http://www.techradar.com/news/comput...c=rss&attr=all
While the figures of the study are interesting in and of themselves, what I thought was far more interesting was their methodology.
According to the article, students at the University of California, Berkeley and UC, San Diego infiltrated the Storm network, taking control of 75,869 hijacked machines to conduct their own fake spam campaigns. "The best way to measure spam is to be a spammer," claims the study:
Is it really ethical to usurp control of a botnet for the purposes of academic research, and moreover, is it ethical to use the botnet to send out 350 million spam messages?
I'll certainly admit I've often wondered how often spam actually results in a sale, and these researchers have come up with a way to answer that, but I can't help but question their methods.
While the figures of the study are interesting in and of themselves, what I thought was far more interesting was their methodology.
According to the article, students at the University of California, Berkeley and UC, San Diego infiltrated the Storm network, taking control of 75,869 hijacked machines to conduct their own fake spam campaigns. "The best way to measure spam is to be a spammer," claims the study:
"After 26 days, and almost 350 million email messages, only 28 sales resulted," says the research paper.
Yet even with this apparently abysmal response rate of less than 0.00001 per cent, the researchers still estimate that the controllers of a network the size of Storm are still bringing in about $7,000 (£4,430) a day or $3.5m (£2.21m) over a year.
Yet even with this apparently abysmal response rate of less than 0.00001 per cent, the researchers still estimate that the controllers of a network the size of Storm are still bringing in about $7,000 (£4,430) a day or $3.5m (£2.21m) over a year.
I'll certainly admit I've often wondered how often spam actually results in a sale, and these researchers have come up with a way to answer that, but I can't help but question their methods.
Comment