China and its Relation With Spam

smooth wombat writes "Asia Times has a nice article about why China is becoming the spam capital of the world. Steve Linford, of Spamhaus fame, is quoted several times in the article and offers some insight into how the Chinese ISPs operate. Steves quote at the end of the article pretty much sums up why China isn't doing anything to curb the hosting of spam website servers in the country: "They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government. Meanwhile, our statistics on spam volumes and the number of spammers setting up in China are going up and up and up.""

Well, okay...

[GillBates0]

But I was thinking more along the lines of Yummy Hot and Spicy Chinese Spam:

SPAM(TM) Hot & Spicy Stir-Fry
Makes 6 servings

Ingredients
1/3 cup reduced-sodium teriyaki sauce
1/3 cup water
2 to 3 teaspoons HOUSE OF TSANG® MONGOLIAN FIRE® Oil
1/2 teaspoon ground ginger
1 (12-ounce) can SPAM® Lite, cubed
1 cup broccoli florets
1 cup chopped onion
1 cup pea pods
1 red bell pepper, cut into strips
1 tablespoon plus 1-1/2 teaspoons vegetable oil
1 (14-ounce) can whole baby corn, drained and cut in half
1 (7-ounce) jar mushrooms, drained
6 cups hot cooked white rice

In small bowl, combine teriyaki sauce, water, Chinese hot oil and ginger; set aside. In wok or large skillet, stir-fry SPAM®, broccoli, onion, pea pods and bell pepper in vegetable oil 2 minutes. Add teriyaki sauce mixture; cook until bubbly. Add baby corn and mushrooms; heat thoroughly. Serve over rice.

Re:Well, okay...

[lowrydr310]

I prefer General Tso's Spam ...still haven't posted anything 'insightful' in three months as a registered slashdot user

Spam from Confusious

[teiresias]

Which is suprising considering the Government control on all things media.

From: Confusious
To: teiresias

Subject: Ancient Chinese Proverb

Body: "Increase your penis size with ginger root and secret ingredient. Act now and get a free webcam. Did I mention it make your wang huge!"

The source?

[AndyBassTbn]

Because of this, it is now meaningless to say that spam itself originates in any given place - it is truly a cyber-product.

No, I think the source has remained unchanged - the pocketbooks of those willing to actually pay for the schwag sold via SPAM email. As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

Re:The source?

[jxyama]

>As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

not quite. spam will exist as long there are advertisers who believe there are people who are willing to pay for junk stuff based on spam. advertizing - all it takes is the belief that it's doing something, at least until the money runs dry.

Governments

[Kipsaysso]

Ironically if the spammers make more money in China then the internet will be more profitable there then in a Capitalist society.

no mail of value

[lophophore]

I get no mail of any value from China. I don't know anybody there. So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks. It's amazing the effect that has had on what spam I actually see.

If everybody did this, it could become a real problem for the Chinese. (duh)

Re:no mail of value

[glesga_kiss]

I get no mail of any value from China. I don't know anybody there. So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks.

What if you had a friend traveling over there, that had to get in touch with you? Or someones company switches hosting to a .cn company. Or a mail gets relayed through a .cn mail server as the regular one is down for maintainence?

I guess you'll never know. Oh, your mom called; you didn't reply to her mail about the free first-class tickets she was going to send you to visit her; so you missed out.

Re:no mail of value

[dubl-u]

So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks.

I'm not willing to go that far, but I do assign a 1.5 point penalty (out of 5) to all Chinese and Korean IP space. It has made a substantial difference as spammers get smarter about skirting Bayesian filters.

Re:no mail of value

[Croaker]

What if you had a friend traveling over there, that had to get in touch with you?

Likely, that friend would use an internet cafe to connect to his/her hotmail or whatever account, and shoot of the email. The email would originate from the hotmail (or whoever) mail server, not from a chinese netblock. Not a problem.

Or someones company switches hosting to a .cn company.

The result is no different than if a company switches to an ISP that is known to be spam-friendly... they will usually get bounces stating "Your mail was refused because your subnet is blocked for spamming," or something similar. In which case, the company had best rethink its choice of ISP.

Or a mail gets relayed through a .cn mail server as the regular one is down for maintainence?

How often is mail rerouted these days? Especially to a server in a different country, likely on a different continent? I can't recall ever seeing this. Usually mail is held until the mail server comes back up. The mailserver going down is one of those things guaranteed to get the IT people awoken in the middle of the night, so its downtime isn't going to be long anyhow.

Oh, your mom called; you didn't reply to her mail about the free first-class tickets she was going to send you to visit her; so you missed out.

Any idiot who relies entirely on email for transmission of important information pretty much gets what he/she deserves when there's a snafu and the email is lost. That's why really important things, such as the "DMCA take down notices" sent out by lawyers are always sent both via email and snail mail.

Re:no mail of value

[kawika]

Try that in the IT department of WalMart. You'd be booted back to Dogpatch USA when they found out you blocked all the Chinese domains, cutting them off from every one of their suppliers!

Re:no mail of value

[Miara]

If everybody did this, it could become a real problem for the Chinese. (duh)

Hmmm.

Maybe that's what they want.

The Chinese government seems to be doing everything they can to make sure that people in China don't have access to any information that is potentially critical of their regime. This is easy to do with websites (including Google it seems) but somewhat harder with email.

If they allow spammers to run free though, and every admin in the west blacklists all .cn sites as a preventative mesure ... that severely hampers email exchanges between Chinese citizens and the rest of the world.

I wonder ...

Is there any reason accept mail from China?

[RealAlaskan]

Is there any reason not to ban all mail originating from (or relayed through) addresses in China? I supose that big universities have a lot of students who use email to keep in touch with family in China, but most ISPs could probably do this without any harm to their customers.

If you were willing to put some effort into it, you could combine it with a whitelist, which would allow your Chinese customers to get email from the old country.

Wait a minute ... effort, ISP ... those two don't go together. Ok, never mind about the whitelist.

The only way to go after spam

[hsmith]

is go after the companies that sell their products through spam. outlaw that as an advertising form, fine companies that advertise through them and you have your solution

Blocking Chinese IPs not always the solution

[hellfire]

Only two dozen posts in and I see half of them appear to suggest blocking email from China. This is a good individual solution on an ISP by ISP basis but not a good universal solution. Businesses have to deal with other businesses in China, and well there are plenty of families who legitimately want to email from China to the US and back.

Any solution that involves blocking everything from China won't work for everyone, and every solution that tries to selectively opt in or selectively block from China is a greater expense to set up.

Considering most of the spam originating from China is poured into the US, and the money's paid to the ISPs are money flowing from out of the US economy and into China's, I hardly think they will care any time soon.

Re:Why is this still an issue?

[r_cerq]

Yes, well, some of us do deal with Chinese, Taiwanese, Japanese, and other Asian companies.

In case you haven't noticed, most of our high-tech toys have at least a few taiwanese or chinese components in there; Most "modded" PC cases nowadays come from China; Many American and European manufacturers sub-contract asian assembly-lines.

And, obviously, they use e-mail to communicate with us Westerners.

Re:RBL

[Jucius+Maximus]

"Asia Times has a nice article about why China is becoming the spam capital of the world."

Funny, I thought almost all spam originated in the US (even though it is sent via Chinese webservers.) This is confirmed in the article, btw.

Solution? Bounce with the 550 power.

[Tackhead]

> "They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government.

550 - Thank you for your support of the steganographic communications payment protocol.
550 - Your continued support of Falun Dafa [Falun Gong] in the face of continued oppression from the butchers of Beijing is appreciated.
550 - The following token shall constitute both a receipt for your payment and a public key with which you may send your next message to your allies in the resistance.
550 - KEYBLOCK 6x5 F81IZ FOLG3 VOLSX CIOP3 F7JJ2 EYMNX

Now, is it my fault if my crontab edits the last line of that message to a different series of random characters every 30 seconds? Is it my fault if the owner of the spam-relaying machine is... dealt with... in the name of protecting his fellow citizens from mysticism and supersition?

Hmm, I suppose it is.

But hey, there's a critical shortage of corneal and kidney transplants. And a critical oversupply of server administrators who support spammers. I'm just the invisible hand of the market, smoothing out the discrepancies.

My standard response

[acceleriter]

to a Chinese originated spam or to a Chinese spamvertised website. Since they ignore reports and are happy to collect spammers' dollars, I figure the outside chance one might get a bullet to the head is the best that can be hoped for:

(first in probably very bad Chinese, thanks to Babelfish)

Dear Spamhaus,

You have won our promotion in the FREE TIBET, Falun Gong, Remember Tiananmen, rebellion against the Glorious Communist State Sweepstakes!

The number on the bullet (free to you, billed to your family), which will hopefully go through your head when the censors in your godless heathen illegitimate bastard country who can filter out everything except spam see this, is 7417.

Congratulations!

Re:Why is this still an issue?

[glesga_kiss]

I simply ban China and most other Asian countries at my router.

--

Ignorance is not bliss, it's annoying.

So, what's up with your sig then? Change your mind?

Honestly, I can't believe people even consider this approach. There are over 200 countries in the world, and I only know folk about 15-20 of them. Should I block the rest? Might suit for a home network, but I can't think of a multinational company that would block one of the largest population masses in the world.

Besides, most span I get is from the US, in English, selling US products, in US currency, to US people. I'd say the problem was at your end.

Re:Why is this still an issue?

[Todesmetall]

AFAICS this won't help to reduce the amount of spam you receive, since most of it comes from trojaned PCs with a broadband connection, these seem to be located mainly in the US, Europe and Latin America.

Your block will only prevent you from visiting the spammers' websites hosted by Chinese ISPs.

Here you go

http://www.okean.com/asianspamblocks.html - Detailed blocks so you get fewer innocents.

Re:Why is this still an issue?

[mcleodnine]

While that will prevent SPAM that originates in China, you may want to re-think your strategy.

According to this report, most of the spam comes from North America, with thanks to Zombie PCs.

Blocking China and other rogue IP space

In addition to blocking spam, we mod our /etc/hosts.allow to keep these systems from connecting to many services:

ALL:61.0.0.0/255.0.0.0:deny
ALL:62.0.0.0/255.0. 0.0:deny
ALL:80.0.0.0/255.0.0.0:deny
ALL:81.0.0. 0/255.0.0.0:deny
ALL:82.0.0.0/255.0.0.0:deny ..etc..

It's better to block, then individually authorize. Most of the Chinese IPs are not only spamming, but constantly probing for vulnerabilities in SSL, SSH, FTP and other services.

What goes around, comes around...

[Zocalo]

I pretty much have all of China (and a few other countries) blacklisted, in the case of China this is both at the .cn ccTLD domain and their IP allocations from APNIC. Yes, it's draconian, but I can (and do) permit specific IPs if need be and it keeps the spam *way* down. If enough people were to do this, especially at ISP level, then that's going to start having an impact of the ability of Chinese companies to trade with the rest of the world. Should that happen, how long do you think it would take for the Chinese government to take notice, and subsequently some action?

Of course, that's when the payback happens, because it's going to take more than a promise to be good to convince many admins to remove a blacklist entry, null route, or whatever. It basically boils down to a choice between quick money from dodgy spammers now, or long-term money from serious business investments further down the road. At the moment, it sure looks like the Japanese are the only ones that have really grasped the concept of long term business plans being better than cash now; tomorrow's problems belong to someone else.

Re:RBL

[glesga_kiss]

ergo there's no reason for ANY connection from china to pass our firewall.

How does that make anybody racist?

I never said it was, just not a good solution. I did say there will be predicable racist anti-everyone-who-is-not-white anglo-saxon-prodestant ramblings on this thread because it's about China.

And sadly, I'm proven right. Take a look around...

My recent spam anecdote

[tacocat]

This is all very interesting, and I was even thinking to just block the asian nations would solve a lot of spam. But then I realized that I don't get much spam from there.

Most of my spam, greater than 90%, comes from the zombied US DSL machines as proof of their addresses when trying to connect I believe a large portion of the spam that exists also links back to chinese websites, not delivered from chinese mail servers.

I recently turned on greylisting and all the viagra/herbal/biggus diccus stuff is 100% gone. Not one in a week, normally there are >30 per day. Now all my spam is from France and somewhere in Asia. But that's like 2 a day.

Link for China net blocks (and Korea, too)

[gammygator]

http://www.okean.com/thegoods.html

I thought someone might find the link useful.

How to get it

[A+nonymous+Coward]

Post your email address here. Offers will be coming soon.

You're on slashdot. Why don't you already know this?

Re:RBL

[hackstraw]

I run spamassassin, and I have a rule to score URLs that reverse back to Chinese or Korean netblocks.

Over 50% of the tagged spams hit this rule. Now if these mails were actually sent from China or Korea, that is a different story (and a different rule :). I know its a cheap and easy way to send spam from compromised Windows machines that can be located anywhere in the world, but many of these drone machines are probably sending mails from Chinese and Korean people.

Slashbot math lesson

[klipsch_gmx]

the people who are actually buying the crap is very small like 0.001% So that is 1 in a Thousand People who buy this stuff.

I salute you, sir.

Lily Tomlin said it best...

[Samrobb]

They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government.

"We don't care. We don't have to. We're the phone company."

- Lily Tomlin (as Ernestine the operator on SNL)

chinese spam? what chinese spam?

[Indy1]

I stop noticing Asia being a spam problem after this sucker got put into use.

http://mail.btfh.net/asia-spam.txt/

It's the ONLY solution for now.

[bani]

It's called behavior modification.

Right now, chinese ISPs simply don't give a shit. Because spam isn't "their" problem. You're the victim, not them. So why should they give a shit?

The only way to make them give a shit, is to make it their problem. By blocking all email from china, you force them to come to terms with the problem.

If their customers can't email anyone outside of china, and their customers start raising hell about it, maybe then they will finally start dumping the criminals from their networks.

Wasn't all that long ago that chinanet ran a lying autoresponder for abuse@chinanet that responded to every complaint with:

"In your SPAM eMail,I can't find the IP or the IP is not by my control.Please give me the correct IP.Thank you."

No wonder china gets blocked?

Until china's abusive attitude changes, they will become more and more widely blocked. They are hellbent on turning their entire country into a LAN, who are we to argue with them?

You misunderstand.

[pavon]

The spam is not comming from china - china is simply hosting the spammer's websites. Here is the spam ecology:

American spammers pay Russian crackers to write viruses. These viruses infect Windows machines across the world. The spammers use the zombie machines to send spam which link to websites hosted in China. This has been the prototypical arrangement for many years.

Re:Solution? Bounce with the 550 power.

[andfarm]

For what it's worth, the Chinese government treats Falun Dafa / Falun Gong the same way you'd expect to treat a militant group.

Re:Put the money where they belong!

[taustin]

Your post advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
(x) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(x) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
(x) Jurisdictional problems
(x) Unpopularity of weird new taxes
(x) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
(x) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
(x) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Solution? Bounce with the 550 power.

[taustin]

If spam is coming from their machine (and it is, in the scenario above), they are not innocent. They are either willfully participating, or so fucking stupid they shouldn't be allowed to breed.

Re:Solution? Bounce with the 550 power.

[bani]

554 is more powerful than 550:

554 5.7.1 thank you for your support of falun gong/free tibet now/free and democratic china.

I find the three pronged approach more satisfying. I might go for the four pronged approach and throw in taiwan eventually :)

Use The System Against Itselt ;-)

[ackthpt]

Have one of the chinese sites spam chinese addresses with seditious talk of democracy, human rights, freedom of speech, what a swell COUNTRY Taiwan is, etc.

May the ISPs live in interesting times...

Re:RBL

[hackstraw]

uridnsbl URIBL_CNKR cn-kr.blackholes.us TXT
body URIBL_CNKR eval:check_uridnsbl('URIBL_CNKR')
describe URIBL_CNKR Contains a URL listed in China/Korea
tflags URIBL_CNKR net
score URIBL_CNKR 2.5

For SA 3.x.

Re:Why is this still an issue?

[flynn_nrg]

I take you don't contribute to any large open source project then. For example, FreeBSD has several committers from Taiwan, China and other asian countries. It has developers from all over the world. By banning netblocks you're reducing the chance of ever getting in contact with people from those countries. Why?

Just today I've tried to answer a question on the freebsd-questions mailing list and the recipient's SMTP server has rejected my message because they use a stupid non-working dnsbl system that thinks my IP is dynamic.

I find it funny that this article talks about China, 90+% of the spam I get comes from residential DSL and Cable computers from... yes, USA. It's compromised Windows boxes that do the job these days, and there are thousands of them everywhere, not just in China and Korea.

Re:Why is this still an issue?

[Meostro]

Might suit for a home network, but I can't think of a multinational company that would block one of the largest population masses in the world.

How many multinational companies are there in the world versus the number of small businesses or national companies? I'd guess the number was quite small. If I sell left-handed widgets to the greater Topeka, KS area, why on earth would I ever want people from China, Brazil, or even Canada to send me e-mail?

Personally, I know people in exactly four countries, and I wouldn't lose any sleep over a default-deny rule for any ISP outside of those, primary domain contacts excepted (webmaster@, abuse@, etc.).

Also, if you R'dTFA, you would see that these are people from the US setting up business in China, because the US has started to crack down on spammers. China should do the same.

Suggested reply to chinese spammer....

[earthforce_1]

I suggest you reply to them in the following manner via a disposable email account:
--
Received your coded message. Operation "Rx Meds" is on track. Further supplies for Tibet liberation front will be delivered via usual contacts when in cases marked "Herbal Viagra" when payment in full received via cook island account.

Long live free Tibet!!
Long live Falun Gong!!

--

Rest assured, with all the net monitoring that goes on, their government WILL put him out of business, or at least you will keep him up at night waiting for a knock on the door.

blocks to boycotts

[rodentia]

Why not consider raising the bar. Rather than firewall Chinese IP blocks, make it a boycott. Block all traffic originating in China. Publicize it and while you're at it, boycott Cisco, Oracle, Bill Clinton and all the freedom loving US corporations and politicians that enabled the Great Firewall of China. Put those bastards behind a global TCP/IP boycott and we can move them off their totalitarian ways right quick.

Should take about a week or two, by my reckoning.

Fight back with sendmail

[Matt+Perry]

Add this to sendmail.mc:

# Really give the Chinese Spammers a mouthful...
changequote([[,]])dnl
define([[confSMTP_LOGIN_MSG]], [[EFGIC: U.S. Congress Condemns China's Oppression of Falun Gong on\nU.S. Soil and in China\n\nHouse Concurrent Resolution 304 calls on China's agents in\n the United States to halt all operations being carried out against\n practitioners of Falun Gong on United States' soil, as well as the brutal\n persecution of millions inside China.\n\nLONDON (EFGIC) - Last week, the US Congress introduced a concurrent\n resolution calling on the Chinese government to end its brutal\n persecution of Falun Gong in China and stop all activities against Falun\n Gong practitioners inside the United States.\n House Concurrent Resolution 304 (full text), introduced by Congresswoman\n Ros-Lehtinen of Florida, references China's own constitution and\n international human rights accords in calling for China to uphold\n freedom of belief, assembly, and speech for the millions of Falun Gong\n practitioners in Mainland China.\n Resolution 304 also specifically mentioned section 401(a)(1)(B) of the\n International Religious Freedom Act of 1998 (22 U.S.C. 6401(a)(1)(B)):\n \"Whereas the Constitution of the United States guarantees freedom of\n religion, the right to assemble, and the right to speak freely, and the\n people of the United States strongly value protecting the ability of all\n people to live without fear and in accordance with their personal\n beliefs...\"\n Harassment, libel, and imprisonment have been widespread in\n Jiang Zemin's four-year campaign to eradicate Falun Gong. Torture and\n abuse in custody have led to thousands of wrongful deaths.\n]])dnl
changequote(`,')dnl

Re:Why is this still an issue?

[razmaspaz]

Ignorance is not bliss, it's annoying.

So, what's up with your sig then? Change your mind?

I don't think this ignorant at all. It is capitalism and the "Invisible Hand" at its best. I do not want to lump slashdot into a single minded entity, but I am amazed at the GENERAL feeling on Slashdot that Evil Corporations who choose to be bad citizens and pollute and act unethically should be boycotted and should not recieve patronage, but when someone proposes doing the same to a government which is being a bad Internet citizen, they are attacked. If China chooses to Abuse the Internet it will face consequences and will suffer from market forces blocking its access to information and commerce. Only righting this injustice will restore their rights in the Internet domain. Further proof taht the Internet will regulate itself. We should be so lucky!

Re:Spam Originating In Asia

[CritterNYC]

I have partial blocks in 202. because some of those IPs are in Australia and New Zealand and not spammy.

Quite right, which is one great reason not to use wholesale blocks without understanding them. I'm more of a fan of using some of the blackholes.us country-based lists to block China, etc than full IP blocks is someone wants to block certain countries.

Re:Put the money where they belong!

[taustin]

I left out one item:

[x] You are an idiot. Report for sterlization immediately. Bring any living children with you.

There was an article a little while ago.

[khasim]

Comparing the attacks on various systems.

Win2K was cracked almost instantly.

Win2K + sp2 was not.

The Linux box was attacked about twice an hour.

Un-advertised boxes, located by simple scans.

yes, but ease isn't necessarily that much of an issue, if %90 of the market were Linux machines, no one would care to crack Windows workstations at all, if the majority of the machines were harder to crack, they'd try harder to crack the majority of machines.

Yes, I see your point. That is why every bank is robbed every day.

It isn't about trying, it's about succeeding.

A good security model means that they don't succeed.

These things are created solely to infect as many as possible, that's their whole motivation.

And if they don't infect the machines, so what?

you may eliminate a few spammers from the field, but the more dedicated and knowlegeable pushers of such trash could quite possibly increase their gains through the heavier difficulty and lack of competition.

Look at the statistics for Apache deployment vs IIS. Yet Apache systems are cracked less than IIS/Windows boxes.

The real world does not seem to reflect your claims.

I'm not assuming that at all, but show me a totally flawless operating system and gladly eat my words.

Nice try. No one said Linux was flawless.

But it doesn't have to be flawless to be better than Windows.

And better means fewer compromises.

To assume that they wouldn't adapt to different bugs and vulnerabilities is naive. Security can be improved, but so can cracking.

Again, you've just stated that there is no such thing as "Security".

No matter how much effort is put into Security, you believe that it will be cracked and that it will be cracked as often as insecure systems are.

Yet, strangely enough, every bank is not robbed every day even though they have lots of money in them and lots of people going into them.

All you see is Marketshare.

Marketshare != Security

Re:Why is this still an issue?

[1u3hr]

Evil Corporations who choose to be bad citizens and pollute and act unethically should be boycotted and should not recieve patronage, but when someone proposes doing the same to a government which is being a bad Internet citizen, they are attacked.

But you're NOT doing it to the Chinese government, but to ordinary people like me, who live in Hong Kong, thousands of miles away from the ISPs in Beijing and Henan, to which I have no relation or control. Go picket the Chinese embassy if you want them to pay attention. Kicking me around does nothing to stop spam. Go to FLorida and stop the cunts who actually origiante the spam (95% of the pam I get is from America).

Re:Why is this still an issue?

[h0tblack]

And according to http://www.spamhaus.org/ which the top source of spam, above China, is still the US.
China may be the biggest in terms of the market for zombie-pc network lists and does have a huge growing market for hosting spammers sites, but whose paying for these services? Most of the spam is still from a few westerners (url:http://www.spamhaus.org/rokso/) most of whom are American's.

Re:Why is this still an issue?

[razmaspaz]

While I can not begin to know the complexity of the situation you face in China and your inability ot affect your govenrment, I do know this. While 95% of the spam I get comes from the US, 99% of the traffic I get from China is Spam. I will block the 95% of SPAM coming from Florida, but I will also make an effort to drop Chinese traffic becuase I am 99% sure that it is SPAM. Whereas something from Florida, while potentially SPAM is maybe 1% likely to be SPAM.

This is going to sound horribly curelgiven my relative freedom and your relative lack thereof, but if you don't like the fact that your government won't play nice, get a new one!