I’ve finally seen it: the Ultimate Spam-Filter Avoidance Technique. Today, I got a message in my in-box, big as life, amd it wasn’t even marked as spam. It read:
yx
gb dy lz onfy je zhmd dw
wk ou jsiudj ecyi hs kp sqwf
fq qv hxmu kn xc wm
jk jl eb ethz hjlgt hwpn hrmi ptll fx lw dk
bk df rl kh qp bl xby fg nxye ig ud mv
gdxn rs rtmjm ci ip rs objfx opzoq yeov oi vh gu
ltmo co ur by kv he ch qx ic hspf fv gi mh
wc cb ep sw lr rz cd yl sp hxyjxz hf wd qq
ei oc mcnwk wdziz le jmkpx gjko bx mn ehqupf dd
df xb
emzzi
Now, don’t get me wrong, but…if your eyes can see what I can see, you probably already understand the problem. Spam filters are designed to search through text looking for key words – like viagra, porn and big financial deals – and shuffle the messages off into oblivion. And, if you look real closely, there’s plenty of text there–lots of it, in fact–all random letters layed out in a nice formatted grid courtessy of “Courier New,” Microsoft’s default Monospaced font.
But what the span filter WON’T see is what your eyes tell you: that this is a sales pitch for that miracle drug that lets men function even when older, failing hardware won’t let them. And this, of course, is just the start. I dropped the part that encoded their website address in the same fashion, as well as the snippet from some story or blog post entry that followed it (in a normal font and text size, of course) in order to fool the filter into thinking this was real.
Now, I should tell you, I filter my own spam. Yes, I have filters on my server(s) mark the spam, but before I get rid of the crap, I like to check it. It wasn’t from someone I knew, but that wouldn’t have mattered. I often get messages from people I meet online, or from friends who’ve changed internet providers and so on. Also, I can generally tell the ones from scammers in South Africa who claim to be needing to use my American bank account(s) to transfer $50,000 to €50 Million out of some defunct corrupt official’s accaounts. Those people just want an account number so that they can rob my US checking account. I just forwarded three of those to SPAM@UCE.GOV, the Federal Trade Commission‘s Span Reporting address.
But this … this has to go. I mean, it’s cool and all … As a geek, I get to point and laugh about how the creative Human Mind can overcome “this Technological Terror they’ve constructed” – one more bit of proof that the computer, while logical and fast, will NEVER be crazier (or better) than us.
But why does it always have to be spammers that figure this stuff out?
bgjy jh lz rc qs
wk ou js dj ekox
fq hx knthwp smrn
jk ebthz hj lg okbq
jk rl kh qp bl wf
dx rs jm ci ip pl
mo co by kv he gc
zf wc cb sw lr rz
sgul bw we op mzz un
SASS has Spoken.
