Blocking malware with bureaucracy

It's well known that modern malware is primarily web-based. This means that if your computer somehow got infected, chances are you visited an infectious website at some point. Some time ago, bad guys used to use pornographic sites as hooks to infect but nowadays it's either hacked sites or lure sites.

Maybe your regular bookmarked page that you visit every day might have been compromised and is now infectious (this happens more often than you think). Maybe your next Google search is poisoned in a way that it redirects to a site somewhere that infects your computer (this happens mostly with 'popular' search terms but more and more often with all sorts of words you might throw at Google).

The bad guys obviously need to create new domains to host these infectious sites but the good guys take the sites down as soon as possible. We're then in a vicious circle of bad guys creating bad domains very often and good guys looking for them to disconnect them. Curiously enough, the Chinese domains are the most used for malicious purposes (that means that blahblah.cn is more likely to be malicious than blahblah.es, for example).

As a counterattack, the Chinese domain authority revealed earlier this week that they would require new domain registrations to submit paperwork in five days (this is, real physical paper applications in the post). Some others are quickly following suit with rumors that RU domains (that's Russia) will be next in January.

Now, five days is a very long time to have a domain spreading malware. In fact, most malicious domains have done their job by their third or fourth day so it is my belief that this initiative, while a step in the right direction, will not be as useful as they intended it to be. It's a pity that well intentions are not enough in the fight against cyber crime. If it was up to me, I'd raise the real paperwork to two full weeks and wouldn't give them the domain name until then. It's good for their business I'm not in charge.