South Korea Wants To Mandate Everyone Must Install 'Security' Software To Prevent 'Zombies'

from the and-maybe-open-your-computer-up-a-bit dept

Amelia Andersdotter alerted us to a story coming out of South Korea, where there’s an ongoing effort to pass a “Zombie PC Prevention Act,” which would require every citizen to install special “security software,” on their computers. But, some are worried about the unintended (or secretly intended?) consequences of such an act. The Korean government will officially designate which security solutions are allowed, leading to questions about what might be in or not be in such software. On top of that, this law also has quite a backdoor for government agencies to spy on pretty much any company, because it would empower the Korean Communications Commission to “examine the details of the business, records, documents and others” of anyone, without a warrant, based merely on the suspicion that an employee or the company as a whole did not use such mandated security software.

An interesting sidenote in all of this is that just as the push to pass this Zombie PC Prevention Act came about, suddenly a hard-drive destroying malware started making the rounds, and some have noted that it acts in a manner that doesn’t make any sense when you look at typical malware. Instead, it acts sort of like a “zombie,” but whereas typical zombies try to remain hidden, this one does a lot to make itself known. The suggestion — though, admittedly, with little proof — is that perhaps someone has released such an attack in order to build up support for the law.

That may be too much of a conspiracy theory for some, but it is still worrisome that the government might mandate a particular brand of security software. It’s obviously a good thing, in general, for people to secure their computers, and to try to ward off malware such as zombies. But should it really be the government’s job to step in and mandate what software you put on your computer?

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “South Korea Wants To Mandate Everyone Must Install 'Security' Software To Prevent 'Zombies'”

Subscribe: RSS Leave a comment
46 Comments
Anonymous Coward says:

I think it should be from a different angle. ISP’s should have more behind them in disconnecting people from Internet access until they can demonstrate that their computers are clean. Not instantly. Perhaps after three warnings. Ah, what’s the point. There will always be sucker born every minute. Knock one down and a million more rise up. *sigh*

I’ll just sit in a corner grumbling about forcing people to sit an exam to get on the Internet in the first place… 😛

Anonymous Coward says:

Re: alternate OSes

Linux still has a chance of getting this “security software” ported to it, since it is popular enough. Linux on x86, that is.

What about FreeBSD? Haiku? Linux on ARM? Or any of the other minority systems? What about other architectures (MIPS, Sparc, OpenRISC, …)? What if your “Linux” system is a router (running OpenWRT)? Or a phone (like Android – an interesting one since it has completely different user space and a customized Linux kernel)?

And what if you are a Linux developer? As in one who develops Linux, not one who develops using Linux? Would you be restricted in the kinds of changes you can make, so that the so-called “security software” does not stop working?

senshikaze (profile) says:

Re: alternate OSes

Running Linux should be considered running “security software.”
I love that everyone says computers, but what they actually mean is “Windows computers.” 99.99 times out of 100, around the globe, an infected computer is a Windows computer(and most of those are unpatched WinXP machines). The other .01% is OSX and possibly Linux. (Though I think OSX is going to be on the rise soon if Apple doesn’t get their ASLR and DEP shit straight.)

harbingerofdoom (profile) says:

Re: Re: alternate OSes

you are also assuming that simply because there has not been a large number of virus and exploits in linux that there would never be.

a large part of why you dont really see that many issues is simply because of the smaller market share. hell, last year depending on the set of numbers you look at, win was around 90%, Apple around 4-5% and nix was round 1-1.5%.
since most of the stuff out there these days are the rogue variety which is trying to scam you out of money, why would you even bother with dealing with a nix OS when at best you are only going to get a small fraction of the 1.5% of the systems?

If you changed that however and had nix around 50% or greater of the marketshare? things would be totally different and you would then need security software on your nix system.

Anonymous Coward says:

Re: Re: Re: alternate OSes

Considering the linux community…if malware actually did something (remember not everyone is running the same kernel revision or even have the affected module compiled into it) a patch would probably be out within hours and most distros would have a new update within a day or so.

And most linux malware doesn’t attack the kernel, but rather services or programs, lowering chances even more.

Anonymous Coward says:

The behaviour of a computer connected to the Internet can be observed. DOS attacks or sending a large amount of email to random addresses can be easily tracked and an email informing the customer of such matters can be automated. The actual cleaning of the system and proof of being cleansed is difficult to prove, but various organisations haven’t had a problem with such good faith concepts for a couple of millennia. ;P

Anyway, claims of a cleansed system can be disproved with behaviour monitoring once more. The ISP can cancel the account and the user can go to another ISP where the process can be repeated. Hopefully the user of the infected PC will get the clue eventually.

Could there be merit in such a system?

Anonymous Coward says:

Re: Re:

In a world where distributed computing is becoming important that behavioral surveillance is meaningless.

Further DDoS attacks are not random, they are directed at a fixed target, how will software differentiate high traffic on encrypted channels? also there are countermeasures for time analysis on networks that are being deployed right now.

Also why punish normal people? IT personnel don’t know how to deal with those things will they get punished too?

It is a PITA to find fingerprints and collect a database of those(see SNORT or Metasploit)

Also with a single solution for a problem people just need to compromise that single point to have access to everybody else it doesn’t enhance security it weakens it. Variation is what will keep people secure in the future not single failure points.

it just don’t look that good for me.

Anonymous Coward says:

I would laugh but this is serious.
What is going through the minds of people to suggest such a thing?

One single solution is like one single point of failure, it doesn’t make it more difficult it makes it easier to compromise and entire set of the internet. That is why I don’t really think this is about security but surveillance.

Anonymous Coward says:

I love how people think the internet is “private communication”. There isn’t a more un-private thing in the universe.

The internet has never been private. In some way, everything has been traceable since day one. Get AFK, go interact face to face, and stop bitching about something that never existed in the first place.

Anonymous Coward says:

Re: Re:

Really? I have private communications every day.

You see, I use a Jabber client that allows me to use my GPG key to encrypt my messages. Also, my important emails are ciphered using that key too. Only my intended recipients can red those messages. The others, well, let’s just say that they’ll have to spend a million years cracking a message that says “sup!”. It’ll be a fun million years.

I also routinely use SSH to “talk” to remote machines. It has a pretty decent encryption.

There can be privacy. Please educate yourself. Knowledge is your biggest strength against the daily assaults against your rights.

Anonymous Coward says:

Of COURSE it's a scam

Everyone who has even a rudimentary grasp of the current security environment — in particular, that pertaining to Windows-based zombies — knows that it is quite, quite impossible to secure those systems. Any minimally-competent malware author (and there are many of them) will simply code the next release of their software in a fashion that defeats/overrides the “anti-zombie” software…just like they’ve already coded their software to defeat/override anti-virus software.

So there is no possible way this purported anti-zombie software could actually work as claimed — and I’m certain those pushing it know this. They’re relying on the profound ignorance of the masses in order to push this on the population and thus create backdoors into every computer in the country…which of course will provide handy access for the NEXT generation of malware.

expat in Korea says:

bill sponsered by...

This law is probably sponsored by V3 the really bad virus software that is incredibly popular in Korea. 2 of my past employers required it installed on laptops in order to be able to use the wi-fi. The login program for the wifi checked to make sure you had it installed.

The problem is that V3 fails to catch a large number of viruses that free software such as avast and avira catch. I know because I had a problem with one of my office computers and it was solved once I installed (unbeknownst to the it dept) avast and found 20+ viruses.

Bengie says:

Idea

Instead of cutting a customer off the web, white-list only ports 80/443 and once per hour, have a page redirect to something that says something like:

“Traffic patterns from your network indicate that one or more of your devices have Malware/Trojans. This could lead to sensitive information from your computers to get stolen including credit card and bank info. Please contact customer support on removal. During this time, your internet connection will be limited to only browsing web pages and will be throttled to 1mbit” or something like that.

There. An annoying pop-up stating to contact customer support, still having web access, but also locking down the network a lot to help reduce the zombie’s ability to communicate.

Bengie says:

Re: Re:

As long as everyone doesn’t go Linux/OSX. Linux and OSX both have lots of local security issues, nearly as bad as Windows.

Not much harder to write an app for Linux that can by-pass security to elevate to root and take over your machine. The only difference is Linux tends to be limited to Computer literate users and virtually no one makes Linux malware.

Give a reason to make Linux malware and it will come.

OSX is similar, but different in that it’s more of a “walled garden” and the users tend to only install what’s provided via Apple.

The one big thing going for Linux/Opensource is the plethora of applications that can be installed with a distro. A typically user would more than likely have an Opensource alternative instead of having to download some random app off the net from some unknown 3rd party.

You still have the issue of educating an computer illiterate user on how to search for Opensource applications that they want.

Prashanth (profile) says:

Re: Re: Re:

The issue is that Apple is even worse than Microsoft about patching security holes; they deny it for far too long. I know the Pwn2Own contests are debatable, but at least they are something: anyway, in every single Pwn2Own contest, Mac OS X is the first to get hacked, while Linux never gets hacked. That said, you are certainly right about recent malware that automatically gets root access; that’s always bad.
But the issue at hand here is the intrusion caused by this software that supposedly protects computers from becoming “zombies”, in which case I think my method still works fine.

Amelia Andersdotter (user link) says:

@kyle clements

well, the thing is, 98% of all computers in ROK run Windows. It’s an incredibly locked-in place. All the government, all the users, all the everyone use Microsoft Windows and it’s already difficult just accessing government material if you don’t run MS Windows. >_it doesn’t really matter who released the worm, because it did go out there. If it were released by RBN it would /still/ help the government push a law it really really wants to push.

I’m not very conspiratorial but I do see bad legislation when it’s heading right for me.

Richard M Stallman (user link) says:

Calling that imposed program “security software” is blackwhiting (a la 1984), since it is malware itself, with a backdoor that gives others entry into the user’s computer.

I suspect that the program will also be proprietary software (not freedom-respecting, see http://www.gnu.org/philosophy/free-sw.html), because otherwise users could fix the malware by removing the back door. To force South Koreans to allow nonfree software on their computers is itself an injustice.

It seems more and more of what I predicted in 1997, in the Right to Read (http://www.gnu.org/philosophy/right-read-read.html), is coming true.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...