South Korea Wants To Mandate Everyone Must Install 'Security' Software To Prevent 'Zombies'

from the and-maybe-open-your-computer-up-a-bit dept

Amelia Andersdotter alerted us to a story coming out of South Korea, where there's an ongoing effort to pass a "Zombie PC Prevention Act," which would require every citizen to install special "security software," on their computers. But, some are worried about the unintended (or secretly intended?) consequences of such an act. The Korean government will officially designate which security solutions are allowed, leading to questions about what might be in or not be in such software. On top of that, this law also has quite a backdoor for government agencies to spy on pretty much any company, because it would empower the Korean Communications Commission to "examine the details of the business, records, documents and others" of anyone, without a warrant, based merely on the suspicion that an employee or the company as a whole did not use such mandated security software.

An interesting sidenote in all of this is that just as the push to pass this Zombie PC Prevention Act came about, suddenly a hard-drive destroying malware started making the rounds, and some have noted that it acts in a manner that doesn't make any sense when you look at typical malware. Instead, it acts sort of like a "zombie," but whereas typical zombies try to remain hidden, this one does a lot to make itself known. The suggestion -- though, admittedly, with little proof -- is that perhaps someone has released such an attack in order to build up support for the law.

That may be too much of a conspiracy theory for some, but it is still worrisome that the government might mandate a particular brand of security software. It's obviously a good thing, in general, for people to secure their computers, and to try to ward off malware such as zombies. But should it really be the government's job to step in and mandate what software you put on your computer?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 10:20pm

    I think it should be from a different angle. ISP's should have more behind them in disconnecting people from Internet access until they can demonstrate that their computers are clean. Not instantly. Perhaps after three warnings. Ah, what's the point. There will always be sucker born every minute. Knock one down and a million more rise up. *sigh*

    I'll just sit in a corner grumbling about forcing people to sit an exam to get on the Internet in the first place... :P

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 10:24pm

    Re:

    But then how will we get AC's?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 10:43pm

    I don't know that that is much different than what legislators here have been trying to do. Just not as secretive.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    kyle clements (profile), Mar 23rd, 2011 @ 10:46pm

    alternate OSes

    I wonder how this would affect users of alternate Operating Systems.

    Would Linux be outlawed until there is an approved program for it?

    What if the approved software isn't compatible with your distro?

    Will this software slow down StarCraft at all?

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    scarr (profile), Mar 23rd, 2011 @ 10:50pm

    Re:

    How exactly do you suggest you would prove that you don't have a virus? It's very hard to prove the non-existence of most anything.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Nom du Clavier (profile), Mar 23rd, 2011 @ 11:03pm

    Re: alternate OSes

    Just run the 'scanner' in a VM so your computer knows and sends the correct secret handshake, do your real work outside of it.

    The question also arises what they'd classify as a computer. Would a phone (development board) at e.g. Samsung also need to have this software installed?

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Lawrence D'Oliveiro, Mar 23rd, 2011 @ 11:10pm

    Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time


    • Server to PC: Are you clean?

    • Malicious software on PC to server: Yes I am.

    • ...now what?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 11:11pm

    The behaviour of a computer connected to the Internet can be observed. DOS attacks or sending a large amount of email to random addresses can be easily tracked and an email informing the customer of such matters can be automated. The actual cleaning of the system and proof of being cleansed is difficult to prove, but various organisations haven't had a problem with such good faith concepts for a couple of millennia. ;P

    Anyway, claims of a cleansed system can be disproved with behaviour monitoring once more. The ISP can cancel the account and the user can go to another ISP where the process can be repeated. Hopefully the user of the infected PC will get the clue eventually.

    Could there be merit in such a system?

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 11:13pm

    I would laugh but this is serious.
    What is going through the minds of people to suggest such a thing?

    One single solution is like one single point of failure, it doesn't make it more difficult it makes it easier to compromise and entire set of the internet. That is why I don't really think this is about security but surveillance.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Jay (profile), Mar 23rd, 2011 @ 11:20pm

    Re: Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time

    PROFIT!

    (I couldn't resist...)

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 11:29pm

    Re:

    In a world where distributed computing is becoming important that behavioral surveillance is meaningless.

    Further DDoS attacks are not random, they are directed at a fixed target, how will software differentiate high traffic on encrypted channels? also there are countermeasures for time analysis on networks that are being deployed right now.

    Also why punish normal people? IT personnel don't know how to deal with those things will they get punished too?

    It is a PITA to find fingerprints and collect a database of those(see SNORT or Metasploit)

    Also with a single solution for a problem people just need to compromise that single point to have access to everybody else it doesn't enhance security it weakens it. Variation is what will keep people secure in the future not single failure points.

    it just don't look that good for me.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Mar 23rd, 2011 @ 11:30pm

    Re: Re: Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time

    This is more than profits this is about government control over its subjects.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 1:05am

    I love how people think the internet is "private communication". There isn't a more un-private thing in the universe.

    The internet has never been private. In some way, everything has been traceable since day one. Get AFK, go interact face to face, and stop bitching about something that never existed in the first place.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 1:27am

    Re:

    Traced after it left your computer not while it was inside your computer that capability never was possible before without you being infected by something nasty.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 2:00am

    Of COURSE it's a scam

    Everyone who has even a rudimentary grasp of the current security environment -- in particular, that pertaining to Windows-based zombies -- knows that it is quite, quite impossible to secure those systems. Any minimally-competent malware author (and there are many of them) will simply code the next release of their software in a fashion that defeats/overrides the "anti-zombie" software...just like they've already coded their software to defeat/override anti-virus software.

    So there is no possible way this purported anti-zombie software could actually work as claimed -- and I'm certain those pushing it know this. They're relying on the profound ignorance of the masses in order to push this on the population and thus create backdoors into every computer in the country...which of course will provide handy access for the NEXT generation of malware.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    grumpy (profile), Mar 24th, 2011 @ 2:30am

    Re: Of COURSE it's a scam

    But it's the LAW! The malware will HAVE to comply! It CAN'T not comply! Unthinkable!!1!one!

    The thought processes (if indeed there are any) of politicians is a constant mystery to me. Women can do nothing that politicians can't do much, much better. They even fsck us more thoroughly...

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 3:40am

    Re:

    ISP: Excuse me sir. I am a representative from your ISP. Please prove to me that your computer is clean, or be forced off the 'net.
    You: Oh, it's shiny clean. I have Windows Vista you see and...
    *ISP cuts your connection*

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 3:48am

    Re:

    Really? I have private communications every day.

    You see, I use a Jabber client that allows me to use my GPG key to encrypt my messages. Also, my important emails are ciphered using that key too. Only my intended recipients can red those messages. The others, well, let's just say that they'll have to spend a million years cracking a message that says "sup!". It'll be a fun million years.

    I also routinely use SSH to "talk" to remote machines. It has a pretty decent encryption.

    There can be privacy. Please educate yourself. Knowledge is your biggest strength against the daily assaults against your rights.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 3:59am

    Re: alternate OSes

    Linux still has a chance of getting this "security software" ported to it, since it is popular enough. Linux on x86, that is.

    What about FreeBSD? Haiku? Linux on ARM? Or any of the other minority systems? What about other architectures (MIPS, Sparc, OpenRISC, ...)? What if your "Linux" system is a router (running OpenWRT)? Or a phone (like Android - an interesting one since it has completely different user space and a customized Linux kernel)?

    And what if you are a Linux developer? As in one who develops Linux, not one who develops using Linux? Would you be restricted in the kinds of changes you can make, so that the so-called "security software" does not stop working?

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Michael, Mar 24th, 2011 @ 4:12am

    Zombie Computers Attack!

    Sounds like Tim will be writing another book soon...

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    senshikaze (profile), Mar 24th, 2011 @ 4:34am

    Re: alternate OSes

    Running Linux should be considered running "security software."
    I love that everyone says computers, but what they actually mean is "Windows computers." 99.99 times out of 100, around the globe, an infected computer is a Windows computer(and most of those are unpatched WinXP machines). The other .01% is OSX and possibly Linux. (Though I think OSX is going to be on the rise soon if Apple doesn't get their ASLR and DEP shit straight.)

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    expat in Korea, Mar 24th, 2011 @ 4:38am

    bill sponsered by...

    This law is probably sponsored by V3 the really bad virus software that is incredibly popular in Korea. 2 of my past employers required it installed on laptops in order to be able to use the wi-fi. The login program for the wifi checked to make sure you had it installed.

    The problem is that V3 fails to catch a large number of viruses that free software such as avast and avira catch. I know because I had a problem with one of my office computers and it was solved once I installed (unbeknownst to the it dept) avast and found 20+ viruses.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 4:52am

    Re: Re:

    You encrypt? You're on the list.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 5:06am

    Re: Re: Re:

    Am I?

    **Code. Hack. Script. Upload. Run. Curse. Fix bug. Upload. Run. Curse. Fix typo. Upload. Run.**

    Check again.

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    Shon Gale (profile), Mar 24th, 2011 @ 5:25am

    If people can think it, people will do it.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    abc gum, Mar 24th, 2011 @ 5:43am

    Re: Re:

    ISP: ... and there will be a $50 reconnect fee.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Bengie, Mar 24th, 2011 @ 5:50am

    Idea

    Instead of cutting a customer off the web, white-list only ports 80/443 and once per hour, have a page redirect to something that says something like:

    "Traffic patterns from your network indicate that one or more of your devices have Malware/Trojans. This could lead to sensitive information from your computers to get stolen including credit card and bank info. Please contact customer support on removal. During this time, your internet connection will be limited to only browsing web pages and will be throttled to 1mbit" or something like that.

    There. An annoying pop-up stating to contact customer support, still having web access, but also locking down the network a lot to help reduce the zombie's ability to communicate.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    abc gum, Mar 24th, 2011 @ 5:53am

    Possibly there is a shortage of human brains in Korea and the zombies are simply looking elsewhere.

    IIRC, the Koreans rely heavily upon activeX. On a list of attack vectors, this is at the top.

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    Matt Polmanteer (profile), Mar 24th, 2011 @ 5:58am

    If you don't think that our governments would pull something like this you are crazy. The internet is to free and leading to more democratic society so they have to find someway to control it.

    http://www.kontraband.com/pics/19559/Sheep-Dog-Conspiracy/

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    FuzzyDuck, Mar 24th, 2011 @ 5:59am

    Re:

    With an exam to be allowed to get kids maybe a sucker wouldn't be born every minute?

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    DS78 (profile), Mar 24th, 2011 @ 6:20am

    It all boils down to this. The only true means of zombie prevention is a shotgun. Doubletap kiddies.... doubletap...

     

    reply to this | link to this | view in thread ]

  32.  
    icon
    Prashanth (profile), Mar 24th, 2011 @ 6:58am

    Solution: use Linux, install Microsoft Windows in a virtual machine, install that "zombie protection" in the virtualized Microsoft Windows system, and never touch it again. You have correctly and successfully installed the software, yet it is totally impotent against you. (I suppose this works on Apple's Mac OS X as well.)

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    Dark Helmet (profile), Mar 24th, 2011 @ 7:29am

    Re: Zombie Computers Attack!

    "Sounds like Tim will be writing another book soon..."

    If this is in reference to me, my last completed book already dealt w/a digital intelligence utilizing a botnet to distribute brain processing workload.

    So...beat you to it :)

     

    reply to this | link to this | view in thread ]

  34.  
    icon
    Chris Rhodes (profile), Mar 24th, 2011 @ 8:04am

    Re: Re: alternate OSes

    Running Linux should be considered running "security software."

    Only if you like living with a false sense of security. When users will click "Accept" on every popup that displays itself, no OS will save you.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Bengie, Mar 24th, 2011 @ 8:51am

    Re:

    As long as everyone doesn't go Linux/OSX. Linux and OSX both have lots of local security issues, nearly as bad as Windows.

    Not much harder to write an app for Linux that can by-pass security to elevate to root and take over your machine. The only difference is Linux tends to be limited to Computer literate users and virtually no one makes Linux malware.

    Give a reason to make Linux malware and it will come.

    OSX is similar, but different in that it's more of a "walled garden" and the users tend to only install what's provided via Apple.

    The one big thing going for Linux/Opensource is the plethora of applications that can be installed with a distro. A typically user would more than likely have an Opensource alternative instead of having to download some random app off the net from some unknown 3rd party.

    You still have the issue of educating an computer illiterate user on how to search for Opensource applications that they want.

     

    reply to this | link to this | view in thread ]

  36.  
    icon
    Prashanth (profile), Mar 24th, 2011 @ 9:06am

    Re: Re:

    The issue is that Apple is even worse than Microsoft about patching security holes; they deny it for far too long. I know the Pwn2Own contests are debatable, but at least they are something: anyway, in every single Pwn2Own contest, Mac OS X is the first to get hacked, while Linux never gets hacked. That said, you are certainly right about recent malware that automatically gets root access; that's always bad.
    But the issue at hand here is the intrusion caused by this software that supposedly protects computers from becoming "zombies", in which case I think my method still works fine.

     

    reply to this | link to this | view in thread ]

  37.  
    icon
    Josh in CharlotteNC (profile), Mar 24th, 2011 @ 9:13am

    Re: Re:

    >>*ISP cuts your connection*

    Well, now they can't download virus definitions or any security updates.

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Cowardly Anon, Mar 24th, 2011 @ 9:14am

    Re: Re: Re:

    You: If I give you $100 right now can we just pretend like everything is good?

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 9:43am

    But should it really be the government's job to step in and mandate what software you put on your computer?

    Yes!

    And the government should mandate that the software be open source.

    And not controlled by a world wide monopoly.

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    harbingerofdoom (profile), Mar 24th, 2011 @ 10:04am

    Re: Re: Re:

    pssst...

    ....he was saying that vista was the virus...

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    harbingerofdoom (profile), Mar 24th, 2011 @ 10:10am

    Re: Re: alternate OSes

    you are also assuming that simply because there has not been a large number of virus and exploits in linux that there would never be.

    a large part of why you dont really see that many issues is simply because of the smaller market share. hell, last year depending on the set of numbers you look at, win was around 90%, Apple around 4-5% and nix was round 1-1.5%.
    since most of the stuff out there these days are the rogue variety which is trying to scam you out of money, why would you even bother with dealing with a nix OS when at best you are only going to get a small fraction of the 1.5% of the systems?

    If you changed that however and had nix around 50% or greater of the marketshare? things would be totally different and you would then need security software on your nix system.

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 1:08pm

    Re: Re: alternate OSes

    Plan 9

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Anonymous Coward, Mar 24th, 2011 @ 1:13pm

    Re: Re: Re: alternate OSes

    Considering the linux community...if malware actually did something (remember not everyone is running the same kernel revision or even have the affected module compiled into it) a patch would probably be out within hours and most distros would have a new update within a day or so.

    And most linux malware doesn't attack the kernel, but rather services or programs, lowering chances even more.

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    Amelia Andersdotter, Mar 26th, 2011 @ 3:33am

    @kyle clements

    well, the thing is, 98% of all computers in ROK run Windows. It's an incredibly locked-in place. All the government, all the users, all the everyone use Microsoft Windows and it's already difficult just accessing government material if you don't run MS Windows. >_it doesn't really matter who released the worm, because it did go out there. If it were released by RBN it would /still/ help the government push a law it really really wants to push.

    I'm not very conspiratorial but I do see bad legislation when it's heading right for me.

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Richard M Stallman, Mar 28th, 2011 @ 2:16am

    Calling that imposed program "security software" is blackwhiting (a la 1984), since it is malware itself, with a backdoor that gives others entry into the user's computer.

    I suspect that the program will also be proprietary software (not freedom-respecting, see http://www.gnu.org/philosophy/free-sw.html), because otherwise users could fix the malware by removing the back door. To force South Koreans to allow nonfree software on their computers is itself an injustice.

    It seems more and more of what I predicted in 1997, in the Right to Read (http://www.gnu.org/philosophy/right-read-read.html), is coming true.

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    bela, Jul 8th, 2011 @ 2:11am

    parental control

    Care4Teen helps you make sure your children stay safe while using the Internet. Our program monitors their activities and prevents access to harmful or suspicious websites. Make sure your children are protected even when you are not watching them.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This