Endangered Countries On The Internet
Vande writes "Balkanalysis.com has an article about Macedonia being driven towards internet extinction as a result of some blacklists, which also include Bulgaria and Romania. Namely, this poorly written quote from the 'export bureau' (non-gov org) states the reason for being blacklisted: 'Pay close attention to shipping or contact addresses located in countries with a high reported incidence of online fraud and many e-commerce web sites have found a high incidents of on-line fraud as well, such as Africa, Nigeria, Macedonia, Colombia, etc..' They must have lost the stats on fraud from Russia, Israel and the USA itself, because Macedonia's negligible internet population cannot possibly account for that much trouble. Cutting off an entire country only hurts the legitimate users. And I thought all this time I was surfing the 'World Wide' Web :/"
That said, I'd be unlikely to ship products to, say, Nigeria for obvious reasons. The web is a bit of a mess as far as security is concerned. And part of the issue is that countries don't enforce their own laws very stringently (e.g. sect 409 of the nigerian criminal code).
The Cheese Stands Alone.
Just this morning we cancelled 4 orders by the same person from Nigeria. UK billing address, Gambian delivery address, Nigeria IP address.
We lose more money to the US than Nigeria, but then the honest orders more than outweigh those. I can't recall a single order from Nigeria/Romania where the credit card was 100% clean.
If these countries want to get a positive reputation then they should place more real orders so that the clean orders outweight the fraudulent ones.
Another thing that is noticable, Indians in the UK have a very high level of fraud, whereas Indians, in India have a very low level of fraud.
I reckon its because they are displaced from their home country and don't feel any need to be honest.
I don't think I've noticed any of this blocking described in the article during my everyday surfing, and I do surf the web a lot. Can't say this really worries me.
While I do agree that blocking ANY country (including the mentioned Russia, Israel, etc.) based on actions of a few individuals is utterly wrong, I think the article is a bit too alarmist and paranoid, especially the bit about this being the result of some kind of political conspiracy.
So a few sites blocked Macedonian IPs, big deal. Various IP blocks get blocked all the time for various (sometimes wrong) reasons, and things usually work out when enough legitimate users complain. A tempest in a teapot...
One of the pieces of advice included blocking countries. If you tried to buy from eastern europe on our site, you'd get a "we're havng problems processing your transaction, please call customer support" error message. If the person called, we'd assume they were legit and white-list them.
Sucked for them, though, because of the long-distance call.
If ISPs in large contries refuse to play nice, they can face this. I have seen this with Wanadoo, a large French ISP. They just don't respond to abuse complaints, even if you get someone who speaks French to send them. They seem to have this "not our problem" attitude, leading to lots of abuse. Ok, well, if you aren't going to deal with it, the only solution may be to block them. Just how it goes.
UU.net went through this. They faced a Usenet Death Penalty (the inability for their entire network to use newsgroups) stemming from a refusal to deal with abuse.
Basically, ISPs need to take some responsibility for their users. Doesn't mean they need Orwellian monitoring, but if someone sends an abuse complaint, they need to look and see if it looks legit and, if so, ban the abuser. Otherwise they DO risk blacklists, regardless of nationaltiy.
If a certian netblock repeatedly tries to hack my systems, and the company/person in charge will not respond what can I do? I'm not going to sit and allow it, so my only option is a ban on the firewall.
We've even done this internal to the university. When Phatbot came out it spread pretty bad since so many people had shitty passwords. We had about 5 infections, all in research labs that wouldn't let us manage their systems (huge supprise). When it happened, we shut the lab's network connection off and wouldn't turn it back on until we had found the system and made them promise to keep it off the net until it was fixed. However some departments lack a good network staff, and let systems just get infected. Those that were non-responsive were just banned until we got confirmation they had cleaned their crap up.
Life in an unregulated world. Since there is no central body that controls who can and can't play, no net police to track down the bacd guys, if you misbehave, those you go after may just ban you and be done with it.
I have to use a proxy to browse Slashdot from my home connection (and had to do the same from my office connection for a while).
For some reason, Slashdot has decided to ban whole ranges from the biggest providers in Spain.
Right now, more than half of the Spanish internet population is banned from Slashdot. This was virtually the whole Spain for some time.
I've written several emails to Rob "CmdrTaco" Malda, only to receive a "hey, I'm sorry about that" and I still have to use a proxy.
You can read more about this here (Spanish)
One of the ranges cut off was Telefónica's Proxy-cache. This alone leaves out the majority of the Spanish internet population when it's incidentally turned on.