[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: displaying email adresses

On Wed, 12 Dec 2007, MJ Ray wrote:

> Santiago Vila <sanvila@unex.es> wrote:
> > On Tue, 11 Dec 2007, Don Armstrong wrote:
> > > If humans can read it, spammers can too.
> >
> > That's inaccurate. You are missing rule #3: Spammers are stupid.
> Where did you find that rule?

It's classical. Google for "rule #3 spammers are stupid".

> It seems to be a unjustified assumption.
> Assumption is the mother of all "screw-ups".
> Sadly, spammers are not so stupid any more.  For example, read how
> spammers use porn to defeat eyetests at
> http://news.bbc.co.uk/1/hi/technology/7067962.stm
> [...]

That article explains how spammers obtain a free email account by
solving a captcha. Once they have a free email account, they can send
an unlimited amount of email. The benefit is very big, so it justifies
the "outsourcing" of solving captchas.

On the other hand, a spammer would benefit so little from a single email
address that it's a lot less likely that they will solve a captcha for
each and every of the email addresses in the BTS.

In either case, no matter how clever the spammers could be, that is
not an excuse for giving them tons of email addresses for free.

Spam happens because economic forces make it profitable. If we give
email addresses for free, we are part of the problem.

> > Spammers will only read what they can read by mechanical means.
> > We would just have to make it difficult for them to obtain email
> > addresses *so easily*, without making it really difficult for a
> > human being. Procedures for that already exist.
> Depends on one's values of "so easily" and "really difficult".
> I don't think such procedures exist and I think we shouldn't bow
> to spammers in this way.

Our users who are being spammed because they reported a bug obviously
would disagree with that.

> > Currently, we are giving them tons of email addresses for free. Does
> > the BTS ask the user if he wants his email address to be published?
> If tools like reportbug still don't warn people that their report,
> including any addresses, will be public, then that's a bug in the tool
> that should be fixed IMO.  Please report it.

Unfortunately, this is also a bug in the BTS, which is not only
already reported but also, sadly, tagged wontfix, which shows how much
do we care for the spam problem our users end up having after using the BTS.

Reply to: