M3AAWG 34th General Meeting, Dublin, Ireland, June 10, 2015 – A thoughtful provocateur ready to take on difficult challenges for the good of the Internet and an influential cybersecurity advocate, Rodney Joffe has worked to protect end-users since the 1990s when he fought to contain spam as the first email marketing campaigns were taking hold. In the ensuing years, he has single-handedly crippled text spam, has developed a sophisticated system to protect DNS, and has helped manage the worldwide response to major botnets infecting millions of users. At the M3AAWG 34th General Meeting in Dublin, Ireland, Joffe received the 2016 M3AAWG Mary Litynski Award for his lifetime achievements in protecting the Internet and end-users.
“Rodney is the kind of person who embraces the Internet with all its possibilities and quietly works behind the scene to fight abuse. Today’s industry leaders know he’s the person to go to when you need to get something done, especially if it involves protecting the general online public who might not be in a position to take action. When he sees a problem, Rodney jumps in with whatever talent and resources are needed and his accomplishments over the last twenty years have made us all safer,” said Michael Adkins, M3AAWG Chairman of the Board.
Joffe’s most recent focus has been on combatting botnets, nefarious networks of malicious code designed to steal personal information, hijack a user’s machine or engage in other harmful activities. Chairing the Conficker Working Group starting in 2008, Joffe managed the efforts of thousands of technologists in 115 countries working to mitigate the botnet. He also served as an envoy for the group, pressuring the U.S. government to pay attention to the problem and testifying at U.S. congressional cybersecurity hearings in 2009. In 2013, he received the U.S. FBI Director’s Award for helping organize the industry’s response to the Mariposa botnet, another major infection that affected users globally. He has also participated as a core threat designer in cybersecurity exercises operated by the U.S. Department of Homeland Security, the White House and the U.S. National Security Council.
Advocating for better global cooperation against online abuse, Joffe said, “The criminals that we are fighting have the same or better skillsets as us but they don’t have the moral compass we do. So it’s not a level playing field and, right now, all we’re really able to do is contain the problem. Until we can get to the point where law enforcement around the globe, as a group, are prepared to go after the bad guys and put them in jail so there aren’t outposts where they can hide, we’re not going to be able to completely win this battle.”
Developed UltraDNS and Other Widely Used Network Security
Joffe’s interest in protecting networks grew out of his work at Genuity, a major Internet Service Provider he founded in 1995 and one of the first Internet hosting companies. Three years later, Joffe created Anycast for DNS as a faster, more robust, and less expensive Internet addressing and routing system. In 1999, this evolved into the creation of UltraDNS, a Domain Name Service lookup and traffic management service that is widely used today to protect against Distributed Denial of Service attacks. Criminals use DDoS attacks to direct massive volumes of traffic to a targeted domain name, trying to flood the website’s servers and knock the organization offline. The technologies Joffe implemented known as DNS Shield provide additional, protected Internet routing to safeguard Web and email services for government and business enterprises. UltraDNS is now offered as a Neustar product, where Joffe serves as senior vice president, senior technologist and a fellow.
Fighting Both Messaging and SMS Spam
Joffe outlined much of the industry’s history in fighting spam and online abuse in a video shown at the M3AAWG meeting (https://youtu.be/J-e3aO7rc0E). His efforts began in 1998 when marketers were just beginning to discover email. As the operator of a postal direct mail service bureau at the time who also understood the Internet, he was asked by the online community to help educate marketers about the industry’s best practices. In the process, he developed SafeEPS, a global opt-out service that within the first few days of its availability signed up more than 50 million email addresses that did not want to receive unsolicited mail. Although somewhat controversial, the service was embraced by the major Internet service providers and helped shape aspects of the U.S. CAN-SPAM law.
As marketing technologies developed, Joffe decided to go after companies sending junk faxes and became an expert in the U.S. Telephone Consumer Protection Act of 1991 (TCPA), which eventually led him to apply the law to a class-action suit against text-messaging spammers. The Joffe v Acacia National Mortgage case set a legal precedent and has been used against text spammers since the 2001 ruling in his favor.
Joffe also has quietly mentored and supported many of today’s Internet trailblazers. Although he no longer owns Genuity, which was acquired by GTE and is now Verizon, he still maintains a private ISP dedicated to providing pro bono bandwidth and other services to nonprofits and researchers working to protect the Internet.
The M3AAWG Mary Litynski Award is presented each year to recognize a person who has worked behind the scenes for many years to help protect online users. Information and the submission form for the 2017 award are at https://www.m3aawg.org/awards#LitynskiAward.
More than 370 security experts and public policy advisors from 29 countries are participating in the M3AAWG 34th General Meeting, June 8-11 in Dublin where M3AAWG is also hosting the London Action Plan (LAP). The meeting features over 55 sessions tackling various aspects of online abuse. M3AAWG will hold its next meeting October 19-22, 2015 in Atlanta, Georgia.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.
# # #
Media Contact: Linda Marcus, APR, +1-714-974-6356 (U.S. Pacific), LMarcus@astra.cc, Astra Communications
M3AAWG Board of Directors: AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; LinkedIn; Listrak; Mailchimp; Message Systems; Orange (NYSE and Euronext: ORA); OVH; PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.
M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; AOL; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Dyn; iContact/Vocus; Internet Initiative Japan (IIJ, NASDAQ: IIJI); Litmus; McAfee Inc.; Microsoft Corp.; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; Proofpoint; Rackspace; Spamhaus; Sprint; Symantec and Twitter.
A complete member list is available at https://www.m3aawg.org/about/roster.