Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/16/2009
03:08 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Spam Is Killing The Planet

McAfee says that the energy required to send, route, and filter spam e-mail each year could power 2.4 million homes and release as much greenhouse gas as 3.1 million cars.

Forget the fact that spam costs you time you'll never get back and money that probably wasn't easy to earn. Ignore the possibility that malicious links or files contained in spam might lead to the theft of your identity or bank account.

Focus for a moment on spam as an environmental scourge that damages the planet and contributes to greenhouse gas emissions.

You might wonder whether you should be thinking about Hormel's Spam, the canned meat product. Industrial meat production, after all, has been linked to environmental damage and the increased release of greenhouse gases.

But no. We're talking about spam e-mail. According to a study released by McAfee, "Carbon Footprint of Spam," the world expends 33 billion kilowatt-hours of electricity, or 33 terawatt-hours, to send, route, and filter spam messages.

That's the equivalent of the electricity required to power 2.4 million homes, the study estimates. And that much energy use emits the same amount of greenhouse gases as 3.1 million passenger cars using 2 billion gallons of gasoline.

Jeff Green, senior VP of product development and McAfee Avert Labs, argues that spam has a major financial impact and that spam filtering saves both the environment and money.

The study finds that spam filtering saves 135 TWh of electricity per year, an amount that equates to the removal of 13 million cars from the road. And it estimates that if every e-mail in-box had state-of-the-art spam filtering, spam could be reduced by 75%, or 25 TWh per year, a reduction comparable to the removal of 2.3 million cars off the road.

For those who haven't yet guessed as much, McAfee offers an anti-spam service.

What McAfee's study neglects to estimate is the revenue that spam and associated malware generates for computer security companies and computer equipment makers. We're talking about many billions of dollars annually. How many computer security jobs depend on spam's environmental damage?

What's more, the argument that spam should be fought to save the planet can be applied to other computing activities. Consider the environmental impact of more than 11 million World of Warcraft subscribers, or the broader population of gamers and their consoles. How much energy is frittered away as a result of Facebook, MySpace, and other social networks?

Reversing the fragile logic of environmental impact, one could argue that spam is better for the environment than junk mail, which is transported by actual polluting vehicles and, by one estimate, leads to the destruction of 100 million trees annually.

Send spam, save a tree, and help power the security economy. Just remember to do so legally, as allowed by the Can-Spam Act of 2003.

Better yet, turn off your computer and deliver your message in person.


E-mail is the backbone of most organizations -- and a huge resource hog. Learn how to make it greener in a special InformationWeek report (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10694
PUBLISHED: 2019-12-12
The express install, which is the suggested way to install Puppet Enterprise, gives the user a URL at the end of the install to set the admin password. If they do not use that URL, there is an overlooked default password for the admin user. This was resolved in Puppet Enterprise 2019.0.3 and 2018.1....
CVE-2019-10695
PUBLISHED: 2019-12-12
When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user�s username and password were exposed in the job�s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the ...
CVE-2019-5085
PUBLISHED: 2019-12-12
An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability.
CVE-2019-5090
PUBLISHED: 2019-12-12
An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger this vulner...
CVE-2019-5091
PUBLISHED: 2019-12-12
An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability.