[R] UNSOLITED E_MAILS: Integrate R data-analysis projects wi

Doran, Harold HDoran at air.org
Tue Mar 18 15:52:26 CET 2008 

I think on the python list, when you review the archives, the poster
address is viewed like a CAPTCHA. So, it makes it slightly more
difficult (though not impossible) to pullout poster emails addresses and
replace john.doe at domainname.com  



> -----Original Message-----
> From: dmbates at gmail.com [mailto:dmbates at gmail.com] On Behalf 
> Of Douglas Bates
> Sent: Tuesday, March 18, 2008 8:39 AM
> To: Doran, Harold
> Cc: ted.harding at manchester.ac.uk; Gorden T Jemwa; r-help at r-project.org
> Subject: Re: [R] UNSOLITED E_MAILS: Integrate R data-analysis 
> projects wi
> 
> Usually a captcha is used to prevent creation of email 
> accounts for use by spammers.  (There was an interesting 
> article recently on whether the Gmail captcha scheme had been 
> broken so that spammers could create masses of gmail 
> accounts.  The general conclusion is that the capcha scheme 
> is intact but spammers hire people in low-wage countries to 
> manually respond to the captcha challenge.)
> 
> What Ted has suggested and what I am confident is the case is 
> that email addresses of posters were obtained from list 
> archives or something like that.  I know for a fact that the 
> R Foundation is not selling any email lists. The idea that R 
> Core has engaged in a nefarious money-making scheme of 
> spending more than a decade developing high-quality open 
> source software, providing support, enhancements, 
> conferences, email lists, etc. so they could "cash out"
> by selling a mailing list for a modest amount of money seems, 
> well, unlikely.
> 
> If email addresses are being extracted from the archives then 
> the only place a captcha would help is when viewing the 
> archives.  Requiring everyone to submit the solution to a 
> captcha before retrieving a message from the archives would 
> be tedious and make the archives essentially useless.  
> Besides, all that is required is for one person to 
> legitimately subscribe to the lists and run their own filters 
> on the incoming email to extract the addresses of posters.  
> My guess is that Ben Hinchliffe or someone else at 
> Bluereference.com is already subscribed.
> 
> The best way to discourage such questionable practices is not 
> to patronize organizations that use them.
> 
> On Tue, Mar 18, 2008 at 7:48 AM, Doran, Harold <HDoran at air.org> wrote:
> > Can a CAPTCHA be implemented as a prevenative measure
> >
> >
> >  > -----Original Message-----
> >  > From: r-help-bounces at r-project.org
> >  > [mailto:r-help-bounces at r-project.org] On Behalf Of  > 
> > Ted.Harding at manchester.ac.uk
> >
> >
> > > Sent: Tuesday, March 18, 2008 7:33 AM
> >  > To: Gorden T Jemwa
> >  > Cc: r-help at r-project.org
> >  > Subject: Re: [R] UNSOLITED E_MAILS: Integrate R data-analysis  > 
> > projects wi  >  > On 18-Mar-08 12:08:44, Gorden T Jemwa wrote:
> >  > > Dear R Admins,
> >  > >
> >  > > I received an unsolicited e-mail from BlueInference as an R  > 
> > user. Does  > > it mean that R that our e-mails (and  names) is 
> > sharing it's user  > > database with third parties without our 
> > consent? Or perhaps the  > > BlueInference guys are using an e-mail 
> > address miner to get our  > > contact details?
> >  > > [SNIP]
> >  > > Dear Gorden Jemwa,
> >  > >
> >  > > As a fellow R user, I am sure you agree with me that R is a  > 
> > dear gift  > > from the R-project community that should enjoy broad 
> > use.
> >  > > [...]
> >  > > Ben Hinchliffe
> >  > > Inference Evangelist
> >  > > BlueReference, Inc.
> >  > > ben.hinchliffe at bluereference.com
> >  >
> >  > It would not be difficult to mine a database of email  > 
> addresses 
> > from the R-help archives. Each month's postings can  > be 
> downloaded 
> > as a .gz file. Each posting in the resulting  > unzipped 
> .txt file has 
> > a line of the form  >
> >  >   From: user.name at email.domain
> >  >
> >  > and all that's then needed is to replace " at " with "@", and  > 
> > you have the email address.
> >  >
> >  > On a Unix system, a quick 'grep | sed' would do the job 
> in a second!
> >  >
> >  > In this case, the spam was clearly carefully targeted at R  > 
> > users, so quite possibly they took a bit more trouble over 
> it  > (to 
> > the point of extracting full names as well).
> >  >
> >  > I can't see the R people deliberately sharing their database,  > 
> > and the list of subscribed email addresses is accessible only  > to 
> > the list owners. So it seems much more likely that the  > publicly 
> > readable archives have been mined along the lines I  > 
> suggest above.
> >  >
> >  > Best wishes,
> >  > Ted.
> >  >
> >  > 
> > --------------------------------------------------------------------
> >  > E-Mail: (Ted Harding) <Ted.Harding at manchester.ac.uk>  > 
> > Fax-to-email: +44 (0)870 094 0861
> >  > Date: 18-Mar-08                                       
> Time: 12:32:30
> >  > ------------------------------ XFMail 
> > ------------------------------  >  > 
> > ______________________________________________
> >  > R-help at r-project.org mailing list
> >  > https://stat.ethz.ch/mailman/listinfo/r-help
> >  > PLEASE do read the posting guide
> >  > http://www.R-project.org/posting-guide.html
> >  > and provide commented, minimal, self-contained, 
> reproducible code.
> >  >
> >
> >  ______________________________________________
> >  R-help at r-project.org mailing list
> >  https://stat.ethz.ch/mailman/listinfo/r-help
> >  PLEASE do read the posting guide 
> > http://www.R-project.org/posting-guide.html
> >  and provide commented, minimal, self-contained, reproducible code.
> >
>

More information about the R-help mailing list