Want more advice for locking down your network? Stay on top of the latest security issues and industry trends by automatically signing up for our free Internet Security Focus newsletter, delivered each Monday!

On April 12, 1994, spam
first entered the Internet world in the form of an unsolicited
Usenet advertisement, sometimes referred to as the “green card
lottery” posting. The day this infamous message began making its
rounds, I knew that the era of commercial-free communication on the
Net had ended. Over the next decade, unsolicited e-mail would
flourish into a lucrative underground industry, helping to create a
global cesspool of electronic junk.

Ask any group of computer users how they feel
about junk e-mail, and the vast majority of responses will surely
be negative. But ask that same group of people how they think we
can stop junk e-mail, and few, if any, will be able to offer a
feasible solution.

Literally dozens of methods exist for fighting
unsolicited e-mail, but none are completely effective. The key is
to stop spam at the source.

A Virginia
court recently sentenced one junk e-mailer to a nine-year
prison term for violating a state law about e-mail marketing. While
this certainly stops one spammer at the source, it’s merely the tip
of the iceberg. Thousands of junk e-mailers are still out
there.

Lycos Europe thinks it has a better solution.
Last week, the company announced the release of a screensaver
specifically designed to disrupt known sources of junk e-mail by
bombarding the Web sites advertised by the spam messages. (Lycos
Europe is a separate company from the U.S. Lycos Web portal.)

Dubbed the “Make love not spam” effort, each
screensaver installation repeatedly requests data from a targeted
Web site. Lycos Europe asserts that the requests won’t impact the
bandwidth of individual users, but the combination of many users’
screensavers performing the same requests at the same time is what
wreaks the damage, which can cause something similar to a targeted
distributed denial-of-service (DDoS) attack.

Within days of the screensaver’s release, early
reports showed that the “Make love not spam” campaign succeeded in
causing significant disruption of specific networks known to be the
source of junk e-mail and took two
Web sites hosted in China offline.

But before you begin cheering the death of
spam, keep in mind that, like that fateful day in 1994, we’re again
entering a new era–and perhaps crossing a line that we shouldn’t
cross. Distributed denial of service is the Internet equivalent to
a weapon of mass destruction, and vigilante justice is never the
best solution, regardless of whether it stops unwanted, illegal
activity.

The Web portal has countered that carrying out
DDoS attacks is not one of its intentions, nor is taking Web sites
offline. It claims it only wants to slow the bandwidth of these
sites, hurting them economically, which in turn makes sending
unsolicited e-mail less lucrative.

But shortly after the official launch of the
screensaver campaign, the distribution site for the screensaver met
with a fate similar to the Web sites hosted in China. As of this
writing, Lycos Europe has switched to a new IP address, and the
site currently asks visitors to “Stay Tuned.”

Lycos Europe may think it’s on the right track
to ending unsolicited e-mail, but I strongly disagree. In my
opinion, “fighting fire with fire” will accomplish nothing more
than to escalate hostilities. Make no mistake: Spammers will continue
to retaliate.