2002-09-10»
drive-by spamming reduxยปWithin a few hours of posting the correction to ZDNet’s article on drive-by spamming, Adrian Wright, the original misquoted expert, e-mailed me. “Saw your comments on Oblomovka. Not exactly professional behaviour for a Sunday Times stringer”, he wrote. I asked him what he thought was unprofessional. As yet he hasn’t replied.
Meanwhile, the original misquote is already beginning to spread. News sources like ZDNet are seen as authoritative sources online and off. From miscellaneous Slashdot posters to Professor Ed Felten, there are now people who cite the piece as proof that there are recorded instances of drive-by spamming.
As far as I know – and more importantly, as far as Adrian Wright, the original source, knows, there exists no such evidence. The lead to the story, “‘Warspammers’ are taking advantage of unprotected wireless LANs to send out millions of junk emails” is simply not true.
Terry Schmidt, of NYC Wireless wrote independently to the ZDNet UK journalist, Graeme Wearden, asking in the light of the new comments by Adrian, admitting that he’d never seen a case of drive-by spamming in real life, ZDNet would correct the original story. Here’s what Graeme wrote:
I asked Wright if he would like me to change anything in my story – he didn’t.
I think that’s because, even if he did say ‘could happen’ rather than ‘is happening’ (and sitting in the middle of that audience, I thought he was discussing something that is taking place, and that’s what I wrote down), Wright thinks it very likely that drive-by hacking is occuring.
That looks like the truth. But it’s very different from the original story. That article – still being spread, still being read – continues to mislead people into believing drive-by spamming is happening right now, and that Adrian Wright had seen it happen.
Misinformation like this has consequences. It encourages people to believe that having an open network is an uncivil thing to do; that they should cower in fear at the spammers stalking the streets, looking for outlets. It encourages people to believe that the only solution to their fear, uncertainty and doubt is to to hire security consultants with experience of this rampant menace. And the more the original misleading article sits there, the further the misinformation spreads.
This seems to be the opposite of what a journalist should do; and the opposite of what a security consultant is paid to advise. I’m not sure who is to blame here: but if anyone is being unprofessional, I don’t think it’s me.