South Korea Wants To Mandate Everyone Must Install 'Security' Software To Prevent 'Zombies'
from the and-maybe-open-your-computer-up-a-bit dept
Amelia Andersdotter alerted us to a story coming out of South Korea, where there’s an ongoing effort to pass a “Zombie PC Prevention Act,” which would require every citizen to install special “security software,” on their computers. But, some are worried about the unintended (or secretly intended?) consequences of such an act. The Korean government will officially designate which security solutions are allowed, leading to questions about what might be in or not be in such software. On top of that, this law also has quite a backdoor for government agencies to spy on pretty much any company, because it would empower the Korean Communications Commission to “examine the details of the business, records, documents and others” of anyone, without a warrant, based merely on the suspicion that an employee or the company as a whole did not use such mandated security software.
An interesting sidenote in all of this is that just as the push to pass this Zombie PC Prevention Act came about, suddenly a hard-drive destroying malware started making the rounds, and some have noted that it acts in a manner that doesn’t make any sense when you look at typical malware. Instead, it acts sort of like a “zombie,” but whereas typical zombies try to remain hidden, this one does a lot to make itself known. The suggestion — though, admittedly, with little proof — is that perhaps someone has released such an attack in order to build up support for the law.
That may be too much of a conspiracy theory for some, but it is still worrisome that the government might mandate a particular brand of security software. It’s obviously a good thing, in general, for people to secure their computers, and to try to ward off malware such as zombies. But should it really be the government’s job to step in and mandate what software you put on your computer?
Filed Under: south korea, zombies
Comments on “South Korea Wants To Mandate Everyone Must Install 'Security' Software To Prevent 'Zombies'”
I think it should be from a different angle. ISP’s should have more behind them in disconnecting people from Internet access until they can demonstrate that their computers are clean. Not instantly. Perhaps after three warnings. Ah, what’s the point. There will always be sucker born every minute. Knock one down and a million more rise up. *sigh*
I’ll just sit in a corner grumbling about forcing people to sit an exam to get on the Internet in the first place… 😛
Re: Re:
But then how will we get AC’s?
Re: Re:
How exactly do you suggest you would prove that you don’t have a virus? It’s very hard to prove the non-existence of most anything.
Re: Re:
ISP: Excuse me sir. I am a representative from your ISP. Please prove to me that your computer is clean, or be forced off the ‘net.
You: Oh, it’s shiny clean. I have Windows Vista you see and…
*ISP cuts your connection*
Re: Re: Re:
ISP: … and there will be a $50 reconnect fee.
Re: Re: Re: Re:
You: If I give you $100 right now can we just pretend like everything is good?
Re: Re: Re:
>>*ISP cuts your connection*
Well, now they can’t download virus definitions or any security updates.
Re: Re: Re: Re:
pssst…
….he was saying that vista was the virus…
Re: Re:
With an exam to be allowed to get kids maybe a sucker wouldn’t be born every minute?
I don’t know that that is much different than what legislators here have been trying to do. Just not as secretive.
alternate OSes
I wonder how this would affect users of alternate Operating Systems.
Would Linux be outlawed until there is an approved program for it?
What if the approved software isn’t compatible with your distro?
Will this software slow down StarCraft at all?
Re: alternate OSes
Just run the ‘scanner’ in a VM so your computer knows and sends the correct secret handshake, do your real work outside of it.
The question also arises what they’d classify as a computer. Would a phone (development board) at e.g. Samsung also need to have this software installed?
Re: alternate OSes
Linux still has a chance of getting this “security software” ported to it, since it is popular enough. Linux on x86, that is.
What about FreeBSD? Haiku? Linux on ARM? Or any of the other minority systems? What about other architectures (MIPS, Sparc, OpenRISC, …)? What if your “Linux” system is a router (running OpenWRT)? Or a phone (like Android – an interesting one since it has completely different user space and a customized Linux kernel)?
And what if you are a Linux developer? As in one who develops Linux, not one who develops using Linux? Would you be restricted in the kinds of changes you can make, so that the so-called “security software” does not stop working?
Re: Re: alternate OSes
Plan 9
Re: alternate OSes
Running Linux should be considered running “security software.”
I love that everyone says computers, but what they actually mean is “Windows computers.” 99.99 times out of 100, around the globe, an infected computer is a Windows computer(and most of those are unpatched WinXP machines). The other .01% is OSX and possibly Linux. (Though I think OSX is going to be on the rise soon if Apple doesn’t get their ASLR and DEP shit straight.)
Re: Re: alternate OSes
Running Linux should be considered running “security software.”
Only if you like living with a false sense of security. When users will click “Accept” on every popup that displays itself, no OS will save you.
Re: Re: alternate OSes
you are also assuming that simply because there has not been a large number of virus and exploits in linux that there would never be.
a large part of why you dont really see that many issues is simply because of the smaller market share. hell, last year depending on the set of numbers you look at, win was around 90%, Apple around 4-5% and nix was round 1-1.5%.
since most of the stuff out there these days are the rogue variety which is trying to scam you out of money, why would you even bother with dealing with a nix OS when at best you are only going to get a small fraction of the 1.5% of the systems?
If you changed that however and had nix around 50% or greater of the marketshare? things would be totally different and you would then need security software on your nix system.
Re: Re: Re: alternate OSes
Considering the linux community…if malware actually did something (remember not everyone is running the same kernel revision or even have the affected module compiled into it) a patch would probably be out within hours and most distros would have a new update within a day or so.
And most linux malware doesn’t attack the kernel, but rather services or programs, lowering chances even more.
Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time
Re: Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time
PROFIT!
(I couldn’t resist…)
Re: Re: Relying On Machines To Keep Themselves Clean Is A Complete Waste Of Time
This is more than profits this is about government control over its subjects.
The behaviour of a computer connected to the Internet can be observed. DOS attacks or sending a large amount of email to random addresses can be easily tracked and an email informing the customer of such matters can be automated. The actual cleaning of the system and proof of being cleansed is difficult to prove, but various organisations haven’t had a problem with such good faith concepts for a couple of millennia. ;P
Anyway, claims of a cleansed system can be disproved with behaviour monitoring once more. The ISP can cancel the account and the user can go to another ISP where the process can be repeated. Hopefully the user of the infected PC will get the clue eventually.
Could there be merit in such a system?
Re: Re:
In a world where distributed computing is becoming important that behavioral surveillance is meaningless.
Further DDoS attacks are not random, they are directed at a fixed target, how will software differentiate high traffic on encrypted channels? also there are countermeasures for time analysis on networks that are being deployed right now.
Also why punish normal people? IT personnel don’t know how to deal with those things will they get punished too?
It is a PITA to find fingerprints and collect a database of those(see SNORT or Metasploit)
Also with a single solution for a problem people just need to compromise that single point to have access to everybody else it doesn’t enhance security it weakens it. Variation is what will keep people secure in the future not single failure points.
it just don’t look that good for me.
I would laugh but this is serious.
What is going through the minds of people to suggest such a thing?
One single solution is like one single point of failure, it doesn’t make it more difficult it makes it easier to compromise and entire set of the internet. That is why I don’t really think this is about security but surveillance.
I love how people think the internet is “private communication”. There isn’t a more un-private thing in the universe.
The internet has never been private. In some way, everything has been traceable since day one. Get AFK, go interact face to face, and stop bitching about something that never existed in the first place.
Re: Re:
Traced after it left your computer not while it was inside your computer that capability never was possible before without you being infected by something nasty.
Re: Re:
Really? I have private communications every day.
You see, I use a Jabber client that allows me to use my GPG key to encrypt my messages. Also, my important emails are ciphered using that key too. Only my intended recipients can red those messages. The others, well, let’s just say that they’ll have to spend a million years cracking a message that says “sup!”. It’ll be a fun million years.
I also routinely use SSH to “talk” to remote machines. It has a pretty decent encryption.
There can be privacy. Please educate yourself. Knowledge is your biggest strength against the daily assaults against your rights.
Re: Re: Re:
You encrypt? You’re on the list.
Re: Re: Re: Re:
Am I?
**Code. Hack. Script. Upload. Run. Curse. Fix bug. Upload. Run. Curse. Fix typo. Upload. Run.**
Check again.
Of COURSE it's a scam
Everyone who has even a rudimentary grasp of the current security environment — in particular, that pertaining to Windows-based zombies — knows that it is quite, quite impossible to secure those systems. Any minimally-competent malware author (and there are many of them) will simply code the next release of their software in a fashion that defeats/overrides the “anti-zombie” software…just like they’ve already coded their software to defeat/override anti-virus software.
So there is no possible way this purported anti-zombie software could actually work as claimed — and I’m certain those pushing it know this. They’re relying on the profound ignorance of the masses in order to push this on the population and thus create backdoors into every computer in the country…which of course will provide handy access for the NEXT generation of malware.
Re: Of COURSE it's a scam
But it’s the LAW! The malware will HAVE to comply! It CAN’T not comply! Unthinkable!!1!one!
The thought processes (if indeed there are any) of politicians is a constant mystery to me. Women can do nothing that politicians can’t do much, much better. They even fsck us more thoroughly…
Zombie Computers Attack!
Sounds like Tim will be writing another book soon…
Re: Zombie Computers Attack!
“Sounds like Tim will be writing another book soon…”
If this is in reference to me, my last completed book already dealt w/a digital intelligence utilizing a botnet to distribute brain processing workload.
So…beat you to it 🙂
bill sponsered by...
This law is probably sponsored by V3 the really bad virus software that is incredibly popular in Korea. 2 of my past employers required it installed on laptops in order to be able to use the wi-fi. The login program for the wifi checked to make sure you had it installed.
The problem is that V3 fails to catch a large number of viruses that free software such as avast and avira catch. I know because I had a problem with one of my office computers and it was solved once I installed (unbeknownst to the it dept) avast and found 20+ viruses.
If people can think it, people will do it.
Idea
Instead of cutting a customer off the web, white-list only ports 80/443 and once per hour, have a page redirect to something that says something like:
“Traffic patterns from your network indicate that one or more of your devices have Malware/Trojans. This could lead to sensitive information from your computers to get stolen including credit card and bank info. Please contact customer support on removal. During this time, your internet connection will be limited to only browsing web pages and will be throttled to 1mbit” or something like that.
There. An annoying pop-up stating to contact customer support, still having web access, but also locking down the network a lot to help reduce the zombie’s ability to communicate.
Possibly there is a shortage of human brains in Korea and the zombies are simply looking elsewhere.
IIRC, the Koreans rely heavily upon activeX. On a list of attack vectors, this is at the top.
If you don’t think that our governments would pull something like this you are crazy. The internet is to free and leading to more democratic society so they have to find someway to control it.
http://www.kontraband.com/pics/19559/Sheep-Dog-Conspiracy/
It all boils down to this. The only true means of zombie prevention is a shotgun. Doubletap kiddies…. doubletap…
Solution: use Linux, install Microsoft Windows in a virtual machine, install that “zombie protection” in the virtualized Microsoft Windows system, and never touch it again. You have correctly and successfully installed the software, yet it is totally impotent against you. (I suppose this works on Apple’s Mac OS X as well.)
Re: Re:
As long as everyone doesn’t go Linux/OSX. Linux and OSX both have lots of local security issues, nearly as bad as Windows.
Not much harder to write an app for Linux that can by-pass security to elevate to root and take over your machine. The only difference is Linux tends to be limited to Computer literate users and virtually no one makes Linux malware.
Give a reason to make Linux malware and it will come.
OSX is similar, but different in that it’s more of a “walled garden” and the users tend to only install what’s provided via Apple.
The one big thing going for Linux/Opensource is the plethora of applications that can be installed with a distro. A typically user would more than likely have an Opensource alternative instead of having to download some random app off the net from some unknown 3rd party.
You still have the issue of educating an computer illiterate user on how to search for Opensource applications that they want.
Re: Re: Re:
The issue is that Apple is even worse than Microsoft about patching security holes; they deny it for far too long. I know the Pwn2Own contests are debatable, but at least they are something: anyway, in every single Pwn2Own contest, Mac OS X is the first to get hacked, while Linux never gets hacked. That said, you are certainly right about recent malware that automatically gets root access; that’s always bad.
But the issue at hand here is the intrusion caused by this software that supposedly protects computers from becoming “zombies”, in which case I think my method still works fine.
But should it really be the government’s job to step in and mandate what software you put on your computer?
Yes!
And the government should mandate that the software be open source.
And not controlled by a world wide monopoly.
@kyle clements
well, the thing is, 98% of all computers in ROK run Windows. It’s an incredibly locked-in place. All the government, all the users, all the everyone use Microsoft Windows and it’s already difficult just accessing government material if you don’t run MS Windows. >_it doesn’t really matter who released the worm, because it did go out there. If it were released by RBN it would /still/ help the government push a law it really really wants to push.
I’m not very conspiratorial but I do see bad legislation when it’s heading right for me.
Calling that imposed program “security software” is blackwhiting (a la 1984), since it is malware itself, with a backdoor that gives others entry into the user’s computer.
I suspect that the program will also be proprietary software (not freedom-respecting, see http://www.gnu.org/philosophy/free-sw.html), because otherwise users could fix the malware by removing the back door. To force South Koreans to allow nonfree software on their computers is itself an injustice.
It seems more and more of what I predicted in 1997, in the Right to Read (http://www.gnu.org/philosophy/right-read-read.html), is coming true.
parental control
Care4Teen helps you make sure your children stay safe while using the Internet. Our program monitors their activities and prevents access to harmful or suspicious websites. Make sure your children are protected even when you are not watching them.