Hundreds of programmers gathered Friday at the Massachusetts Institute of Technology to apply their collective brainpower to a problem that has evolved from annoyance to menace: the rising flood of unsolicited e-mail.
Companies and Internet service providers put up a fight with the latest filtering programs, but spammers quickly bypass their defenses.
"This is the most dastardly thing I've ever seen," said attendee John Graham, expressing grudging admiration for a technique he's encountered in which spam messages are broken up then reassembled in order to elude filters. "This is ingenious. There are some really clever people making spam difficult to filter."
Organizers had expected a small gathering of 40 to 80 programmers, hackers and Internet activists, but several hundred packed an auditorium to hear the latest in spam countermeasures.
For the more clinical, spam simply poses a difficult technical challenge. Others are downright offended by it.
William Yerazunis, an MIT computer scientist, compared spam to petty street crime -- cheap to carry out, profitable for the offender and enormously expensive to halt.
"It's really theft," said Yerazunis, 46, a researcher at MIT's Mitsubishi Electric Research Laboratories. "And the theft efficiency ratio is about the same as stealing hubcaps and car radios."
The speakers used hacker-speak like "bit buckets" and "polynomial hashing," occasionally tossing out terms like "spamacus interruptus" and skewering unpopular software, sending chuckles through the audience.
But the tone was serious.
Spam traffic has grown from 8 percent of Internet e-mail in 2001 to as much as 40 percent in 2002, according to Brightmail Inc., which provides filtering products for several major Internet service providers.
Spam is costly for everybody. It costs about $250 to send a million spams, but about $2,800 in lost wages, at the federal minimum wage, for those million spams to be deleted, Yerazunis estimates.
Altogether, spam costs U.S. businesses $8.9 billion and European businesses $2.5 billion annually, according to a study released this month by San Francisco-based Ferris Research. Internet service providers in particular are hounded by customers because they are the conduits for the pesky messages.
Spam-filtering software looks for patterns that suggest an e-mail is spam. But the spammers are constantly evading them, finding new ways to arrange text to make the messages unrecognizable as spam.
Yerazunis' presentation on his CRM114 Discriminator language was a centerpiece of the conference. His filtering technique "hashes" the messages, matching short phrases from the incoming text with phrases that the user previously supplied as example text, catching spam that might not exactly match standard spam text. He claims that the system has higher than 99.9 percent effectiveness; it can be downloaded for free and is compatible with SpamAssassin or other spam-flagging software.
"This thing is even more accurate than humans," he said.
Jason Rennie of MIT's Artificial Intelligence Lab is writing code he says eventually will help filter spam text that is manipulated to be unrecognizable. For example, his program could recognize "mort!!!!gage" used in the place of mortgage, a common spam word.
But filters must be finely tuned depending on intended recipients, Rennie said, because one person's spam is another person's "ham," hacker-speak for desirable e-mail.
"If you work for the company that makes Viagra, you probably don't want to be filtering any e-mail with the word Viagra in it," he said.
Era Eriksson, an activist with the anti-spam Coalition Against Unsolicited Commercial Email, said the only solution is legislation banning or regulating the practice. There are several bills pending in Congress, but none have been passed.
"Every second that I'm online it's costing me money, and to get unsolicited e-mail costs me money; it's criminal," said Eriksson.
Copyright 2002. Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
