RSN™ Insight: A History Of Spam [Audio Podcast]

The NPR Radio Interview: Please Don’t Delete This Interview About Spam

Here is the complete Radio Interview:

Source: NPR Radio »

Introduction

Open up your email on any given morning and you might get two or three notes from friends — and twice as many from people trying to sell you energy pills, offshore real estate or virility enhancers.

And some promise riches: You’ve just won the Lithuanian National Lottery, which you cannot recall entering, or that a man in Kenya needs your help: “Please, sir, only you can help” to move $20 million through your bank account; all he needs is your routing number.

That’s spam. Not the meat-like loaf, but unbidden emails, many of them not even sent by actual people, but robot programs. And their volume is often much greater than the amount of real information people find in their inboxes.

In Spam: A Shadow History of the Internet, Finn Brunton, an assistant professor at the University of Michigan’s School of Information, explains how those unwanted emails make their way into our inbox.

Brunton talks about this daily irritation, its origins and ways to avoid online dangers with NPR’s Scott Simon.

Finn Brunton is an assistant professor at the University of Michigan’s School of Information.

Interview Highlights

On how a tiny island in the South Pacific become the center for spam

“It’s a marvelous story. Pitcairn Island, which is the least populated jurisdiction in the world, fascinated me because I was familiar with it only as an extremely minor historical event. It’s where the Bounty mutineers went when they needed to find an extremely remote place to hide. And I was shocked to learn that, per capita, Pitcairn Island was the world’s No. 1 source of spam. I was just wondering … how is this possible? What has happened is one of the computers on the island has been taken over by a malware program — so this island with 45 or 50 people is broadcasting spam without anyone consciously intending it.”

On how a Monty Python sketch became the name for all that unwanted email

“The old rule of thumb in media history was that the first private use for any new major communications technology is pornography. But somewhere, cheek by jowl with that, is humor. One of my favorite details about the history of the telegraph is how quickly an incredible subculture of jokes and gags and pranks and references began to proliferate among the telegraph boys who were actually managing the equipment.

“But indeed, in the case of the Internet, from very early on when it was just these early, often somewhat ragged or haphazard networks between computers mostly in academic settings, the graduate students who were using these machines — as soon as they were not required to use them for some professional purpose, as soon as they had an off hour to kill in the basement — started using them to replay old Monty Python routines — getting back to jokes.

“And of course one of the most famous Monty Python routines is the sort of spam chorus that the Vikings deliver in the made-up Green Midget Café in that sketch where that couple is trying to order something from the menu and everything has spam in it. So it sort of starts off as a joke, but the term very quickly becomes the universal term for anyone who’s doing that kind of annoying, jokey, time-wasting behavior on these very early computer networks.”

On how spam can become far more than just a nuisance

“When you get a spam message, sometimes it’ll have an attachment and … it will be a message from a friend. And it’ll say, ‘Oh hey, could you take a look at this?’ And then you open it and it doesn’t seem to do anything; it’s just a bunch of weird symbols or it fails to open. And you assume something went wrong, I’ll just delete this and carry on with my day.

“When you’ve launched that, an exploit within the structure of the software that you’re using has quietly taken over your computer and it is using the computer’s broadband connection to quietly, in the background, without your knowledge, begin sending out spam messages following the instructions of a central network called a command and control system .

“So what that means if it costs you nothing to send 100 million messages and only some vanishingly small percentage of a percentage ever get through, well just send 100 million more, you know? And if you can get another 2,000 or 3,000 actually through, you can still make a viable business out of it.”

On how spam turns from a business to a criminal enterprise

“You always had spammers who were just crooks. But then you had a lot of people who were moving business models in from the world of, for example, pharmaceutical advertisements in the back pages of weightlifting magazines. The people working now are out and out criminals, and that actually frees them up to potentially make a lot more money than they did before. Because if they can convince you to buy something, it’s no longer about actually selling you the pharmaceuticals; it’s about taking your credit card information and then using that for identity theft purposes.

“And to be clear, spam email is upwards of 85 to 90 percent of all email sent on any given day. It’s just that most of the time we don’t see most of it because our filters are pretty good. But it’s a tidal wave that’s slamming into these walls that we’ve built day after day after day. And we see the little bit that slops over.”

On how you can protect yourself from identity theft online

“I use what’s called a password manager in my browser. This is a system [that] will automatically generate very, very long passwords for any new account you need to set up and it will keep track of all of them for you and log you in. Because the major danger here is not that someone will necessarily steal your computer. The major danger is an automatic system that breaks into Gawker’s password store [for example] and then begins to systematically search the Internet for other things of yours that it can access using that particular arrangement of email and password. Having a good password manager makes that impossible.”

On one more thing you do to guard your important accounts

“For everything of real importance in your life, like your banking information or your personal, central email account, see if they will allow you to use something called two-factor authentication. It’s a system in which you simultaneously have your password and then, you also have to have something else — generally a number — that changes over time. And you have to be able to enter that as well. For example, Gmail has allowed this. When you’re logging into your Gmail account, you type in your [login] name and your password and then it texts a brief set of digits to your phone. You have to enter those as well. This is important because it means you have to be physically in possession of your phone as well as your password to actually log in, which prevents the whole world of people just trying attacks where they guess every password in the dictionary or guess every password in a certain space.”

FULL TRANSCRIPT OF THE INTERVIEW

TITLE: Please Don’t Delete This Interview About Spam

SCOTT SIMON, HOST:

Open up your email. On any given morning, you might get two or three notes from friends, six or seven from people trying to sell you energy pills, offshore real estate or virility enhancers. And the good news, you’ve just won the Lithuanian National Lottery, which you can’t recall entering, or that a man in Kenya needs your help; please sir, only you can help to move $20 million through your bank account. All he needs is your routing number.

That’s spam. Not the meat-like loaf, but unbidden email, many of them not even sent by actual people but robot programs and their volume is often much greater than the amount of real information that people can find in their inboxes. “Spam: A Shadow History of the Internet,” his title of a new book by Finn Brunton who’s now assistant professor of information in the School of Information at the University of Michigan.

He joins us from the studios of WUOM in Ann Arbor. Thanks so much for being with us.

FINN BRUNTON:

Thank you for having me. It’s a pleasure to be here.

SIMON:

First off, how did Pitcairn Island become the center for spam?

(LAUGHTER)

BRUNTON:

It’s a marvelous story. Pitcairn Island, which is the least populated jurisdiction in the world, fascinated me because I was familiar with it only as an extremely minor historical event. It’s where the Bounty mutineers went when they needed to find an extremely remote place to hide.

SIMON:

Right. Mr. Christian. Wound up on Pitcairn Island, yeah.

BRUNTON:

Exactly. And I was shocked to learn that, per capita, Pitcairn Island was the world’s number one source of spam, and I was just wondering, as anyone would who encounters this statistic, how is this possible? And it’s because of the fact that the people on Pitcairn, they don’t realize that they have been made into part of the spam system.

What has happened is that one of the computers on the island has been taken over by a malware program, so this island with 45 or 50 people is broadcasting spam without anyone consciously intending it.

SIMON:

Explain to us how it developed, because I have an idea. Let me try my pet theory on you, the academic expert, that communications technologies expand as they become capable of delivering jokes.

BRUNTON:

Well, I think you are actually very close. The old rule of thumb in media history was that the first private use for any new major communications technology is pornography, but somewhere cheek by jowl with that is humor. One of my favorite details about the history of the telegraph is how quickly an incredible subculture of jokes and gags and pranks and references began to proliferate among the telegraph boys, who are actually managing the equipment.

But indeed, in the case of the internet, from very early on, when it was just these early, often somewhat ragged or haphazard networks between computers mostly in academic settings, the graduate students who were using these machines, as soon as they were not required to use them for some professional purpose, as soon as they had an off hour to kill in the basement, started using them to replay old Monty Python routines, getting back to jokes.

And of course one of the most famous Monty Python routines is the sort of Spam chorus that the Vikings deliver in the made-up Green Midget Cafe in that sketch, where the couple is trying to order something from the menu and everything has Spam in it.

(SOUNDBITE OF MONTY PYTHON SKETCH)

BRUNTON:

So it starts up as a joke, but the term very quickly becomes the universal term for anyone who’s doing that kind of annoying, jokey, time-wasting behavior on these very early computer networks.

SIMON:

Well, help us understand what robotics do.

BRUNTON:

When you get a spam message, sometimes it’ll have an attachment, and the message will say something like, you know, it’ll be a message from a friend and it’ll say, like, oh, hey, could you take a look at this. And then you open it and it doesn’t seem to do anything. It’s just a bunch of weird symbols or it fails to open.

You say, oh, something went wrong. I don’t know, I’ll just delete this and carry on with my day. When you launch that, an exploit within the structure of the software that you’re using has quietly taken over your computer and it is using the computer’s broadband connection to quietly, in the background, without your knowledge, begin sending out spam messages, following the instructions of a central network called a command and control system.

So what that means, if it costs you nothing to send 100 million messages and only some vanishingly small percentage of a percentage ever gets through, we’ll just send 100 million more, you know. And if you can get another 2,000 or 3,000 actually through, you can still make a viable business out of it.

SIMON:

Well, help us understand the scale of that viable business.

BRUNTON:

You always had spammers who are just crooks, but then you had a lot of people who were moving business models in from the world of, for example, pharmaceutical advertisements in the back pages of weightlifting magazines. The people working now are out and out criminals. And that actually frees them up to potentially make a lot more money than they did before, because if they can convince you to buy something, it’s no longer about actually selling you the pharmaceuticals.

It’s about taking your credit card information and then using that for identity theft purposes. And to be clear, spam email is upwards of 85 to 90 percent of all email sent on any given day. It’s just that most of the time we don’t see most of it because our filters are pretty good, but it’s a tidal wave that’s slamming into these walls that we’ve built day after day after day and we see the little bit that slops over.

SIMON:

May I ask, how do you go through life knowing what you do?

BRUNTON:

I use what’s called a password manager in my browser and this is a system, it will automatically generate very, very long passwords for any new account you need to set up and then it will keep track of all of them for you and log you in. Because the major danger here is not that someone will necessarily steal your computer. The major danger is an automatic system that, you know, breaks into Gawker’s password store or what have you, and then begins to systematically search the Internet for other things of yours that it can access using that particular arrangement of email and password. And having a good password manager makes that impossible.

SIMON:

Finn Brunton of the University of Michigan. His new book: “Spam: A Shadow History of the Internet.” Thanks so much for being with us.

BRUNTON:

Thank you for having me. It was a pleasure.

(SOUNDBITE OF MONTY PYTHON “SPAM” SKETCH)

SIMON:

And you can learn about another of his recommended techniques for protecting yourself from spam by going to our website – gee, going to our website to protect yourself from spam. Why not? npr.org.

(SOUNDBITE OF MONTY PYTHON THEME MUSIC)

SIMON:

You’re listening to WEEKEND EDITION from NPR News.

Portions Copyright © NPR

RSN^™ Team
a division of SCARS^™
Miami Florida U.S.A.

---

END

---

– – –

Tell us about your experiences with Romance Scammers in our Scams Discussion Forum on Facebook »

– – –

FAQ: How Do You Properly Report Scammers?

It is essential that law enforcement knows about scams & scammers, even though there is nothing (in most cases) that they can do.

Always report scams involving money lost or where you received money to:

1. Local Police – ask them to take an “informational” police report – say you need it for your insurance
2. Your National Police or FBI (www.IC3.gov)
3. The Scars Worldwide Reporting Network HERE or on www.Anyscam.com

This helps your government understand the problem, and allows law enforcement to add scammers on watch lists worldwide.

– – –

Visit our NEW Main SCARS™ News & Information Facebook page for much more information about scams and online crime: www.facebook.com/SCARS.News.And.Information

To learn more about SCARS visit www.AgainstScams.org

Please be sure to report all scammers HERE or on www.Anyscam.com

All original content is Copyright © 1991 – 2018 SCARS All Rights Reserved Worldwide & Webwide – RSN/Romance Scams Now & SCARS/Society of Citizens Against Romance Scams are all trademarks of Society of Citizens Against Romance Scams Inc.