Forgot your password?
typodupeerror
Censorship Spam The Internet

Endangered Countries On The Internet 475

Posted by timothy
from the externalities dept.
Vande writes "Balkanalysis.com has an article about Macedonia being driven towards internet extinction as a result of some blacklists, which also include Bulgaria and Romania. Namely, this poorly written quote from the 'export bureau' (non-gov org) states the reason for being blacklisted: 'Pay close attention to shipping or contact addresses located in countries with a high reported incidence of online fraud and many e-commerce web sites have found a high incidents of on-line fraud as well, such as Africa, Nigeria, Macedonia, Colombia, etc..' They must have lost the stats on fraud from Russia, Israel and the USA itself, because Macedonia's negligible internet population cannot possibly account for that much trouble. Cutting off an entire country only hurts the legitimate users. And I thought all this time I was surfing the 'World Wide' Web :/"
This discussion has been archived. No new comments can be posted.

Endangered Countries On The Internet

Comments Filter:
  • easy work around (Score:4, Interesting)

    by xlyz (695304) on Sunday July 04, 2004 @02:29AM (#9604494) Journal

    use a proxy located somewhere else
    • by 1u3hr (530656) on Sunday July 04, 2004 @02:50AM (#9604548)
      use a proxy located somewhere else

      Brilliant. That's mentioned in the article, of course. But what the outcome is that any fraudsters can continue (though no evidence was offered of such), but the average home user will be stymied.

      • by mckyj57 (116386)
        >> use a proxy located somewhere else

        > Brilliant. That's mentioned in the article, of course. But what the
        > outcome is that any fraudsters can continue (though no evidence was
        > offered of such), but the average home user will be stymied.

        I blacklist only Romania on my servers. It has cut down the number of probes
        by a good percentage.

        Sure, they can use a proxy and a hacked system elsewhere. But the last
        three rooted boxes I have seen have had log entries that show them
        download their cracking
    • by Kwelstr (114389) on Sunday July 04, 2004 @06:34AM (#9605030)
      A friend of mine from Romania needed some books, he tried to get them sent to another friend in Germany, but HIS credit card was not accepted, because it was a Romanian card.

      He tried several different aproaches and nothing worked, to make the story short. Finally he contacted me, in the US. I paid for the books with my paypal, made the seller ship them to his home and he wired me the money.

      A big pain in the butt, just for a couple of books if you ask me :-(
    • Slashdot too (Score:5, Interesting)

      by muyuubyou (621373) on Sunday July 04, 2004 @06:36AM (#9605035)
      I have to use a proxy to browse Slashdot from my home connection (and had to do the same from my office connection for a while).

      For some reason, Slashdot has decided to ban whole ranges from the biggest providers in Spain.

      Right now, more than half of the Spanish internet population is banned from Slashdot. This was virtually the whole Spain for some time.


      I've written several emails to Rob "CmdrTaco" Malda, only to receive a "hey, I'm sorry about that" and I still have to use a proxy.

      You can read more about this here (Spanish) [barrapunto.com]

      One of the ranges cut off was Telefónica's Proxy-cache. This alone leaves out the majority of the Spanish internet population when it's incidentally turned on.
  • Foreign ISPs (Score:4, Informative)

    by drewbradford (458480) <drew@drewbradford.com> on Sunday July 04, 2004 @02:29AM (#9604495) Homepage
    Residents of those contries have the option of using foreign ISPs, or even anonymous proxies, to bypass the blacklists.

    neworder.box.sk has some links to good anonymous proxies.
    • Re:Foreign ISPs (Score:4, Interesting)

      by csirac (574795) on Sunday July 04, 2004 @02:57AM (#9604572) Homepage
      Residents of those contries have the option of using foreign ISPs

      Right, as if using the internet wasn't expensive enough already, you're going to be dialing international to a hypothetical ISP that has no qualms about selling accounts to foreign countries? The other issue is payment - Mastercard?

      I'd be surprised if at least some blacklists didn't include the IPs of those anon. proxies too.

      Sure, they can work around it, but seriously... that'd just suck.
      • Re:Foreign ISPs (Score:4, Insightful)

        by zakezuke (229119) on Sunday July 04, 2004 @03:44AM (#9604713)
        Right, as if using the internet wasn't expensive enough already, you're going to be dialing international to a hypothetical ISP that has no qualms about selling accounts to foreign countries? The other issue is payment - Mastercard?

        There is the other issue too. If it's so easy for people in these countries to get accountes elsewhere like the parent sugests... then it would be as easy for the non-legit users to get them as well.

        This is why black listing whole countries doesn't work... you can always dialup to AOL in some other country.
    • Re:Foreign ISPs (Score:4, Interesting)

      by RAMMS+EIN (578166) on Sunday July 04, 2004 @03:10AM (#9604609) Homepage Journal
      Then what's the point of blacklisting in the first place?! If you force access to go through foreign ISPs, it will be those with money (e.g. the fraudsters) who have access, not the common people.

      If you have a problem with Internet users from some country, why not help the country fight them? It's not like these countries want to host spammers, scammers and fraudsters. They only do so because they don't have the means to fight them. If you don't care enough to help them, put up with the crime. If you can't put up with the crime, help fight it. There is no excuse for locking innocent users out of the Internet, and laziness/stinginess is a particularly selfish one.
    • Re:Foreign ISPs (Score:5, Informative)

      by arivanov (12034) on Sunday July 04, 2004 @03:48AM (#9604722) Homepage
      You are misunderstanding the meaning of the blacklist. It is not a blacklist on access. It is a blacklist on e-commerce. 95% of all web stores and mail order shops in EC and US refuse to ship to these countries.

      They do not do it out of malice. They do it because they were at one point refused insurance on their card transactions for purchases from these countries. This was done because these countries at the time did not have a banking clearance system which could be used for VISA transactions. In fact most banks were not even members of SWIFT so clearing money was taking 24+ days to travel through a correspondent bank somewhere else in the world after getting government permission for the transfer. So overall the blacklist was fully justified at the time.

      While the some countries now have SWIFT and VISA and are OK to ship (Bulgaria), many web stores are yet to amend their policies. Considering the marginal amount of purchases from the countries in question I would say that it is nothing to shout about. Move along.
      • Re:Foreign ISPs (Score:5, Insightful)

        by 1u3hr (530656) on Sunday July 04, 2004 @04:04AM (#9604767)
        Considering the marginal amount of purchases from the countries in question I would say that it is nothing to shout about. Move along.

        Unless you happen to live in one of these marginal countries, as the author of the original article does.

  • Eastern Europe too.. (Score:3, Informative)

    by Dozix007 (690662) on Sunday July 04, 2004 @02:30AM (#9604497)
    Easter Europe has fallen victim to e-commerce site bias. Many electronic file transfer agencies assume just to steer clear of E. Europe rather than dealing with fruad. This brings up the obvious question of better varification. Just think how much more these sites could make in commison if they invested a little in verification.
    • by Anonymous Coward on Sunday July 04, 2004 @03:16AM (#9604629)
      I worked at a top-50 software online retailer. When our "chargeback rate" went about 1%, our bank (wells fargo) gave a list of advice on what to do.

      One of the pieces of advice included blocking countries. If you tried to buy from eastern europe on our site, you'd get a "we're havng problems processing your transaction, please call customer support" error message. If the person called, we'd assume they were legit and white-list them.

      Sucked for them, though, because of the long-distance call.

    • yeah, I know. (Score:3, Interesting)

      by autopr0n (534291)
      A friend of mine (Actually the guy that runs sinfulshirts.com) refuses to sell to Russia just because it's not on a list of countries that another T-shirt site will sell to. No more reason then that and "Well, they must have a reason.".

      It bugged me, because another friend of mine was saying that Russians didn't wear t-shirts with funny sayings, and if he got an order from Russia, I would have irrefutable proof she was wrong!
  • by TexasDex (709519) on Sunday July 04, 2004 @02:33AM (#9604514) Homepage
    Blacklisting is not a feasible long-term solution. Sure, it'll stem the tide of fraud and spam and all that but it just hides the real problem (insecure SMTP in this case) and hurts those who didn't do anything.

    That said, I'd be unlikely to ship products to, say, Nigeria for obvious reasons. The web is a bit of a mess as far as security is concerned. And part of the issue is that countries don't enforce their own laws very stringently (e.g. sect 409 of the nigerian criminal code).

    • by 1u3hr (530656) on Sunday July 04, 2004 @02:59AM (#9604577)
      but it just hides the real problem (insecure SMTP in this case) and hurts those who didn't do anything.

      RTFA -- it's not email that's being blocked, but web access. Living in Hong Kong, for instance, I occasionally click on a link to find myself greeted by "440 Your country is blocked because of traffic reasons". Other times the page just never loads, leaving me unsure of the reason, though suspicious.

    • by Spy Hunter (317220) on Sunday July 04, 2004 @04:11AM (#9604779) Journal
      You are missing the point of a blacklist. Sure, blacklists can help slow undesired activity such as spam and fraud, but a lot still gets through, and nobody is debating that. The _real_ point of a blacklist is to _motivate_ people to fix the problems at the source. If Macedonia really was cut off from the Internet due to fraud, they wouldn't just sit there. They would start a crackdown on fraud so that they could get their Internet back. Sure, there's collateral damage. But what about all the people who would have been defrauded? Surely they should be counted as damage prevented. What about the increased security of the Internet as a whole, leading to higher worldwide trust of Internet businesses and Internet growth? I believe these things are much larger than the collateral damage.
  • the net... (Score:2, Insightful)

    by infonick (679715) *
    was, after all, designed based on the idea that all people are good. when a few people turn up bad apples, people want to punish them. usually this ends up with innocent people getting hit with the punishment, and the bad apples usually can find a work around for pennies.
  • by Anonymous Coward on Sunday July 04, 2004 @02:39AM (#9604530)
    Cutting off an entire country only hurts the legitimate users.

    That's not true. Cutting off entire countries is never done to hurt legitimate users, it is done to protect legitimate users. The legitimate users just don't happen to be in the countries that are cut off.

    When 100% of the traffic received from a large netblock is undesirable for a long enough period of time, any reasonable person will eventually add firewall rules or blocklist entries to solve the problem.

    Perhaps if the governments of and companies within the countries that tend to generate or relay far more illegitimate traffic had any interest in protecting their ability to communicate digitally with the rest of the world, they would do something about it. As things stand with certain massive netblocks that have sent me nothing but spam, viruses, phishing attempts, and 419 scams for several years, I am willing to risk losing one or two legitimate contacts in favor of eliminating thousands upon thousands of undesirable contacts.
    • by kfg (145172) on Sunday July 04, 2004 @03:23AM (#9604647)
      As things stand with certain massive netblocks that have sent me nothing but spam, viruses, phishing attempts, and 419 scams for several years, I am willing to risk losing one or two legitimate contacts in favor of eliminating thousands upon thousands of undesirable contacts.

      And obviously, since you personally have only received unsolicited email from Nigeria, where you presumably have few social contacts, thousands upon thousands of them must be spammers/scammers and only one or two "legitimate contacts."

      By that logic nearly every country in the world would be blocked by nearly every other country.

      It would seem more reasonable to assume that, given the nature of spam, a few bad apples are spoiling it for thousands upon thousands of "legitimate contacts."

      Yes, it would be nice if the respective governments would/could do something about it. Perhaps "we" should set them a shining example of how to go about it properly, for a change, before we bitch overmuch.

      KFG
    • by Sycraft-fu (314770) on Sunday July 04, 2004 @03:27AM (#9604651)
      If ISPs in large contries refuse to play nice, they can face this. I have seen this with Wanadoo, a large French ISP. They just don't respond to abuse complaints, even if you get someone who speaks French to send them. They seem to have this "not our problem" attitude, leading to lots of abuse. Ok, well, if you aren't going to deal with it, the only solution may be to block them. Just how it goes.

      UU.net went through this. They faced a Usenet Death Penalty (the inability for their entire network to use newsgroups) stemming from a refusal to deal with abuse.

      Basically, ISPs need to take some responsibility for their users. Doesn't mean they need Orwellian monitoring, but if someone sends an abuse complaint, they need to look and see if it looks legit and, if so, ban the abuser. Otherwise they DO risk blacklists, regardless of nationaltiy.

      If a certian netblock repeatedly tries to hack my systems, and the company/person in charge will not respond what can I do? I'm not going to sit and allow it, so my only option is a ban on the firewall.

      We've even done this internal to the university. When Phatbot came out it spread pretty bad since so many people had shitty passwords. We had about 5 infections, all in research labs that wouldn't let us manage their systems (huge supprise). When it happened, we shut the lab's network connection off and wouldn't turn it back on until we had found the system and made them promise to keep it off the net until it was fixed. However some departments lack a good network staff, and let systems just get infected. Those that were non-responsive were just banned until we got confirmation they had cleaned their crap up.

      Life in an unregulated world. Since there is no central body that controls who can and can't play, no net police to track down the bacd guys, if you misbehave, those you go after may just ban you and be done with it.
    • When 100% of the traffic received from a large netblock is undesirable for a long enough period of time, any reasonable person will eventually add firewall rules or blocklist entries to solve the problem.

      Not just 100% - when a large proportion of the traffic is undesirable (i.e. when it's losing you more than you're gaining by allowing it) then you'll block the netblock.

      At the start of the year, my website was being log spammed by someone using a dynamic IP address in the 213.23.0.0/16 and 82.82.0.0/16 n
  • by r00zky (622648) on Sunday July 04, 2004 @02:42AM (#9604538)
    For these who cant RTFA: Of course, not only "Wild East" countries like Russia and Israel exceed little Macedonia in terms of online criminal output. It would be utter hypocrisy to ignore the vast internet fraud industry in the United States itself.

    In conclusion, if you must blacklist a country, you should start for these 3.
  • by Anonymous Coward on Sunday July 04, 2004 @02:53AM (#9604560)
    Just this morning we cancelled 4 orders by the same person from Nigeria. UK billing address, Gambian delivery address, Nigeria IP address.

    We lose more money to the US than Nigeria, but then the honest orders more than outweigh those. I can't recall a single order from Nigeria/Romania where the credit card was 100% clean.

    If these countries want to get a positive reputation then they should place more real orders so that the clean orders outweight the fraudulent ones.

    Another thing that is noticable, Indians in the UK have a very high level of fraud, whereas Indians, in India have a very low level of fraud.

    I reckon its because they are displaced from their home country and don't feel any need to be honest.

    • by mccalli (323026) on Sunday July 04, 2004 @04:38AM (#9604844) Homepage
      If these countries want to get a positive reputation then they should place more real orders so that the clean orders outweight the fraudulent ones.

      And how do they do that, if the entire country is blocked?

      Cheers,
      Ian

    • by Horia (602444) on Sunday July 04, 2004 @05:17AM (#9604904) Homepage
      I can't recall a single order from Nigeria/Romania where the credit card was 100% clean.

      I am a Romanian who has ordered 7k$ worth of electronics from B&H in the last year. Unlike your store, they are cool because they checked my billing and shipping address at the credit card issuing bank, thus clearing me to make orders when I like. And I just might place another big order soon. I'm so sorry your store can't possibly have me as a customer. :-)

      You made your own bed, now sleep in it. A simple bank inquiry should be enough to clear legit customers, but you seem to be just too lazy to bother, I guess.

      Well, Hurah for B&H! That's the way to go.

    • Just curious...

      How did you verify that the fradulent orders from the UK were made by Indians?

      Presumably, you are running an online store and you don't actually see your customers directly. So you have to make a mapping between some info they provide and their race.

      What is that mapping? Name to Race? If so, how did you verify that the name provided is genuine?

      I am not necessarily doubting you, I just want to know. I have been in England, and I have a few British friends. The level of contempt that they h
  • by leereyno (32197) on Sunday July 04, 2004 @02:55AM (#9604565) Homepage Journal
    The problem isn't so much that there is a lot of fraud coming from these countries, but that the governments there do nothing to stop it. Rewarding a nation and a people who don't even have the wherewithal to police themselves is not the way to solve the problem. You solve the problem by making this lack of responsibility painful for them. If someone is being a screw up, you get behind them and kick them in the ass until they get their shit together. Refusing to do that because you're afraid someone might think you are being unfair doesn't do anyone any good.

    Whether it be a nigerian 419 scam, or a scam escrow service, these kinds of operations exist because law enforcement in these places is on the take. It isn't just the scammers that are screwing you, its the police as well because they're getting a cut of the loot.

    • by geoswan (316494) on Sunday July 04, 2004 @03:18AM (#9604632) Journal
      No, they don't call it the 3rd world for nothing. Originally, the term 3rd world was introduced to acknowledge that there were nations in the worlds beyond the west... basically Western Europe, the USA, Canada, Japan, Australia and NZ. And the west was at odds with the Soviet Bloc and Red China. The term "3rd world" referred to all the other nations that weren't part of the West or the Soviet Bloc.

      So Macedonia, Romania and Bulgaria would be part of the 2nd world, to the extent these terms retain any of their original meaning.

    • The 1st world is the west, the 2nd the (former) communist bloc (of which Macedonia was part of when it was part of Yugoslavia) and the 3rd, the poor countries of the world.

      I don't know enough about Macedonia to know whether there is a lot of fraud coming from there, however, I have very little faith in these commercial rating agencies. There is little incentive for them to do much research - it is much easier to just lump a small country on the list than to lower their profits by spending time and resourc
  • How is this any different than reality?

    The Internet is designed for enabling communication - it's not designed to ensure that everybody *WANTS* that communication!

    If an area is unpoliced, crime rates will rise. People who wish to conduct legitimate business will leave those unpoliced areas.

    Just because it's "the IntarWEB" doesn't mean the above rule changes any. If Macedonia/Mongolia/Outer Slobovia wants to be dealt with "fairly", they should police their own areas so that crime stops paying, like the ot
    • Intelligent people should be able to understand the difference between a nation or a group of people, and an individual. For some reason, idiots such as yourself are unable to grasp this simple fact. An individual internet user can't really do much, especially if the country is corrupt. And they certainly can't stop hackers from the outside world breaking into servers in that country.
      • An individual internet user can't really do much, especially if the country is corrupt. And they certainly can't stop hackers from the outside world breaking into servers in that country.

        Then why the hell should we give them access to our servers?! If the government is corrupt and the criminal element runs rampant, then you block them to protect yourself. It isn't "collective punishment" or any such bullshit. When >50% of transactions from a given country are fraud, it's decision time. When that numb
  • by PHPgawd (744675) on Sunday July 04, 2004 @02:57AM (#9604573)
    As an e-commerce player here on the Internet I'm ready to blacklist countries that do not adquately go after criminals, pure and simple.

    Sure, the USA might account for a lot of fraud because of the sheer Internet population here, but at least criminals here have at least some fear of getting prosecuted and thrown in jail. If a country doesn't enforce the law (or there isn't one there to enforce), then the entire country might as well be waging war on my servers.

    • This is about e-commerce fraud - so all that is needed is for e-commerce sites to refuse to ship to Macedonian addresses. This would enable Macedonian internet users to still use the Web, email, etc, but just not do e-commerce with such sites.

      Blocking the entire IP range is an extreme and stupid response considering it's so easy to just not do business with countries with high fraud rates.
    • Yeah, right - 90% if spam is to promote American products to American buyers. How many spammers have been jailed in America?

      The bible mentions something about getting the plank out of your own eye before trying to remove a splinter from someone else's. It is sound advice.

  • by jessemckinney (398160) on Sunday July 04, 2004 @03:02AM (#9604584)
    Africa is not a country. It is a continent.

    such as Africa, Nigeria, Macedonia, Colombia, etc..
  • I'm sorry for those that are caught in the Class A and B blocks of scammer/spammers. Your best bet is to appeal to the powers that be to get some IP space in the US that you can use for SMTP.

    It's best for us to wholesale blacklist IP space to shut down the Korean, Chinese and Russian scumbags. Sorry, but it has to be done. It's easier for you to negotiate separate IP space for SMTP servers, so don't whine about being blacklisted... it's an easily solveable problem.
  • A bit one-sided (Score:5, Insightful)

    by crucini (98210) on Sunday July 04, 2004 @03:05AM (#9604592)
    Both the article and the writeup wonder how "tiny macedonia" could be a big enough problem to blacklist. Surely Russia and Israel have more scams?

    What they're missing is that it's probably the ratio of fraudulent order volume to total order volume. It seems that the blacklisters are accusing Macedonia of too high a ratio of fraud.

    These complainers are failing to see the merchant's viewpoint. Fraud can really bite into profits. If I were starting an e-commerce business, I wouldn't ship to any questionable countries. Sorry to hurt anyone's feelings, but it doesn't make business sense.

    Sound like Macedonia needs to start catching and prosecuting the fraudsters, then publicize this fact to the e-commerce merchants.
  • by EvilTwinSkippy (112490) <yoda&etoyoc,com> on Sunday July 04, 2004 @03:10AM (#9604606) Homepage Journal
    I know that blacklists can be heavy handed, but Macedonia's reputation does preceed it.

    US Embasy Brief for Travelers [state.gov] To whit: Macedonia has a cash-based economy. The local currency is the denar. Few establishments accept dollars, credit cards or travelers' checks. Travelers are advised to avoid using credit cards due to numerous instances of credit card fraud.

    I realize the State Department may be parroting back the same biases as banks and such.

    A quick search for "+macedonia +fraud +crime" and "+macedonia +online +fraud" has it listed on almost every bank, shipping, and e-commerce site as a country to suspect. On most of the lists, it's third after Nigeria and Columbia.

    • by Ivan Todoroski (132826) <grnch@gmx.net> on Sunday July 04, 2004 @04:34AM (#9604832)
      It's my (slashdotted) country, you insensitive clod! :)

      Joking aside, you're not being insensitive at all, in fact you're quite right. My country's past reputation in this regard is anything but stellar. These days, however, things are incomparably better (new legislation, police much more alert to these types of crimes, etc.)

      I expect that as things get better and retailer's confidence rises, the name Macedonia will slowly disappear from those blacklists.

      Many online retailers don't accept credit cards from Macedonia for instance, instead requiring payment by direct wire transfer to a bank account. It's a real pain in the butt, as international wire transfers can add more than 30$ to the price you have to pay, so you have to group many things together in a single order, from a single shop, in order to not pay too much (shipping costs to here are already high enough).

      This limits the choice of things you can order online, as you can't just order different items from different places, the combined wire transfer fee for each order would be way too much, you have to make sure everything is in big orders from small number of places.

      Other than that, it's no big deal.
  • And I thought all this time I was surfing the 'World Wide' Web :/

    The definition of 'world wide' varies depending on whether you're from the USA or someplace else. Who was it, the Monty Python folks perhaps?, who remarked that the key difference between the US and England is that when England hosts an international sporting event, they invite other countries. Could the same be said for the "world" wide web? :-)

  • As a Macedonian... (Score:5, Interesting)

    by Ivan Todoroski (132826) <grnch@gmx.net> on Sunday July 04, 2004 @03:15AM (#9604625)
    I don't think I've noticed any of this blocking described in the article during my everyday surfing, and I do surf the web a lot. Can't say this really worries me.

    While I do agree that blocking ANY country (including the mentioned Russia, Israel, etc.) based on actions of a few individuals is utterly wrong, I think the article is a bit too alarmist and paranoid, especially the bit about this being the result of some kind of political conspiracy.

    So a few sites blocked Macedonian IPs, big deal. Various IP blocks get blocked all the time for various (sometimes wrong) reasons, and things usually work out when enough legitimate users complain. A tempest in a teapot...
    • by Ivan Todoroski (132826) <grnch@gmx.net> on Sunday July 04, 2004 @03:59AM (#9604755)
      The issue came to the public attention about 6-7 years ago (I think), when a bunch of teenagers "discovered" IRC CC trading channels, and got a hold of some stolen credit cards (and once you have a few, you can trade them with people on those channels to get more). They immediately shared them with their friends and started ordering all kinds of stuff online like CDs, watches, perfumes, eyeglasses, and what not, for them, their girlfriends, relatives, etc.

      Well, the customs officials noticed the unusual surge in that kind of merchandise coming from a small number of big online retailers, and stemmed the flow immediately.

      They would just keep the stuff at customs terminals, and notify the recipients that they should come pick it up. When a kid showed up, they simply asked for proof of order, and if it was ordered via credit card, they asked to see the actual credit card.

      If they failed to produce it, the police was notified (the idiots were ordering stuff to their home addresses), and some of the bigger offenders were brought in for interrogation etc. Nobody really got anything more than a slap on the wrist, as most of them were just kids, but it sure ended the massive ordering.

      I even remember even a few scary looking guys in suits with laptops at the university where I was studying then, they were going over the computer terminals and servers to extract logs of suspicious activity as some of the orders were coming from there. I later found out they were from the illegal trade department, which means somebody in the police took this very seriously.

      In any case, I was surprised at how quickly this was stopped and the responsible people identified, I didn't think the customs and police had any kind of tech savy people among them. :)

      On a related note, at about the same time software piracy was thriving in Macedonia, you could get a truck load of latest expensive software for a couple of dollars per CD.

      It was really bad, I even distinctly remember I was playing the final retail version of Quake 2 almost a whole WEEK before it was scheduled to appear in US stores :)

      Anyway, after some more incidents and complaints by foreign companies, the government really cracked down on this kind of thing a few years ago, and the legislation was slowly brought up to speed to include laws for online commerce, credit card fraud, etc.

      Things are very much under control now, but hey, bad reputation (admittedly well deserved) tends to follow you for a long time...
    • I would rather like to know just who (as in: which sites / organisations) are blocking these IPs.

      Name names, supply urls.

      As to using proxy servers (someone said the article suggested it but I did not find the reference), I would expect Macedonian computer magazines - if they exist - to carry suggestions. Some German ISPs routinely ban neo-nazi sites and those guys give very simple and detailed instructions on how to set up proxies so as to access their sites.
  • The good news is that, now that Macedonia is being blocked, you can post all sorts of wild flamebait about them without fear of moderation. Whee!

    Now if only I could think of something nasty to say about Macedonia.

  • by podo (648928) on Sunday July 04, 2004 @03:28AM (#9604653) Journal
    I feel I should point out that blacklisting an entire country is probably not as good an idea as it sounds, as it may just inadvertently set a dangerous precedent.

    Before starting my current job, I did some systems admiistration work for small ISPs here in South Africa. At one point last year, after long deliberations and searching for any other solutions we could find, we finally decided to blacklist seven U.S. ISPs, because of the never ending tidal wave of spam and worm attacks that originated from these. It worked.

    Following from this, I have often wondered about the possible effect of completely disconnecting the United States from the rest of the internet.

    Just think for a moment my fellow non-Americans, no more "legal" spam, no more pop-up adds that come from nowhere, because a hapless user clicked "Yes" somewhere, no more propaganda web sites telling us how wonderful they are and how bad we are, no more "you will use DRM because our laws say so, even though they are not your laws" attitude, no more open source projects being distributed with half the functionality removed, because it might infringe on some insignificant U.S. software patent, and someone from the States might download it, putting the author in violation of the patent, no more Carnivore servers reading every word I type as I compose this post, because I just might be saying something that could "endanger the interests or national security of the United States", ah, bliss...

    Since the introduction of the CAN-SPAM Act, spam, even non-compliant spam, has been increasing. American businesses seem to interpret the Act as a free license to spam everyone with impunity. Oh sure, the very large spammers eventually get shut down by multi-million dollar law suits filed under the Act by the very large American ISPs, but that really doesn't help the rest of the world, does it?

    We've all read the statistics about how China is such a large source of spam, but what the statistics fail to tell you is that this spam originates from Chinese companies, being payed by American spammers to do their dirty work. If spam from China could not reach the United States, because the United States isn't there in internet terms, there would be no point for the spammers to continue hiring the Chinese to do this for them, and spam from China would probably decline.

    I'm sorry if this hurts the feelings of all the American readers, but I feel I must point out that the rest of the Western world is getting very tired of your incessant moaning and paranoia.

    Inter-without-America-Net anyone? If they can justify doing this, so can we. ISPs of the world, blacklist with impunity!

    I realise that this post will probably get me flamed or even moderated into oblivion, but I think it does serve to illustrate an important point, of which even the United States should take heed.

    If the U.S. can justify blacklisting an entire country because of a minute security threat, do we, the rest of the world, not have more than sufficient justification to blacklist the entire United States?

    This is a dangerous door for the U.S. to open, and it swings both ways. Yes, blacklisting the entire U.S. does seem to be impractical, as we would probably loose most of the internet, but to be brutally honest, the only American web site I would miss is Slashdot.
    • If the U.S. can justify blacklisting an entire country because of a minute security threat, do we, the rest of the world, not have more than sufficient justification to blacklist the entire United States?

      That's something you'd need to decide for yourself. If you feel that the peril of doing business with the US outweighs the many advantages, then by all means, blacklist us. Of course, if we blacklist a country because of a "minute security threat," then odds are they have absolutely nothing to offer

    • by Sycraft-fu (314770) on Sunday July 04, 2004 @05:37AM (#9604935)
      You might want to learn a bit more about the US system, specifically regarding the Internet. Right now, despite what some of our leaders would like, the government does not run or control the Internet in this country. The Internet is run by a bunch of private corperations, public instutions, and so on. At the top level are big communications companies like AT&T. They sell bandwidth to smaller companies and so on until it reaches the consumer. The government actually buys connections from these providers. They do run their own networks, but for internal communication. When they want on the Internet, they get on it just like private ciizens.

      So, any and all blacklisting is done by companies and private citizens. If I run a mail server and determine that X netblock, which might be a whole country, is an endless source of problems, I ban it. The government does not tell me to do this or not to do this, that's not up to them. Same with an ISP. They may decide to ban netblocks/countries. Of course they do this at the risk of pissing off their subscribers. If they ban something they want to get to, that'll create backlash. They way the benefits against the risks.

      So please, don't get on the nationalist, anti-US kick. The US, as a nation, has NOTHING to do with this. It is companies and individuals excerising their rights in a free society. I have a right to choose who may and may not access my servers. For some servers, any may do so, for others, none but me.

      If you, as a South African ISP, want to blacklist the entire US, that is your right (I understand that you are supposed to be a free country as well). However I won't confuse that with the policy of the Sount African government. Also, don't be supprised if your subscribers leave since, at this point, a majority of the Internet still resided in the US (though that continues to change).

      I do get really tired of people from other countries blaming any view or action taken by a US citizen on the United States as a whole. Just because a minority in the KKK declares people of African descent to be inferior does NOT mean that is the official position of the US. It means that we have a right to free speech here, even if that speech is racist, stupid, and wrong.

      When the US government mandidates bans on other countries, then you come talk to me about US policy. When it's private individuals, blame them, not the US at large.
  • This is why black holing ip ranges is fucking lame. Legitimate traffic gets lost in the process. We all know Spam is a problem, but black holing large ranges only hurts people.

    We can be a little smarter then this, in this day and age.
    • ... to make them to get off their lazy asses and start cleaning up their networks.

      if you get spam from them, it's your problem, and they have zero incentive to do anything about it.

      however, if their customers are suddenly unable to reach you, then it becomes their problem and voila, suddenly they have a reason to finally dump their abusive customers and clean up their networks.

      blacklists are used because they work, and because they are the only things that do work. if network opterators werent so fucking
  • by achurch (201270) on Sunday July 04, 2004 @03:40AM (#9604699) Homepage

    The Internet still runs on protocols designed 20-30 years ago that rested on the assumption that everyone using the network could be trusted. As long as we stick with that assumption, we're going to have blacklists, spoofing, what-have-you. The trick is to not rely on the Internet for anything important.

  • by bogaboga (793279) on Sunday July 04, 2004 @04:01AM (#9604759)
    Let me say on the out-set: I am not impressed. Since when has Africa been a country? This is what I find wrong in the "Western" Press. When ever something about a country in Africa is being discussed, The word "Africa" is used instead of the country. Africa is a continent with more than 50 countries, each with different peoples. I will give an example of Uganda which with is 24 million people, has more than 40 tribes. Each of these tribes is different in itself. I sympathize with those that fall into the topic's fraud.
    As an African living in Canada, I hear Africa being lumped as a single entity when referring to a country in this vast place! Africa is unique in that it has climates ranging from temperate to tropical to semi-arid. Back to the point: I agree that this piece has been very very poorly written! But it's worth the read.
    • by The One and Only (691315) <[ten.hclewlihp] [ta] [lihp]> on Sunday July 04, 2004 @04:33AM (#9604831) Homepage
      It's a common shortcut for Westerners to talk about Africa instead of the separate unique countries. I'm not going to excuse it, but it's far from inexplicable. While Africa is certainly filled with many diverse and interesting countries and peoples, Westerners for the most part don't normally deal with single African countries because it's not usual for a single African country to come to our attention prominently.

      When they do, though, we do take notice. South Africa has a national identity to us thanks to the controversy over apartheid, Nigeria has a national identity to us thanks to the Nigerian scam (which is unfortunate, and according to a Nigerian lady I once spoke to is very bad for the country's reputation), and, in a more limited sense, Zimbabwe has a national identity to us thanks to Mugabe and the various controversies there. Rwanda and Sudan have come to Western attention due to genocides there. Egypt, Libya, and Morocco similarly have national identities to Westerners for similar reasons.
  • Who cares if this is the case. Personally, it makes no difference to me where information comes from... just that it comes.

    If this knocks out a country, city, or group of Trekkies, it makes no difference to me - all sources are the same on here. If theyre getting affected because theyre inconveniencing people, let them legislate then to fix it.
  • Anarchy (Score:4, Interesting)

    by ickoonite (639305) on Sunday July 04, 2004 @04:29AM (#9604822) Homepage
    As many a FOSS geek has argued, information wants to be free. The Internet is perhaps both the cause and effect of this little maxim. As has been noted elsewhere in the discussion, the protocols that make the Net are not particularly good at things like verification, authenticity, trust, etc. You know, all the things that are necessary in a cutthroat capitalist world...

    So if we take this anarchy as something of a fait accompli, then where we go from here kind of depends on where you stand on the issue of, well, free.

    I'm no anarchist, but country blacklisting seems a little over the top, a tad heavy-handed, if you will. Granted, these countries might produce more than a small amount of slurry, but that is the inherent problem with freedom - you might not like what comes out. It's like the people who get scared about Freenet [sourceforge.net] and the idea that child porn might travel over their wires. This might be a little of an extreme example but the point is the same.

    Not a few people have lamented that the problem with the Internet is it allows every man his voice - ugh, it sounds awful, doesn't it!? So democratic.

    I'm not pro-spam. Depending on my mood, I can ache for the pre-commercial glory days of the Internet. But this is what it is now - pig shit that we have to roll around in. I just don't think that anyone has the right to silence someone else's voice because of the actions of a third party.

    It's also interesting to note what a peculiar façade the Manufacturers Exporters Directory Global Worldwide Association [exportbureau.com], or whatever, is. Any site that uses Babelfish to offer translation is, in my book, seriously lacking in credibility. It is rather evocative of those irritating placeholder sites you sometimes get to when you type a URL slightly wrong. Furthermore, calling itself a bureau and using the eagle in its logo it downright misleading.

    I don't know where the Slashdot crowd stands on free speech, but the crock of shit we are discussing at the moment is not in a small part America-made. It's the World Wide Web, people. Don't forget that.

    iqu :(
    • Than you must support the freedom to blacklist. Remember we are NOT talking about the government doing it, that is different. We are talking about corperations, private bussinesses, and individuals doing it. If I am truly free I must be free to decide who I wish to associate with. Much as I am allowed to keeep people out of my house, or kick them out of my store, I must be allowed to block them from my server.

      People doing something is very different from a government doing something. If the government stop
    • Re:Anarchy (Score:3, Insightful)

      by mrchaotica (681592)
      Free speech means you can say anything you want. However, it doesn't mean I have to listen to it!
  • by fatmanone (772940) on Sunday July 04, 2004 @04:34AM (#9604833) Homepage
    I live in Romania and I am well aware of the aspects of fraud and all, but that is NOT the main business on the net here; we also are trying to develop the infrastructure in order to provide the necessary cultural links between the individuals and the rest of the world. We fight our way through with the old rugged "securitate"(read gestapo) service in order to provide some privacy for the user.
    You have no idea how difficult is to persuade a hacker to stop; in some cases we had to meet him in person and kick his ass.
    And now this. There are some reasons why the fraud is taking place through and in Romania; one is the goverment because they don't have the necessary expertise to deal with the issue; second is the general state of poverty (generated by the corrupt goverment as well).
    Of course you might say, it's your govt, deal with it, in the mean while you are blacklisted; but think about it: the net is the only viable way we can use to keep the people informed, to communicate to each other and all; and cutting us off will NOT lead to a fix, but to an even darker period for the people(read lemmings)
    We thought that the WWW did something good here : it helped people learn about freedom and decent living; and now, what's gonna happend? China style WWW? It tastes bad already;
    Back to 1947?
  • by CdBee (742846) on Sunday July 04, 2004 @04:36AM (#9604837)
    We're now arriving at a point where virus-infected users are booted off networks and told to clean their shit up, it's a logical extension that countries which can't police themselves suffer the same fate.

    Like the virused home-user PC, its a matter of local responsibility, having better safeguards means the Web community won't ever need to act against you. I hope Macedonia actually takes action to regain the trust of the world rather than just looking for ways to get around the blacklists and relays through foreign proxies.
  • Who uses this? (Score:3, Informative)

    by Torp (199297) on Sunday July 04, 2004 @05:08AM (#9604893)
    I live in Romania and i've been happily buying books from the US with a Mastercard for 5 years. Neither Amazon nor smaller specialized online bookstores seem to mind that I'm in Romania.

    I'm not interested in anything else since I'm not about to pay for international shipping for something i can buy from here anyway. Not to mention that having the warranty across an ocean is rather inconvenient.

    One decent measure of anti fraud protection i've met is stores refusing to ship anywhere except the card holder's address. Isn't that easily verifiable from inside a merchant account? Isn't that enough, instead of blocking?
  • by fmaxwell (249001) on Sunday July 04, 2004 @06:23AM (#9605005) Homepage Journal
    When a governments turns a blind eye to massive online credit card fraud, blacklisting is the best answer. Rather than bitching to the people who use blacklists, those affected should complain to their governments about the lax law enforcement that caused the situation. Merchants need to be able to complain to the Macedonian authorities about credit card fraud and have reasonable expectations that investigations and legal action will take place. Until/unless that happens, don't expect merchants to ship their goods off when collecting payment is a crap-shoot.

    If your neighborhood is filled with thugs, muggers, murderers, and thieves, don't whine to Dominoes when they won't deliver a pizza there. Clean up the neighborhood and then you can have your pizza.
  • by jhujoe (579368) on Sunday July 04, 2004 @06:31AM (#9605024)
    Problems like this are one of the driving forces behind the growing popularity of digital gold currencies, such as E-Gold [e-gold.com].

    For those who are not familiar with these... they allow anybody in the world to pay anybody else in the world a certain amount of gold. The actual gold sits in a vault (or actually several vaults across several locations on earth) and basically what gets exchanged is the rights to a fraction of that gold held in trust.

    There are several well established digital gold currencies now, with E-Gold being the oldest, running since 1996 I believe.

    One of the important distinctions between using E-gold as a payment system, and (say) credit cards, is that there are no chargebacks. That means that when a merchant receives payment, he is SURE that he has received REAL VALUE and not something that can be revoked.

    Because of this, digital gold has really been catching on for online commerce in a lot of locations worldwide where credit cards have not been traditionally used. Places such as India, Southeast Asia, the Middle East, Eastern Europe, and Africa are prime markets for digital currency. And personally, I think that western nations will really benefit from the birth of digital gold currencies as well.

    Lets face it: the whole western world banking system is terribly outdated, and as evidenced by the high incidence of online fraud, credit cards are not really a great solution for e-commerce.

    (Heck, even the Mozilla Foundation accepts E-Gold donations! [mozilla.org])

    And I haven't even begun to mention the privacy benefits, and the fact that gold retains its value much better than government issued fiat currency. This page [escapeartist.com] has a bunch of great links about the digital currency revolution...

  • I live in Romania (Score:3, Informative)

    by sniperu (585466) on Sunday July 04, 2004 @07:21AM (#9605173) Homepage

    I live in one of those countries that has been a long time favorite on all kinds of blacklists . Whell , to be onest , at first these was justified . I mean , about 6-8 years ago everybody new someone who was in the internet ordering business :) , and I don't think any bank was issueing international credit cards then . That was arround the time when cc generators actually worked .

    But now things changed quite a bit . First there's the minor issue of the local FBI bureu . Cc's are not that easy to obtain know , script kiddies are ceritainly out of the business . And if you're that good , you're probably haveing a well paid job admining something , or getting your visa . Script kiddies are now conning people on ebay , but if you think somebody on the other side of the planet is getting a good deal from you with shipping by AmericanExpress , taxes and all ... you pay for your naivity

    OTOH , this blacklist thing is not bothereing me much . I have my own card , nobody refused it by now (google , hosting companies , domain registars etc.) but i'm not buying anything that needs shipping . Godaddy.com blocked all of it's customers from here (without anounceing them first at least) , but i've asked my registar and they said they will do no such thing (keeping my fingers crossed) .

    The only thing that's really annoing is that paypal is not sending money over here , and WesternUnion's charges are huge , so working on rentacoder.com and such is not really a good deal .

  • Africa (Score:3, Funny)

    by Conanymous Award (597667) on Sunday July 04, 2004 @07:46AM (#9605254)
    ...high incidents of on-line fraud as well, such as Africa, Nigeria, Macedonia, Colombia, etc.

    Africa and Nigeria mentioned separately? Didn't know Africa is a country. You always learn something new at /.!
  • by bluethundr (562578) * on Sunday July 04, 2004 @09:48AM (#9605692) Homepage Journal
    'Pay close attention to shipping or contact addresses located in countries with a high reported incidence of online fraud and many e-commerce web sites have found a high incidents of on-line fraud as well, such as Africa...'

    News to me. I always thought of Africa as more a continent with a rich and diverse assortment of tapestries of culture. With great cultural variances within groups of cultures and subgroups within those groups and so on...

    This is pretty much the same for all indigenous peoples from all continents across the globe. The only reason we can think of the United States as having a sort of unified culture is because at critical junctures of forming our own identity as a people we had devised means of communication [telegraph-history.org] and transportation [si.edu] This is the reason that whether you go to Ann Arbor Michigan, Toms River NJ, Seattle, Southern California, Denver, (you name it) a suburb is a suburb is a suburb. All this had been done after we had already colonized this continent, which until then previously had previously as diverse a population of greatly differing cultures as any indigenous area of the globe.

    I remember going to Lollapolooza [lollapalooza.com] (lots o' poor losers) back in 93. Someone had a table setup with a sign above it reading "African Food"....'Hmm..wonder what that tastes like'. So, I wander over there and ask her what kind of 'African' food they meant. It was loud so she kind of shouted back at me...'IT'S...AFRICAN...FOOOD!'...(as if I couldn't read the big bold letters above her). 'Ah! I see! What KIND of African?'...'Nigerian'...'What kind of Nigerian? Yoruba [si.edu] or Ibo?' Which I later found out is more popularly known as Igbo [qub.ac.uk]. But you could have properly referred to the plate in front of me as either.

    This question really kind of floored her. And it shouldn't have. It really kind of annoys me when greatly divergent groups of people get lumped together like that. Just as it pisses me the fuck off when people speak of all Native Americans as if they were just "Indians" (as if there were quite literally no difference between a Lakota, a Navajo, a Lenape, a Choctaw, Oglala, Onendaga and and what have you)...it really pisses me off when people start speaking of Africa as if it were a "country". It's NOT!
  • by localman (111171) on Sunday July 04, 2004 @02:30PM (#9607638) Homepage
    One of the projects I've worked on for my current employer is fraud detection code.

    They must have lost the stats on fraud from Russia, Israel and the USA itself, because Macedonia's negligible internet population cannot possibly account for that much trouble

    It's not about numbers. It's about percentage. Sure, most of our fraud comes from the US, but it's a miniscule percentage of the US business. Whereas Indonesia accounts for a small percentage of fraud but nearly all indonesian orders are fraud.

    We did a lot of analysis to identify indicators and assign scores to them. Funny things turn up. Like we found that Florida had a very high fraud liklihood. So did the Bronx.

    Working with UPS we found that they do it by zip code. They keep tabs on how many shipments to each zip result in a missing package report, and then they won't drop off packages in those zip codes without a signature.

    If you didn't know how they arrived at the list of zips and looked them over you might think the company was being mean. But it would be foolish for a business to not use reasonable data like that to avoid trouble.

    Anyways...

A language that doesn't have everything is actually easier to program in than some that do. -- Dennis M. Ritchie

Working...