Vulnerabilities / Threats
4/16/2009
03:08 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Spam Is Killing The Planet

McAfee says that the energy required to send, route, and filter spam e-mail each year could power 2.4 million homes and release as much greenhouse gas as 3.1 million cars.

Forget the fact that spam costs you time you'll never get back and money that probably wasn't easy to earn. Ignore the possibility that malicious links or files contained in spam might lead to the theft of your identity or bank account.

Focus for a moment on spam as an environmental scourge that damages the planet and contributes to greenhouse gas emissions.

You might wonder whether you should be thinking about Hormel's Spam, the canned meat product. Industrial meat production, after all, has been linked to environmental damage and the increased release of greenhouse gases.

But no. We're talking about spam e-mail. According to a study released by McAfee, "Carbon Footprint of Spam," the world expends 33 billion kilowatt-hours of electricity, or 33 terawatt-hours, to send, route, and filter spam messages.

That's the equivalent of the electricity required to power 2.4 million homes, the study estimates. And that much energy use emits the same amount of greenhouse gases as 3.1 million passenger cars using 2 billion gallons of gasoline.

Jeff Green, senior VP of product development and McAfee Avert Labs, argues that spam has a major financial impact and that spam filtering saves both the environment and money.

The study finds that spam filtering saves 135 TWh of electricity per year, an amount that equates to the removal of 13 million cars from the road. And it estimates that if every e-mail in-box had state-of-the-art spam filtering, spam could be reduced by 75%, or 25 TWh per year, a reduction comparable to the removal of 2.3 million cars off the road.

For those who haven't yet guessed as much, McAfee offers an anti-spam service.

What McAfee's study neglects to estimate is the revenue that spam and associated malware generates for computer security companies and computer equipment makers. We're talking about many billions of dollars annually. How many computer security jobs depend on spam's environmental damage?

What's more, the argument that spam should be fought to save the planet can be applied to other computing activities. Consider the environmental impact of more than 11 million World of Warcraft subscribers, or the broader population of gamers and their consoles. How much energy is frittered away as a result of Facebook, MySpace, and other social networks?

Reversing the fragile logic of environmental impact, one could argue that spam is better for the environment than junk mail, which is transported by actual polluting vehicles and, by one estimate, leads to the destruction of 100 million trees annually.

Send spam, save a tree, and help power the security economy. Just remember to do so legally, as allowed by the Can-Spam Act of 2003.

Better yet, turn off your computer and deliver your message in person.


E-mail is the backbone of most organizations -- and a huge resource hog. Learn how to make it greener in a special InformationWeek report (registration required).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.