Endangered Countries On The Internet 475
Vande writes "Balkanalysis.com has an article about Macedonia being driven towards internet extinction as a result of some blacklists, which also include Bulgaria and Romania. Namely, this poorly written quote from the 'export bureau' (non-gov org) states the reason for being blacklisted: 'Pay close attention to shipping or contact addresses located in countries with a high reported incidence of online fraud and many e-commerce web sites have found a high incidents of on-line fraud as well, such as Africa, Nigeria, Macedonia, Colombia, etc..' They must have lost the stats on fraud from Russia, Israel and the USA itself, because Macedonia's negligible internet population cannot possibly account for that much trouble. Cutting off an entire country only hurts the legitimate users. And I thought all this time I was surfing the 'World Wide' Web :/"
easy work around (Score:4, Interesting)
use a proxy located somewhere else
Out of curiosity (Score:0, Interesting)
This isn't gonna work in the long-run (Score:5, Interesting)
That said, I'd be unlikely to ship products to, say, Nigeria for obvious reasons. The web is a bit of a mess as far as security is concerned. And part of the issue is that countries don't enforce their own laws very stringently (e.g. sect 409 of the nigerian criminal code).
Protecting Legitimate Users (Score:3, Interesting)
That's not true. Cutting off entire countries is never done to hurt legitimate users, it is done to protect legitimate users. The legitimate users just don't happen to be in the countries that are cut off.
When 100% of the traffic received from a large netblock is undesirable for a long enough period of time, any reasonable person will eventually add firewall rules or blocklist entries to solve the problem.
Perhaps if the governments of and companies within the countries that tend to generate or relay far more illegitimate traffic had any interest in protecting their ability to communicate digitally with the rest of the world, they would do something about it. As things stand with certain massive netblocks that have sent me nothing but spam, viruses, phishing attempts, and 419 scams for several years, I am willing to risk losing one or two legitimate contacts in favor of eliminating thousands upon thousands of undesirable contacts.
I run an online store (Score:5, Interesting)
We lose more money to the US than Nigeria, but then the honest orders more than outweigh those. I can't recall a single order from Nigeria/Romania where the credit card was 100% clean.
If these countries want to get a positive reputation then they should place more real orders so that the clean orders outweight the fraudulent ones.
Another thing that is noticable, Indians in the UK have a very high level of fraud, whereas Indians, in India have a very low level of fraud.
I reckon its because they are displaced from their home country and don't feel any need to be honest.
Re:Foreign ISPs (Score:4, Interesting)
Right, as if using the internet wasn't expensive enough already, you're going to be dialing international to a hypothetical ISP that has no qualms about selling accounts to foreign countries? The other issue is payment - Mastercard?
I'd be surprised if at least some blacklists didn't include the IPs of those anon. proxies too.
Sure, they can work around it, but seriously... that'd just suck.
Re:This isn't gonna work in the long-run (Score:5, Interesting)
RTFA -- it's not email that's being blocked, but web access. Living in Hong Kong, for instance, I occasionally click on a link to find myself greeted by "440 Your country is blocked because of traffic reasons". Other times the page just never loads, leaving me unsure of the reason, though suspicious.
Re:Foreign ISPs (Score:4, Interesting)
If you have a problem with Internet users from some country, why not help the country fight them? It's not like these countries want to host spammers, scammers and fraudsters. They only do so because they don't have the means to fight them. If you don't care enough to help them, put up with the crime. If you can't put up with the crime, help fight it. There is no excuse for locking innocent users out of the Internet, and laziness/stinginess is a particularly selfish one.
As a Macedonian... (Score:5, Interesting)
While I do agree that blocking ANY country (including the mentioned Russia, Israel, etc.) based on actions of a few individuals is utterly wrong, I think the article is a bit too alarmist and paranoid, especially the bit about this being the result of some kind of political conspiracy.
So a few sites blocked Macedonian IPs, big deal. Various IP blocks get blocked all the time for various (sometimes wrong) reasons, and things usually work out when enough legitimate users complain. A tempest in a teapot...
Re:Eastern Europe too.. (Score:5, Interesting)
One of the pieces of advice included blocking countries. If you tried to buy from eastern europe on our site, you'd get a "we're havng problems processing your transaction, please call customer support" error message. If the person called, we'd assume they were legit and white-list them.
Sucked for them, though, because of the long-distance call.
It's not like it's limited to countries either (Score:5, Interesting)
UU.net went through this. They faced a Usenet Death Penalty (the inability for their entire network to use newsgroups) stemming from a refusal to deal with abuse.
Basically, ISPs need to take some responsibility for their users. Doesn't mean they need Orwellian monitoring, but if someone sends an abuse complaint, they need to look and see if it looks legit and, if so, ban the abuser. Otherwise they DO risk blacklists, regardless of nationaltiy.
If a certian netblock repeatedly tries to hack my systems, and the company/person in charge will not respond what can I do? I'm not going to sit and allow it, so my only option is a ban on the firewall.
We've even done this internal to the university. When Phatbot came out it spread pretty bad since so many people had shitty passwords. We had about 5 infections, all in research labs that wouldn't let us manage their systems (huge supprise). When it happened, we shut the lab's network connection off and wouldn't turn it back on until we had found the system and made them promise to keep it off the net until it was fixed. However some departments lack a good network staff, and let systems just get infected. Those that were non-responsive were just banned until we got confirmation they had cleaned their crap up.
Life in an unregulated world. Since there is no central body that controls who can and can't play, no net police to track down the bacd guys, if you misbehave, those you go after may just ban you and be done with it.
yeah, I know. (Score:3, Interesting)
It bugged me, because another friend of mine was saying that Russians didn't wear t-shirts with funny sayings, and if he got an order from Russia, I would have irrefutable proof she was wrong!
Re:Protecting Legitimate Users (Score:3, Interesting)
Not just 100% - when a large proportion of the traffic is undesirable (i.e. when it's losing you more than you're gaining by allowing it) then you'll block the netblock.
At the start of the year, my website was being log spammed by someone using a dynamic IP address in the 213.23.0.0/16 and 82.82.0.0/16 netblocks. They were pulling several gigabytes of data off my site each week to get in my referrer logs (which aren't even published to search engines). I emailed the ISP's abuse address and got absolutely no reply - they just weren't interested at all. Since the log spammer is on a dynamic address, I can't just block that user - I have had to firewall out both
There are 2 people at fault here:
1. The log spammer
2. The ISP for not caring
As far as I can see, in the situations where an entire country is blocked, there are 3 people at fault:
1. The fraudster/spammer/whatever
2. The ISP who don't care
3. The country's government/law enforcement people who don't care
There are innocent people hurt in the process, but the people being hurt have no choice - those innocent bystanders who are caught in the crossfire need to put pressure on their ISPs and government to resolve the problem.
Anarchy (Score:4, Interesting)
So if we take this anarchy as something of a fait accompli, then where we go from here kind of depends on where you stand on the issue of, well, free.
I'm no anarchist, but country blacklisting seems a little over the top, a tad heavy-handed, if you will. Granted, these countries might produce more than a small amount of slurry, but that is the inherent problem with freedom - you might not like what comes out. It's like the people who get scared about Freenet [sourceforge.net] and the idea that child porn might travel over their wires. This might be a little of an extreme example but the point is the same.
Not a few people have lamented that the problem with the Internet is it allows every man his voice - ugh, it sounds awful, doesn't it!? So democratic.
I'm not pro-spam. Depending on my mood, I can ache for the pre-commercial glory days of the Internet. But this is what it is now - pig shit that we have to roll around in. I just don't think that anyone has the right to silence someone else's voice because of the actions of a third party.
It's also interesting to note what a peculiar façade the Manufacturers Exporters Directory Global Worldwide Association [exportbureau.com], or whatever, is. Any site that uses Babelfish to offer translation is, in my book, seriously lacking in credibility. It is rather evocative of those irritating placeholder sites you sometimes get to when you type a URL slightly wrong. Furthermore, calling itself a bureau and using the eagle in its logo it downright misleading.
I don't know where the Slashdot crowd stands on free speech, but the crock of shit we are discussing at the moment is not in a small part America-made. It's the World Wide Web, people. Don't forget that.
iqu
Re:The door swings both ways... (Score:3, Interesting)
Me, I'm not a fan of this, because it seems the goal is to protect those too dumb or careless to protect themselves. But that's one of the big goals of government, especially outside the US, so it's a point you might appreciate.
Re:I run an online store (Score:4, Interesting)
I am a Romanian who has ordered 7k$ worth of electronics from B&H in the last year. Unlike your store, they are cool because they checked my billing and shipping address at the credit card issuing bank, thus clearing me to make orders when I like. And I just might place another big order soon. I'm so sorry your store can't possibly have me as a customer. :-)
You made your own bed, now sleep in it. A simple bank inquiry should be enough to clear legit customers, but you seem to be just too lazy to bother, I guess.
Well, Hurah for B&H! That's the way to go.
Blacklists are endangering EMAIL itself! (Score:1, Interesting)
Just a quick look at the kind of things that are black listed should make anyone cringe, I'm not talking about the topic at hand, heck small countries have no hope of surviving if big counrties like Australia, or the UK have significant portions of their Internet blatently blacklisted!
For example, their respective largest ISP's Telstra and BT are both blacklisted! apparently they are "only" dynamic ip black lists, of course what many "intelligent" people in charge of these black lists dont realise is that these ISP's allocate their STATIC IP's DYNAMICALLY. So who cares? Well 45% (figure made up based on Telstra's market capitalisation) of Australian small businesses or some equally significant number of Brittish small companies have endless problems that they cannot afford to deal with!
It is a daily issue for myself as an engineer for a large outsourcer in London, I used to be able to say email is a reliable system, your message is generally either delivered or you get a NDR. Today you just dont know..
Digital Gold Currencies (Score:3, Interesting)
For those who are not familiar with these... they allow anybody in the world to pay anybody else in the world a certain amount of gold. The actual gold sits in a vault (or actually several vaults across several locations on earth) and basically what gets exchanged is the rights to a fraction of that gold held in trust.
There are several well established digital gold currencies now, with E-Gold being the oldest, running since 1996 I believe.
One of the important distinctions between using E-gold as a payment system, and (say) credit cards, is that there are no chargebacks. That means that when a merchant receives payment, he is SURE that he has received REAL VALUE and not something that can be revoked.
Because of this, digital gold has really been catching on for online commerce in a lot of locations worldwide where credit cards have not been traditionally used. Places such as India, Southeast Asia, the Middle East, Eastern Europe, and Africa are prime markets for digital currency. And personally, I think that western nations will really benefit from the birth of digital gold currencies as well.
Lets face it: the whole western world banking system is terribly outdated, and as evidenced by the high incidence of online fraud, credit cards are not really a great solution for e-commerce.
(Heck, even the Mozilla Foundation accepts E-Gold donations! [mozilla.org])
And I haven't even begun to mention the privacy benefits, and the fact that gold retains its value much better than government issued fiat currency. This page [escapeartist.com] has a bunch of great links about the digital currency revolution...
hmmmmm I think you are missing the point (Score:4, Interesting)
He tried several different aproaches and nothing worked, to make the story short. Finally he contacted me, in the US. I paid for the books with my paypal, made the seller ship them to his home and he wired me the money.
A big pain in the butt, just for a couple of books if you ask me
Slashdot too (Score:5, Interesting)
For some reason, Slashdot has decided to ban whole ranges from the biggest providers in Spain.
Right now, more than half of the Spanish internet population is banned from Slashdot. This was virtually the whole Spain for some time.
I've written several emails to Rob "CmdrTaco" Malda, only to receive a "hey, I'm sorry about that" and I still have to use a proxy.
You can read more about this here (Spanish) [barrapunto.com]
One of the ranges cut off was Telefónica's Proxy-cache. This alone leaves out the majority of the Spanish internet population when it's incidentally turned on.
Re:Slashdot too (Score:5, Interesting)
Re:I run an online store (Score:1, Interesting)
As a builder of fraud detection code (Score:4, Interesting)
They must have lost the stats on fraud from Russia, Israel and the USA itself, because Macedonia's negligible internet population cannot possibly account for that much trouble
It's not about numbers. It's about percentage. Sure, most of our fraud comes from the US, but it's a miniscule percentage of the US business. Whereas Indonesia accounts for a small percentage of fraud but nearly all indonesian orders are fraud.
We did a lot of analysis to identify indicators and assign scores to them. Funny things turn up. Like we found that Florida had a very high fraud liklihood. So did the Bronx.
Working with UPS we found that they do it by zip code. They keep tabs on how many shipments to each zip result in a missing package report, and then they won't drop off packages in those zip codes without a signature.
If you didn't know how they arrived at the list of zips and looked them over you might think the company was being mean. But it would be foolish for a business to not use reasonable data like that to avoid trouble.
Anyways...
It's the ratio! (Score:1, Interesting)
Now that everyone has complained about the "hypocracy" of the West, sit back and think for a minute: it's the RATIO of fraud that's the problem, not the total incidence. If there are 1,000 incidents of internet fraud in the US per day and 5 incidents of fraud in Macedonia each day, it looks like the US should be blacklisted, not Macedonia, right? Wrong. The US has a lot of internet orders. Throwing out some made-up numbers, we might say that 1% of US internet orders are fraud and 50% of Macedonia orders are fraud. Under those numbers, if I were a business, I would avoid Macedonia, but not the US because it the RATIO of internet fraud that's the problem -- not the total number. If you ship 1000 orders to the US, you'd have a LOT of real orders that would help you pay for the fraud. But 1000 orders to Macedonia would bankrupt you because you'd never have enough legitimate orders to pay for the fraudulent ones. Why is Macedonia's numbers so high? Maybe because the government doesn't care much about cracking down on internet fraud. And just as an FYI, "Macedonia's negligible internet population cannot possibly account for that much trouble" is non-logic when you realize that it's the ratio of fraud, not the total incidence of fraud. The fact that Macedonia has a small internet population would actually accentuate the degree of fraud because it means a small number of criminals could easily skew the ratio of internet crime to epic proportions!