Just came across this story at Slashdot, interesting approach :
"China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law. The new email licensing clause is just a small part of a new anti-spam law formulated by China's Ministry of Information Industry (MII)."
While the commitment is a remarkable event given China's booming Internet population -- among the main reasons Google had to somehow enter China's search market and take market share from Baidu.com -- you don't need a mail server to disseminate spam and phishing attacks like it used to be in the old days. You need botnets, namely, going through CME's List, you would see how the majority of today's malware is loaded with build-in SMTP engine, even offline/in-transit/web email harvesting modules.
You can often find China on the top of every recently released spam/phishing/botnet trends summary, which doesn't mean Chinese Internet users are insecure -- just unaware. What you can do is educate the masses to secure the entire population, and stimulate the growth of the local security market that everyone is so desperately trying to tap into.
Moreover, I doubt you can regulate the type of Internet users still trying to freely access information, again with the wrong attitude in respect to security :
"..prohibiting use of email to discuss certain vaguely defined subjects related to 'network security' and ' information security', and also reiterate that emails which contain content contrary to existing laws must not be copied or forwarded. Wide-ranging laws of this nature have been used against political and religous dissenters in the past."
It's like legally justifying the country's censorship practices through introducing the law, whereas I feel "network security" and "information security" attacks outside the homeland get favored, compared to internal ones, don't you?
Forbidden fruits turn into dangerous desires on the majority of occasions, and you just can't control that, what's left to censor it.
Technorati tags:
Security, Malware, Spam, Phishing, China
Friday, April 14, 2006
Fighting Internet's email junk through licensing
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com