Apple wants to stop, track down spammers with automated disposable email addresses

124»

Comments

  • Reply 61 of 69
    It's not a new idea. 15 years ago, those of us with our own domain names would use a wildcard alias to generate unique addresses for everyone and filter them through Procmail on the mail server. And you can do this now with GMail. Add a string to your username with a . It only works because nobody does it, so spam software probably won't strip the string off.
  • Reply 62 of 69
    MarvinMarvin Posts: 14,214moderator
    johnh wrote: »
    It's not a new idea. you can do this now with GMail. Add a string to your username with a . It only works because nobody does it, so spam software probably won't strip the string off.

    It would be funny if it wasn't so annoying. A Windows user, clearly not reading the patent, signing up to an Apple forum to express an objection, even waited 2 years for the right moment.

    The patent mentions systems that append characters to the left side of a standard standard email address. Some services don't allow you to use characters like + in the email address so the system breaks down. Even with systems that allow the addresses, they can strip off the characters and get your actual email.

    Here's a recent patent by Samsung ( found via http://www.latestpatents.com/samsung-patent-applications-published-on-13-february-2014/ ):

    http://appft1.uspto.gov/netacgi/nph-Parser?p=1&u=/netahtml/PTO/search-bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=20140047474.PGNR.

    "IMAGE PROCESSING APPARATUS AND CONTROL METHOD THEREOF

    a set-top box belongs to this kind of image processing apparatus. The image processing apparatus which includes the display panel displays an image on its display panel, based on the processed image signal. An example of this kind of image processing apparatus is a TV or a monitor.

    Even if image processing apparatuses are identical models, the environment in which users use the image processing apparatuses is different."

    I won't bothering reading the rest of it but I will say this: OMG, Samsung's trying to patent the set-top box. Obvious! Prior art! It's just a rectangle. They're trying to avoid competition with patents - they should innovate, not litigate. Wait, I have to sign up to an Android or Windows forum first and tell them this.
  • Reply 63 of 69
    Quote:

    Originally Posted by Marvin View Post



    I won't bothering reading the rest of it but I will say this: OMG, Samsung's trying to patent the set-top box. Obvious! Prior art! It's just a rectangle. They're trying to avoid competition with patents - they should innovate, not litigate. Wait, I have to sign up to an Android or Windows forum first and tell them this.

    Don't worry, some Android users like me are anti patents pretty much in general :-)

     

    I can't stand the idea of state enforced monopolies on ideas granted to some of the biggest companies in the world. Patents only make sense to me when it's a tiny company vs a huge company and that's almost never the case.

  • Reply 64 of 69
    Quote:



    Originally Posted by Marvin View Post



    It would be funny if it wasn't so annoying. A Windows user, clearly not reading the patent, signing up to an Apple forum to express an objection, even waited 2 years for the right moment.

    I don't think that Procmail runs on Windows.  It does on OS X, though.

     

    I am not at all objecting.  I think it's a great idea, and I think it would be good for Apple to have the patent.  I was just saying that the practice has been around a long time, not that it invalidates the patent.  Apple's patent seems to be much improved over the manual methods and simple scripts used since the 90s.  The original article, itself, says that people are already doing this; I was just saying that it started a long time ago, rather than something recent, although nobody has successfully developed it as an integrated system for widespread commercial application, AFAIK.

     

    Your ability to quote out of context rivals that of creationists.  Yes, leave out the mention of Procmail so I look like a stupid Windows user.  Actually, I mentioned GMail with my tongue in my cheek as an afterthought to my main point, which you conveniently deleted, connecting one statement to another without the part in between, and I was hardly implying that the GMail solution is a good as Apple's.  If it was, then everyone would already be using it, but as I said before, they don't, with good reason.  As I said, and you repeated, spammers can simply strip the extra string off, for one thing.

  • Reply 65 of 69
    MarvinMarvin Posts: 14,214moderator
    Don't worry, some Android users like me are anti patents pretty much in general :-)

    That's what they all say but naturally this site discusses Apple patents so that's the ones we always hear the criticism of. When it comes round to one of Google's or Samsung's patents being invalidated, the people who complain about Apple's ones usually change their view on patents.
    johnh wrote:
    I was just saying that the practice has been around a long time, not that it invalidates the patent.

    Your mention that it's not a new idea implies the patent is worthless. Unless it's new, it's not patentable. The idea being the details provided and not the concept. People object to the originality of the general concept but that's rarely what the patent claims.
    johnh wrote:
    I mentioned GMail with my tongue in my cheek as an afterthought to my main point, which you conveniently deleted, connecting one statement to another without the part in between, and I was hardly implying that the GMail solution is a good as Apple's.

    I see, your reference about GMail was to Procmail, not the patent directly. It sounded like you were suggesting the same about both i.e it's not new, Procmail did it 15 years ago, now GMail does it. Omitting the Procmail part doesn't seem to change the overall statement that it's not new.

    Now this guy here says he implements a system already:
    dskoll wrote:
    Amusingly, I used the Locked Addresses feature to sign up to Apple Insider. If they sell my email address, I'll know about it!

    That is pretty funny. If Apple's system doesn't do any more than this then the patent likely won't hold up. But Apple doesn't always use patents as an offensive measure either, that's another assumption. They use them in defense of patent trolls. Google's dealing with one right now:

    http://arstechnica.com/tech-policy/2014/01/court-orders-google-to-pay-1-36-of-adwords-revenue-for-infringing-patents/

    That's why big companies patent as much as they can get away with. If they don't then you get greedy non-practising entities that do patent them and they wait until someone else builds the infrastructure to make money and they steal a cut while contributing nothing. The more that Apple and Google have run-ins with patent trolls, the more they've ramped up their purchasing and filing of patents. Who knows where it's going to end. There needs to be protection for both big companies from NPEs and protection for small companies who do have genuinely original ideas from big companies that use it without rewarding them.

    If they all expire within a certain timeframe then big companies like Samsung could outlast smaller ones:

    http://www.theguardian.com/technology/2014/feb/17/samsung-dyson-vacuum-cleaner-patent-copyright

    If they don't exist at all then a first product taken to market can be easily replicated by a big company.
  • Reply 66 of 69
    rcfarcfa Posts: 762member
    Quote:
    Originally Posted by ahmlco View Post

     

    Phil, it's not a true alias in the tradition sense of the word. You create the "alias" on the fly and you can have as many of them as you wish.

     

    Google will ignore anything after the plus and before the at sign, so you can make up anything you want when you're entering an email on a site. 

     

    [email protected]

    [email protected]

    [email protected]

    [email protected]

    [email protected]


     

    I do something similar. Of course, sophisticared spammers could remove the +keyword part from the [email protected] format address, but since few people do this, it works rather well.

    Of course, one could start using encrypted front-parts for e-mail addresses, so only the mail server could then transform upon receipt something like [email protected] back into [email protected]

    The beauty of the [email protected] system is, that it also allows for server side sorting of e-mail into corresponding IMAP folders, if the server is set up to do so.

    The real problem is however, that too many sites use brain-dead input field verification and thus reject [email protected] as an invalid e-mail format. Worse, sometimes you sign up on a site with such an e-mail, and then they redo the site and you can't log in anymore because it's an "invalid" e-mail, often to the point where you can't even turn off receiving mail from them, because to do so you'd have to log in, which you can't do, because the system now rejects that e-mail address format.

     

    Ideally, something like an integration with the keychain would allow the user to store a mail server's public key, which would then be used in conjunction with data detectors and autofill to encrypt the user+keyword part and generate the e-mail address to be filled into the form by the autofill. The mail server, knowing it's private key, would then decrypt the address upon receipt of the e-mail and deliver the message to the proper user, showing both original and decrypted receipient e-mails.

     

    As an additional side effect: all the sites that use e-mail addresses as user names would become more secure, because without compromising the mail server's private and public keys it would be rather difficult to guess the identity of users from their log-in credentials alone.

     

    For this to work well, however, one needs an integrated system like OS X + Server or OS X + iCloud offers. Because the mail server needs to be aware, the system and user need to be able to exchange/sety up encryption keys when e-mail accounts are set up or edited, and the web browser/autofill/keychain system need to be in on it, too, for it to be painless and automatic.

  • Reply 67 of 69
    rcfa wrote: »

    For this to work well, however, one needs an integrated system like OS X + Server or OS X + iCloud offers. Because the mail server needs to be aware, the system and user need to be able to exchange/sety up encryption keys when e-mail accounts are set up or edited, and the web browser/autofill/keychain system need to be in on it, too, for it to be painless and automatic.

    Great Post! That's all that needs to be said about the technology and the Apple patent and why it is DIFFERENT than what the technically inclined and able amoung us have been doingin the past.

    If and when Apple decides to impliment the Patent and use it, rest assured it will have an easy to use GUI to the complicated backend... and every-day people will actually use it.

    That's the Apple difference in a nut-shell since it's inception: every-day users making use of complicated computer technology, seemlessly and magically, without having the slightest idea of how it works... "It Just Works"....:smokey:
  • Reply 68 of 69
    MarvinMarvin Posts: 14,214moderator
    rcfa wrote: »

    For this to work well, however, one needs an integrated system like OS X + Server or OS X + iCloud offers. Because the mail server needs to be aware, the system and user need to be able to exchange/sety up encryption keys when e-mail accounts are set up or edited, and the web browser/autofill/keychain system need to be in on it, too, for it to be painless and automatic.

    Great Post! That's all that needs to be said about the technology and the Apple patent and why it is DIFFERENT than what the technically inclined and able amoung us have been doingin the past.

    If and when Apple decides to impliment the Patent and use it, rest assured it will have an easy to use GUI to the complicated backend... and every-day people will actually use it.

    A lot of solutions are intended to deal with incoming mail. So for example, generating an address that you give to a provider and it only allows mail to come from that one source. But say it's Paypal and they need you to contact them from the address, you need to have your SMTP server authenticate it correctly. Apple's method is intended to work in both directions transparently mapping the disposable address with the non-disposable one.

    The UI described would be in something like Apple Mail.

    - When you are about to signup to a service, you'd go into Mail or perhaps it can be in Safari too and click a button to request a disposable address with expiry options and domain details
    - you would then get an email address to use and enter it into the signup box, this can be one button next to an email field in Safari or in a right-click menu
    - the service now only has the disposable address
    - incoming mail will reach the server and be sent to your normal email inbox as though it was sent to your actual email address or discarded if it was spam
    - outgoing mail / replies can be sent from your normal email account because when the server knows that your from address is the disposable one, it can translate it automatically on the server to hide your actual address, saving you logging into a disposable account in order to send mail

    As long as it can generate short addresses, it could also be used in situations where you give an email address in writing in a store or bank or over the phone. It suggested the possibility of using a different person's name but that might look a bit suspicious in real world scenarios and it contributes to a shortage of available real name email addresses at large email services.
  • Reply 69 of 69
    gtrgtr Posts: 3,231member
    Quote:

    Originally Posted by Tallest Skil View Post

     

     

    Oh, no. You don’t understand. It’s not us… it’s Apple. Apple is doing this to get back in bed (so to speak) with the spambots! I have proof! Look at the mailing address! 

     


     

    LOL

     

    "I'm not interested in becoming a real man"

     

    Damn.

     

    They got me again.

Sign In or Register to comment.