Risk
6/28/2007
03:31 PM
50%
50%

Opening Up A Can Of Spam, I Mean Worms

When I wrote my story yesterday about a self-proclaimed anti-spam activist's feud with a company he accused of being a "spammer", I knew I was touching on a sensitive issue, but I didn't realize just how sensitive until today. Both sides took exception to the wording of passages in my story, particularly those that used the "s" word, and I'm sure that neither side will be looking to shake hands and laugh abou

When I wrote my story yesterday about a self-proclaimed anti-spam activist's feud with a company he accused of being a "spammer", I knew I was touching on a sensitive issue, but I didn't realize just how sensitive until today. Both sides took exception to the wording of passages in my story, particularly those that used the "s" word, and I'm sure that neither side will be looking to shake hands and laugh about this anytime soon.You don't need me to tell you that spam is a very big problem for IT departments and their users. Spam hogs bandwidth, transmits malware, and eats away at productivity. But it's arguably just as big a problem for a company to be accused of sending spam. As Oklahoma ISP Mark Mumma found, calling a company a "spammer" is a serious accusation with serious consequences. Mumma initially threatened to identify Omega Word Travel, a provider of online booking tools and flight tracking information, as a "spammer" on his various anti-spam Web sites, but instead, the courts say he defamed Omega, and he's now been ordered to pay that company $330,000 in damages.

There's a lot of he said/he said going back and forth between Mumma and Omega's legal team. Omega pointed out to me that they've spent a lot of money to successfully defend themselves against being labeled a "spammer" (something the courts agree that they're not). Mumma, meanwhile, isn't convinced, calling the header in Omega's marketing e-mails deceptive and claiming he never signed up to receive their e-mails.

The issues of unsolicited e-mails (or "spam"), e-mail lists, e-mail headers, compensation, defamation, and reputation all play a role in this case. Both sides agree that Omega is a legitimate business. Their primary disagreement is on the difference between marketing and spamming. The court has decided in this case -- in favor of Omega. But the line between the two can be vague.

I'm most curious at this point to know how much of a problem you perceive spam to be. How do you define spam, and is the problem growing? Be sure to weigh in with your thoughts.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I decided to treat the kiddos to a TV dinner tonight.
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.