Slashdot Mirror

← Back to Stories (view on slashdot.org)

Congress May Require ISPs To Block Certain Fraud Sites

Posted by Soulskill on from the just-getting-warmed-up dept.

FutureDomain writes "A bill which just passed the House Financial Services Committee would require Internet Service Providers to block access to sites hosting financial scams that pose as members of the government-backed Securities Investor Protection Corporation (SIPC). The bill, called the Investor Protection Act and sponsored by Paul Kanjorski (D-PA), is broad enough to block not only websites, but email and any other 'electronic material.' 'Internet providers are also worried that Kanjorski's requirement — and the accompanying civil penalties and injunctions — would apply even if the blocking is not technically feasible.'"

39 of 180 comments (clear)

  1. good or bad? by MeatBag+PussRocket · · Score: 3, Insightful

    on the surface i see this as good, nobody likes being scammed, but things always get out of hand and this i fear may start down a slippery slope of censorship.

    and i'd really miss all the Nigerian prince jokes.

    --
    i wage a holy war against the apostrophe.
    1. Re:good or bad? by DustyShadow · · Score: 4, Insightful

      Won't be long before "fraud sites" = "copyright infringement" sites. Who is behind this?

    2. Re:good or bad? by kungfugleek · · Score: 5, Insightful

      When they came for the fraud sites, I did not speak up because I was not a fraud site....

    3. Re:good or bad? by FlyingBishop · · Score: 2, Funny

      TFA has an addendum that basically says the congressman that introduced the provision didn't understand the implications of what he wrote, and is planning on revising it based on input from the industry.

      By the industry, I'm fairly sure he means us, not the RIAA.

    4. Re:good or bad? by orsty3001 · · Score: 4, Insightful

      I was just thinking it won't be long before the interpretation of the term fraud site is twisted into something else. We all know how the government handles the interpretation of laws. Just look at the tax code.

    5. Re:good or bad? by relguj9 · · Score: 3, Interesting

      I know I'm not the only one who FREAKING HATES the idea of bureaucrats making decisions on this shit about which they have NO IDEA what they are talking about.

      Argh, I know it's happened and will happen for years, but I hate hate hate it. They need to make a board of legitimate professionals in the industry who know WTF they are talking about to come up with any regulations that might be made.

    6. Re:good or bad? by FlyingBishop · · Score: 5, Informative

      I don't think you have a proper understanding of what a bureaucrat is. A congressman is not a bureaucrat. A bureaucrat is a member of the treasury department (and the treasury wisely included no such provision as this in their bill.)

      A bureaucrat is also a member of ICANN or the FCC, the former of which has regulated the Internet so well that most people aren't even aware of its regulatory authority. The latter has demonstrated such a thoughtful and intelligent understanding of the issues at play that the ISPs have tried to smash the FCC down before it manages to rein in the ISPs' flagrant abuses of power.

      Bureaucrats who have no idea what they're talking about are terrible things. However, if you look around you'll find most bureaucrats know exactly what they're talking about. It's the politicians you need to watch out for.

    7. Re:good or bad? by morgauxo · · Score: 2

      The people would never elect someone who knows what they are talking about.
      Appointees have no accountability.
      So who do you recommend and how do we get them into power?

    8. Re:good or bad? by kungfugleek · · Score: 2, Interesting

      Actually I was just excited at the chance to use an internet meme before someone else did. I was going more for a facetious/sarcastic thing. And to maybe make a point that you can abuse that phrase to dissuade people from outlawing almost anything. For example, "When they came for the rapists, I did not speak up because I was not a rapist." But in the end, it's probably best to forget that I said anything!

    9. Re:good or bad? by noundi · · Score: 4, Insightful

      Won't be long before "fraud sites" = "copyright infringement" sites. Who is behind this?

      You know, an easy and proper way to handle this would be to have a governmental entity maintain a blocklist which ordinary citizens can optionally install/use/turn on/turn off (with some easy to use software). See it like a seatbelt (I know the seatbelt is required by law in some countries but in this case it doesn't kill you to not use it) which you can switch on and off. This would be an excellent example of the government aiding the public instead of dictating the public. Those of us who know what we're getting ourselves into when we turn it off of never install it can choose freely, and those who don't bother to learn can fallback on this solution -- free to anytime educate themselves and turn it off.
      This way the government offers a safe choice (with whatever blocked content, be it copyright infringement or not) yet is liberal enough to let you decide in the end. If you get "hurt", then you're to blame for deliberately turning it off while being uninformed. And the rest of us get to keep the net undictated. At the end of the day the friction is between people who know what they're doing and want to be free to do what they consider to be the best way to utilize the net, and those who don't know what they're doing that are in need of this type of protection.

      --
      I am the lawn!
    10. Re:good or bad? by TheRaven64 · · Score: 3, Insightful

      Pick someone at random and let them run the country until they resign. If they are sufficiently incompetent, shoot them. If they resign without being shot, give them a large pension, proportional to how well they did their job and how long they lasted in office.

      --
      I am TheRaven on Soylent News
  2. OpenDNS by LinuxIsGarbage · · Score: 2, Informative

    http://www.opendns.com/

    1. Re:OpenDNS by stonedcat · · Score: 5, Insightful

      You realize of course we'd also have to stop people from using dangerous third party dns services for their own protection..

      --
      You can't take the sky from me.
    2. Re:OpenDNS by commodore64_love · · Score: 3, Interesting

      Well I for one am extremely happy with this bill, and all the previous actions of Clinton, Bush, and Obama.

      Their ever-increasingly central control via government of private citizens' lives, homes, and communications will make it MUCH easier for me. I and my brownshirts will be able to sweep-in to the Congress, declare emergency powers, turn-off the communication networks, and consolidate power with ease. Thank you Bill, George and Barak.

      Signed,
      Napoleon the X

      EXAMPLE: Man detained by U.S. government because he was carrying $4000 in cash from St.Louis to Arlington Virginia - http://www.youtube.com/watch?v=XMB6L487LHM

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    3. Re:OpenDNS by HeronBlademaster · · Score: 2, Insightful

      They hijack NXDOMAIN results to provide ads.

      You know you can turn that off, right? It takes all of thirty seconds.

      As for this claim:

      They censor certain domains and redirect others.

      ... I've never seen that happen while using OpenDNS, so I don't know what you're talking about. You can deliberately enable content filtering, but that's opt-in; by default it lets everything through.

      So... what domains does OpenDNS routinely censor or redirect without permission? Do you know of any, or are you just making things up as you go?

  3. And so it begins... by MikeRT · · Score: 3, Insightful

    This is how European-style web-blocking will come to the US?... I give it
    Why don't they just arrest the scammers? Are they in Nigeria and Nigeria won't turn them over? Why don't we send agents abroad to bring them here? Didn't stop us from doing it in Italy to a guy suspected of being a member of Al Qaeda...

    1. Re:And so it begins... by Mythrix · · Score: 5, Funny

      Why don't they just arrest the scammers? Are they in Nigeria and Nigeria won't turn them over?

      Nigeria would turn them over, but is demanding advance fees for the process and paperwork involved.

  4. Bill-writing checklist: by NotBornYesterday · · Score: 4, Insightful
    Okay gentlemen, let's take a look and see if this bill is ready to become law.
    • Largely unenforceable? Check.
    • Written by people uninformed about the technology involved? Check.
    • Feel-good protectionist law that will only give a false sense of security? Check.
    • Mandates action that may or may not be reasonable? Check.
    • Sets another precedent for controlling what people see see and where they go on the internet? Check.

    Well, all the requirements are there ... let's vote. Any opposed? [gavel] Excellent.

    /sarcasm

    I am all for stopping fraud, but scammers are far more nimble and inventive than our government, particularly Congress. This ain't gonna stop them.

    --
    I prefer rogues to imbeciles because they sometimes take a rest.
  5. Technical solutions are already out there by QuantumRiff · · Score: 5, Interesting

    Things like SPF, and Domain Keys, and signed DNS would all prevent this. They would all help ensure that emails are coming from who they say they are coming from.

    Instead of "blocking" things, why not force all government agencies to setup SPF and Domain keys, and maybe start signing the .GOV domain?

    --

    What are we going to do tonight Brain?
    1. Re:Technical solutions are already out there by natehoy · · Score: 4, Funny

      If they're trying to protect us from criminals and scammers, wouldn't BLOCKING .gov be a better solution? (snare drum)

      --
      "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
    2. Re:Technical solutions are already out there by natehoy · · Score: 4, Informative

      Unfortunately, a lot of people don't understand that "the internet is not .com". I run a couple of web sites for organizations, and I have to get the .com as well as the .org for any domains, because 20-30% of visitors come to the .com one, and if I don't snag the .com immediately I'll get complaints that the organization I support is a front for porn or ad sites.

      I once tried to give out a .org address to someone, and they asked (I am not making this up), "so that's xyz dot org dot com?" - I finally gave up and made it a habit to grab the .org AND .com for any org I set up.

      PS: annualcreditreport.gov does work. It redirects to the FTC, which has links to annualcreditreport.com. Annualcreditreport.com is a non-Governmental organization, set up in response to demands from the government that consumers get annual free access to their credit reports. So giving them a .gov URL would be inappropriate.

      Freecreditreport.com, on the other hand, belongs to consumerinfo.com, and is a pay-for site that is desperately trying to pretend to be the FTC-mandated free credit check service, but is in fact a "free trial with automatic renewal at $15 a month after seven days" service. As with many such services, good luck canceling it before you get whacked $15 a month for the rest of your life.

      And, of course, you can't stop such a service by non-payment. I mean, after all, it's run by Experian. Imagine what your credit report would look like if you tried to stop a payment to a credit reporting agency. Might as well slash your wrists now and save the agony.

      --
      "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
    3. Re:Technical solutions are already out there by TheRaven64 · · Score: 2, Insightful
      What effort did the representatives make to be educated? It was the push to make it the responsibility of others to force knowledge on representatives that left the US with the current lobbying problem. The sequence should be as follows:
      1. Legislator observes problem.
      2. Legislator consults experts to produce solution.
      3. Legislator proposes solution as bill.

      Currently the procedure is closer to:

      1. Company observes opportunity to make money.
      2. Company hires lobbyist.
      3. Lobbyist drafts bill and persuades legislator to sponsor it.
      4. Legislator proposes bill.
      --
      I am TheRaven on Soylent News
  6. Rather Continues by omb · · Score: 4, Insightful

    This, which is clearly a waste of time if it is technically possible, at all,

    is legislative masturbation,

    it isnt that the Congress has nothing to, re-enact Glass-Steagall, stop naked shorts and credit default swaps

    properly regulate the Fed, SEC and the exchanges;

    Deal with those Too-Big-To-Fail

  7. Durr.... by Sporkinum · · Score: 2, Funny

    Sounds like Kanjorski is going full retard.

    --
    "He's lost in a 'floyd hole"
  8. Exemptions? by rbarreira · · Score: 5, Funny

    Will the bailed out banks get an exemption?

    --

    The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
  9. The long, slow descent has begun by pongo000 · · Score: 2, Insightful

    First it will be fraud sites. Then alleged copyright infringers. Then alleged porn peddlers. Then alleged left wing/right wing propagandists. Then any site deemed to be detrimental to the well-being of the Homeland.

    And before you know it, the commercialization of the World Wide Web (a least from the viewpoint of a US citizen) will be complete.

    Here's a message to Congress: Just stay the fuck out of my life.

  10. Why not all spam? by PhilHibbs · · Score: 3, Insightful

    Just pass a law saying the ISPs must block all spam, problem solved. Next, they should make them block all viruses as well. Wow, I never thought it would be this easy. Block any discussion of terrorist acts as well, and all pictures of ugly women.

    1. Re:Why not all spam? by NotBornYesterday · · Score: 2, Interesting
      Duh, you forgot the most important part: liability!

      Any Internet service provider that, on or through a system or network controlled or operated by the Internet service provider, transmits, routes, provides connections for, or stores any material containing any misrepresentation (of the SIPC) shall be liable for any damages caused thereby , [emphasis mine] including damages suffered by the SIPC, if the Internet service provider...is aware of facts or circumstances from which it is apparent that the material contains a misrepresentation.

      Dude, if we could get the ISPs to pay us for everything that ever goes wrong on the Internet, think of how much money we could make!

      --
      I prefer rogues to imbeciles because they sometimes take a rest.
  11. Days of the free internet are finally ending by elrous0 · · Score: 3, Interesting

    It's been clear for some time now that it was only a matter of time before the feds began forcing ISP's to block controversial sites (probably with about as much "proof" of wrongdoing as we see in the infamous DMCA takedown notices). It's sad that the days of simply typing in www.thepiratebay.org or even a lot of legitimate sites' URL's and having the site just pop up are coming to an end. From now on out, it's going to be a constant fight between users and their ISP's, with the RIAA/MPAA exclusively deciding which sites we can see or not see. Of course, we /. clever types can find ways around it, but again, it will be a constant fight from now on (like homebrew on a console or jailbreaking an iPhone, it will be a constant state of we-figure-out-a-new-workaround-they-find-a-way-to-block-it). What a shame.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  12. Re:One thing to say by acedotcom · · Score: 5, Insightful

    Are you high? The DMCA started with the best of intentions. Now it is used to stifle people criticism and control content. i can only assume you are some kind of troll, because you surely realize that as soon as you start blanketing one corner of the internet with "fraud protection", you move to "counterfeit assurance" and then "piracy control" until you finally get to "free speech countermeasures". if this is the internet you want, please, setup your own intranet and leave the rest of us out of it. i'll take the scammers any day over oppression.

    --
    they say it is often more relevant then the comment above, all we know is its called the Sig!
  13. Probably a foul-up by russotto · · Score: 4, Insightful

    Looking at the wording of the law, I think the idea was to make the scammer's own ISP liable, not every ISP in the country. But that's not what it says; the law ends up covering every ISP from the scammer to the customer, including transit providers. Hopefully this thing will get killed.

  14. the more "protection "rights" bills by Shivetya · · Score: 3, Insightful

    that I see coming from Congress the more worried I get. They seldom do what they say and seem to only enforce someone's right to do what they are doing to me.

    Like being told they have X hours to hold my laptop during a border crossing, or codifying the ability of an airline to hold me hostage on a plane for X hours.

    When they tell you they are defining you rights be very afraid.

    --
    * Winners compare their achievements to their goals, losers compare theirs to that of others.
  15. How about a .bank domain by phorm · · Score: 3, Interesting

    Now I don't suggest we have a domain for everything, but ".bank" sounds like a good idea and something useful for that particular industry. Much like you need to be an educational institution to use .EDU or a government entity for .GOV, why not allow only properly registered banks to use a .bank domain, with some checks to ensure they're not scammy duplicates.

    After a year or two, anything not using the ".bank" domain should hopefully raise enough suspicion to become fairly obvious as a scam.

  16. But who will protect us from Kanjorski? by daninaustin · · Score: 3, Informative

    I think we should be more concerned about politicians who earmark millions of dollars for their family. http://www.politico.com/news/stories/0907/5667.html

  17. Obligatory checklist by dkleinsc · · Score: 3, Insightful

    Congressman Kanjorski advocates a

    ( ) technical (X) legislative ( ) market-based ( ) vigilante

    approach to fighting phishing. His idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Phishers can easily use it to harvest email addresses
    (X) Mailing lists and other legitimate Internet uses would be affected
    (X) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop phishing for two weeks and then we'll be stuck with it
    ( ) Users of the Internet will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    ( ) Requires immediate total cooperation from everybody at once
    ( ) Many Internet users cannot afford to lose business or alienate potential employers
    ( ) Phishers don't care about invalid addresses in their lists
    (X) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    ( ) Lack of centrally controlling authority for email
    (X) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    (X) Asshats
    (X) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    ( ) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    (X) Willingness of users to install OS patches received by email
    (X) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    (X) Extreme profitability of phishing
    (X) Joe jobs and/or identity theft
    (X) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with phishers
    ( ) Dishonesty on the part of phishers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Outlook

    and the following philosophical objections may also apply:

    ( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    (X) Blacklists suck
    ( ) Whitelists suck
    (X) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    (X) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    (X) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    (X) I don't want the government reading my email
    (X) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (X) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your
    house down!

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  18. Re:Who is behind this? by dissy · · Score: 4, Insightful

    I've heard of not RTFA before posting, but wow, you didn't even read the headline?
    Not even the very first word?
    How many times did you vote Tuesday?

    In insulting the parent poster, you just proved his point correct and your own flame as false.

    Yes, read TFA, and the summary, and the very first word, all as you point out.

    Now, with that, prove to us that this won't be used to block anything congress critters don't like. Just try.

    I can prove they will. It's called history, and 100% of the laws that could be abused in this way, HAVE BEEN. 0% of them have not been abused.

    With that type of track record, you are insane if you think this won't be used to block Joe Random blogger who is critical of something the government is doing.

  19. Re:One thing to say by amplt1337 · · Score: 3, Funny

    The DMCA started with the best of intentions.

    Sorry, you lost me there.

    --
    Freedom isn't free; its price is the well-being of others.
  20. Re:Hmm by Culture20 · · Score: 2, Insightful

    They shouldn't be worried. The government almost never passes laws which cannot be enforced. They've got a pretty good grasp on technology.

    This law can be enforced easily. Enforcement =/= blocking sites. Enforcement == fining/shutting down ISPs who don't block sites. It's almost a "Don't breathe" law, and enforcement is simple.

  21. URDP by jroysdon · · Score: 2, Insightful

    Why doesn't the federal Government use the URDP to just seize the domains? If they're posing at the government, that should be a quick slam-dunk court case, and then the government just takes it to ICANN who forces their registrar to transfer to ownership:

    http://www.icann.org/en/udrp/udrp.htm

    I know it's not as simple as that, but once the ball is rolling it should stop them as appealing method of scamming. Plus, it's "the right way" to get it done without passing any new law that can be abused. Enabling any sort of China-like-firewall-filter is a *bad idea*.