How Wave Could Tackle the Spam Problem

30 Mar 2010 | categories: [ Post ] tags: [ future opinion problem spam ]

The Wave team have said very little about how they will address the spam problem, but from some clues and hints in the interface and what they have said, I can take a couple of guesses about how they could start to tackle it.

First up, Wave will ensure messages are signed and verified from the source. Currently email can be forged and made to look like a legitimate email coming from a trusted source. The Wave Protocol specifically addresses this, making it impossible for anyone to “spoof” another address without access to that user’s account.
Email currently makes it very easy to send millions of messages with little to no cost involved for the sender - they send and delete and don’t need to save copies of them, and the recipient is forced to deal with the accumulated data. The Wave Protocol however, requires the sender to host the wave and keep a copy for future reference. Spammers will no doubt find ways to send and then remove their waves, but if a host no longer hosts the wave, that could be a reliable indication that the sender was a spammer.
Finally, the few times the developers have been asked about spam they’ve mentioned a possible white-list system. White-listing involves choosing who can send you messages and blocking everyone else. People worry that this will stop legitimate communication, say from long lost friends, getting through. But already built into the interface is a “Requests” link that Wave says are “Waves for users not in your contacts list”. This could allow anyone to contact you, but you’d know at a glance that they weren’t from people you knew and trusted, and could more easily add them to your contacts, or mark them as spam.

I believe a combination of these three factors will go some way to addressing the spam problem. By tying everyone to a Wave server it’s not as economical to spam using waves. By not allowing completely anonymous communication, reported spammers can be more easily shut down, and by white-listing users we can identify potential spam at a snap. The Wave team will hopefully come up with even more solutions to implement and I’ll be interested to see how it develops.

Comments

In point 2 of this article, you mention “Hosting.” What do you mean by this? Do you mean that the wave stays in that person’s “inbox/bin” etc. indefinately, or are you referring to spammers setting up wave servers?

If you mean that the wave stays in their account, then it does not solve spam, as the user can just register a new account once they are done.

If you mean that spammers will host spam waves on their own servers, then this would stop them spamming completely, as that spam wave would be held on their server, and if they removed it from their server, no-one could access it.

15 Apr 2010 Nathanael
In point 2 of this article, you mention “Hosting.” What do you mean by this? Do you mean that the wave stays in that person's “inbox/bin” etc. indefinately, or are you referring to spammers setting up wave servers?

If you mean that the wave stays in their account, then it does not solve spam, as the user can just register a new account once they are done.

If you mean that spammers will host spam waves on their own servers, then this would stop them spamming completely, as that spam wave would be held on their server, and if they removed it from their server, no-one could access it.

15 Apr 2010 Nathanael
I mean that in comparison, email is almost no cost to the spammer, but in either of your examples, it will cost the spammer something - a spammer sending thousands of waves a second will need to keep copies like you say or they will just disappear. If they use free providers (which is I presume what you mean in the first example), the provider will hopefully have strict limits in place that will flag high levels of waving as possible abuse. Unlike email, once their account is suspended, the wave that was sent will be a lot easer to identify as spam by the recipient (now, once an email is sent, it’s gone and suspending a spammer account makes no difference).

15 Apr 2010 | http://nunnone.com/ Screenbeard
I mean that in comparison, email is almost no cost to the spammer, but in either of your examples, it will cost the spammer something - a spammer sending thousands of waves a second will need to keep copies like you say or they will just disappear. If they use free providers (which is I presume what you mean in the first example), the provider will hopefully have strict limits in place that will flag high levels of waving as possible abuse. Unlike email, once their account is suspended, the wave that was sent will be a lot easer to identify as spam by the recipient (now, once an email is sent, it's gone and suspending a spammer account makes no difference).

15 Apr 2010 | http://nunnone.com/ joshnunn

Comments are closed.

You can interact with me direct on Codeberg (raise an Issue), or on the Fediverse.