Wednesday, June 23, 2010

Not Necessarily the News

The first time I lived in Korea I tried to learn the language and understand the culture I was faced with every day, but I didn't have the time to develop an understanding of some of the wider aspects of society that fills the newspapers every day, and I wasn't expecting to stay. I found this decision made Korea more enjoyable for me, because I didn't have to read about politicians arguing every day, the crimes and wider social problems afflicting the country, or endless celebrity gossip.

The second time I came to Korea, it was with every chance of staying here for much longer, so I knew I had to start trying to understand the country I was living in at a deeper level. I started making the effort to go through the newspapers every day. One of the suspicions about Korea that was confirmed by doing this was the precarious state of online security. My anecdotal experience suggested that most people used pirated versions of Windows, everyone used Internet Explorer (even though it was so troubled other Governments were issuing advisories to people not to use it at all), and ActiveX was the basis of all online banking. Firewalls and anti-virus software were optional, and resident protection systems almost unheard of save for odd anti-virus and anti-keylogging applications which tended to load for the duration of an online banking session. You are often out of luck functioning on the IE-centric Korean web if you choose Firefox, let alone an entirely different platform such as Linux or MacOS.

So I discovered that at least there is a growing debate about the state of online security in the media, with some blame even being attached to the security companies themselves, and the Government is making noises about making changes. It's a potentially important issue, because South Korea may be wide open to a coordinated cyber-assault - there have already been a significant number of isolated attacks, and given the nature of the tensions on the peninsula, an enemy may gain an advantage by disrupting communications in the South immediately prior to a military attack.

But despite the increasing media debate, ironically it appears that sections of the media have fallen victim themselves, by proxy if not directly. Last week Google Chrome started blocking The Korea Herald, followed by national broadcaster, KBS. Later, even Firefox - which is generally more tolerant or ill-informed of such issues, started blocking the Herald website. Since then, access has been sporadic. Could they be false positives? Well, this is what Google's diagnostic page had to say about koreaherald.com:

Of the 1875 pages that we tested on the site over the past 90 days, 81 page(s) resulted in malicious software being downloaded and installed without user consent.

Malicious software includes 99 scripting exploit(s). Successful infection resulted in an average of 4 new process(es) on the target machine.


Which sounds concerning, even if the chances of ending up with four new processes - doing who knows what - on your computer are limited to about 81 in 1875. And the main problem seems to be not the koreaherald.com itself, but code from other domains which koreaherald.com acted as an intermediary for. It may have been advertisers. None of which is any comfort if you fall victim to it, and it truly is malicious.

No comments:

Post a Comment