One of the things I love about Facebook is that I don’t get any spam through the system. Sure, I get some friend requests from people I don’t really know and periodically get asked if I want to become a Zombie or a pirate.
I was quite surprised to get a friends request from “Sun Startup Essentials,” a fictitious profile setup to promote Sun.
Clicking on Sun’s name leads to a profile page touting free software and discounted hardware:
It doesn’t seem to be a VAR looking to drive traffic. At the same time, I find it hard to believe that Sun would do something so stupid. But the fake account is in Sun’s Facebook network.
Email. I use it everyday and I mostly hate it. We’re stuck with a system that was designed decades ago in the kumbaya days of the Internet when most people who were connected to the Internet meant well and getting an email was exciting. In several ways, email today is worse than even postal mail. It’s less secure. You get more junk mail (there’s little economic disincentive to spam).
Because email is processed by computer, your email application could do a lot of things for you automatically. Most of the email I get is computer generated:
- Travel reservations, including flight, hotel and cars.
- Payment reminders from your banks and credit card companies.
- E-commerce order receipts and shipping confirmations.
- Account registration confirmations.
All of this information arrives in your mailbox without context, making it difficult to sort through it. Need to find a travel reservation later? I searched on “united airlines” in my mailbox and got hundreds of results, including frequent flier statements, e-check in reminders, weekly promotional emails. Even searching on “united itinerary” brought up 60+ emails since the beginning of the year. (Most of which weren’t either United or itineraries.)
I try to add some context to messages when they come in through a series of filters. These include cryptic rules like IF SENDER = “UNITED- CONFIRMATION @ UNITED.COM” then add labels “Travel” and “Receipts”. I’ve created more than 40 of these rules.
Most people, of course, won’t do this. Nor should they have to. United should be able to differentiate among itineraries, frequent flier statements, promotions and other mail in machine readable form. Whether you want to call them tags, labels or something else, email should support this kind of context.
I’ve written before about email and calendar data. With this type of context, your email application could keep the most relevant information top of mind. Upcoming trips could be separated automatically from past itinieraries. Sale emails from retailers could be sorted into “ongoing”, “expiring soon” and “expired”.
It’s time to turn the daily fight with spam on its head. Mail services should try to identify the mail I should pay attention to, instead of trying to just identify the junk.
One way to do this is to implement picture e-mail ID. When you log into your email, you’d see a strip of pictures of people you know who have sent you new mail.
On my cell phone, I have pictures associated with my most frequent contacts. A friend once asked me, “Why do you bother with pictures of your friends on your phone? Do you need help remembering what we look like?”
The answer is that people process pictures much faster than text. It takes me less time to determine who is calling from a picture than from just the name. Reading my newsfeeds, it’s very quick to get through Engadget – I can get the gist of a post and make a read/no read decision based on the picture.
Gmail has picture support built in to its Contacts, but you can see the pictures only by clicking on a contact record or rolling over the name. This is useful in case I forget what someone looks like, but it doesn’t help in filtering or prioritizing which messages I should read.
Buddy icons could be used in place of pictures. AOL’s new Cayman email beta uses people’s buddy icons, in a similar way to Gmail. If you rollover a name in the contact list, it will show the buddy icon. The buddy icon is also shown at the top of a message once you click on it. Again, this isn’t helpful in choosing what I want to read.
More on: aol, email, google, spam
I got an unpleasant surprise today – an avalanche of spam in 90 minutes. And technically, I was the one sending it. Or at least that’s what the mailservers thought.
Our current email system was created in a time when there was a lot of trust — if you sent an email saying you were Rocky Agrawal, the other computers assumed you were. They still do. You can be anyone @ mydomain, just by claiming that you are. And that’s exactly what spammers are doing. They’re sending messages claiming to be from Paula547@ Tarnowski@ etc.
Those messages made their way across the Internet to mailboxes that have been deleted, never existed, or were full. Beginning at 2:24, my mailbox filled with a torrent of bounced mail notices, vacation replies and mailbox full notices.
And there’s pretty much nothing I can do about it.
There is at least one initiative that would help end this scourge, but it has seen little adoption. The Sender Policy Framework allows domain owners to specify which mail servers are authorized to send messages for a given domain. I have my SPF record set to allow only gmail.com to send messages on my behalf. If a mail server checks the incoming message against the SPF record, it knows that the message is forged. It should also know not to respond to the message. Unfortunately, many mail servers don’t bother to do this check. A few did the check and then sent me messages saying that the message (which I didn’t send) failed the SPF check. Gee, thanks.
One of the key ways I get around the spam scourge is to use a separate email address for close friends, family and important business contacts. I don’t use this address for anything else. As a result, the people closest to me don’t have to worry about their messages getting caught in spam filters and I can easily zero in on the most important messages.
I’ve started getting spam to this address. It’s a complex address, so it’s not really prone to dictionary attacks. As far as I can tell, someone entered my address on a third-party site.
A lot of sites are pushing users to email a link or to invite their friends as part of the sign up process. Some even go so far as to offer to import your address book from Outlook, Gmail or AOL.
Please just say no. When you’re signing up for a service, you often have very little information about how that site will use the data. If you want me to read a story or sign up for something, just shoot me an email or IM the old-fashioned way.
You wouldn’t write your friend’s email address on a bathroom wall, would you? Giving it to a Web site operator is even worse. You don’t know where that address will end up.
During the last two weeks, I spent much of my time in focus groups on search. While I can’t talk about the concepts we were testing, one thing that struck me was the degree to which people viewed all of the concepts through fear of being spammed and scammed.
- Will people be able to use this technology to take over my machine?
- Will I get a virus?
- Will I get spammed?
- Will this cause popups?
- How will advertisers use this to hijack me from what I really want to do?
Although reaction to the concepts varied by demographic, the fears were universal.
Of course, we’ve designed the new concepts to proactively address spams and scams. But many of the industry-standard practices for eliminating spams and scams have the unfortunate effect of increasing the barriers to adoption.
Take digg as an example. The people with the greatest economic incentive to post stories on digg are spammers. To thwart spammers, digg has implemented security mechanisms such as CAPTCHAs. As the spammers and scammers get better defeating CAPTCHAs, the CAPTCHAs get harder. (On the CAPTCHA at right, my success rate is 1 in 3.)
These types of security measures increase the burden of submitting to digg to the degree that only the most motivated people bother to do it. On a given day, I will read 6-12 stories that I consider digg-worthy, but it’s just too much trouble to digg them.
When I check my email, I scan the list of new messages for names of people I know.
This is something that machines can do much faster and better. With the volume of spam and bulk mail these days, some of the vast effort spent on reducing spam should be spent on showing users the good stuff.
You can do this the hard way today with many mail services by creating filters for each person you want to highlight (or move to a different folder). This is usually a multi-step process; few people will create and update these filters.
There’s a simple, high value way to accomplish this: Check the messages against the email addresses the user has sent email to and the user’s address book, then highlight the ones that match.
If the user has categorized the address book, you could also color code the highlighting to indicate whether the message is from friends, family, co-workers, etc.
