Sorin Mustaca reports on the 7th German Anti Spam Summit.
Copyright © 2009 Virus Bulletin
The 7th German Anti Spam Summit, hosted by the eco organization (http://www.eco.de/veranstaltungen/ 7dask.htm), took place last month at the beautiful Biebrich castle in Wiesbaden, Germany.
The theme of this year’s summit was ‘Spam – advertising and compromising (unsolicited emails as cause and effect of botnets)’. Despite the fact that most of the participants were German, the official language of the summit was English. In general, the event was angled towards those in technical and legal management. A stream of presentations ran alongside a series of sponsor workshops.
On the first day, the presentation stream was split into two parts: one dedicated to the role of registries and registrars and the second to digital brand management.
The speakers in the first part were representatives of the .INFO and .ORG registries and the Austrian and German ccTLDs. The content of their presentations could be summed up by a single sentence: ‘The registries are not allowed to interfere with the registrars’. I must confess that these presentations left me with a bitter taste in my mouth. It confirmed why we see so many fake domains being registered with the sort of names that even a non tech-savvy user would recognize as suspicious. While on the one hand attempting to hunt down online fraudsters, the authorities are blocking the very organizations which could enforce some guidelines in this field. I appreciated the fact that the speakers were very honest and open to discussion and suggestions. However, all my ideas for slowing down or preventing the fake domains from being registered proved unrealistic due to the same legal issues which force the registries to step aside.
The presentations on digital brand management covered standards related to online security, domain name and trademark misuse, domain monitoring and reputation management (checking where and how your brand and domain name are used).
A podium discussion attempted to determine what registries and registrars should do in the future, but failed to reach any real conclusions.
The second day of the conference was a lot busier and more interesting than the first – there were around 150 delegates in attendance.
The day started with some warm-up speeches from the German authorities from Hessen-IT (the region in which the conference took place) and from the BSI (the Federal Office for Information Security). The highlight of the day was a presentation by two students from the University of Bonn who took the Conficker worm apart and suggested a smart way to immunize computers by fighting the worm with its own weapons. Whether or not this is ethical was not addressed and remains to be decided.
A very interesting presentation, for which the press was requested to leave the room, was about abuse and fraud management at the ISP 1and1 (www.1und1.de). It was nice to see a big ISP caring about what its customers are doing to the Internet for a change, rather than merely the other way around.
The other presentations discussed how to cooperate in combating spam, how different European countries combat spam (and fail to do so), and discussed SURBL.
The last day of the conference was reserved for a workshop run by the same students that took Conficker apart. They presented different techniques to fight and eventually control complex botnets, as well as showing how to get more information from honeypots.
I was pleasantly surprised to see delegates at this event from the major ISPs in Germany (although unfortunately I didn’t see anybody from T-Online, the biggest ISP in Germany) – which suggests that, at least in Germany, security on the Internet is an issue that is being taken seriously.
I also noticed that a couple of European email marketing companies were present at the event. I have to admit that I consider their activity to be one of the main reasons why spam is so hard to catch nowadays. I asked two of the representatives why they were attending. The answer? They were trying to learn how to send ‘cleaner’ emails. Applause, please.
The opinions expressed in this report are those of the author and do not represent those of the author’s employer or of Virus Bulletin.