SE Asia's Future on the Web

As a network and server administrator, I've run into a lot of disruptive people on the tubes. A few years ago, we saw one of the major purposes of the web--social interaction--explode in popularity. Because of its wide-spread acceptance, there is obvious revenue potential (it's how I make my mortgage payments). People who attempt to use these new features of most web sites (blogging, comments, content sharing, message boards, etc) are mostly reasonable people. (I won't mention the social quirks that arise from the perception of anonymity.)

However, for any person or organization that wants to set up shop on the Web 2.0 (or 3.14, or 7.6, or whatever), there comes the responsibility of ensuring that the trouble-makers aren't alienating your legitimate visitors. The most common form I've seen lately is spam advertising posted in comments and forum topics. But, you can also run into people trying to purposely abuse your web site's resources (using it to host their links and/or information), people who are true sociopaths, and people who only seek to vandalize.

In any of these cases, it will hurt your web site's audience, and reduce the reach of the message you're trying to communicate. And, if you're making money with your web site, it will cut into your bottom line; perhaps more drastically than you can measure.

This brings me to my reason for posting this article.

For those who are purposely being disruptive, there is a fairly non-technical method anyone on the Internet can use to attempt to hide their identity: anonymous HTTP proxies. In the simplest case, an HTTP proxy is merely a conduit your browser can use to mask its location. The target web site knows certain pieces of information about all of its visitors that can be used to determine the physical location of the computer that is accessing the web site (albeit piecing all of that information together is usually very time-consuming, and sometimes requires legal action in the form of subpoenas). In the case of a proxy, the physical location is masked behind another physical location (and can be chained together a number of times). Of course, even then, a trail back to the origin can still be traced.

The special component required to make yourself effectively anonymous requires routing your browser through proxies that are physically located in countries without formal legal arrangements with the country of origin. For the most part, any country without extradition agreements seems to all under this category. In rare cases, there may also be interaction with international intellectual property laws. The reason being that anyone in the country of origin may not be granted access to the information needed to determine the location of the browser using the proxy. Thus, any legal action to obtain these records (referred to as "log files") would fail because there simply is no country-to-country legal mechanism to deal with it.

Since you can't go after the source, in these cases, all you can do is deny access from large swaths of the Internet. As a service provider in the U.S., my biggest problem comes from proxies residing in China and Korea. Certainly, Russia and smaller European countries provide a reasonable bulk of this traffic, but not nearly in the volumes seen from Southeast Asia.

At the top level, there is reasonable record-keeping that allows anyone to instantly determine the breadth of a network that is hosting these proxies (even if it includes potential legitimate sources of visitors). Thus, as a cost-benefit decision, we simply block that entire network from ever accessing our sites, servers, and networks.

In fact, as a proactive measure, I'm starting to preemptively block entire countries in important firewalls. I found this site to be very helpful in keeping an updated list of networks in China and Korea:

http://okean.com/antispam/sinokorea.html

Obviously, I'm not the only network administrator that has had to deal with these problems. Even if your network or servers would have no conceivable use for anyone trying to take advantage of your resources, you will undoubtedly see or have seen attempts to compromise your sites and/or your security from overseas. If you haven't seen these attempts yet, you're either not logging them, don't read logs, or haven't had a route-able address for more than a few weeks. The problem is blisteringly obvious on social sites where you are constantly blocking spammers.

Given the costs of IT, I can see there being a balancing point where top-level service and infrastructure providers make the decision to segregate communications to countries that are known harborers of proxy systems. In many of my own business dealings, if I had the ability to instantly cut the connection to SE Asia, I'd save a lot of money. I'm sure I'm not the only one that would find such a proposal enticing.

This leads me to my question: What will the future of the web and Internet look like for people in the increasingly important economies of Southeast Asia? If I was a college student or anyone doing research in China, I can only imagine how frustrating browsing the web is right now. In ten years, you'll probably be lucky if you can access 1 in 3 web sites Google suggests.

It strikes me, as these countries' largest global influence is their economies, that being rejected from the vehicle that is being used for more commerce every day is not in their best interest. Their early years on the web as a rowdy, socially-inept teenager may prove to be the source of their largest failures in the future global economy.