Jeffrey Aguilera is the James Bond of the digital world. He has a license to kill, well, spam.

Ever since he founded Red Condor in Rohnert Park in 2002, he has been defending businesses from mastermind spammers. He infiltrates criminal minds and works to undermine their nefarious plans to clog the Internet with scams and viruses that double as emails.

Aguilera knows the Internet isn’t a safe place (he told the Press Democrat as much.) But he’s willing to fight the good fight, and help clean up your inbox.

Web site: www.redcondor.com

Questions and Answers:

DailyGeek: Why did you start an anti-spam company?
Aguilera: In 2002, my partners and I were looking for our next opportunity in the investment software field. During our research, my spam problem continued to worsen, to the point that I asked our mail administrator to activate the anti-spam features on our mail server. The next day, after not receiving any spam, I sent a congratulatory message to our mail admin for solving this nuisance…but he never got that message: It, too, was blocked as spam.

We tried tuning the filters, but to no avail. Either lots of spam got through, or lots of legitimate mail was lost. Red Condor was born from this dilemma with a simple vision, to block spam, and nothing but, without any user intervention.

DailyGeek: How much do you hate spammers, and how are you going to destroy them (because even if you don’t hate them, most of us do)?
Aguilera: My goal is to out-smart spammers, since their destruction is fanciful thinking. Like pick-pockets and petty thugs, spammers will never disappear. They prey on an endless supply of trusting people that do not fully grasp what is at stake.

So I try to engage spammers on my terms rather than theirs. Early on, I would investigate each spam that got into my mailbox, dissecting the headers to locate those individuals responsible for sending me garbage. But this is just a pointless exercise. Spammers are masterful at covering their tracks; or implicating others; or hiding a world-away behind a chain of proxies. Instead, I look for their mistakes, their tells. I send them misleading information to see if they bite. I try to use their own greed against them.

DailyGeek: What has been the impact of Web 2.0 on Internet security?
Aguilera: Web 2.0 is all about pushing the desktop experience to the web-using Security 1.0 idioms. With greater reliance on client-side code, Web 2.0 applications are easier to reverse-engineer and easier to inject cross-site scripting hacks. As long as security is an afterthought, scammers will find exploits and Web 2.0 just increases the number of possibilities.

DailyGeek: Considering you spend a huge chunk of your day trying to protect people from organized criminals, how has it changed your outlook on the Internet and on life in general?
Aguilera: On the one hand, I find that fighting spam is a very rewarding career, because I protect millions of users from billions of spam, phish, virus, and other garbage. However, the personal cost is constant exposure to the worst of human nature. The scammers are everywhere. They will do anything to make money. This constant backdrop of criminality is very disillusioning.

DailyGeek: Now to the standard geeky questions: what OS do you primarily use?
Aguilera: Mac OS X. I abandoned Windows just over two years ago, and haven’t looked back since. To be fair, everything I develop is ultimately deployed on Linux servers.

DailyGeek: Your preferred Internet browser?
Aguilera: Safari for everyday use; FireFox for development.

DailyGeek: What social network applications do you use?
Aguilera: LinkedIn, and to a lesser extent, Plaxo.

DailyGeek: Favorite Web sites?
Aguilera: Google has been my home page ever since they were in beta. My favorite site is Eric Weisstein’s MathWorld.com, because I learn something new every time I visit.

DailyGeek: Favorite way to get news?
Aguilera: I subscribe to various RSS feeds, including CNET News, Engadget, Gizmodo, and Google News.

DailyGeek: What type of phone do you use?
Aguilera: iPhone, since Friday, June 29, 2007 at 7:10pm.

DailyGeek: What is your favorite cellphone application?
Aguilera: Starmap Pro.

DailyGeek: Favorite productivity tech tool?
Aguilera: IntelliJ IDEA. I cannot imagine development in Java without this IDE.

DailyGeek: Favorite piece of technology that is not mainstream?
Aguilera: The Celestron SkyScout Personal Planetarium…and the Nespresso Essenza Automatic coffee maker.

DailyGeek: What is your favorite Open Source software program?
Aguilera: OpenOffice.

DailyGeek: What question should have I asked?
Aguilera: Do you have any tips for improving online security?
Aguilera to Aguilera:To start, everyone should peruse the Cyber Security Tips at the Department of Homeland Security. This site covers everything from choosing and protecting passwords to staying safe on social networking sites. But do not assume that caution and diligence alone will keep you safe. You should also take steps to limit your exposure if the preventive measures fail:

Use a different password on every site that you visit. Better yet, use a tool that generates these password for you, such as 1Password, PasswordMaker, SuperPwdHash, etc. The best password management tools use one-way hashing and implement precautions to protect against keyloggers.

If you use PayPal, or a similar online payment service, do not tie it to your main bank account or credit card. Instead, tie it to an account created specifically for PayPal and fund that account as needed.

Use “throw-away credit card numbers” when buying goods online rather than using real account numbers. Citibank calls this service “Virtual Account Numbers”; Discover calls it “Secure Online Account Numbers”; and Bank of America calls it “ShopSafe Numbers.”

Do not use debit cards online. Credit cards have better fraud protection and are easier to dispute.

Bonus Q from last week’s participant John Sullins, a roboethicist at Sonoma State University:

Sullins: It is exciting that you are fighting the good fight against spam and malware but the delivery method for spam and malware seems to evolve with every new countermeasure devised to block it. Do you see this as a perpetual arms race? If it is, the user has to suffer the abuses of spam and malware and/or pay for increasingly complex filtering and security technology, which is a lose-lose proposition for the user, perhaps you see some other solution we can look forward to?

Aguilera: Unfortunately, I do not see an end to this arms race in the near future. I place the blame on both sides: Technology consumers refuse to embrace authenticating technologies and refuse to change their interaction model; and technology producers do not mandate best security practices, but rather, bolt on byzantine security options to protocols and applications that can otherwise be used without any security. For example, DNS was developed around 1987 (RFC 1034), but security extensions were not added until 1999 (RFC 2535). A decade later, DNSSEC is still not widely in use. Some estimates place penetration at 0.0015% (15 domains per million). So last summer, DNS, the core directory service of the Internet, was subject to a cache poisoning exploit that affected nearly all DNS servers.

How do we break this cycle? Consumers need to adopt digital certificates and use public key infrastructure (PKI) to identify themselves when interacting with secure services. Financial institutions need to insist that their users have valid digital certificates, rather than presenting easily hijacked usernames and passwords. Identities need to be stored on encrypted media, such as TPM or secure flash storage. And security needs to be a prime design goal, not an afterthought. Once PKI is widely deployed for high-value services, it can be hijacked to secure just about everything else.