Why South Korea Is Shackled To Windows

baron writes with a blog post explaining in detail why 99.9% of S. Korea uses Windows. This amazing tale began in 1998 when Korea decided it couldn't wait for SSL to be standardized (which it was in 1999) and commissioned an ActiveX control for secure Web transactions. At first there was a secure Netscape plugin too, but we know how that story ended. Quoting: "This nation is a place where Apple Macintosh users cannot bank online, make any purchases online, or interact with any of the nation's e-government sites online. In fact, Linux users, Mozilla Firefox users, and Opera users are also banned from any of these types of transactions..." Now that Microsoft has made ActiveX more secure in Vista, every Web site in S. Korea is scrambling to get things working again and the government is advising citizens not to install Vista. At the end of all this work, they will still be a monoculture in thrall to Microsoft, with millions of users sitting behind some of the fattest pipes in the world.

Shackled to Windows?

[Apocalypse111 (597674)]

But I thought Starcraft worked on Mac too...

Laugh. Its funny.

Re:Shackled to Windows?

[markov_chain (202465)]

Laugh. Its funny.

kekekeke

Starcraft in South Korea

[AHumbleOpinion (546848)]

"But I thought Starcraft worked on Mac too..."

It's called World of Warcraft...

I don't think you realize the popularity of Starcrft in South Korea. It's almost a national sport, there are multiple cable TV channels that show tournaments live with play-by-play commentators.

How easy to give up Freedom

[what about (730877)]

and how difficult to get it back

This is not just for Computing but the concept is more important than ever now, in Computing

TCO Study?

[Mateo_LeFou (859634)]

Anyone? I'd love to see a widescale analysis of how much vendor lockin actually costs. When it's this bad I imagine it's disastrous

Re:How easy to give up Freedom

[GreyPoopon (411036)]

and how difficult to get it back

What's stopping someone (in the government) from writing a new SEED-compatible applet that works on Firefox and/or Opera and on other operating systems? After all, there USED to be a plugin for Netscape.

When in doubt, make up your own cryptosystem...

[Schraegstrichpunkt (931443)]

... the NSA loves you when you do!

The Anti-Massachusetts

[hey (83763)]

Kinda makes you think that Massachusetts with their push for open formats, etc might
be on to something. (If you we're already thinking that.)

Diversity

[Zebra_X (13249)]

Kids, diversity is bad, MMMM KAY?

Shackled to...windows?

[shirizaki (994008)]

Just break the glass and escape through the window.

Alternatively...

[Corsican Upstart (879857)]

Alternatively, from the better-than-what-they're-using-in-north-korea department

wait?

[Tom (822)]

This amazing tale began in 1998 when Korea decided it couldn't wait for SSL to be standardized (which it was in 1999) and commissioned an ActiveX control for secure Web transactions.

Has anyone ever investigate which backroom dealings resulted in this decision? Decisions like this, with a multi-billion profit guarantee to a specific vendor, aren't made for technical merit. If you really believe that neither MS nor someone else with stakes in it (maybe some reseller?) was involved, I have a few bridges for sale...

Re:wait?

[inviolet (797804)]

Has anyone ever investigate which backroom dealings resulted in this decision? Decisions like this, with a multi-billion profit guarantee to a specific vendor, aren't made for technical merit. If you really believe that neither MS nor someone else with stakes in it (maybe some reseller?) was involved, I have a few bridges for sale...

Well said.

This tale still might have a silver lining, though. A single security vulnerability, properly exploited, could turn the entire economy of South Korea into a cautionary tale. For a decade afterward, at board meetings where purchasing or standardization decisions are being debated, people will randomly interject "But we could end up like South Korea!".

This is slashdot. Do we believe what we say about the perils of vendor lockin and closed-source? If so, then we should also believe that South Korea's predicament will eventually become a clear and obvious error.

Re:wait?

[just_another_sean (919159)]

That would be great but I don't think it will happen. When Slammer hit S. Korea [techspot.com] in 1/2005 they were one of the few global financial systems that were affected. They made a big stink about blaming MS and then went on, business as usual, without rethinking their reliance on a single vendor who is notorious for breaking standards.

This is MS's fault how?

[Bacon Bits (926911)]

Yeah, I'm not getting how this is anybody's fault except S. Korea's. SEED is an open specification. There is no reason the Korean community can't develop a plug-in for other systems. All that is required is for the S. Korean CA to allow it. Again, that's S. Korea's fault.

The only fault of Microsoft's lies in an area that the author is grossly misinformed. He says "In IE 7 and in Vista, Microsoft has re-architected Active X controls in such a way to make them 'more safe' by requiring a user action for the control to run", and then links to a page about the Eolas patent resolution. Many places have had to recode websites and controls after this change. While it is Microsoft's fault for the implementation, the impact on S. Korea is entirely up to them.

Sorry, you made your bed.

Re:This is MS's fault how?

[michaelvkim (981938)]

There is no reason the Korean community can't develop a plug-in for other systems.

Contrary to what this article is trying to say, there simply is no reason to develop a plug-in for other systems.
You need to understand the Korean mentality. It wouldn't have mattered if the government made Active-X the standard, or if they outlawed it completely. Hell, it wouldn't have mattered if the government didn't do anything. This would've happened regardless. The reason is that unlike in America where it's cool to be different and unique, the Korean mentality is to be as homogeneous as possible. Anybody "weird" is singled out and alienated. This mindset is embedded in their society, culture, personal and professional lives, and everything else they do.
The mere fact MS bundles IE with XP pretty much ENSURED that IE would be used by the vast majority of users in Korea.
Even if standards were opened to allow Firefox, Safari, or Opera access to everything online, I will bet that IE will still have 99.9% of the market. Simply because it's what everybody else is using.

Korean computers SUCKKKKK!!!

[michaelvkim (981938)]

Being Korean and known as somebody who's good with computers, a lot of my friends and family members ask me to look at their computer because "it's running too slow". At first I was more than happy to, but now I dread looking at a Korean computer because:

1. it's running Windows with IE and at least 3 extraneous toolbars

2. it hasn't been defragmented since the computer was first built

3. EVERY website HAS to install software to make it run properly

4. EVERY website the user has bookmarked has at least 5 megabytes of flash (and they're all advertisements)

Everybody in Korea signs up for everything, not knowing how useless the service is, how dangerous it is on their computer, and how much traffic it eats up. Just go to www.daum.net [daum.net] or www.naver.co.kr [naver.co.kr], the two most popular media portals in Korea. What's worse is that Koreans prefer that kind of interface over Google [google.com].

I'm not trying to bash Koreans, Windows, or Internet Explorer at all. It's just that when you put the three together, bad things are bound to happen.

Re:Korean computers SUCKKKKK!!!

[Creepy Crawler (680178)]

What in the heck are those websites you linked to? They're all Korean to me...

Re:Korean computers SUCKKKKK!!!

[PitaBred (632671)]

So the national motto is "Have bandwidth, will waste it"?

ActiveX

[ZwJGR (1014973)]

It shouldn't be a huge amount of work to get ActiveX controls working on Windows.
A .ocx activex control is just a COM DLL really, and ought not to be too much trouble to port to Linux Firefox (in conjunction with WINE perhaps), or to Mac OS possibly in conjunction with the Win32 api compatability layer (Darwin?). A plugin wouldn't be too difficult to write, as ActiveX is better documented than many other areas of Windows. I'm sure that if enough South Korean programmers, and there are a lot, get annoyed, the problem will be sorted, particularly with the Vista issue.

Personnely I doubt that Vista will break these Korean ActiveX modules indefinetely, as MS can release a patch after the OS is releashed and selling, at their leisure. MS would never create a situation where an entire country is put off their flagship product, especially a country with 99.9% MS Windows usage, as stated in the article.

While I find the prevalent MS monoculture in South Korea in itself quite alarming and surprising, I don't think that the compatability issues with Vista are a cause for major concern. Nobody is foring anybody to upgrade to Vista after all.

Proprietary software

[feranick (858651)]

This is exactly why the generalized use of proprietary and not standard software is a bad idea. Being the most common platform, doesn't make it a standard either since the all country relies on something you have totally no control about.

It's that last part that freaks me out...

[Karl Cocknozzle (514413)]

At the end of all this work, they will still be a monoculture in thrall to Microsoft, with millions of users sitting behind some of the fattest pipes in the world.

I think its funny the poster left the part about millions of users behind the fattest pipes around--that seems like the worst part of the story. A monstrous delivery system for Microsoft zero-day worms/exploits, etc... A virtual-WMD if you will.

Just thinking about it makes me want to tell my firewall to shun all traffic from large swaths of the world...

Another question: Couldn't this be forced through liability? I.e. These companies need to switch to using the now much-more secure SSL to handle transactions, or find themselves liable when their customers identities are stolen through their weak quasi-encryption scheme. That's why US companies did it--they didn't want to get sued because a weak protocol was cracked.

other parallels

[nostriluu (138310)]

The Government of Canada uses a public key infrastructure system, that only works in some browsers. Famously for the past census, only some people could access it.

Some important sites, such as banks and airlines, don't support other browsers or require plugins as well. It is getting better with the important cross platform critical mass of Firefox, but far from perfect.

Is it a public highway, or something designed only for Ford Explorers(tm)?

Re:other parallels

[zhiwenchong (155773)]

Really? This must be some time ago. I haven't encountered any problems with most government (CRA, Statcan (census) and the like) or bank websites and I'm running Firefox on Linux and Safari on the Mac (which is a minority browser). The only exception is the Air Canada site, which seems to be IE centric.

In fact the Canada Revenue Agency website even supports Opera, among other things.
http://www.netfile.gc.ca/browser-e.html [netfile.gc.ca]

CIBC, Royal Bank, ScotiaBank, TD Bank, PC Financial all support Safari and other minority browsers
http://www.cibc.com/ca/legal/browser-security.html [cibc.com]
http://www.royalbank.com/online/faqindex.html [royalbank.com]
http://www.scotiabank.com/cda/content/0,1608,CID43 57_LIDen,00.html [scotiabank.com]
http://www.tdcanadatrust.com/ebanking/sup-br.jsp [tdcanadatrust.com]
http://www.banking.pcfinancial.ca/a/security/whatW eDoPopup.page#more_secure_browsers [pcfinancial.ca]

Re:Like Geek heven..

[nine-times (778537)]

The first thing I wondered when I read this was, "Did they learn their lesson?" They standardized their entire country on a closed system, and when the vendor of that closed system initiates an arbitrary change, they're pretty much screwed and forced to rebuild things. In my mind, the smart thing would be to bite the bullet, drop Active X, and switch to Firefox and have a true multi-platform solution. Hell, if they can't do everything they require in an extension, they can go as far as making their own fork, and they'll retain that option in the future.

Really, this should be a lesson for everyone.