The Internet's Bad Neighborhoods 77
An anonymous reader writes "Of the 42,000 Internet Service Providers (ISPs) surveyed, just 20 were found to be responsible for nearly half of all the spamming IP addresses — and some ISPs have more than 60% of compromised hosts, mostly in Asia. Phishing Bad Neighborhoods, on the other hand, are mostly in the U.S. Also, there is a silent ticking 'spam' bomb in BRIC countries: if India would have the same Internet penetration rate as the United States while keeping its current ratio of malicious IP addresses, we would observe 200% more spamming IP addresses worldwide. These are just few of the striking results of an extensive study from the University of Twente, in The Netherlands, which scrutinizes the Internet Bad Neighborhoods to develop next-generation algorithms and solutions to better secure networks."
How is this news? (Score:3, Insightful)
Anybody who's worked at a datacenter has known this for years and years. And comparing them to bad neighbors is correct... if we didn't consider scope and the medium. It's a lot harder to police something that's not in physical form and is transitional, and A LOT harder when it's in a country you don't have jurisdiction over. Sure you could block these ISPs and in a lot of cases it makes sense, if your website is national, then it can save a lot of pain, but it's not the end all solution to spam.
Big surprise (Score:1, Insightful)
Other than the fact that something this obvious provided fodder for someone's PhD dissertation...
In summary the entire 245-page paper is an elaborate way of saying that blanket /24 IP range bans are an effective way of stopping spam. Oh, and that more people having computers connected to the internet in said "bad neighborhoods" will increase the amount of spam. Ladies and gentlemen, a new way to exclude developing nations from the Internet and look heroic while doing so.
Re:How is this news? (Score:5, Insightful)
Most of us don't work in datacenters.
I think this could easily become a huge issue. We are lucky that most phishing emails are of a very low standard and it's easy to spot the fakes.
I'm guessing that these developing countries don't take cyber crime to seriously at the moment, perhaps instead of governments pushing SOPA and and ACTA they could come up with agreements which will encourage BRIC nations to start cracking down on spammers before the problem gets out of hand.
Re:Break it down per capita (Score:4, Insightful)
As such, I would take the official numbers to be lies, until proven otherwise. Why? Because I have enough personal real-world experience in security to validate the implied raw numbers and invalidate the conclusions. That's why they'll never tell us enough to make up our own minds. Someone like me could prove in 5 minutes that all the conclusions are lies. So we only get false generalizations and, for all we know, 99.44% of Chinese attacks are false flag. Much like the claims that "an IP doesn't identify a person" in the copyright cases, the US is asserting that an IP from China is the government or an agent thereof. It could be a private Chinese citizen, or, more likely, someone from Russia or the US that runs a botnet.