Here are answers to some frequently asked questions.

The boxes are too small

The boxes are small to encourage everyone to keep the message short. After a few words, the spam begins to sorta repeat which looks suspicious - even for spam. There is no limit on the size of the messages you can encode/decode, however.

Could SpamMimic send the mail?

It would be easy to send the spam-encoded mail for you but we are afraid we'd get into trouble for being spammers!

Somebody could observe the "secret" message as it's being sent to SpamMimic

Seems unlikely if you use SSL

But even if you use SSL we still have to trust SpamMimic

We understand this concern, we're very paranoid ourselves. We probably aren't a front for the FBI but we might be. We promise we don't log the messages you encode/decode - but we don't believe the "privacy policies" on other websites so why should you believe us. By the way, we, like most websites do keep a standard Apache log of hits. We wipe our logs weekly. To hide your computer name from us you can access SpamMimic via Tor, Anonymizer, Safeweb and JAP - but then you have to trust them too.

What are all those messages I get when going "https"

We have a self-signed certificate.

What about a SpamMimic program I run on my computer

...or a mail client plugin. This would overcome the above two problems (or would it?). It would also be handier than the current cut'n'paste method. But you would still have to trust the plugin not to secretly send your message back to us! If it was really nasty it could even scan the disk of your PC looking for juicy info to send to us - wah ha ha ha. Of course, this trust problem is an issue for all closed-source software (including operating systems) you chose to run. Having said all that we might do a plugin - but we seem too busy on other stuff these days.

What about open-sourcing it - peer review is the only way crypto can be proven secure

If you buy the book mentioned in the credits you have the source for our mimic engine. We have improved it a bit and we're not going the release the grammar. We don't want to make it easy to have it built into firewalls. (Yes, we are trying to make enough money to pay for the hosting with the evil banner ads.)

You shouldn't display "(Sorry, could not decode)"

Wow, you guys are sneaky. Instead, the suggestion goes, it would be better to display some random message so "they" don't know if have cracked SpamMimic or not. A very cute idea. It would be fun to write a program which makes random believable messages. We could feed a random number into the mimic engine with a normal conversation grammar! But, in the end this would confuse too many users and we'd probably get too many mails like "SpamMimic changed my message of 'movie at 8pm' into 'steak dinner at 9:00'" because quite a few people hurt the encoded spam while cutting and pasting etc.



Sorry we can't promise to reply to all the feedback. But we definitely read it all and use suggestions to improve the site.

Sorry, contact form disabled due to spam.


home | encode | decode | explanation | credits | faq & feedback | terms | Français
Copyright © 2000-2014 spammimic.com, All rights reserved