John Gilbey on a sharp account of the increasingly complex business of preventing unwanted emails.
Spam: A Shadow History of the Internet
By Finn Brunton MIT Press, 304pp, Pounds 19.95
Published 24 May 2013
For most of us, our relationship with spam began almost gently: those short, jokey email messages reaching out to us from distant lands, with an intriguing, almost whimsical character. But they quickly grew into more forceful entreaties to help, support, defend or publicise some victim of an injustice we didn't understand in a place we'd never heard of, adverts for exotic pharmaceuticals with the alleged power to enhance pretty much any body part you could think of. Then bizarre offers began to arrive that promised huge rewards in exchange for granting the simplest of help to someone caught out on the wrong side of a conflict, coup d'etat, bereavement or legacy - interspersed with excited, conspiratorial messages about stocks in not-quite-familiar companies whose value was on the verge of going through the roof, honest.
As the technology of email migrated from stilted, mono-spaced text to richer, bolder formats, the messages became simultaneously more graphical and infinitely more graphic. Such was the nature and volume of the material, the tenacity of the originators, the evolution of spam-based malware as an escalating threat and the potential impact on the recipients that huge technical forces began to be pitted against those shadowy figures behind the great rafts of spam - which were now appearing in volumes that threatened to overwhelm the email systems of the world. Finn Brunton's excellent cultural history of spam offers a readable, witty account of the battle between the spammers and the spammed - a battle of often surprising complexity and astonishing technological escalation, in an arms race that is still being fought.
"Digital defence against the dark arts", as it is known, has formed a significant part of my duties through most of this series of campaigns - and I have the scars to prove it. I once set out to calculate the full economic cost of unsolicited, unwanted email messages to the organisation I worked for. The unit costs associated with the corporate provision of effective information technology were painfully substantial at the time - and we considered ourselves to be early adopters at the edge of what was possible. Disk storage, wide-area network bandwidth and processing power all came with eye-watering price tags and were carefully garnered and managed - and we were not a little disgruntled to find that bad folk were usurping the resources that we had painstakingly established for our noble purposes.
Hence the calculation. Some elements were easy to measure: hardware costs based on the assumed scale of the problem, the percentage of our costly bandwidth being occupied by this unwanted traffic. Other aspects were more problematic, such as estimating the time taken to open, read and discard the dross - especially when scaled up across a whole organisation. Then there were the risks even less easy to evaluate: suppose that a message with a particular lack of moral integrity popped up on screen during a presentation to a major customer? The loss of reputation, and income, could be considerable.
Using software tools to block these unwanted messages was also not without risk. Applications to remove spam were starting to evolve, but remained in a constant state of development as the threats became more sophisticated. Most needed tweaking to reach a point where false positives - where a legitimate message might be junked - were at an acceptably low level. "Acceptably low" is an especially difficult term to pin down, as it may take only one crucial communication to be erroneously blocked for the whole system - and its managers - to lose the confidence of the customer. Just before I abandoned the attempt at a realistic costing, and in a burst of something approaching despair, I crossed out "An Evaluation" in the title of the report and replaced it with "A Speculation". …