One of the things that I deal with everyday is email. In my email, I see maybe a hundred or so junk messages know as spam. A few years ago, I gave up reviewing the Junk Mail folder entirely. I close my eyes and pitch. That means that if I know you, you are white-listed so that I receive your email for sure. If I don't know you, there is a strong possibility that your message will be heading to the great bit bucket in the sky without me ever reading it.
It isn't easy to let go that first time, but it is an awful lot like something my wife's grandmother has said. She always told us that she would never buy a gun, because she was afraid that shooting people would be a lot like getting the dead fish out of her aquarium. The first time you lose a fish, there is that "Awww, what a shame." You probably have a little funeral over the toilet before flushing the little buggar down the drain. The next one is, how do you say, "Not so hard." And so on; and so on. I think you get the idea.
Since I have never killed anyone (I've pwned a few, but that doesn't count!), I take that rather strange advice from our elders and apply it to email. If I were to read those 100+ emails per day, I would waste hours. Well, I typically work an 8 hour day, so that doesn't really leave a lot of time for junk mail sorting. Instead, I spend about 20 seconds managing junk mail.
That is easy to do, but what if the junk mail message were a junk voice mail? What do I do now? My voice mail only has one folder currently. I only get a handful of messages per week. I can only process one voice mail at a time. What would I do if I came to work and received 100 voice mails per day that were junk? Well, that is the subject of much debate and study, especially since many VoIP phone systems are starting to embrace the internet model of open connectivity.
SPIT, or Spam over Internet Telephony, is not yet out of control, but think about the possibilities of making millions of "free" calls that only require an internet connection to place. In the old Phone Company model, the PSTN or Public Switched Telephone Network, security doesn't really exist, but it costs money for each phone call that a spammer would want to make. That is why email is so appealing. That company could mail you an envelope with a bunch of junk offers, but that costs significantly more money to do.
I have recently read an interesting paper by some researchers at the College of Computing at Georgia Tech that explains one possible server side method for helping to prevent SPIT from getting out of hand. The method is called CallRank, and it relies upon Social Networks in VoIP networks. There are numerous algorithms that work with the Social Network (SN) data and compare that to the duration of telephone calls as well as a global reputation of a caller. If the credential check fails, so does the call before the phone can even ring. Like most security procedures, CallRank is not perfect. It is intended to be used as one layer of protection.
What do you think? Should we risk SPIT in favor of enhancing the voice and video communications here at Penn State, or should we continue with a lesser set of features in our walled garden? Personally, I vote for more functionality.
Leave a comment