Sophos Reveals Latest Spam-Relaying Countries 181
An anonymous reader writes "For the first time in more than two years, the United States has failed to make inroads into its spam-relaying problem. The U.S. remains stuck at the top of the chart and is the source of 23.2 percent of the world's spam. Its closest rivals are China and South Korea, although both of these nations have managed to reduce their statistics since Q1 2006. The vast majority of this spam is relayed by 'zombies,' also known as botnet computers."
Why Divide By Country or Continent? (Score:5, Insightful)
Furthermore, these percentages don't appear to be normalized in any way. Does the United States contain more than 23% of the world's internet traffic? Probably. What about the sheer number of IPs assigned to citizens? Again, probably more than 23% of the world's total user population. Even if it isn't that high, it'd still show that countries like China are doing ok relative to the sheer number of users they have. I think this study only showed that spam is directly proportionate to internet usage. And nothing more.
Logically, you would divide by source or company or--better yet--ISP. I think the penalties should come from the companies that make money providing the internet service to the sources of the spam. Even if it's a bot or open relay for spam, the ISP should investigate it and shut it down. I honestly wouldn't be surprised to see Cox & Comcast show up on that list as they are so unbelievably careless.
I think laws against the internet service providers are in order to force this but it's difficult to track. That's why Sophos should publish names of internet service providers and drag them through the mud, I don't care about countries. And how about making the penalty for the ISP a bit tougher as in you get one warning about a particular user and then you're restricted from providing internet service?
In the end, you have to ask yourself--do we really want to make this a responsibility of all governments? I think the answer is 'no' considering that they can always just open up some operation in another nation and find an ISP dying for cash. Then you have to chase them there.
Re:Why Divide By Country or Continent? (Score:4, Insightful)
Deep Throat Knows (Score:5, Insightful)
"Follow the money"
What's so hard here? The US has pushed for having banks and financial service companies to be more open with governments on who is doing what with transactions.
There's always the content, too. Just look in the emails and they have telephone numbers, web sites, the various means of seeing what these scumbags have to offer and how to contact them.
Educating the public is failing. Why? How many public service ads have you seen advising people how to protect themselves from being scammed, preventing identity theft, etc.? I've seen none. I see private ads OF the voice overs of the big dude with the girl's voice, where his identity has been stolen, I think it was for a paper shreader of all things.
Sophos must be with the terrorists as they are not proclaiming victory in the war on terror. Enough has been made of the suspicion (has anything been proved?) that terrorists raise funds this way. I wouldn't put it past them, but I also wouldn't put it past some russian teenagers with limited career potential in Putin's New And Improved USSR.
Imagine... (Score:3, Insightful)
Sadly, any trick (even as drastic as I've suggested) would only be temporary. People still click on random .exe files (and scripts) as fast as they come in. Any Dilbert, South Park, or Pokemon screensaver will be clicked on my some nitwit. I see the forum posts about how certain screensavers don't work. Well, of course they don't -- they're not screensavers, they're little servers designed to relay spam.
Given the vast numbers of idiots, and amateurs online here in the U.S., of course we're in the lead. (I have two teens -- both of them have clicked on evil .exe's -- firing off malicious code warnings on the Windows machines).
Educating the gajillion newly techno-blessed is the only way to get this under control.
How hard is it to understand, "If a stranger gives you an apple -- DON'T EAT IT!"
Re:Why are ISPs so reluctant to deal with the bots (Score:3, Insightful)
Updated, it'd be "You can lead a user to clue, but you can't make him think."
As it applies here, the average user isn't going to understand (or want to understand) what benefit these free items will give him/her. They've never heard of a firewall or a rootkit. All they really care about is how much it costs.
Now if a service could show better profits through these steps (from reduced expenses, including bandwidth, support, etc) then we might be getting somewhere. But you're never going to get anywhere trying to educate the user.
I for one... (Score:3, Insightful)
Before you flip out and throw the "OMGOOSES MY FREEDOM" argument around, answer me this:
If you were being sent text messages to your cellphone, and being charged ten cents per text message, how long would you tolerate that?
The reason nothing is being done to combat this is due to the fact that when people spend hours cleaning off spam, they aren't even thinkinga bout the "Time = Money" equation. If they were, I think they'd be pretty hot about getting the senders punished.
Re:Do Americans have more, or just less secure, PC (Score:2, Insightful)
And why not stop and look at your comment and others: other than *ownership* of computers, the other major common factor here is Windows. It certainly isn't as though Microsoft isn't complicit in this. Look at the security holes and exploits and everything else that can be laid at their doorstep over the last, well, 5-7 years.
And before someone here tries to flame or mod me and say that Windows isn't the only thing you can write viruses for, yeah, silly, I know that. It's just that writing a virus for W32 / WinNT-class environments has always been made pretty much brain-dead simple by those folks from Redmond. If you want to write a virus for anything else, you actually have to know what you're doing to write code. You know, like the "good old days" of MS-DOS and Win1.x/2.x/3.x. Or Apple II. Or Amiga, etc.
I tend not to pay very much attention to the reports on the state of Internet or individual computer security when it comes from most public authorities, since they all like to dance blithely and blindly around Microsoft's (however unintentional) part in all this noise and nonsense. "Criticize Microsoft? We can't do that! We'll just pretend these problems are part-and-parcel of owning a computer! Heh heh! Nobody will notice!" The media needs to get a clue.
Oh, wait, it's the media. Nevermind... :(
Re:Why Divide By Country or Continent? (Score:4, Insightful)
You don't seem to have much evidence for your assertion that ISPs are reluctant to deal with bots. I know that both ISPs your mention have aggressive programs to battle spam that is generated or relayed by users. It is really a very tough problem to deal with.
How do you identify a bot infected computer? What do you do to a customer with a bot infected computer that he is probably not aware of? What preventative steps can you take that will not interfere with legitimate customer traffic?
While technical savvy folks can generally think of solutions to problems, they often neglect the issue of scalability... every solution has to work in an environment that may deal with a million emails a second! Customers get very irate when they are disconnected, sandboxed, and refused further service until they run (free) anti-virus software on their computer. Customer care organizations within an ISP are generally very resistant to any program that will involve turning off customer service or restricting it, because that causes tremendous expense for them in terms of customer calls. ("What does this web page mean? How do I get rid of it?") It is not just about engineering a solution but also deploying it holistically within a company that has issues other than technology.
Other solutions that make managing the problem easier are also very expensive and slow to implement across a customer base of millions. SMTP AUTH deployments are tremendously expensive in terms of customer care, customer education, and engineering efforts. Everything is complicated by scale and working within the confines of a business with other requirements apart from just technical ones.
ISPs spend millions on efforts to combat spam. The anti-spam industry is expected to hit $1.7 billion in revenues by 2008. If you have the answer to all these problems, start a company and sell it. You will be very successful.
What a Poorly Written Article (Score:2, Insightful)
you have to put those numbers in perspective (Score:3, Insightful)
Re:Why are ISPs so reluctant to deal with the bots (Score:2, Insightful)
Sick of hearing about zombie botnets, spam cartels (Score:2, Insightful)
However, I would applaud a spamming company that slowly removed non-responsive email addresses from their spam lists and tailored their spam only to those few users who respond
Re:Why Divide By Country or Continent? (Score:4, Insightful)
In other news, drivers get very irate when they aren't allowed to drive their unsafe car on the road until it's been fixed. However, banning people with unsafe cars makes everyone else safer, so is a Good Thing. Same with infected computers. If a computer is actively attacking other systems then drop it's connection ASAP - this is good for two reasons:
1. It stops the infected system from doing any more damage to any other systems/people (this may be relaying spam, DDoSing someone, trying to infect other systems with a worm, running a phishing site, etc).
2. If someone loses their whole connection every time they get infected they might actually start giving a damn about their system's security.
that causes tremendous expense for them in terms of customer calls.
If all the ISPs started taking these measures then it would surely *reduce* the number of support calls since the number of infected systems would be reduced. Sure, there'll be a short term peak in the number of support calls but the long term picture is much better. Sadly, most businesses these days only seem to care about the short term bottom-line.
Re:ISP's and Open Ports (Score:4, Insightful)
Your mom probably doesn't need to run an email server. Neither does 99% of other ISP users. The far less than 1% (of which I'm included) that need specific ports opened up can do so by working with the ISP.
That would eliminate 99% of zombie spam right off the bat, without significantly affecting anyone. It may take you 5 minutes on the phone with tech support, but it closes a HUGE whole that is actively exploited by the spammers.
Bye-bye spam. It also takes a way a LOT of the motivation for creating zombie machines, so bye-bye much of the spyware and viruses (not all, but probably a noticeable amount).
So we aren't sacrificing freedom for security. We're tolerating a 5 minute phone call for 1% of users so that everyone can enjoy the internet far, far more.
Well worth it, if you ask me. Absolutely nothing is lost. A whole lot is gained.
Re:ISP's and Open Ports (Score:4, Insightful)
The commercial drivers could (and may) complain that it's unfair that they have to go through the hassle of getting licensed and registered, after all, each thinks he is a perfect driver and poses no risk whatsoever. But I think most people would agree regulation of commercial drivers is a good thing and everyone benefits.
Likewise, those (myself included) wanting to do more than normal with the information super highway would likely complain if we had to take an extra step before being able to do what we want on the internet, such as running a web server or email server. But again, I think the benefits outweight the inconvenience 100 times over. I could call my ISP and be added to their open ports list in 5 minutes (ONCE), but I easily spend 10 minutes A DAY on spam, and often more.
Mind you, this is only on dial up and broadband accounts. Most T1 lines, etc, used for business wouldn't need this requirement as they already have administrators that keep things secure and zombies to a minimum, and RBL's already deal with most of the rest.
Re:Why Divide By Country or Continent? (Score:2, Insightful)
So why DO people pay extra for fairtrade products, then?
If that were the case Walmart would be broke.
Ah, I see. You merely don't know the difference between "nobody" and "not everybody". There are, in fact, a great number of people who choose their purchases based on morality. It just isn't everybody.
Note also that if everybody did start choosing their purchases based on morality, Walmart would not be broke. Walmart would merely be forced to raise its prices slightly, and to adjust its buying policies.
Re:We can do better than that! (Score:3, Insightful)
China and S. Korea are worse on per-user basis (Score:3, Insightful)