Friday, October 16, 2009

Email obfuscation is broken

An year and a half back, I was working on some project where I had to parse students' and professors' homepages to mine interesting information from them.
One common underlying pattern I found on their pages, from new grad students' to emeritus professors', was the method of obfuscation of their email ids.
Though they were in the right track on preventing spam bots from harvesting emails and spamming them, the actual way they did it was as insecure as protecting a house by fastening windows but leaving the door wide open. One should remember that people who write spam bots are not foolish. They earn lots of money from collecting emails and selling them to people who do the actual spamming. These trivial ways won't stop them by any means.

There are three popular methods used to obfuscate, each progressively difficult for the spam bot:
1) Just replacing the '@' and '.' characters, like email_id AT server DOT edu.
2) Encoding semantics, like "first 7 characters of last name" AT server DOT edu.
3) Placing the image of the email id.

Any good spam bot can easily extract the correct email id if methods (1) or (2) are used. It just has to have a list of common patterns that people use, and make some string substitution and educated guesses.
Method (3) is extremely secure, but unfortunately it is like a fastened window, where the open door is the URL of the webpage itself.
Typically the students' or professors' pages have URLs with a definite pattern, like or or As you can see, almost all the URLs have email id encoded in them, after all this is how the page itself was created automatically.
From the URL, it is easy to guess the email id. For example, in the third example, the email would be either or

So, what is the way out? The answer is there is no way out until the schools themselves change the URL naming scheme of the pages they assign to their staff and students.
Till then, the best way is to put the image of the email id and, in addition, route the emails via Gmail, hoping that Gmail will block the spams automatically.

Friday, April 24, 2009

Madison Student Optimizes Physics

N Orchard Street's greatest physicist, Dr Dchongesh, today accomplished an extraordinary thing that will surely change the way we think of the world (and of him).

Dchongesh after pwning Einstein's formula.

Dchongesh, an ardent fan of Djokovich and Deborah Djosheph, today proved that Einstein's mass-energy relation is sub-optimal. When our staff reporter asked him about his latest finding, he replied "When I first saw the equation E=mc2, I was like, 'Dude, there has got to be a more efficient equation for this. Everybody know that quadratic running time won't scale for large c's. I then worked all night, constantly referring to my borrowed copy of 'Introduction to Algorithms', and finally derived my optimized equation E=mc*log(c) that would perform 30% better in parallel processors".
But when our unconvinced reporter asked if he could just optimize nature's laws just like that, he replied "Dude, who is taking CS587-Algorithms course, you or me?".

Meanwhile, Nature is unsure how to react to this sudden change in physical laws. But people in 45 N Orchard St are positive that the new optimized physics can help in reducing global warming, controlling weather, increasing TAships, getting dates, and decreasing the frequency of nature calls that they are experiencing now.

Sunday, March 29, 2009

Papers are People Too

This is the poster for a hypothetical movie called "Papers Are People Too"* that I made for the Earth Day and sent to my friends to make them cautious about the overuse of paper generating machines (printers and photocopiers).
I also sent them a snippet of the story for the hypothetical movie. The response was pleasantly positive, they claim to have decreased the number of printouts they take, and it seems to have given them happiness also.
I am pasting the snippet below:

Papers Are People Too
The plot:
"Our hero GeeBee studies in a college where he is given unlimited supply of paper and free printouts.
So should he care whether all the 100 pages he is just going to print will be read by him later?
Should he strain his eyes to read a PDF instead of just hitting <Ctrl + P>?
He knows very well that decreasing the font size and removing images would print the html content in fewer pages, but is it worth all the hassle?
Why bother placing unwanted papers in the recycling tub when he can just throw them away with kitchen trash?"

The cast: You and me.
Releasing on the Earth Day next month.

One thing that I silently slipped in, in the poster, is the fact that we don't bother to give a name to a tree, even if we have been brought up seeing it in our yard all the years, but we tend to give a name to every other pet that we come across.
This was at the back of my mind, and that is the reason for the lines at the bottom of the poster (you may have to scroll to see them).

* The title inspired from the blog Papayas are People Too.

Thursday, January 15, 2009

Local boy to change his name after shelving PhD plans

From our reporter in Madison, WI -
"I always dreamed of completing my PhD", reflects Sabareeshh, an ardent Himeshh Reshammiya fan and a long-term resident of 45 N Orchard Street. In his continued statement, he further revealed that he also always dreamed of people addressing him as "Doctor Sabareeshh", and plans to file a request with the Office of Name Changes to enable him achieve his aforementioned ambition since he no longer has hopes of completing his PhD and becoming eligible to be called with the aforementioned name. But is it a normal thing to do?

"Why not? If people can have names like 'Major Soundarrajann', 'Padmashrii Universal Hero Kamal Hassann' and 'Slave Mistress Vidhhya', whats wrong with changing my name to 'Doctor Sabareeshh'?", he logically argued his proposition before breaking away to check out the ladies section in Walmart.

Meanwhile another local boy DMaheshh, a fierce fan of both Djokovic and Himeshh, rechristened himself as Chongeshh to match with his Chinese girlfriend Chong, who unknowingly in parallel changed her name to Abhitagujalambal taking it to be a cool Indian name. When we last heard, he was in a dilemma on whether to change his name to Abhitagujalesh to match again or to change his girlfriend.

As per a latest update, an application by the Office of Name Changes to change its own name was rejected by the same office, as it would cause infinite recursion of name changes leading to a stack overflow condition.

