For the CEO and co-founder of antispam and antivirus company Sophos, this would be the panacea to spam--in the ideal world, at least.
In the real world, however, the solution is much less straightforward. It is particularly thorny in the area of legislation, where worldwide--and not just national--initiatives are necessary, he said.
"We are in dire need of more international agreements," suggested Hruska. "It is possible to have spam legislation in Singapore. But if spam is sent from China or Korea or somewhere else, then legislation (here) won't do very much."
In Singapore for the launch of the Sophos Small Business Suite, an antispam and antivirus software package for the mid-market, Hruska was skeptical about the "opt-out" method favored by Singapore's Infocomm Development Authority. This system, outlined in a set of proposals last week, allows companies to send unsolicited commercial e-mail, provided messages come with instructions for users to remove themselves from mailing lists. The method is also adopted in US, Japan and Korea.
"Our opinion is that legislation in the form we see in US--the opt-out method--is probably going to increase spam, rather than decrease it," he argued.
Furthermore, the IDA proposals could present some problems for the courts, he said.
"I think it's going to make some lawyers quite rich," he quipped. "Because it will be up to the courts to interpret whether messages are spam or not." This difficulty is magnified, he added, because the definition of "spam" is a "constantly moving target".
"Something containing the word Viagra is not spam for Pfizer," he said. "For you and me, it is."
In the long run, he believes that governments should make it "computationally expensive" for spammers by using encryption technology for messages.
"Every e-mail that you send would cost one minute of computer time," he said. "If you are a legitimate user, you may spend a minute to send an e-mail, which is acceptable. But for a spammer to send 100 million e-mails, he would have to spend 100 million minutes."
However, he concedes that this solution would again require a lot of standardization and international agreements before it can be implemented.
Meanwhile, he predicts more and more spam, and with increasing sophistication.
"Perhaps (we'll have) spam that doesn't say Viagra, but has Viagra as a graphic," he said. "These are not subject to simple lexical analysis but use various obfuscation techniques."
Play video
There are currently no comments for this post.