Book review: Spam: A Shadow History of the Internet

Posted by   Martijn Grooten on   Jun 2, 2017

This review, by VB Editor Martijn Grooten, was originally published in the Journal of the International Committee for the History of Technology (ICON). It is republished with their kind permission.


book-cover.jpg   Title: Spam: A Shadow History of the Internet
  Author: Finn Brunton
  Publisher: The MIT Press Cambridge, MA, 2013.
  ISBN: 9780262018876 / 9780262527576 / 9780262313933

Those who find themselves tasked with fighting the daily deluge of unsolicited bulk email need to have a good understanding of the basic Internet protocols, such as SMTP, DNS and TCP/IP, as well as a keen eye for the ever-changing ways the spam messages try to get past the various defences in place. But to really understand where spam is coming from, how it has played and continues to play a role on the Internet, and where it might be going, one needs to go back to the beginning of the Internet. Finn Brunton's Spam: a Shadow History of the Internet does exactly that.

While most histories of spam consider the spam sent before the mid-1990s to only be worth mentioning as funny anecdotes, Brunton divides the history of spam into three epochs, with the period until 1995 being the essential first one. It was during this period that the Internet, with its written and many unwritten rules, took shape. It was also then that 'spammers', i.e. people who didn't follow these rules, began to appear in various forms and with various intentions.

The second epoch spanned the eight years following 1995, when the Internet became a huge commercial and social success. Spam took off in this period as well, and many of the kinds of spam we still see today, such as the pump-and-dump spam and the 419 spam, date back to this period (of course, offline versions of 419 spam date back many centuries). This period also saw the community experiment with technical (blocklists, spam filters) and legal (anti-spam laws and lawsuits) measures against the fast-growing problem of spam.

As these measures wiped out most of the over-zealous marketers that had no malicious intent but who had failed to see the social consequences of their efforts, the third epoch in the history of spam, the period from 2003 until today, saw spam turn into a proper criminal enterprise. At the same time, it saw the increasing sophistication of the algorithms that fight spam and that make sure that email and other messaging platforms continue to be usable for today's Internet users.

Though largely chronological in nature, Brunton's book is far more than a timeline of anecdotes around spam and the various efforts to fight it. Brunton really tries to understand spam, from both a technical and sociological point of view. While for most working in the anti-spam community the latter aspect may not seem particularly relevant to their jobs, it helps to understand not just the early clashes between spammers and anti-spammers, but also many similar cases with people misbehaving in various kinds of online communities. Brunton's division of Internet pioneers into royalists, anarchists, technolibertarians and parliamentarians will seem all too familiar to those following discussions about tools for protecting online privacy today.

Indeed, while the bulk of the book focuses on email spam, some very early and very recent examples of spam cited in the book ('spam books' and 'Twitter spam', both of which were new phenomena in 2013, when the book was written) took place on other platforms, and Brunton expects more of this to happen in the future.

For those approaching spam from a technical point of view, the book may appear a tad academic. Indeed, Brunton doesn't eschew references to sociologists like Tönnies and Durkheim, or even authors such as William Gibson and Jorge Luis Borges. I did not think this was a problem though: it served as an all-too-important reminder that spam isn't just a technical issue, but is just as much, and perhaps more importantly, a social one, even in an era in which the business of spam is a purely criminal enterprise.

One possible criticism of the book may be that Brunton pays relatively little attention to the criminal aspect of spam. However, it would have been hard to do so without going into the murky details about how online criminals operate today. For those interested in this side of spam, Brian Krebs's Spam Nation complements Brunton's book rather well.

As the Internet continues to evolve, few people even remember what spam looked like 15 years ago, let alone what kinds of messaging abuse took place in the very early days of the Internet. These events still cast their shadow on today's fight against spam though. For that reason alone, we should be very grateful to Finn Brunton for having written this important book.



Latest posts:

VB2019 paper: Domestic Kitten: an Iranian surveillance program

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video…

VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

VB2019 paper: DNS on fire

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

German Dridex spam campaign is unfashionably large

VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.

Paper: Dexofuzzy: Android malware similarity clustering method using opcode sequence

We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.