7/27/2006

Some cleanup

I have an interesting article to post but it's not finished. I'm trying to make is good enough for not technical people to understand. It's about a phishing operation very well planned and organized. It took a lot of reporting and explaining to ISPs but it was worth it. The whole operation is gone... and it will be back.
Meanwhile, I want to remember all the scammers that are trying to login to their mail accounts and can't do it anymore. It's not exactly like that. They have plenty of mail accounts and they can open as many as they want. But every one closed may has meant one victim saved, at least annoying the scammer, and it only takes one click at the forward button.
You'll notice on the list that almost all are Yahoo mail accounts. The main reason is that their abuse department sends a notification when it "takes action". Whatever that means, the account is closed. Other mail services may take action or not, I just can infere they did because I don't get more mail from that account. Tracking every report to its final conclusion is a day job and I have one already.
Also, you'll notice that a lot of names are similar or the same. Sometimes is the same scammer coming back for more (why dissapoint them?) and some other are names of public personalities like Mariam Abacha (wife of the late nigerian dictator Sani Abacha), Charles Soludo (governor of the Central Bank of Nigeria) or Charles Taylor (ex liberian leader on the run).
Good stories needs some undeniable truth underneath to support them. Even if you don't know this personalities, you'll find information about them to confirm that they exist and that the story is possible.
Some others are names that are referred somewhere on the web where you can go and verify the story. For example, the names used for inheritance scams are taken from lists of people who died in airplane crashes, train crashes, 9/11. You can go to news web sites and look for this stuff.
Lately, there are many scams about US troops finding the money that Hussein (any of them, Saddam, Usay, Who-am-i) had stashed somewhere in Iraq. The names are taken from news too and the most popular seems to be Robert Seidel, a first lieutenant who died in Bagdad. Why did they take this name?, is a mistery. They could have taken any other name or made one up. But it seems that they are unable to come up with a western name. Don't ask me why, when the scammers want to impersonate a western person they're always Smiths and Jones or movie actors (Dr Jack Chan, also known as Jackie, is on the list) or variants of a movie actor name that somehow end up sounding even more fake than the original like Clint Southwood.
Other interesting thing is that the mail addresses have number, lots of numbers. Mostly because they use the same names over and over again. I bet that there are at least a thousand Abacha's in Yahoo right now, and I mean the active accounts only. Also, they open mail accounts in series, xxxx01, xxxx02, etc. This way, if one is closed and they have a "work in progress" linked to it, they can move to the next and pretend nothing has happened.

A sample of the kind of people we're dealing with.
Last week I won the Netherlands lottery. I answered the mail in dutch, I though it was a nice touch to use their language as a way to thank them for the price. Actually, it wasn't dutch, I don't speak dutch. But I made it looks like dutch. The agent in charge of my payment asked me to use english. So I replied "I though you'd like me to write in dutch". And he answered "No, we do speak english here, we're not germans" (SIC).
It's hard to believe that this kind of person is able to scam money from other but it happens...

And here's the list in alphabetical order:

agatha_denis@yahoo.fr
agatha_g5@yahoo.com.au
agentgeorgesimmons01@yahoo.com
agentgeorgesimmons5@yahoo.com
akachi_emego@yahoo.com
alart_efcc@yahoo.co.uk
angealfred_01@yahoo.ca
arafatsuha10@yahoo.com
barclaysbankofficials@yahoo.co.uk
barister_prince@yahoo.com
barr_cemonynana@yahoo.co.uk
barri_frankbrightchambers4law@yahoo.com
canada_agent_tob2006@yahoo.com
cbngov_624_soludo@yahoo.co.uk
cbngov_c_soludo@yahoo.com
charlesaka_office44@yahoo.co.uk
claims_swtbplc@yahoo.com
cyrile27_chambers@yahoo.com
dallicklucy@yahoo.co.in
david_hill06@yahoo.com
donalson1060@yahoo.com
dr_musahalloma@yahoo.com
drjackchan@yahoo.com
eminentleo2004@yahoo.com
emma5050tg@yahoo.com
fmenv_27.3million@yahoo.com
goodwill_akanakpa002@yahoo.co.in
goodwill_akanakpa02@yahoo.co.in
guei@terra.com.mx
harrisjames01@yahoo.co.uk
hazmanbinharun5@yahoo.com
honda_claimsagent1@yahoo.co.uk
info_uk1@yahoo.co.uk
infoprocessing_cbn@yahoo.ca
jackreinschmidt9878@yahoo.com
james_benson502@yahoo.ca
jimmy_guei@yahoo.fr
jnumvette211@yahoo.com
john_mercy002@yahoo.com
joy_martin007@yahoo.fr
joybrown090@yahoo.com
kabah_olivier@yahoo.fr
king_harry5@yahoo.fr
lamine_kone_14@yahoo.com
lchristopher4000@yahoo.co.uk
mabachah1675@yahoo.com.ar
malik_regan2005@yahoo.co.uk
maryann_preeety@yahoo.com
mudisat_brown06@yahoo.ca
my_1jones@yahoo.co.uk
nkemyz_tyoli300@yahoo.ca
onukelechi_747@yahoo.com
petel05@yahoo.com
porkar234@yahoo.com
prince_ennita@yahoo.ca
prof_charlessoludo405@yahoo.com
rabikujio@yahoo.fr
rev_will_kingsley147@yahoo.com
robertseidel2003@yahoo.ca
robertseidel2006@yahoo.com.au
rosemary_collins543@yahoo.com.sg
rosepeterci@yahoo.fr
sir_wilkins202@yahoo.com
sule_i1@yahoo.com.mx
sule_ibrahim_nrc@yahoo.com
sule_j_4u@yahoo.com
tadiga2006@yahoo.co.in
tombrown1024@yahoo.com
tonygood102@yahoo.ca
tonypaul080@yahoo.com
vc_obi@yahoo.co.uk
vivian_uk40@yahoo.com
zuma_edwards2005@yahoo.ie


Farewell my friends, I know you'll be back and I'll be waiting for you

7/23/2006

Email and us

I hate email, sometimes, most of the time, all of the time.
Don't get me wrong, I think that email is a great thing, but the way we're using it is turning a useful tool into a carving knife stuck in our backs.
The biggest problem with email is that it's too easy to use.
Yes, read it again. I'm writing it and I had to read it again. But that's exactly the problem. It sounds confusing because it should be its biggest advantage, and it is. And is also its biggest problem.
Not only is easy to the final user. The rules of the email system, its protocol, are simple and easy to understand. We, as users, don't have to deal with it. But if we had to, believe me, anyone with a couple hours of instructions would be able to do it.
Let's take a look at some of the consequences of the easiness of email.

SPAM


Spam is the first one to come to mind. Spam does exist because mail is easy to use. One spammer can send millions of messages pressing one button, no sweat. Of course he has to produce the content, the ad, but he has to do it anyway. Before email, the ad was produced too and the printed, folded, put into an envelope, closed, posted, stamped, etc. There was a considerable number of mechanical procedures and materials involved. Not only it took time and effort, also money. The typical spam ad is under 100 Kbytes, a 1 Mbaud DSL connection may transfer 100 Kbytes per second, assuming that the overhead of the communication is 4 times the size of the data (no way), you can send one message every 4 seconds, 21600 messages if your program run nonstop all day.
And this is a very conservative estimate. The overhead is not even close to 4 times the data volume, no decent spammer is working with 1 Mbaud bandwidth, using CC or BCC fields you can send one message one time to a huge number of destinations, and some other factors that increase the estimation to the levels we're seeing this days.
No effort, no cost, is like a dream. The worse part is that nobody cares if its efficient, and it's not. But is so cheap to do it and so easy to reach millions that wasting 99% of them is affordable, just getting 1% positive response from the 1% that is actually opened and read is worth the investment because the investment is worth nothing.

The first attempts to fight spam was based on black lists of senders, not a very successful strategy, and didn't last for long. Today is totally worthless, you don't get a real mail address from the sender and if you do it doesn't belong to the sender, most likely is one taken from the same list where your own mail address is, maybe you own.
Then the content analysis method appeared, software to check the content looking for telltales of spam. Words like sex, viagra, pharmacy, that showed up on most of the spam messages were compiled and rated in databases and used to rank each message. For each match, the message gets x points depending on the rate assigned by the database and z less points for each word that doesn't have a match. If the message gets more points than a previously established threshold, is spam.
The system is sheer genius, I have to give credit to the guys who invented it, but is not the real solution. The spammers then started to change the words, v14gra, s3x, ph4rmacy. Or cut them like Via gra, s.e.x, phar ma cy. You can read them but for a computer there's no match on the database. Or they sent pictures as inline attachments, no words in the message to rank but you still get an ad that you can read. Or they fill the messages with passages from Shakespeare, Whitman and other authors to decrease the rank of the message.
All this tricks were addressed by new versions of the spam filters but the tricks keep changing and the size of the databases of banned words will eventually render the system useless. But that's what we've got today.

One thing that you should never do with spam is click a link or answer it. This is a NO-NO-NO. Not even if you're interested in the product or service. Most of them are tagged, they have a code linked to your mail address. That option at the bottom you should click if you don't want to receive more, it's a lie, it's a way to confirm that your mail address is good, that is real, that someone is checking it frequently. Same for the links to the product, whether you buy or not they'll know that your mail address is good. Then, your mail address will be ranked higher and more likely to be spammed.

SCAM


A scam mail is a message with a tempting offer. It's always someone who has money for you that can get just by giving your consent, use your bank account, pose as the heir of the fortune or just take the prize you won on a lottery you don't have a ticket from. The reward is always huge, my personal best was an offer of 425 hundred millions, about the debt of a third world country. And it has to be, because once the small fees and charges start to surface they want you to keep going to get your gold pot at the end of the rainbow. Is not easy to understand how people fall for this but they do.
Sometimes the offers don't look that good but they're good enough. Lately is common to see job offers that requires a fee to cover resume processing expenses or that requires you to have a bank account. The first one is pretty obvious but the second is not. The goal is always to get money from you, they'll try anything to make you send some. But the worst of all is when they actually send you a payment, a check or a transfer, because in the USA you're credited that money because you're good for it, not because the check is. This means that the money will be available almost immediatly but the check will keep going its way through the system. With the money at hand, you're supossed to send it to the scammer and keep your cut of the deal. Days later the bank will find out that the check is a fake or stole or something like that, and you'll have to give the money back. The bad news are that you don't have it and that you've just commited a crime because it was you who deposited the check and you can't prove that you received it legally.
This trick was (and is) very popular in auctions, the scammer buys your stuff and sends a check in excess of the price agreed. He blames his secretary, assistant or himself and asks you to send the difference to someone else. Different story but the same ending.
Email brought us scams because it's so easy for the scammer to reach us now, but also because it's so easy for us to jump in just by answering an email. And that's the next item, not what we get but what we give.

SENDING MESSAGES


We saw that people fall for scams, not everyone but enough to keep the business running. Email contributes to this lapses of judgement because of its easyness, we have the urge to move on with it now, we feel compelled to answer every single one as they pop up in our mailbox. People don't take the time to think about it and when they type the answer there's no time either, we go so fast through it. Many years ago when mail was almost an art, we took our time reading every letter and writing an answer. Enough time to think about it and ponder each word, I'm sure that the scam business was a lot harder. While people were writing the answer, the excitement of the first impression started to fade and eventually find out the real nature of the offer. Now, we suffer the email fever. And not those who fall for scams, almost all of us do, we answer messages in the heat of the moment. No time to think about it, from reading to writing in a nanosecond, and just a few seconds to type and be ready to send. We can do it all in one breath and regret it for the rest of our lifes.
Answering email in haste is a big problem for both personal mail and work mail. I'm sure that any company with hundred of employees are suffering it right now. I know companies with less than 10 with this problem right now.
The mail replaces face to face communication. People try to avoid confrontation by using email, in a way they feel detached from the mail they write. Dealing with confrontation in person involves emotions, email somehow has become something totally impersonal. Maybe because the old style letters have material existence, we feel that they can convey our feelings, our moods. Email is not even thin air, it has no material form.
We have the feeling that, being physically away, we can do a better job of expressing ourselves. And maybe we can if we try, that's what we used to do with the letters. But there's one big difference in time, the time it takes to write, the time it takes to send. Time that we used to think, to carefully choose words, to go back and re-read, evaluate and correct.
We don't do that with email and I think that's the rule number one of email should be take your time. Never answer an email in haste, never start answering right away, never answer in less than one minute. If you take sonetime before answering, you may find a better way to do it. Maybe a more positive, organized, informative answer. Maybe a phone call. Maybe a direct face to face oral answer to the senders who's in the next cubicle.
I'd like to see new features on future releases of email software to deal with this problem. It could be a client application that blocks the send button for a period of time after you open a message or a server that sends you back every message with a huge sign saying "Are you sure you want to send this?". It can also check how much time you take from reading to sending and act accordingly, the fastest you do the longer it keeps sending it back for confirmation.
It's a joke, but I can imagine a corporation doing it. The bottom line is: take your time, be glad is not a face to face conversation, seize the opportunity. You can take as much time as you want or need without annoying the other party. We regret what we say frequently because we let our mouths open before our brains start to process what we've just hear. Now that we have the chance of revert the situation, we keep making the same mistakes.

SENDING MESSAGES... A LOT OF THEM


To make matters worse, another nice feature comes in the picture. Back on the days when a xerox wasn't a part of our everyday life, each letter was unique. If it was addressed to more than one person, it was written or typed many times. If the sender wanted to inform someone else about the content of the letter, carbon paper was used to make a copy during the writing process. It was customary to indicate in the footer how many letters were done and how many copies, even the copies were numbered indicating how close they were from the original, something you could tell easily just by looking at the intensity of the print. This number set the hierarchy of the employees the way cubicle to window distance does today. And, if the sender wanted someone to be informed and nobody else to know, it was just a matter of adding another carbon paper and omitting that copy from the count.
With email you can address your letter to as many as you want just by adding them in the "to" field. Then copy as many as you want in the "cc" (carbon copy) field or in the "bcc" (blind carbon copy) field. All of them will get exactly the same message. That's why we need different cubicle positions now.
But the point is that before it wasn't easy to choose who will get the letter. Making extra originals took time, the number of carbon copies was limited and blind carbon copies were even more limited, because those who were to get one always got the first one.
Now, it doesnt' matter. People add and add, anyone on any field. The more, the merrier.
In the personal level, this easiness produces chain mail, long messages with one thousand forwarding headers and one silly comment at the end. People use to forward anything, and I mean ANYTHING. Whatever it is that fall into their mailboxes is automatically forwarded to all the contact list, friends, family, ex-anythings, co-workers and the plumber. They feel the compulsion to share those things that move them in any way. Power point presentations with puppies, silly two line jokes, infalible diets and hoaxes of all kind. And send to all the contacts on their lists, lists that haven't been checked in ages. Half of the people in there is dead, half of the rest are out of their life, half of the rest are unkown persons that were listed for unknown reasons and the one that's left is the one who sent the message originally.
Besides the use (waste) of resources, like bandwidth and storage, there's a lot of undesirable consequences from this behavior (I could mention annoying me but I doubt it will change my friend's habits). Spreading hoaxes creates the feeling that those stories are real, people are gullible, they want to believe. One probably wouldn't believe one message, but after reading it and hearing someone else talking about it the perception changes. Add to that a reunion where the subject arises and almost everyone is aware of it, and now it has turned into an incontrovertible truth. Of course everyone knows about it, everyone gets the same message, everyone sends it. Nobody is paying for each message you send, not to you not to anyone. All those kids and teenagers are not lost, and if they are, nobody is doing the search through email. There's nothing wrong with all those products that you've been using for ages, and if there is, it has nothing to do with all the things mentioned on the message. It doesn't matter how many keys you press in your cell phone, you won't get more free calls that those allowed by your call plan.
I'm sure that you can mention that one exceptional message that was real and useful and important, one in a million. And you're right, maybe that one was worth to be forwarded. But if it was so important, why didn't you erased the forward header? do you realize that after two page downs without finding a message most people trash it? why didn't you choose who to send to? why didn't you read it with enough attention to understand that that one made sense and the other ten thousands didn't?
Forwarding aimlessly is a lazy behaviour. If you want to share with a friend, go get some coffee with him and tell him about the message you've just received. Take a copy with you to show him, print it, copy to a floppy, whatever. Send it to him later if that's what he wants. Trust me, it's a better way.

MAIL AT WORK


It's a lot worse in the work environment where the email has turned into a lethal weapon.
Without email, written stuff was final, people met and discussed issues just like today but the written version was for final decisions, things that rarely changed. And it was done that way because writing was expensive in time and resources. I'm sure that meetings were a lot more productives for the same reason, it wasn't like engraving in stone but compared with email it was close to it. Everyone wanted to reach an agreement and that agreement to last forever. Imagine what a change would have meant at that time on a hundred pages specification or a blueprint. Even the smallest changes required all to be written or drawn again.
Today, talk is cheap and email is even cheaper. It's not even worth the paper is written into.
Drawings, specifications can be changed in minor details and printed over and over. Meetings are not so critical and issues are left to be disscused over email. Almost anything is disscused over email.
And, again, email is a wonderful tool but, as most sharp tools, it may turn into a weapon.
Discussing over email allows participants to express their ideas more clearly, without interruptions. Those who read have more time to understand the idea entirely, they can go back as many times as needed, take more time to ask for clarification and answer or not. At any time, all the participants can go through the whole discussion in detail. At the end, the messages can be archived for future reference.
Sounds nice, doesn't it? However in real life it doesn't work like that. Instead people babble endlessly about anything totally unrelated to the point in discussion. They write like if they were talking with total disregard of grammar and punctuation. It doesn't matter because nobody reads, each participant tries to impose his own ideas. Without face to face confrontation, people feel they can be more assertive, stand their grounds even if they're wrong. Because once you said X, X it is. Otherwise, two of your messages saying opposite things may and will be used against you. We have a natural resistance to acknowledge our mistakes. In oral communications is easier to blame a misscommunication, a missunderstanding. Nobody can really quote you literally and even if he can it's always arguable.
With email whatever you said is on everyone else's computer.
This is not a typical case. This is an enumeration of all the bad things we do with email. I wouldn't want to see all of them together. Because there are a lot more.
Every message includes the previous message which includes the previous message which...
Exactly like the aimless forwarding, this conversations grow with each intervention. So everyone has every single message as it was received plus every previous message included on it.
It gets worse. In the middle of the conversation, one participant takes the opportunity to add a personal message to another. Just because his name was there, his mail address at hand, the message is sent complete with all its content and on top a comment totally unrelated, an invitation to play tennis or a side comment on the tune of "can you believe this jerk?".
And if the receiver is not careful, the conversation may be continued from this message and distributed to everyone. The odd comment may remain unnoticed for a long time, maybe for ever, and if found it may be harmless. But what f it's not? What if the jerk finds out?
Sometimes this deviation occurs as part of the same conversation. Like when the input of someone not included initially is required for a particular topic. This person receives each and every single message from the conversation, all in one, with a question addressed to him on top.
This is a great opportunity to add to the confusion. Because he's not going to focus on the issue he should, he may or may not answer the question, but he won't limit his intervention to just that. For starters, he's going to read everything from top to bottom. Every single message not meant for him. Because they're there, because he wants to be updated of the situation, because he wants to be sure he's not being set up. After that he may answer only the question he's been asked, comment on any other issue from the conversation, raise any other issue related or not to the conversation or any combination of these. From now on, whatever his intevention adds to the conversation, everything will be kept circulating on every sinlge message among all the original participants plus the outsider who will remain included until the end.
Nobody wanted him included on the discussion from the start, whether there was a reason for it or not, and, for the same reasons, nobody would want him to remain included. However, nobody wants to cut him out either.
And that brings another issue. As we know, sending one message is the same as sending one thousand in terms of effort. Taking names from the address book is simple, is easy, is fast. No wonder nobody wastes much times trying to figure it out who to send to. When in doubt, add, unlike previous ages when one more copy was expensive and the default choice was don't. As a consequence, a lot of people is included that has nothing to do with the issue in discussion. Not only they get messages they shouldn't, wasting time and resources, also the door is open for them to actively disrupt the conversation with negative input or divert the attention of the group raising totally unrelated issues.
Nobody really pays attention to how the message was addressed. If you're listed on the "To" field, the message is meant for you If you're listed on one of the copy fields, the intention of the sender is to keep you updated but your input is not expected, maybe not even desired.
It should be a matter of common courtesy, at least, to contact the sender and ask for permission to participate before jumping in. Even by mail, but on a personal message to that person.
One would think that, being all this problems so evident, corporations have thousands of professionals dealing with this situation as we speak. And they are, they've been trying to define the problem clearly enough to write the proposal for a specification with rules and procedures to guide  users on good and efficient practices in the use of email... over email. The last message I've received was 100 Mb of quotes from the last 5 years and I don't even work for this comitee.

(Just kidding!)

7/21/2006

Nice support Microsoft

This was supossed to be an article about email, but a small incident with Microsoft changed my plans.

I've been talking here about things that we have to deal with everyday using the Internet. Things that, for whatever reason, are way out of control for the regular user.
Scam that can't be identified by the regular user, that can't be reported due to jurisdictions problems, spam that fills our mailboxes and we can't tell from where is coming, etc.
In spite of all that, Internet is a huge marketplace, companies want to be there because people are there. Millions spend time on the Internet all day, everyday, and companies that wouldn't have gone too far with that thousand dollars start are now making millions.
I don't complain, I think is fine to have a healthy market going on.
But the think I don't understand is why those who profit from this market don't do something to protect it. It can't be money, they have plenty, It can't be resources, they have plenty. It can't be the lack of a doable solution, they know how to do the job and if they don't I do, just ask me.
Today I had one more evidence of this attitude, this time from Microsoft itself.
I've received a message on July 20th with an offer to download an install the new Windows Live Messenger. I'm not posting the message here, besides it's in portuguese. But I can tell you that it looks a lot like a Microsoft web page. Whoever did it, took the icons and the styles from real Microsoft's web pages. This is standard procedure for this kind of traps, the message has to look like the real thing to make you fall for it.
Once again, I want to stress the fact that this people is taking the images directly from the real pages. They're not copying the files, they don't have the images stored on their own servers or a hacked one, they're just sending the messages with links to the real thing. Like these

http://ads.msn.com/ads/pronws/CIQ2055/images/5.gif
http://ads.msn.com/ads/pronws/CIQ2055/images/party_icons.jpg
http://ads.msn.com/ads/pronws/CIQ2055/pt-br/6.gif

I took these links from a fake message, as you can see, they are all files in MSN's servers. Same goes to Paypal's and eBAy's phishign messages and web sites. They're all linking to the real files.
The companies can use this to their own advantage. The best list of phishing pages and web sites is in their own logs. Every time one of these images is requested, the server's log has the information to identify where it was requested from. If the location is a web page from an adsl IP address, they have to know it's a phishing page. When they're referred from a site in China, Singapore or anywhere else and it's not an image intended to be used by affiliated sites or the address is not one of their affiliates, they have to know that it's a phishing page.
They can avoid this too, save their resources from being used by criminals or, beter yet, protect their customers at the same time, the customers that are their reason to exist, those who make the market they're profiting from.
The solution is simple, they have to serve images only when the HTTP referrer is their own web page. If it's not, they can either not serve the image or send one with a warning saying "this is not from xxx", "if you're seeing this is because this web page or message is not originally from xxx" or any other that make the user understand that he's not looking at the real thing.
Surely, the phishers will start to take the images to another place and link to them. But that's more work for them and more weak links on their chain, every image storage that we can find and shut down will turn a lot of messages and web pages useless.
Even if the phishers succeed, the companies can escalate their defenses using dynamically generated images. Something that changes with time, depending on your location, even your own profile. Anything that shows that you're connected to the right server when you see a message or use a web page.
All these simple solutions will make the criminals invest more time and resources to keep operating, it will make them more vulnerables. Is not a punishment, is a way to turn the balance of the situation. Today, it's easy to do, it's cheap, it's safe, it's affordable. If they have to invest more time, hack more sites, get more storage space, they'll be more vulnerable, they'll have more weak points on their operation, their cost/benefit ratio will turn to the red side. Hopefully, the activity won't be profitable anymore, I doubt it, but at least it will decrease. The smallest players will be out and the big ones will see their business shrink. And being a small number of them, maybe it would be affordable to pursue them.

Going back to the Micrsoft support story, this message I've received have a link to download and install the new Live(R) Messenger. Here's the link and a warning. DON'T DOWNLOAD THIS FILE UNLESS YOU KNOW WHAT YOU'RE DOING. DON'T EXECUTE THIS FILE. It's a known trojan and if you want to know about it, all the information is around the web. No need to take a risk for that, go to Grisoft's web page and look for "Trojan horse Downloader.Delf.11.AS".

http: // descolados.irishost.net / Install_Messenger.scr

The spaces were added to make you think before trying the link. If you have antivirus software (a good one) and your files are updated, you'll get the warning immediatly.
So I went to Micrsoft's support page and reported it. Also I reported to the hosting service.
Microsoft sent me this answer

Hi James,

Thank you for contacting MSN Messenger Technical Support. My name is Jonathan and I'll be glad to assist you with your concern.

Based on the information I received, I understand that you found a Trojan virus installer advertisement together with Windows Live Messenger.

Before anything else, please accept my apologies for any inconvenience that you may have experienced because of this issue. Don't worry I will do my best to try to address your concern.

With respect to this issue, I would need you to send a support request to the Windows Live Messenger technical support queue, as the resolution specialists of the said support queue are tasked to handle concerns such as the one you are currently experiencing. James, I know that going through the process of re-sending a support request would be a bit tedious on your part, but rest assured that doing so will help resolve your concern in the quickest possible time. To send a support request to the Windows Live Messenger technical support queue, please visit: http://support.live.com and click Windows Live Messenger.

In this light, I hope that I was able to help you with your concern.

Feel free to contact us through http://support.msn.com if you need further assistance. For additional help, visit http://messenger.msn.com/Help.

Thank you for contacting MSN Messenger Technical Support. Have a great day.

Sincerely,

Jonathan
MSN Messenger Technical Support


I have to recognize that they're nice people. First of all, they apologize, it doesn't matter why, they do. I hate that attitude, it seems that if you're contacting support they have to, to make you feel better. Well, it's not working. It doesn't make me feel better. I know they don't mean it, it's just part of the training, it's the procedure. They don't have to apologize for something that's not their fault. The point is they don't pay attention to the customers, they don't listen, they don't take positive action. The procedure is make you feel better and move on.
But this is just rant, the real issue is that they don't take it as their problem. As you can see, they want me to go back to the support site but this time to the specific support site for Live Messenger. They know that it "would be a bit tedious", but it will "help resolve my concern". IT'S NOT MY CONCERN!! IT SHOULD BE THEIRS!!
Here's my answer.

Jonathan

I'm not going to do anything. I don't care. It's not my problem. I was nice enough to warn you about an event that may hurt your users, even Microsoft's image. You go and deal with it, or do nothing. The solution is one phone call away from you but it's a lot easier to put the burden on me and send me to fill other web form that will send me another automated response...
Sorry, I won't do it. Microsoft has been informed of the situation and I'm taking this message as the official answer. Thousands of Microsoft users will fall on that page, probably thousands did already, and the solutions was pretty simple. In fact I'm doing it, I'll keep trying to contact the site owner, the IP owner and the domain registrar until one of them takes the page down. They won't listen to me, they don't, they didn't. However, it feels a lot more productive than wasting my time going through Microsoft's corporative support system.

Have a nice day


Meanwhile, the page is still there...

PS: I've just send another round of messages to tfisher@irishost.net, jgilmor@irishost.net and abuse@webhostplus.com

7/07/2006

Big Brother - Part III

Back to big brother, is there something that may be called big brother on the Internet?
Yes, there is.
Is not what you're thinking of, there's not such thing as a huge database with all our names and a log of each and every session we do on the net. At least I hope not. But there are other things that, in the common user perception, are almost as scary as that.
Right now you're being under my scope. This blog has a log feature (courtesy of eponym) like any other web server. This log tells me where you come from, your IP address, what browser are you using, the timestamp, what you requested, if you clicked on a link and where was the link, etc. It doesn't say much about you yourself. I wouldn't be able to follow your steps unless you use exactly the same browser from the same IP and even then I wouldn't be sure it's you all the time. The idea of this log is to help the owner administer the site, check resource requirements, adjust the design of the page to serve all the diferent browsers, etc.
But let's say that I give you one option to "improve your reading experience", something like choose your own font, choose your own background color. Unless I can identify you, you'll have to repeat the choice every single time. One option for this would be to make you open an account and save your preferences. The other is a "cookie".
A "cookie" is a piece of data related to a site that is stored in your computer. The cookie allows the server to recognize you from request to request, remember your preferences and follow your steps.
But before going further into this, there's something you have to understand about web servers. Let's say that you log into your webmail or go to a news web page. You spend some time in there and call that a session. The server knows you, because you said who you are, or not in the case of the news page. But in both cases you notice that the service was oriented to you. Your webmail allways shows your inbox with your messages and sends in your name. The news page allways shows those headlines related to the topics you had chosen previously. You don't have to identify yourself or repeat your choices every single time you open a new page.
However, from the technical point of view, a web session is a request for one element and one element only. When you open this page, you send a request to the server for the index.htm document. The server sends you that file and you close the session (your browser does). The index.htm file is just the text and the format of the page, you can check it out with the option View Source in your browser. Once your browser has the HTML file, it starts asking for the elements required to build it for you. The images, java scripts, any multimedia file, etc, they're all referred in the HTML file and requested to the server one by one in different sessions. By session I mean a TCP/IP session, your browser opens the session, the server acknowledge your request, your browser sends the message requesting one element, the server sends the element, your browser closes the session. Up to this point, this is what HTTP protocol does, no more, no less.
The protocol itself has no way to know that it's you through all those sessions and for the most plain and simple pages it hasn't the need to do so. Like in this page. Any request of any element will be served exactly the same regardless of the client. But if you're using your webmail or your bank account, the server needs to know who you are in order to build a page with the information relevant for you.
The cookie does that, the server creates a virtual session, assigns a code to it and sends it to your browser in a cookie. Every time your browser sends a request to the server, it sends the cookie too. The server knows that that particular cookie was generated and sent to you at the time you identified yourself, hence any request bearing that cookie must has come from you.
That's a session cookie, is good only during that session. The cookie is created with a short lifespan, in the order of hours or minutes, and should be discarded when the browser closes.
There are also persistent cookies, cookies with a long lifespan, even beyond reasonable limits that we can call eternity for practical reasons. Those cookies are the ones used to "improve you browsing experience". They store your site preferences but most of the time is just one code, an ID code. The server stores your preferences and link that set to the ID code sent to you in the cookie. From that point on, all your requests include the cookie, the server looks for you preferences and personalize the page for you. Nice, isn't it.
Also now, the server is able to track your steps from session to session. Let's say that you visit your favorite bookstore and spend some time looking for books about gardening. Then, on your next visit, half of the books highlighted in the front page are about gardening. Have they read your mind? Is this a case of Jung's synchronicity? Of course not, your browser now has a cookie and your cookie has been linked to many search requests for "gardening". The server does it to improve you "shopping experience". And to make it more likely that you buy a book.
Now this seems intrusive, they're really tracking your every step, what you look for, what are you into. Yes, is true. But unless you open an account with them and identify yourself with your real information, they have no way to know who you are. And, most likely, they don't care.
Is that so bad?
I bet that there's at least one store where you drop by frequently. A coffee store on the way to work, a deli, a drugstore, a tobacco store. If there is, chances are that you're served before ordering most of the time. The server acknowledge your "cookie", you, the real you, and has it linked to your preferred mokachino, sandwich or cigarette brand. We don't see this as intrusive. However, a stranger is aware of our preferences, where we buy, when we buy, what we buy.
The difference is in our minds. The desk clerk is human, the server is not, we have a natural inclination to trust humans and distrust machines. On the other hand, we don't pick up a porn magazine in front of a human clerk but we take it from the server that we distrust.
I know, is not easy to understand. But the human mind is too complex to be explained in this blog.
Moving forward with Internet and privacy.
So far, we've been through some of the ways a server can look over our shoulders. None seems to be really scary. Even a persistent cookie looks harmless, it doesn't carry our identity, is limited to the server who issued it. And you have many ways to avoid them.
In you browser settings is an option to set policies for cookies. The options change from one brand or version to the other, but basically are whether accept cookies or not, what to do with them and a list to discriminate servers for specific actions.
Nowadays, a policy to reject cookies is a bad idea since most sites involving long sessions, like webmail or shopping sites, rely on cookies to operate. So at least you have to allow session cookies, optionally you can designate the sites you use. Also you can have a list of sites that you want to keep your preferences. Then you either block all the rest or set a policy to delete all cookies when the browser closes or go to your browser settings and delete them yourself.
That's a good set of policies if you're worried about cookies. I prefer to delete them myself, but not from my browser settings, I go to the cookies directory and take them all out.
So you can do the same, go to your Document and settings directory, there must be one with your profile name and in there a Cookies directory. This is if you're using a 32 bit version of Windows or later, other operating systems and browser may have their own separate directory. Anyway, you'll find a list of files, most likely with your_name@some_domain. Each file is a cookie related to that particular domain, so you'll find there a list of some places you visited and some you didn't. Yes, you've read that right, some that you THINK you didn't. I'm sure that you've never been to 2o7 or doubleclick or zedo or webtrends, and the list is a lot longer than this.
Now you must me wondering how this happened, I said that you get a cookie when you visit a site, you only get a cookie related to that particular site and your browser sends cookies only to the site they belong to. And all of this is completely true, at least I hope so. The answer is that you visit a huge number of sites without knowing it.
Let's go back for a second to the HTTP session. When you ask for a page, the server sends you the first element, the file of the page itself. It contains all (or most of) the text, formatting information and the references to all the other objects. But those objects could be, or not, on the same server. So you get your page from server A, the HTML text says that an image is required and that is located at server B. Your browser opens a session with server B, exchange cookies if needed, and gets the image. Meanwhile, you've visited a site you didn't explicitly ask for.
This is not against any rules, it's totally normal although unexpected for the common user. Some of this links are used just because the page requires that element from other server, for example some forum pages don't allow users to store avatar images on the server. You have to store it somewhere else and configure the link in your profile. Every time a page has to show your avatar, includes the link to the server you designate for that. These cases most likely don't use a cookie.
Most of the links that use cookies are advertising, pages that have contracts with doubleclick or zedo are paid for setting a link on their pages. Every time you request a page, a request or more are sent to the advertising server for the elements required to complete the page. Those elements may be allways the same, or changed frequently or rotated among group of ads. Those servers need to keep track of each and every request made to show result to their clients and pay to the page owners. They set cookies for many reasons, they want to know how many different persons were exposed to each ad, they want you to see as many different ads and, if you clicked one, they want to send you those ads that you're more likely to click.
Remeber that one rule of the cookies is that they're only related to one site? They are. The cookies from ad server A are and will be exchanged only with server A. The problem is that server A is being referred from sites B, C and D, the sites you're visiting. Now, server A can tell when and where you visit each of these sites, if you pick an ad from B they'll send you related ads when you visit C and D.
This is targeted marketing and I doubt they use it for any other evil purpose. In fact most of them just control the number of exposition for each ad, balancing diversity and quotas, showing each user as many different ads as possible and reaching the goals required for each paying advertiser. The selection of topics is done beforehand, porn ads in porn site, foods and wines in epicurean sites, etc.
Google does this topic analysis for its AdSense program. The topics are chosen based on the statement of the site owner who subscribe for the program but also by the content. It's not very accurate. Suposse that you have a site about the red lobster of the south Pacific (I have no idea if such thing exists), you're trying to bring awareness to the general public about this creature in danger of extintion due to excessive fishing and habitat degradation by human activities. AdSense could fill your site with ads about lobster restaurants, fresh lobster on sale and lobster recipes. But taking into account the huge number of ads showed up every minute, the results are good. Otherwise, people won't pay for it or take is for their sites.
I don't know if Google is doing what I'm about to mention, if it starts to do it I hope they send some money my way. The system gets more accurate as more users choose ads. In the lobster case most users would ignore the ads, making them less likely to be reassigned to that site. On other sites, where the ads match the content of the site and the interest of the visitors, the click rate is high making them more likely to be assigned to that site and others with related content or linked from there.
I don't like ad laden sites where you have to dig for the content you're looking for, not mentioning those sites that are ads, no content. But at some point I have to compromise. I like the idea of having free web sites with content I can use, news, recipes, instructions of any kind, reading material. The owners of the sites need an incentive to keep doing it and the money is THE incentive. Web sites with ads are a good thing because they'll keep those sites free for everyone else, however, small sites don't have the mass of visitors required to negociate with advertisers directly. Ad servers filled that gap, dealing with a large number of sites in hand that can provide that mass of visitors for the advertiser.
The last group of the unkonwn cookies in your directory (and mine) is the most scary of all. This is the one we can call Big Brother. I know for sure that you have at least one 2o7 cookie. And the reason why I know that is because almost all the most popular sites have links to it. The owner of those cookies is a company called Omniture, probably the biggest of its kind but not the only one. Omniture is doing statistical analysis. They basically count every single time one of their links is requested and relate it to the connected cookie. Each time a link is requested, they know if you have one or more than their cookies (if not they send you one right away), what page you've just opened, the time of the request, the server who served that page, your browser brand, some of the basic options you have set and some other minor information. This information doesn't seem to be valuable at first, it doesn't include your identification and I don't think they really care about it. But if you put it togheter with all the millions of little bits of information, things looks very different. Of course, it takes talent to make out valuable data from such a huge pile of bits and Omniture seems to have it, being the most successful in its class.
Evil as it may seems, there's nothing wrong with it. Let me rephrase it, I can think thousand reasons why is wrong to do that, but not one related to the privacy of the users. The owners of the sites has the right to know at least how many times their pages are visited, they even have the right to know who is reading their pages. Some do and request you to register and ask for your name, your address, your phone number. Some even go further and request evidence of your identity to register. But it's your choice to do so. Once you voluntarily access one site, they own that bit of information about you.
On the practical side of the matter, your identity means nothing. There's no sense or need to know who you are. Statistics and statistical correlation have no meaning unless the number of events measured is huge.
Let's say that you have a die, you know that the odd of having a certain number in a throw is 1 in 6, one sixth. You assume that all of the numbers have the same probability. You throw it once and the probability of having any number is the same for the next throw. However, statistically, the number you've got on the first throw should be slightly less probable because, in the long run, all the numbers should appear about the same number of times. Sounds like a paradox but it isn't, the uniform distribution after a large number of events is a consequence of those events having the same probability. The key here is the large number of events because, as any Yahtzee player knows, rolling the same number many times in a row is possible. But if you roll the same die six thousand times, you should get each number about one thousand times. A small deviation is expected but if you get something beyond 2 or 3 percent, you better get that die checked.
Statistical analysis is based on this. Human behavoir can't be calculated in terms of probability, at least not before hand. But if you measure some event a large number of times, you can infer the probability from there.
I'll give you one example of correlation. Imagine a graph showing age of the people against a list of sites that people visited for a period of time. After you plot the first 10 points, that's what you've got, 10 points scatered across the graph. While the number increases, you can start to see trends or that there are none. A site with an even distribution of points along all the age scale, has no correlation with it meaning that age is not a factor for that particular site. If a site is more popular among people of a certain age, that part of the line have a higher density of points. And same going across the age's scale, sites more popular for each age segment have a higher density of points.
Not so many years ago, statistical correlation wasn't so popular just because it wasn't easy to get large number of measures to analyze. Of course some statistical analysis was done, but on most cases the number were not big enough to make the analysis accurate.
Internet changed that. Not only you can get millions of millions of measures, you can get millions of different events. Even more, you can link different events to the same person. It doesn't matter who he or she is, what's important is that those events are related to the same person. And, best of all, recollection of data is done automatically.

As you can see, someone's looking over your shoulder while you surf around the Internet. I think that marketing is evil, this kind of marketing is even worse than evil. But not because our personal privacy is being violated, I don't think it is, is because our collective privacy is being violated. We, as a human group, are being closely watched, scrutinized and disected. But I won't complain, I'm still feeling that we're far away from 1984.

One last comment about Omniture. If you go to 2o7.net, you'll get to a page where Omniture explain briefly the meaning of all those links you find on some other site's pointing at 2o7.net. Don't expect an apology. They do this on behalf of their customers, the web sites, so you go check the privacy policy of each of site. And they're right.
The funny thing is that they have at the end of the page a link that allows you to opt out the system. If you don't want to be watched by them you just have to click there... and get another cookie.

7/05/2006

More scammer's mail addresses

I've been neglecting those who were kicked out of their mail servers. I'm sure they'll be back soon. Meanwhile I like them to see their names listed here.

rev_will_kingsley147@yahoo.com
k_kelleysassociates@yahoo.co.uk
emma5050tg@yahoo.com
musa_ali01@latinmail.com
favormonic@yahoo.com
albert_abossi60@yahoo.com
hamar122@yahoo.com
john_imoh3@yahoo.com
barrister_dede_1@yahoo.co.uk
maryann_prety@yahoo.com
maryann_preety@yahoo.com
louisa_chris24@yahoo.co.uk
kietachedom3@yahoo.com
sussybangy_001@yahoo.com
coleken10@yahoo.com
georgekofi40@yahoo.com
justice_ng11@yahoo.com
larryobe30@yahoo.com
julien.kodila@yahoo.com
goodwave01@latinmail.com
jennifer.stephens17@yahoo.ie
brown_walter004@yahoo.co.uk
hamar122@yahoo.com
zhang_wakenge18@yahoo.co.uk
jacob_molak2006@yahoo.ca
barristeredwardjones2@yahoo.com

7/02/2006

Big Brother - Intermission

This is an article out of schedule, I had this topic in mind but for a later time. However, this issue is urgent and requires all our attention today. I'm talking about neutrality.
Neutrality is a not a concept easy to understand, mostly because there's no such thing. Neutrality means that each and every packet that goes through the net is treated equally.
The Internet doesn't have neutrality, neutrality is natural, not meant or produced by human action. The net is neutral because is doing nothing to avoid it. And the big issue now is that the ISPs want to change that, they want to change the rules and treat some packets differently.
Here's the idea. According to the ISPs the major problem with the Internet today is that no bandwidth is enough. Not so many time ago we did fine with a 14 Kbps modem, some of us started with a 300 bps modem, either way we were able to use the net with the services available at that time. Soon we moved to bigger modems, 28 Kbps, 33 Kbps, 56 Kbps. Is arguable why, was it because the technology allows us to do so? was it because the requirements of the services available grew? But the point is that going this way (according to the ISPs) no bandwidth will be enough to insure the quality of the services as their requirements keep growing. Today is not out of the question to have a 2 Mbps Internet connection in your house, think about it, is over one hundred and forty times that old 14 Kbps modem.
The solution proposed is to break the neutrality of the network and give some packets priority. This way the services that requires immediate attention will allways work and those with less urgency will be delayed. They can prove mathematically how this works and how happy we'll be with the new improved optimized Internet.
On the other side, the neutrality advocates, show a different scenario. The priority of the packets won't be determined by technical service requirements but commercial agreement. The major players of the Internet will pay for priority. This way, the X search engine pays for priority and the Y one doesn't, if you access X you'll get immediate response while if you access Y you'll have to wait. It could be a search engine, a video streaming service, an e-mail service, anything. The point is that those who can pay for priority, and are willing to do so, will have a differential treatment that makes their services more apealling to the final user. The aftermath will be that all the small players will fade and die.
You're probably wondering which side I am or thinking that you know already. Either way you're wrong, I'm about to crash both sides.
The priority advocates are using the quality of the service as base for their arguments, however, one of them was very clear when he said "Google is making a lot of money using our bandwidth". So, the quality of the service is not the main concern. They see that there are people making money, and making big money, using their infrastructure and they want a piece of the action. But they have it already, they're being paid by Google and all the other content providers, directly or indirectly, and by all of the final users, directly or indirectly. Without all those putting content available for the final users, the business of the network itself wouldn't be what it is today, wouldn't be as profitable as it is today. They just want to get more money, they're not increasing the value of the service, they're about to decrease it by limiting the access to the content.
The technical proposal they use to hide their real intentions is asinine to say the least. According to them, giving priority to packets with higer speed requirements will insure the quality of those services and keep the network less cluttered in a way that all the traffic will flow more easily. They mention among those services, the communication of emergency services, remote critical operation (like surgery), video and audio. Let´s take a look at them one by one.
I didn´t know that emergency services were using the Internet to communicate. I think is fine, as I said before, Internet is fast, easy to use and reliable. But not for emergency response. There's a lot of things they can do over the Internet like surveillance cameras, web sites for public information, email for non critical communications. For times of emergency they need real time coordinated communications, like the one they have already in radios and telephones. Even if they need networks they can use their own equipment with land lines if they're available or can be set or with wireless communication. They can use the services of the same carriers that want to prioritize the emergency traffic over the Internet, using segments of network not shared with the Internet. In brief, emergency services have their own communications and, if needed, have to develop new ones. Internet may be a non critical support service, even a backup system, but it wasn't designed for that use and shouldn't be used that way.
Same goes to the remote operation of surgical instruments. I don't know who was the genius behind this idea, the phrase he used was something like "if there's a human being in the operation table we don't want the packet that will save his life to be late". Well, I don't either, so I have a couple solutions for that. First, if you're about to do surgery in a human, try to be there. If there's no way to get there for physical reasons or your busy schedule and there's no other chance to save his life, the second solution is to get something better than the Internet. There are so many choices, including one that the same people that want to prioritize your traffic can give to you, a private network. Again, the Internet wasn't designed to do that, it's not reliable for that kind of real time critical operation.
The other services; not being so critical by itself, like video, audio and telephony; have the same problem. The conversion from a stream of analog data in real time has to be digitalized and packetized to be sent through the Internet and then reconstructed at its destination. If the packets are delayed, the quality of the service is degraded. The video freezes, the audio makes distorted sounds. But that's the way the Internet was designed, it's not reliable for streams. It's not a flaw, it's how it was created. You can't cut your steak with a fork, it's not a flaw of the fork, you need a knife. And we have just the perfect knife. If you want video in real time, easy to operate, cheap and reliable, that technology is available already. It's called TE-LE-VI-SION. If you want audio in real time, easy to operate, cheap and reliable, that technology is available already. It's called RA-DIO. And if you want telephony in real time, easy to operate, cheap and reliable, that technology is available already. It's called TE-LE-PHONE. And the beauty of all this is that all these technologies were designed specifically for that, they're not being adapted, modified or "prioritized" to deliver. They work just fine and have been doing so for many years. Since they were created they have been improved and they'll improve even more in the future. So why are we so eager to painfully transform something not fitted for a job into something able to do it. Even worse, do the maths for the final user. We'll be trading our one hundred television sets for one thousand dollar computers, our ten dollar radios too. What's the point? And don't get me wrong, I think is great to have some video, audio and telephony over the Internet. I'm happy to get so much from a network that wasn't originally designed for that. But if I want to see a movie I go to my TV set, if the movie I want is not on I go to the video club an rent it, and I can do it using the Internet which is cool. If I want to listen to the radio I turn on the radio, if I want to talk to someone I call him over the phone. And if I have the chance to talk with someone too far away using the Internet, great. It's cheaper than the phone too and it makes me so happy that I don't care if the sound is not crisp and crystal clear. It's more than enough to achive communication and that's more than I was expecting from the Internet. What about you?
At this point it seems pretty clear that I'm with the neutrality advocates, but I'm not. They want the government to regulate and insure neutrality and I don't want government regulation. The carriers own their networks and as owners they have the right to do with them whatever they want to. If they want to provide traffic prioritized by any rule they want, they're entitled to do so. It's their networks we are talking about. The rest of the world have the choice of buying service from them or not. It's that simple, any other point of view is an outrageous violation of property rights. We are used to it because our own rights are violated on a daily basis, but piling up another violation won't fix the problem. I think we have to let the carriers do what they want to do with their networks, we have to respect their rights.
There are also some technical and practical aspects that have to be taken into account. Neutrality advocates would say that my position of defending the rights of the carriers over all the rest will damage the Internet, and I agree in part. But they have to understand too that neutrality doesn't exist today and never really existed.
Every owner of a network have the ability to regulate the traffic inside it. I, for example, have full control of my network. My link with the Internet is totally under my control and I can decide how much bandwidth is available for each service or if a particular service is blocked. And I do it, for practical reasons. Services that are not authorized by the company policy are blocked, webmail pages that refresh too often are restricted in the amount of bandwidth they use, services to customers and contractors are prioritized. Your ISP probably is doing the same with a different criteria. Most likely it has a page, a main portal, with links to content, to your webmail, a search engine and advertising. They want you to use it because is the only way to make the advertising space valuable, so they privilege the traffic to and from that portal. It's not a big deal anyway, the portal is inside their network, transit time is practically null, so it will respond (it should) a lot faster that any other page from the outside. Add to that all the sites that are paying for hosting service to your ISP, they all are inside the same network and privileged by that condition over any other site from the outside. In a way, your ISP is breaking the concept of neutrality even if they don't explicitly prioritize the internal traffic. Now take the same case to a whole country. One with a decent backbone, meaning that all traffic from nodes inside the country is handled inside the country. Believe it or not most of the countries don't have such a backbone. Some countries with primitive communication infrastructure grew in satellite links, the lack of landlines made the satellites a more affordable alternative. Two ISPs there, located one next to the other, may be linked to different satellite services. Let's say a country in Africa with a link to a satellite over the Atlantic with land station in the USA and the other to a satellite on the west with land station in Israel. One packet sent across the street will tour around the world. Going back to the country with a decent backbone, all the sites inside that country will be more accesible than the foreign ones.
And that's just the technical problem related to the nature of the network, its structure. To that we have to add the difference in bandwidth and processing power between sites. Let's say that you try to set your own search engine in your computer using your 1 Mb Internet connection. You may have the best one, be better than Google, and yet fade and die strangled by your resource limitation. It would take you a million years to visit all the sites in the web, even more time to analyze and store the relevant information for the searchs, you wouldn't have enough space to store it no matter what kind of compression you use plus all the time and overhead processing required to do that. Add to that the main purpose of the site itself, serve customers with information. It's obvious that you won't be able to do it while gathering information but, even not doing it, your capacity would be limited to a few hundreds.
Neutrality is broken by the difference in resources between sites. Sites with more processing power, more bandwidth are able to serve more customers faster and with better services. And that's being paid by the sites, they pay the carriers and the ISPs for the privilege of more resources. The bigger the business is, the more need for resources it has, the more chances to grow, hence it will invest even more. Neutrality doesn't exist today, those who can pay more are doing it, they're getting more service for the money they are paying and using that to give more service to the final users.
Finally, how are they going to make prioritization to work? I don't want to go all the way back to the very basics of networking. Let's go back to the city analogy. Today the postmen do their rounds at their own pace picking up as many packets as they can and delivering evry time they pass the corresponding door or intersection. If their storage space is full, the packets that can't be picked up have to wait untill the next round, every door or intersection has a queue where the packets are stored for the postman in a certain order. That order is by default the time of arrival, the queue is serviced first in - first out. The methods used to prioritize traffic on a network are basically two. One would be an extra postman dedicated to priority traffic, most likely a faster and bigger one, able to do its round in less time and to carry more packets at once. To do that, the queues at every exchange point are doubled, one for each postmen. The other method is use the same postman but specially trained to be picky about the packets. This postman has to decide at each point which packets pick up first, he can't just take from the top of the pile. He has to go through the queue and pick the priority packets first and then the rest. Also, he can have a separated storage space that's reserved only for priority traffic. If that space is full, he can keep picking up priority traffic using the general storage but never use the reserved space for general traffic. This is way there's a minimum bandwidth allways available for priority traffic no matter how bad is the traffic condition.
It seems simple but is not. It works fine for a simple network but the Internet is not. As we saw before, Internet is a huge group of networks interconnected, every one with its own rules and management. As long as they agree in the protocol used to exchange packets (IP Internet Protocol) they can do whatever they want with their own internal network. I do set priority traffic inside my network, I have the means to move certain packets with a minimum of bandwidth guaranteed. But at the point where my ISP is picking up my packets it doesn't matter if I set many queues, my ISP is servicing me with only one postman. I can make an agreement with them to have an extra postman, but that would work up to the point where my ISP network has to exchange those packets with someone else. This kind of agreement with ISPs is very common like in my case. Let's say that I have a branch of my company in a place to far away to do my own network but with access to an access point of my own ISP. Being an extension of my own office I'd like to have that traffic prioritized over our traffic with the rest of the world. My ISP can do that inside its network just setting the configuration of its own postmen. Any other case involving a third network would require another agreement.
Suppose that for some reason you want to have priority traffic with certain site located at the other side of the world. You won't find a route from you to that site with less than three different owned networks, in fact you'll go through many more but for the sake of this specific problem we can assume that interconected networks of the same owner can handle priority traffic as if it were only one network. And I said three because is a theoretical minimum for almost every case around the Internet, your ISP, a carrier and the ISP of the destination site. Big sites are usually closer to the backbones in terms of hops (number of times a packet has to be relayed from network to network) because they're serviced by the carriers directly. These sites are the main target of this new idea because they're the ones who can afford to pay for priority and get some advantage from it. If one big carrier gives priority to site A, every ISP connected to that particular carrier would be receiving site A's traffic on top of their queues regardless of the policy they have in their own networks. Even other carriers around the world would get site A's traffic on top. But that's it, from there on, site A's is handled as any other traffic. As you can see, only one network giving prioority traffic is not a huge advantage.
If several carriers agree in giving priority to certain packets, the scenario changes just because of the extension of the service. More exchange points will see site A's traffic on top of their queues. The problem here is who's selling priority and how are they sharing the business. In my opinion, if it gets implemented sometime in the future, the system won't go much beyond the United States and its satellites. The number of big carriers in there is limited and, if they get gubernamental support, it's easy to reach an agreement. But once they have to deal with carriers outside of that circle things start to get more complicated. The big players of Internet service are in the USA mostly, Google, Yahoo, Microsoft. They're the ones who would pay for priority. The carriers outside the USA would find themselves giving a valuable service to those sites and nobody to bill for it. I don't think this would make the priority system fail, just keep it contained inside the USA. Because most of the final users that would be benefited (or punished) by priority are in the USA. Plus, the regulations of the USA government won't make much difference outside of it.
One last point to think about is how are the sites reacting to this. I can imagine some jumping into the priority wagon without even thinking. But is this such a good idea?
Let's take a lok at it from the final user perspective. Let's say that site A wants to improve its service trying to compete with site B. Site B is more popular, has a bigger share of the traffic, has been chosen by the final users by its content, its quality of service. Now with site A being prioritized, packets to and from it goes faster. Site B is still working fine but its packets enqueued behind site A's packets. How much difference would it make? If site B is so popular over A we can expect to have only a few A packets and a lot of B packets. In average the delay generated by those few packets will be hardly noticed. Priority of traffic won't make a quality difference between competing sites. Final users are choosing based on suitability of the service they get from one site or the other. Google is the most popular search engine not because is the faster, it's because people find stuff using it. Once you see it works, that you get what you were looking for, you go over and over to get what you need. If it fails you go somewhere else. Sites with other type of content work the same way, would you read a lousy writer just because its book is available faster? or you'll go to read what you want? do you pick a movie because is just about to start? or you wait for the one you want?
To make a real difference of service through priority traffic, two sites have to be of the same service, same popularity, same content, I'd say almost identical. So site A pays to get an edge over B, what if site B decides to sign in for priority too? And once one of them or both pay for priority, how are they going to measure that they're getting it?
Of course, if the priority system is established, sites like Microsoft's will sign for it. This is seen by most people as corporative stupidity but it isn't. If you're a small site, you have to evaluate the possible consequences of paying for priority before signing in. And you have to establish a way to measure the result. That's basic management. Microsoft and other big corporation, on the other hand, can waste huge amounts of money in order to stay on top. They won't risk the chance of falling behind, it's more affordable and eficient for them to pay before and analyze later. You can say whatever you want about that policy but the truth is that Microsoft has been the leader in the market of operating systems and productivity tools for decades. But for those who have to evaluate results and get a positive result, paying for priority will be dissapointing. At least that's my view.
As a conclusion, I don't aprove gubernamental intervention or regulation. If the carriers want to establish a priority system and charge for it, they're entitled to do so. If sites want to pay for priority they're entitled to do so. In my opinion, the system won't work because is not the solution for something that's not really a problem.