spam as the United States.
Sophos warned that many spammers are using hacked PCs with broadband connections to send out their spam. This could explain South Korea's position near the top of the list, as it leads the world for broadband penetration.
"Spammers are motivated by one thing--quick, easy money," Cluley added. "There are plenty of spammers who have taken their money-making schemes to the extreme by hacking into innocent third-party computers in an effort to do their dirty work."
"Many of the computers sending out spam are most likely to have had their broadband internet connections exploited by remote hackers. Zombie computers--PCs that have been compromised by hackers or virus writers--are sending out over 40 percent of the world's spam, and many users who fall victim are unaware," he said.
If a spammer uses a hacked PC to send mail, he should be charged not just for spam but for his involvement in hacking the PC. This would be very similar to the existing legislation on "possession of stolen goods".
Working for an ISP, I have located these hacked PC's, and seen traffic signatures from the system uploading word lists to them. What I have learned from the traffic signatures is that they either use the same software, or the spammers share a lot of code. I have observed advancements in the SMTP engines used on these PC's over the past year or so.
I don't work in abuse, but I wonder how hard would it be to set up a honeypot and seek damages from these spammers? Is this information readily available for ISP's?
It's a strongly pro-spam law, it's terms were negociated with the DMA to prevent harming the spammy activities of their members !
At this point, my bet would be with offensive tools similar to Lycos's first attempt (MakeLoveNotSpam) that was downloaded by more than 100000 people in just a few days. Such massive DDOS tools have the potential to coerce spam friendly website providers (or their upstreams) do stop their business relationship with their spammy customers. I eagerly await for more destructive alternatives to appear, and if it slows down traffic from China and Florida, so be it !
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
Whether Apple will release a new iPad next month doesn't seem to be the question as much as what day it will happen. A new rumor has it down to the day.
Tommy Jordan, the man who shot his daughter's laptop for YouTube, gets a visit from police and child protection services. Oh, and Good Morning America.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
"Never Stop Playing" campaign for upcoming portable marks Sony's largest platform launch marketing spend, with ads to reach YouTube, Facebook, TV, and billboards in major cities.
As UC Berkeley students, the co-founders of "Back to the Roots" discovered they could grow mushrooms using recycled coffee grounds. Now their mushroom kit sells at grocery stores across the country.
Working for an ISP, I have located these hacked PC's, and seen traffic signatures from the system uploading word lists to them. What I have learned from the traffic signatures is that they either use the same software, or the spammers share a lot of code. I have observed advancements in the SMTP engines used on these PC's over the past year or so.
I don't work in abuse, but I wonder how hard would it be to set up a honeypot and seek damages from these spammers? Is this information readily available for ISP's?
At this point, my bet would be with offensive tools similar to Lycos's first attempt (MakeLoveNotSpam) that was downloaded by more than 100000 people in just a few days. Such massive DDOS tools have the potential to coerce spam friendly website providers (or their upstreams) do stop their business relationship with their spammy customers. I eagerly await for more destructive alternatives to appear, and if it slows down traffic from China and Florida, so be it !