Unsurprisingly, terrible Korean internet strikes again. ISPs try to charge companies insane fees because customers want to connect to their servers. Company decides to use peer-ro-peer instead so the ISP starts installing spyware on customer computers.
Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
I hope everyone involved in this catches criminal charges, all the way up the chain. Completely unacceptable behavior.
South Korea at least used to have blazingly fast internet infrastructure. Of course that didn't make up for shitty banking websites that you could only use by running Internet Explorer and allowing it to install "security plugins" that hook into Windows kernel, but at least the internet was fast, and it did give Korea an edge for its IT industry.
That was, I think, about twenty years ago.
I've been living in the US for 10+ years so I'm not very well informed, but basically the ISP industry ended up in an oligopoly where everybody's friends with the government, and they kept raising prices while neglecting infra upgrade. Until nobody can call Korea's internet "fast" any more.
Now all we've got is shitty websites. (To be fair, they are somewhat less shitty now... you can now access your banking websites on Mac!)
I think this is sort of how Japan is often thought of as "land of the future" because where was a brief period around the 2000s where new tech adoption sort of got a little ahead of the US, but what people really missed was that they weren't ahead so much as just...kind of different?
And the reality today is that it'll seem practically backwards to a Westerner - i.e. tons of paper forms and bureaucracy for things like banking and rental applications.
I was in Japan in 2008 and the cellphones there were from the future! I remember being awed seeing people watching TV on the subway on their phones..
There was a bunch of infrastructure and services provided by the actual phone company NTT DoCoMo (as opposed to generally over the Internet) that let people watch shows, play games, shop, etc.. all on their mobile devices. Stuff that we do now every day, but this was almost 20 years ago.
They also had phones built for this purpose, like ones that had rotating screens that went into landscape mode (imagine holding a "T"-shaped device) for watching TV..
So it certainly felt like they were ahead, but you're right, it was a very different approach with everything coming from the phone company itself, and one that wasn't set up to stay competitive or stay ahead..
Other examples of this are the Satellaview for the SNES and the 64DD for the Nintendo 64, both of which were only launched in Japan. The Satellaview let you download games and the 64DD let you browse the internet. Apparently they'd also planned to have multiplayer online gaming for the 64DD, but that was never released.
On an infrastructure level Japan is literally not even in the same reality as the US. The infrastructure works, everything is clean and works, the toilets are usable and good. The mobile internet infrastructure is honestly fine and most likely better than what you'd be able to get in the US (especially as a foreigner).
It will not seem backwards to a "Westerner" today. The only place where you'd really encounter forms as a human being is in government interactions (and possibly banking), which is not unusual or even particularly backwards.
I actually played one of those Korean mmorpgs that that an English version available ~2005 and I remember their website being a mess. It got wildly popular in the west to a point where the server started lagging and was down frequently, so they set up a second one.
Then the cheating got out of hand so they added some anti-cheat software, and shortly after they wanted people to verify their identity by sending a scan of their id/passport. This is when 99% of players left.
This is why all the Korean mmorpgs required Korean social security numbers but what ended up happening is Chinese gamers started to steal Korean identities to cheat and farm items which lead to its downfall, they simply could not deal with the large number of Chinese users.
Even source codes were stolen and Chinese mmorpgs would appear with the exact same gameplay but different skins and names.
In the early days of the internet you could download a generator written in simple visual basic im not sure how it was able to do this but worked well enough to signup and play on almost all the online games
Eventually was made illegal and what ended up happening was a huge korean social security numbers being traded online in Chinese forums (who had economic incentives to farm, hack, cheat items from korean mmorpgs)
Gigabit links to the home were cheap in South Korea 20 years ago, something like $50USD/month, IIRC. The population is so dense, it was comparatively quick and easy to put in the infrastructure.
Some of the fastest pirate FTP sites in the world were .kr at the time, it was crazy seeing 125MB/sec inter-site transfers back then.
The ops must've set the machines up with a /dev/shm ramdisk or similar for uploads. There were no SSDs those days, so no way to even write at 125MB/sec, unless you had an unreasonably large Raid-0 array of WD Raptor HDDs, also possible.
It's also worth noting the SK has some pretty terrible laws around the internet in general. Distribution of porn is illegal there and they do their best to block it from outside. They are pretty big on cyber defamation and will go after people who make fun of government officials[0]. They have a comparatively low internet freedom score because they do things like fine middle schoolers for having anti-government websites and the president pursues legal action against YouTubers[1].
It's pretty interesting when coming from the west where all the problems are often spoken about in the open. I mean the great American past time is complaining about the government. But in SK there's a lot more trust of the government and similarly, a lot more control by them. And it is a fairly tight knit group and there's only a few companies that dominate the country.
> the great American past time is complaining about the government. But in SK there's a lot more trust of the government
Are they really more trusting of the government in south korea or is that just what people will say if you ask them?
If my government aggressively went after every youtuber and literal child who dared to say bad things about the government I'd probably lie and say I trusted my government too whenever asked.
> They are pretty big on cyber defamation and will go after people who make fun of government officials
Because cyber defamation would go rampant otherwise and people would end up killing themselves on lost reputation and cyber bullying. You have to understand Korean culture, where reputation and how you're viewed in society is extremely important.
> You have to understand Korean culture, where reputation and how you're viewed in society is extremely important.
I do understand it, and I think it is dumb. If it is to the point that it is causing people to kill themselves, it is dumb. This doesn't justify the people harassing others, but rather that the cultural element about getting so involved that leads to such harassment is also dumb. Cultures are hard to change, but at the end of the day it literally is up to people collectively deciding change is needed. There is nothing physical in the way. Habits are hard to change, but not impossible. And we should not excuse harmful behavior by claiming it is simply culture.
(There are many elements of Korean culture that are great. But they do not necessarily rely on such a strong notion of reputation. Reputation can still be important without going to this extreme, where it is excessively difficult to redeem.)
You mean the Korean netizen culture where celebrities routinely kill themselves? Where people not only still bully, but rapists can sue their victims for defamation and win?
> Distribution of porn is illegal there and they do their best to block it from outside.
Incorrect, it's yet another incorrect meme. Legal pornography is always possible in South Korea, and while the actual threshold varied over time (because you know, there is no objective metric for them anyway so it has to be a function of the approximate social consensus), legal pornography is not necessarily "milder" than illegal pornography distributed via blocked websites. (EDIT: incorrectly put "stronger" there...)
The South Korean treatment of pornography was extremely distorted mainly because of the rampant copyright violation over pornographic materials produced elsewhere. That blocked virtually all attempts to sell legal pornography and profit from it, why would you pay when you already have tons of free porns out there. Technically speaking, a large portion of the current adult population should have been found guilty if foreign producers could sue them, and I can tell you that the name of a certain blocked but still popular pornographic website [1] has became a household name for many males in their 20s and 30s!
And here is where the SK law's technical distinction between legal pornography and illegal obsence material turned out to be handy. Since those websites distributed pornography illegally, you can just consider them obscene and thus exempted from the copyright protection (!). I really hate this situation and like to see the radical change, but I can also see that it would become a massive and uncontrollable international affair otherwise. So that's why those websites had to be banned (to signal that it is indeed illegal), but the ban itself is so weak that it can be easily bypassed (more effective ban would be harder to justify).
[1] I don't like to quote its exact name, but as a hint, it is often followed by "꺼라 turn sth off".
"Kinda" may mean so many things that "kinda illegal" is as useful as no information, hence all these elaborations. They also matter for the eventual resolution.
I beg to differ. Using "Incorrect" to counter the statement that distribution is illegal implies it's largely untrue. While a distinction between "illegal" and "de facto illegal" exists, your own explanation doesn't support such a strong rebuttal.
You acknowledge that legal pornography, while technically possible, faces significant hurdles due to rampant piracy and legal loopholes. This creates a situation where accessing legal pornography is difficult and impractical for most, making the initial statement, that distribution is effectively illegal, more accurate than your initial "Incorrect" suggests.
Maybe I should have also explained that, in spite of these difficulties, there do exist lots of pornographic materials legally available in South Korea. There are many adult-oriented channels in many cable television providers for example. If my wording made you think that legal pornography is technically possible but practically dead in SK, it is my fault. Legal pornography is okay, but just less popular than illegal pornography, I meant to say. (Probably because it is still a taboo to openly say about illegal pornography.)
It's a lot easier to buy into a government when the most horrid example of one in modern history (arguable, I get it) is only 100 miles to the north with a huge amount of artillery pointed at you.
South Korea has a far crazier history [1] than I think most realize. This [2] is the first president of South Korea, installed by the US, and then eventually ferried off into exile in Hawaii by the US after a revolution, leading the 2nd Republic of Korea. That was followed by coups and all other sorts of great things, including 4 acting presidents that did not serve more than 50 days a piece, eventually leading to the 3rd Republic of Korea which was another dictatorship who then had his dictatorial powers codified in the 4th republic. Then he was assassinated and you get the the 5th republic where the dictator's friend was put in power. Then you get the 6th republic in 1987 (!!) and that's the South Korea we're somewhat more familiar with.
Even in modern times, I think most don't realize how wacky Korean politics has been. For instance the president from 2013-2017 (Park Geun-hye, daughter of a former dictator) was involved in some sort of weird cult-like grooming controversy where she was being groomed and controlled by what some media called a 'Korean Rasputin.' She was eventually impeached and imprisoned for corruption/abuse of power, and is now serving decades in prison.
And it seems the current president of South Korea has an approval rating in the 30s. So I have no idea how Koreans view their government, but it's really unlike anything I think that we can compare elsewhere. But I suspect "trust" and "integrity" are not the sort of words that'd be on top.
I wish. It's a national tradition to jail and then pardon the president. She's been free for years, and is often kow-towing and gladhanding current administration members.
And they are facing the demographic cliff of demographic cliffs...
Although what I suspect will happen is that North Korea will fall apart eventually and South Korea will get a demographic surge from immigrating North Koreans.
Would it be worth it for China to prop them up? I get that they're communism buddies or whatever, but what does China get out of it? What does China really need from North Korea?
From the Chinese and Russian (Soviet) perspective, letting a few Koreans get oppressed is worth it considering the alternative, a land border with the US
China can has influence over North Korea rather than it will be US (don't forget that there are two Koreas because USA and USSR both wanted to rule Korea but couldn't win against each other).
Not to mention when you were also very recently occupied by a neighboring country. And an extremely brutal occupation at that. I mean there's still a handful of women still alive who were sex slaves, it wasn't that long ago. Korea really has had it tough, but I wish that would be a drive for more freedom, not less.
> Distribution of porn is illegal there and they do their best to block it from outside.
Good. Why should any country be a conduit for porn? Most sane countries frown upon and limit things like porn, gambling, drugs, etc. Like we used to until fairly recently.
> They are pretty big on cyber defamation and will go after people who make fun of government officials[0]
It's like that in most countries. Other countries can have their own values. Nothing wrong with it.
> They have a comparatively low internet freedom score because they do things like fine middle schoolers for having anti-government websites and the president pursues legal action against YouTubers[1].
Freedomhouse is apparently a state propaganda outfit.
'Most of the organization's funding comes from the U.S. State Department[4] and other government grants.'
You are linking to a propaganda site created solely to push a political agenda. Germany has an amazing 'freedom' scores but you could go to jail in germany for espousing certain beliefs about certain events in ww2.
That south korea scores low in the freedomhouse index is a good thing. Though it is surprising given that south korea is a militarily occupied vassal of the US.
> It's pretty interesting when coming from the west where all the problems are often spoken about in the open.
Are they really? You are conflating 'the west' with the US. Most of 'the west' is not like america. In most of the west, you can go to jail or be punished for speech. Most of the west doesn't have free speech that we do in america.
What's with the neverending 'coming from the west' from foreigners here? So many foreigners here pretend to be americans here? Why?
> I'm going to assume you don't travel much cause on our side of the pound we can very much speak out loud of many things the US can't.
Pound? What country are you from? Why are people so sneaky? Hiding behind 'the west'.
> In fact, we don't have the absurd taboos that force the US to use alternative words.
What? None of what you wrote applies to the US and none of it has anything to do with free speech. It applies to woke social media. What does 'porn tag' have to do with free speech? Besides, my point was being jailed or punished by the government.
Another memory from the terrible South Korean Internet is how the national banks required customers to log in using Internet Explorer because of mandatory ActiveX blobs of code.
It makes me sad that all of these started with US's restriction on the export of cryptography, which prompted South Korea (among others) to develop a domestic algorithm that was unsupported by contemporary browsers at that time.
I think the answer itself is clear to me: SK bit the bullet much earlier than most other countries, having implemented a nationwide ADSL infrastructure by circa 2000. The same thing happened to Japan for example, where early mobile services were so successful that they essentially stagnated further development until SoftBank's introduction of iPhone.
Active-X was AFIK a common requirement for banking e.t.c. during crypto export restrictions but once they where lifted almost everyone switched to https. What different about SK is the laws which keep their IT security in the past.
One answer is internet banking being way more cumbersome and less advanced in other countries. At that time spending time on the phone or have the customer come spend a miserable time at the agency was the prefered way from the bank's perspective.
To this day many banks won't allow all operations from the online interface.
15-20 years ago Chinese banking website did exactly same things. Maybe they got the idea from SK, don't know. It only ended with widespread adoption of mobile phones and Chrome.
> Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
Same here in Japan. The funny thing is that both me here and my parents back in Spain have gigabit fibre, yet my parents' connection is much faster than mine.
>Is it because all the customers and services are in the same city so it appears low latency?
Yes. It's because the internet of Korea is so well done between nearly all areas of the country with great speeds.
But it's true that Korean internet is super fast only within Korea, but the borders are also normal fast borders to other countries so they're just as fast as say a 1gbps connection in Australia.
Good Korean internet is not a myth, they had fibre everywhere by the time rich people in the US or Europe were getting it. Korean internet is good, it's just that their ISPs are also fairly evil like the rest of the world, but they have less freedom constraining their evils.
As said, it was good/impressive 20 years ago, now it's just what everyone else has. And SK software is a joke, like the linked post elaborates.
I don't know if it changed during the last 5 years, but when I was there I wanted to use Google maps for navigation and it looked like shit, so after some digging around I found because apparently there are some SK patents that prevent Google from using a lot of modern tech. So no wonder SK people compare that to naver and think their IT tech is top notch, but if you compare it to the "real Google", it's a joke.
It's the same in China actually, but there you simply can't access the western counterparts at all usually.
The local variants of map apps are leaps and bounds ahead of Google Maps at any point in the last 10 years though. And that's not due to Google being restricted.
Google is free to do what it wants in Australia, but it still sucks pretty bad.
But yeah, SK software got sabotaged by people in power unfortunately. But the software also has some high standards from locals it has to live up to.
So it's stuck in a situation where the app is quite neat, but it will be as stubborn as a mule if it needs anything to spec.
> According to the news report, KT said it directly planted the malware on its customers that use Webhard’s Grid Service, as it was a malicious program and that “it had no choice but to control it.”
Looks like the major ISP and some cloud service provider are having some kind of ridiculous fight, and they're using their customers' computers as the battlefield. I'd be pretty disgusted if I were a customer.
They should be dusgusted. KT's market share something like 80% of landline subscribers and 45% of high speed Internet usets. This is Korea's equivalent of AT&T. The National Pension Service owns ~13% of it.
Wow, are they trying to have worse internet than DPRK?
Funny how both spectrums of fully controlled market and fully free market can be terrible. Apparently what they did was a crime but it shows the spirit, they though at least that they can do it and get away with it.
I imagine keeping at the front of the pack on any infrastructure investment is very difficult. I mean, it’s an investment, you want to give it time to amortize, right?
Policy failure. South Korea enforced a "Sender Pays" rule for networks, eliminating peering between ISPs. This resulted in companies moving there server to neighboring countries to avoid paying for traffic, which was free before.
>Police officials acted on the information and discovered it came from KT’s own data center south of Seoul. ... They’ve since identified and charged 13 individuals, including KT employees and subcontractors directly connected to the malware attack last November,...
I'm actually very impressed. If this happened in the US, the police wouldn't care about it at all, and would just tell everyone affected that "it's a civil matter" and they'll have to file a lawsuit if they don't like it.
I think you're too optimistic. My reading is that the police is investigating low-level employees and subcontractors. I.e., profit for the corporation, consequence for the employees. And especially subcontractors. (Workplace discrimination against subcontractors has been a hot topic in Korea: subcontractors literally die in factories because they're pushed to handle dangerous tasks while "regular employees" get cushy desk jobs.)
It took 3 years but the FBI published the names of the fellows they believe are responsible for breaching equifax and stealing private data about half of americans
I like the idea that upon seeing a massive and indiscriminate MITM attack all of the various law enforcement agencies with a remit that includes data would just solemnly bow their heads and not attempt to stop or investigate it because a corporation probably wants the attack to happen.
Definitely not the same but I remember late in the days of Napster there were companies that would upload "poisoned" mp3's of popular artist that were not the actual song requested to thwart piracy.
South Korea information technology (as distinguished from hardware-related technology) is unbelievably bad. Much of it is purely technical: domestic firms like Naver are simply not as good as global incumbents like Google, but also they are terrible compared to other regional players (The Kakao chat app is vastly inferior to Zalo, a Vietnamese chat app). However, just as much is due to poor cultural and interpersonal decisions. This news case highlights such a cultural factor.
Note that KT, while relatively recently privatized, is still a national corporation that is considered a critical national asset under the law (thus if the North attacks, KT towers are first priority to be protected by the South's military). So, it is not as if some rogue SME infected its users with malware; it's a national corporation infecting its users over and not even be sorry about it (as in the article).
Plenty of other comments detail the strange Active X requirement: The national law had dependency on Internet Explorer/Active X. (I do not know of any developed nation having a national legal dependency on a specific corporation's consumer technology at this scale.) Also, many comments on South Korea's purportedly great infrastructure (albeit two decades ago). There is more to this.
Interestingly, if you ask an average Korean, he would say Korea is literally the best nation in IT/internet technology, topping or at least on par with the US. The national propaganda effort that went into forming this collective conscious should not be understated. Even many of the top programmers in South Korea I met strongly believe in this superiority. I wonder if this strong sense of superiority is both (1) preventing SK from improving its actually-lagging tech and (2) act in Dostoevskian-Raskolnikov manners thinking that it is above the law and consensus ("the best can break the rules and set new ones"). Whatever the underlying reason may be, there is a serious techno-cultural issue going on in the country.
One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
> One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
To be fair I can see why the practices of Amazon could be considered a scam. Every time you buy something you have to untick "I want Prime"
South Korean internet had been one of the best and fast network in the world; especially up to the point before KT was privatized. After privatization, three internet service providers have been focusing on exploiting profits, not on making better and faster network infrastructure because they don't have to.
wouldnt competition naturally produce better products if there are 3 providers? from what i remember services from companies, or really any type of services were top notch in korea. due to culture, competition, etc. also noting pricing in general is very high in korea
Competition theory assumes that if firms are abusing their market position by overcharging consumers, competitors can enter the market and undercut them.
When you have a market with very high barriers to entry (government regulation + physical infrastructure costs), you can't just start your own internet service provider to undercut existing Korean telecommunications, because you won't make enough money to pay your investment back.
Yes, this is called a ‘natural monopoly’. It’s the case with most infrastructure - basically there is little incentive for a private company to be more efficient than a public utility, since anybody building competing infrastructure is infeasible, but because they want to make profit there is incentive for them to charge more and to cut costs in other ways (like not investing in more than the bare minimum of maintenance). So it generally tends to work out worse for the customers.
Unfortunately some people genuinely believe the private sector will always deliver services cheaper and more efficiently than the public sector, so all around the world this mistake keeps being made. And the continual failures seem to never affect the firm belief of the adherents to that theory…
I’m not sure how is the reality in South Korea but, if my country is anything to go by, these 3 companies are probably a hidden cartel that monopolizes the price and offers while offering the bare minimum.
There's no economic motivation to compete. The motivation is to raise prices slightly, wait for the other two companies to follow suit as a signal, then to raise prices again. If you raise and someone doesn't follow, backtrack to the previous level. This is assuming that they don't just have a meeting and set prices over drinks.
Right. There are two possible very different strategies - even illegal collusion. There is no reason to compete aggressively until one of the "several" chooses to break ranks and do so.
And if the one that breaks ranks is tiny, that might still not be enough reason for the others. Since there is a good chance they will just fail.
This is one of those situations where rubber hits the road on theory vs real life. The concept of multiple vendors being better for the user seems to not play out as the multiple vendors are still a low number (3 in the current example) which means it's very easy for them to collude even if they never actually get in the same room, chat session, email chain, etc to do the colluding.
This has been the argument for decades to justify privatisation of state infrastructure. Anything with high barriers or physical limitations instead just becomes monopolised. It’s a failed experiment at this point. I’d be highly suspicious of the motivations of anyone arguing for this in 2024.
Bittorrent normally hash checks all content against metadata in the torrent file so a simple MITM wouldn't be enough to inject malicious data unless the torrent metadata itself is being sent in the clear.
I had the same thought, i'm very confused about the details of the attacks.
As an ISP if they detect you doing it, and they control DNS servers, maybe they mark your account for death, and they could like randomly hijack you going to google.com to some download for malware, and unsuspecting user clicks accept? Not sure, i'm curious how they pulled this off.
I am wondering if this is one of those "using the term bittorrent for anything peer to peer" cases... maybe Webhard has its own peer-to-peer protocol that is more vulnerable, and they are just calling it bittorrent?
The title is very clickbaity. These are not users downloading torrents in the normal sense. It's users that are using a specific piece of software that happens to utilize the BitTorrent protocol.
There is an enormous issue here. A service provider committed crimes against customers and their justification is the customers were using a protocol to exchange something. The service provider has no idea what the something exchanged was.
It's similar to arresting someone because they are speaking French. I don't speak French and I don't like people who speak French because sometimes French people say stuff I don't agree with. I don't know what they're saying but I hate it.
Yeah, until any details are provided, I would just assume that the ISP already requires that users install some kind of software, and they just pushed the malware through that program.
From what I understand of the autotranslation, the ISP planted the malware somehow and that malware interfered with the P2P system, but no mention of actually using the P2P protocol to spread the malware
You don't need to install any software to use the internet at home in Korea. You just get a modem that connects to fiber at one end and exposes an ethernet port (or wifi) at the other end. Just connect to that port and you're online immediately.
ISPs also provide TV and a bunch of other services, though, and some of them might require installing specific software in order to use on a PC. Or perhaps they hijacked an unencrypted download of someone else's software, most likely some component of the file sharing service in dispute.
I reckon they used a good old fashioned honeypot. Seed a torrent of some random popular content that also contains malware payload, and let users download it.
KT built fiber connection here in Poland ~15y ago. Project was made in a large part of the country, strongly subsidised and thought as a backbone for other ISPs. 4k km of fiber underground and multiple nodes.
Project is now being nationalised as kt:
- didn't pay subcontractors. Many of them went bankrupt
- offered prices so large, that other isps would rather create their own infra than use theirs
- abandon the project totally
Of course i shouldn't put this under KT's name, as they used a subcompany - SungGwang - for all the dirty stuff.
So, fast forward: we laid a new infra parallel to this one in many cases and that one lays in the ground and rots.
For context, the legal situation of network usage in South Korea is something akin to Ajit Pai's wet dream. Network operators are legally empowered to charge troll tolls on both ends of any connection they want. Infrastructure costs are to be borne by literally anyone BUT the network operators.
To compound this, South Korea is economically an authoritarian hellscape. Large megacorporations[0] own everything and the government is just a clearinghouse and mediator for their interests. Corruption is so rampant that even administrations run by ardent anti-corruption activists wind up being toppled by rampant and widespread corruption.
I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct. Anyone with the power to put people behind bars in South Korea will be unmade if they touch a chaebol.
[0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
> [0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
More like the Allied occupation forced them to dissolve the zaibatsu. They later reformed as the keiretsu, and while still immensely powerful, are nowhere the level of the old zaibatsu or the Korean chaebol.
> I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct.
I mean, you're assuming that an SK Telecom executive did something illegal. I don't think anyone here is a supporter of corruption, but you're making a huge, completely unjustified leap to say that an SK executive was involved.
> Even SK constitution said it is illegal. but they don't give a damn about it.
This is a popular meme that is also not entirely correct. I should stress that this incident is very different from the usual MITM from ISP and government though. I assumed you are talking about the general MITM because you mentioned SNI (because you can't put malwares with just SNI sniffing).
The constitution only says about the "privacy of correspondence" in the Article 18, and several acts including the Protection of Communications Secrets Act (통신비밀보호법) [1] and the Act on Promotion of Information and Communication Network Utilization and Information Protection (정보통신망 이용촉진 및 정보보호 등에 관한 법률) [2] do have many exceptions that make them legal at least in principle. Indeed, most websites blocked by SK ISPs host either illegal obscene materials (distinct from the legal pornography in the SK legal system) or advocacy for North Korea (illegal due to the National Security Act 국가보안법). I'm not necessarily for such blocks but it is plain wrong to say that they are illegal.
Even NK advocacy sites do not threat national security either, but I meant that such restriction is allowed by the law which was ultimately passed the Congress and so you are wrong to claim that it's "illegal". See also my other comment for the background.
Also the watchmen argument against such restrictions is so old at this point that there are lots of counterpoints available for you, if you wish.
which exception by the way? please explain which exception makes them `legal` to scan every communication for censorship. not everyone and not every network requests are related to national security and illegal action(i.e. gamble, drugs, etc.)
> which exception by the way? please explain which exception makes them `legal` to scan every communication for censorship.
Oh yeah, see the Act on Promotion of Information and blablabla, Articles 42-2, 44-2, 44-3 and 44-7. In particular Article 44-7 (2) through (4) explicitly allow for such technical measure to be enforced. ("Information and communications services" include ISPs for sure, see the definitions in Article 2.) Like it or not, it is legal in principle and your claim doesn't make it illegal.
> not everyone and not every network requests are related to national security and illegal action(i.e. gamble, drugs, etc.)
By the way, you seem to acknowledge that the government can scan them for illegal actions then?
Reminds me a lot of the telecom situation in the US. There are lots of people who e.g. hate Comcast but basically have no choice in their area if they want broadband. Granted, a malware attack, is another level of terrible, but isn't it "interesting" how pseudo-monopolists seem to be resistant to meritocratic forces?
In Korea, ISPs often encourage their customers to install programs to access additional services. For example, antivirus and parental control programs are quite common. Parents also use these programs to monitor and restrict their children's gaming and internet usage. Distributing malware as part of the installation process for these services is not difficult for ISPs.
> The judiciary actually ruled in favor of KT. It said that Webhard didn’t pay KT network usage fees for its peer-to-peer system and didn’t explain to its users how the Grid Service works in detail
Huh? The users are paying for their network, so they should be free to do with it as they wish. How is Webhard involved in this discussion? This is something the ISP may wish to discuss with its users, if the ISP feels the users are consuming more than they paid for.
Just charge them 250 a head for the equivalent for analysis and remediation should only cost about 150M usd plus about 10-20M to administer. Liquidate the executives holdings including stock then the companies assets and it will never ever happen again.
As a former resident of Russia, I'm not the least bit surprised. The practice of implementing parasitic scripts there began in 2014, and to date has been continued at the level of the largest provider as well as the monopoly owner of international channels (Rostelecom).
Good luck to the believers that someone there will be punished for this. For everyone else, switch to encrypted protocols.
Unsurprisingly, terrible Korean internet strikes again. ISPs try to charge companies insane fees because customers want to connect to their servers. Company decides to use peer-ro-peer instead so the ISP starts installing spyware on customer computers.
Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
I hope everyone involved in this catches criminal charges, all the way up the chain. Completely unacceptable behavior.
South Korea at least used to have blazingly fast internet infrastructure. Of course that didn't make up for shitty banking websites that you could only use by running Internet Explorer and allowing it to install "security plugins" that hook into Windows kernel, but at least the internet was fast, and it did give Korea an edge for its IT industry.
That was, I think, about twenty years ago.
I've been living in the US for 10+ years so I'm not very well informed, but basically the ISP industry ended up in an oligopoly where everybody's friends with the government, and they kept raising prices while neglecting infra upgrade. Until nobody can call Korea's internet "fast" any more.
Now all we've got is shitty websites. (To be fair, they are somewhat less shitty now... you can now access your banking websites on Mac!)
I think this is sort of how Japan is often thought of as "land of the future" because where was a brief period around the 2000s where new tech adoption sort of got a little ahead of the US, but what people really missed was that they weren't ahead so much as just...kind of different?
And the reality today is that it'll seem practically backwards to a Westerner - i.e. tons of paper forms and bureaucracy for things like banking and rental applications.
I was in Japan in 2008 and the cellphones there were from the future! I remember being awed seeing people watching TV on the subway on their phones..
There was a bunch of infrastructure and services provided by the actual phone company NTT DoCoMo (as opposed to generally over the Internet) that let people watch shows, play games, shop, etc.. all on their mobile devices. Stuff that we do now every day, but this was almost 20 years ago.
They also had phones built for this purpose, like ones that had rotating screens that went into landscape mode (imagine holding a "T"-shaped device) for watching TV..
So it certainly felt like they were ahead, but you're right, it was a very different approach with everything coming from the phone company itself, and one that wasn't set up to stay competitive or stay ahead..
Other examples of this are the Satellaview for the SNES and the 64DD for the Nintendo 64, both of which were only launched in Japan. The Satellaview let you download games and the 64DD let you browse the internet. Apparently they'd also planned to have multiplayer online gaming for the 64DD, but that was never released.
On an infrastructure level Japan is literally not even in the same reality as the US. The infrastructure works, everything is clean and works, the toilets are usable and good. The mobile internet infrastructure is honestly fine and most likely better than what you'd be able to get in the US (especially as a foreigner).
It will not seem backwards to a "Westerner" today. The only place where you'd really encounter forms as a human being is in government interactions (and possibly banking), which is not unusual or even particularly backwards.
I remember visiting SK back in 2005-6, and the only way to get online was to install an IE plugin.
This was true in 2013 as well. I've heard this has changed in the last 5 years or so, though.
In early 2000s I used those Korean SIN number generators to access mmorpgs
I stopped when my cousin told me it was illegal
Have a lot of fond memories when there was a mini mmorpg bubble in korea
N-age still going strong it seems in 2024 ! So many rare unique korean mmorpg that will never see the light of the day!
I actually played one of those Korean mmorpgs that that an English version available ~2005 and I remember their website being a mess. It got wildly popular in the west to a point where the server started lagging and was down frequently, so they set up a second one.
Then the cheating got out of hand so they added some anti-cheat software, and shortly after they wanted people to verify their identity by sending a scan of their id/passport. This is when 99% of players left.
Honestly I think the only way to get rid of cheating in online games is to use some form of identity vetting.
I know of one place where there is zero spam and it’s because of the identity vetting infrastructure.
This is why all the Korean mmorpgs required Korean social security numbers but what ended up happening is Chinese gamers started to steal Korean identities to cheat and farm items which lead to its downfall, they simply could not deal with the large number of Chinese users.
Even source codes were stolen and Chinese mmorpgs would appear with the exact same gameplay but different skins and names.
Wild times.
SIN like from Shadowrun? Are you SINless now?
There were generators? I googled for hours to get Korean wow beta accounts.
In the early days of the internet you could download a generator written in simple visual basic im not sure how it was able to do this but worked well enough to signup and play on almost all the online games
Eventually was made illegal and what ended up happening was a huge korean social security numbers being traded online in Chinese forums (who had economic incentives to farm, hack, cheat items from korean mmorpgs)
Korean internet is still extremely fast. It hasn't decreased in price sadly though.
Gigabit links to the home were cheap in South Korea 20 years ago, something like $50USD/month, IIRC. The population is so dense, it was comparatively quick and easy to put in the infrastructure.
Some of the fastest pirate FTP sites in the world were .kr at the time, it was crazy seeing 125MB/sec inter-site transfers back then.
The ops must've set the machines up with a /dev/shm ramdisk or similar for uploads. There were no SSDs those days, so no way to even write at 125MB/sec, unless you had an unreasonably large Raid-0 array of WD Raptor HDDs, also possible.
How can prices decerease when every provider is a chaebol in bed with the government?
The government could make upgrading the infrastructure and lowering prices a priority.
It's also worth noting the SK has some pretty terrible laws around the internet in general. Distribution of porn is illegal there and they do their best to block it from outside. They are pretty big on cyber defamation and will go after people who make fun of government officials[0]. They have a comparatively low internet freedom score because they do things like fine middle schoolers for having anti-government websites and the president pursues legal action against YouTubers[1].
It's pretty interesting when coming from the west where all the problems are often spoken about in the open. I mean the great American past time is complaining about the government. But in SK there's a lot more trust of the government and similarly, a lot more control by them. And it is a fairly tight knit group and there's only a few companies that dominate the country.
[0] https://www.nytimes.com/2012/08/13/world/asia/critics-see-so...
[1] https://freedomhouse.org/country/south-korea/freedom-net/202...
> the great American past time is complaining about the government. But in SK there's a lot more trust of the government
Are they really more trusting of the government in south korea or is that just what people will say if you ask them?
If my government aggressively went after every youtuber and literal child who dared to say bad things about the government I'd probably lie and say I trusted my government too whenever asked.
Relevant concept: https://en.m.wikipedia.org/wiki/Preference_falsification
My partner is Korean, yes, they actually trust their government more while being aware of these things.
> They are pretty big on cyber defamation and will go after people who make fun of government officials
Because cyber defamation would go rampant otherwise and people would end up killing themselves on lost reputation and cyber bullying. You have to understand Korean culture, where reputation and how you're viewed in society is extremely important.
> You have to understand Korean culture, where reputation and how you're viewed in society is extremely important.
I do understand it, and I think it is dumb. If it is to the point that it is causing people to kill themselves, it is dumb. This doesn't justify the people harassing others, but rather that the cultural element about getting so involved that leads to such harassment is also dumb. Cultures are hard to change, but at the end of the day it literally is up to people collectively deciding change is needed. There is nothing physical in the way. Habits are hard to change, but not impossible. And we should not excuse harmful behavior by claiming it is simply culture.
(There are many elements of Korean culture that are great. But they do not necessarily rely on such a strong notion of reputation. Reputation can still be important without going to this extreme, where it is excessively difficult to redeem.)
You mean the Korean netizen culture where celebrities routinely kill themselves? Where people not only still bully, but rapists can sue their victims for defamation and win?
I mean this. It's in Japan but Korea is no different. No one deserves this.
https://www.theguardian.com/world/2020/may/24/hana-kimura-gr...
That explains some managers I've had. Yeesh
I wouldn't comment over other statements, but...
> Distribution of porn is illegal there and they do their best to block it from outside.
Incorrect, it's yet another incorrect meme. Legal pornography is always possible in South Korea, and while the actual threshold varied over time (because you know, there is no objective metric for them anyway so it has to be a function of the approximate social consensus), legal pornography is not necessarily "milder" than illegal pornography distributed via blocked websites. (EDIT: incorrectly put "stronger" there...)
The South Korean treatment of pornography was extremely distorted mainly because of the rampant copyright violation over pornographic materials produced elsewhere. That blocked virtually all attempts to sell legal pornography and profit from it, why would you pay when you already have tons of free porns out there. Technically speaking, a large portion of the current adult population should have been found guilty if foreign producers could sue them, and I can tell you that the name of a certain blocked but still popular pornographic website [1] has became a household name for many males in their 20s and 30s!
And here is where the SK law's technical distinction between legal pornography and illegal obsence material turned out to be handy. Since those websites distributed pornography illegally, you can just consider them obscene and thus exempted from the copyright protection (!). I really hate this situation and like to see the radical change, but I can also see that it would become a massive and uncontrollable international affair otherwise. So that's why those websites had to be banned (to signal that it is indeed illegal), but the ban itself is so weak that it can be easily bypassed (more effective ban would be harder to justify).
[1] I don't like to quote its exact name, but as a hint, it is often followed by "꺼라 turn sth off".
I don’t think it’s a stretch to argue that porn is “de facto” illegal in South Korea
Thank you for taking time to write this explanation, but otoh it's a lot of words to say that it's "kinda illegal"
"Kinda" may mean so many things that "kinda illegal" is as useful as no information, hence all these elaborations. They also matter for the eventual resolution.
I beg to differ. Using "Incorrect" to counter the statement that distribution is illegal implies it's largely untrue. While a distinction between "illegal" and "de facto illegal" exists, your own explanation doesn't support such a strong rebuttal.
You acknowledge that legal pornography, while technically possible, faces significant hurdles due to rampant piracy and legal loopholes. This creates a situation where accessing legal pornography is difficult and impractical for most, making the initial statement, that distribution is effectively illegal, more accurate than your initial "Incorrect" suggests.
Maybe I should have also explained that, in spite of these difficulties, there do exist lots of pornographic materials legally available in South Korea. There are many adult-oriented channels in many cable television providers for example. If my wording made you think that legal pornography is technically possible but practically dead in SK, it is my fault. Legal pornography is okay, but just less popular than illegal pornography, I meant to say. (Probably because it is still a taboo to openly say about illegal pornography.)
> Incorrect, it's yet another incorrect meme. Legal pornography is always possible in South Korea
I never said pornography is illegal.
It's a lot easier to buy into a government when the most horrid example of one in modern history (arguable, I get it) is only 100 miles to the north with a huge amount of artillery pointed at you.
South Korea has a far crazier history [1] than I think most realize. This [2] is the first president of South Korea, installed by the US, and then eventually ferried off into exile in Hawaii by the US after a revolution, leading the 2nd Republic of Korea. That was followed by coups and all other sorts of great things, including 4 acting presidents that did not serve more than 50 days a piece, eventually leading to the 3rd Republic of Korea which was another dictatorship who then had his dictatorial powers codified in the 4th republic. Then he was assassinated and you get the the 5th republic where the dictator's friend was put in power. Then you get the 6th republic in 1987 (!!) and that's the South Korea we're somewhat more familiar with.
Even in modern times, I think most don't realize how wacky Korean politics has been. For instance the president from 2013-2017 (Park Geun-hye, daughter of a former dictator) was involved in some sort of weird cult-like grooming controversy where she was being groomed and controlled by what some media called a 'Korean Rasputin.' She was eventually impeached and imprisoned for corruption/abuse of power, and is now serving decades in prison.
And it seems the current president of South Korea has an approval rating in the 30s. So I have no idea how Koreans view their government, but it's really unlike anything I think that we can compare elsewhere. But I suspect "trust" and "integrity" are not the sort of words that'd be on top.
[1] - https://en.wikipedia.org/wiki/History_of_South_Korea#
[2] - https://en.wikipedia.org/wiki/Syngman_Rhee
> and is now serving decades in prison.
I wish. It's a national tradition to jail and then pardon the president. She's been free for years, and is often kow-towing and gladhanding current administration members.
And they are facing the demographic cliff of demographic cliffs...
Although what I suspect will happen is that North Korea will fall apart eventually and South Korea will get a demographic surge from immigrating North Koreans.
Will China allow NK to fall apart?
China just wants a geographic buffer zone. If everyone in NK moves to SK, they don't care.
Would it be worth it for China to prop them up? I get that they're communism buddies or whatever, but what does China get out of it? What does China really need from North Korea?
From the Chinese and Russian (Soviet) perspective, letting a few Koreans get oppressed is worth it considering the alternative, a land border with the US
China can has influence over North Korea rather than it will be US (don't forget that there are two Koreas because USA and USSR both wanted to rule Korea but couldn't win against each other).
China doesn't want the US military on their border
Not to mention when you were also very recently occupied by a neighboring country. And an extremely brutal occupation at that. I mean there's still a handful of women still alive who were sex slaves, it wasn't that long ago. Korea really has had it tough, but I wish that would be a drive for more freedom, not less.
> Distribution of porn is illegal there and they do their best to block it from outside.
Good. Why should any country be a conduit for porn? Most sane countries frown upon and limit things like porn, gambling, drugs, etc. Like we used to until fairly recently.
> They are pretty big on cyber defamation and will go after people who make fun of government officials[0]
It's like that in most countries. Other countries can have their own values. Nothing wrong with it.
> They have a comparatively low internet freedom score because they do things like fine middle schoolers for having anti-government websites and the president pursues legal action against YouTubers[1].
Freedomhouse is apparently a state propaganda outfit.
'Most of the organization's funding comes from the U.S. State Department[4] and other government grants.'
https://en.wikipedia.org/wiki/Freedom_House
You are linking to a propaganda site created solely to push a political agenda. Germany has an amazing 'freedom' scores but you could go to jail in germany for espousing certain beliefs about certain events in ww2.
That south korea scores low in the freedomhouse index is a good thing. Though it is surprising given that south korea is a militarily occupied vassal of the US.
> It's pretty interesting when coming from the west where all the problems are often spoken about in the open.
Are they really? You are conflating 'the west' with the US. Most of 'the west' is not like america. In most of the west, you can go to jail or be punished for speech. Most of the west doesn't have free speech that we do in america.
What's with the neverending 'coming from the west' from foreigners here? So many foreigners here pretend to be americans here? Why?
> In most of the west, you can go to jail or be punished for speech. Most of the west doesn't have free speech that we do in america.
I'm going to assume you don't travel much cause on our side of the pound we can very much speak out loud of many things the US can't.
In fact, we don't have the absurd taboos that force the US to use alternative words. We can:
- Report "He disrespected his colleague, calling him a niger". No need to hide that behind "the n-word".
- We can call pedophilia what it is and debate about how to punish it, instead of using acronyms like CSAM for fear of being labeled in a certain way.
- We can show tits or talk about vagina and not get "porn" tagged all over.
> I'm going to assume you don't travel much cause on our side of the pound we can very much speak out loud of many things the US can't.
Pound? What country are you from? Why are people so sneaky? Hiding behind 'the west'.
> In fact, we don't have the absurd taboos that force the US to use alternative words.
What? None of what you wrote applies to the US and none of it has anything to do with free speech. It applies to woke social media. What does 'porn tag' have to do with free speech? Besides, my point was being jailed or punished by the government.
> We can:
Question the holocaust without going to jail?
Another memory from the terrible South Korean Internet is how the national banks required customers to log in using Internet Explorer because of mandatory ActiveX blobs of code.
It makes me sad that all of these started with US's restriction on the export of cryptography, which prompted South Korea (among others) to develop a domestic algorithm that was unsupported by contemporary browsers at that time.
The US export restriction applied to other countries as well. The question is what has made Korean internet uniquely bad.
I think the answer itself is clear to me: SK bit the bullet much earlier than most other countries, having implemented a nationwide ADSL infrastructure by circa 2000. The same thing happened to Japan for example, where early mobile services were so successful that they essentially stagnated further development until SoftBank's introduction of iPhone.
Active-X was AFIK a common requirement for banking e.t.c. during crypto export restrictions but once they where lifted almost everyone switched to https. What different about SK is the laws which keep their IT security in the past.
One guy who developed and marketed and then lobbied a single solution that aged extremely poorly.
https://en.wikipedia.org/wiki/Ahn_Cheol-soo
One answer is internet banking being way more cumbersome and less advanced in other countries. At that time spending time on the phone or have the customer come spend a miserable time at the agency was the prefered way from the bank's perspective.
To this day many banks won't allow all operations from the online interface.
It wasn't unique to Korean.
15-20 years ago Chinese banking website did exactly same things. Maybe they got the idea from SK, don't know. It only ended with widespread adoption of mobile phones and Chrome.
They have such weird constraints. Even Coupang Play refuses to load their video when I'm on Linux, which makes no sense at all.
Can I get a link to a few of those sites? I want to see what happens when I visit using Firefox and tor browser.
> Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained.
It is not a myth! A decade ago, though. I would still consider it is "good" in terms of objective metrics, but other countries have since caught up.
> Is it because all the customers and services are in the same city so it appears low latency?
No, because it would only apply to a quarter of the entire population of South Korea if it were true.
> Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
Same here in Japan. The funny thing is that both me here and my parents back in Spain have gigabit fibre, yet my parents' connection is much faster than mine.
>Is it because all the customers and services are in the same city so it appears low latency?
Yes. It's because the internet of Korea is so well done between nearly all areas of the country with great speeds.
But it's true that Korean internet is super fast only within Korea, but the borders are also normal fast borders to other countries so they're just as fast as say a 1gbps connection in Australia.
Good Korean internet is not a myth, they had fibre everywhere by the time rich people in the US or Europe were getting it. Korean internet is good, it's just that their ISPs are also fairly evil like the rest of the world, but they have less freedom constraining their evils.
https://news.ycombinator.com/item?id=40806633
As said, it was good/impressive 20 years ago, now it's just what everyone else has. And SK software is a joke, like the linked post elaborates.
I don't know if it changed during the last 5 years, but when I was there I wanted to use Google maps for navigation and it looked like shit, so after some digging around I found because apparently there are some SK patents that prevent Google from using a lot of modern tech. So no wonder SK people compare that to naver and think their IT tech is top notch, but if you compare it to the "real Google", it's a joke.
It's the same in China actually, but there you simply can't access the western counterparts at all usually.
The local variants of map apps are leaps and bounds ahead of Google Maps at any point in the last 10 years though. And that's not due to Google being restricted.
Google is free to do what it wants in Australia, but it still sucks pretty bad.
But yeah, SK software got sabotaged by people in power unfortunately. But the software also has some high standards from locals it has to live up to.
So it's stuck in a situation where the app is quite neat, but it will be as stubborn as a mule if it needs anything to spec.
> According to the news report, KT said it directly planted the malware on its customers that use Webhard’s Grid Service, as it was a malicious program and that “it had no choice but to control it.”
Looks like the major ISP and some cloud service provider are having some kind of ridiculous fight, and they're using their customers' computers as the battlefield. I'd be pretty disgusted if I were a customer.
They should be dusgusted. KT's market share something like 80% of landline subscribers and 45% of high speed Internet usets. This is Korea's equivalent of AT&T. The National Pension Service owns ~13% of it.
Wow, are they trying to have worse internet than DPRK?
Funny how both spectrums of fully controlled market and fully free market can be terrible. Apparently what they did was a crime but it shows the spirit, they though at least that they can do it and get away with it.
I imagine keeping at the front of the pack on any infrastructure investment is very difficult. I mean, it’s an investment, you want to give it time to amortize, right?
Wow I've always heard that South Korean internet is supposed to be one of the fastest in the world? How did that go wrong?
Policy failure. South Korea enforced a "Sender Pays" rule for networks, eliminating peering between ISPs. This resulted in companies moving there server to neighboring countries to avoid paying for traffic, which was free before.
More details: https://www.internetsociety.org/resources/internet-fragmenta...
How is this not criminal?
It is criminal. From the article, 13 KT employees and contractors were charged.
>Police officials acted on the information and discovered it came from KT’s own data center south of Seoul. ... They’ve since identified and charged 13 individuals, including KT employees and subcontractors directly connected to the malware attack last November,...
I'm actually very impressed. If this happened in the US, the police wouldn't care about it at all, and would just tell everyone affected that "it's a civil matter" and they'll have to file a lawsuit if they don't like it.
I think you're too optimistic. My reading is that the police is investigating low-level employees and subcontractors. I.e., profit for the corporation, consequence for the employees. And especially subcontractors. (Workplace discrimination against subcontractors has been a hot topic in Korea: subcontractors literally die in factories because they're pushed to handle dangerous tasks while "regular employees" get cushy desk jobs.)
Yeah. At they pulled a Sony on a smaller scale and have better relations with the local govt.
The people who ordered it done will be fine.
https://www.fbi.gov/news/stories/chinese-hackers-charged-in-...
It took 3 years but the FBI published the names of the fellows they believe are responsible for breaching equifax and stealing private data about half of americans
Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei
This makes sense because the US does not have a set of laws that criminalize Computer Fraud and Abuse
Selective enforcement of broad-scoped laws via prosecutorial discretion is how real power works and how the status quo is maintained.
I like the idea that upon seeing a massive and indiscriminate MITM attack all of the various law enforcement agencies with a remit that includes data would just solemnly bow their heads and not attempt to stop or investigate it because a corporation probably wants the attack to happen.
Kevin Mitnick would disagreed
May he rest in peace.
Damn, pancreatic cancer in 2023. I didn't hear until now.
Maybe you're joking, but they certainly do. They'll happily use them against individuals too.
But against a large company? I'll believe it when I see it.
The US law about this is the Computer Fraud and Abuse Act, it's clearly a joke. We're all in agreement it's not really used against large companies.
it's a joke, the name of the law is "Computer Fraud and Abuse Act"
[flagged]
What is this comment even referring to?
Exactly which country do you think I live in?
[flagged]
> If this happened in the US
Perhaps this would be a good moment to pause and ask yourself why this hasn’t happened in the US.
Perhaps this would be a good moment to pause and ask yourself IF this hasn’t happened in the US. :)
Definitely not the same but I remember late in the days of Napster there were companies that would upload "poisoned" mp3's of popular artist that were not the actual song requested to thwart piracy.
South Korea information technology (as distinguished from hardware-related technology) is unbelievably bad. Much of it is purely technical: domestic firms like Naver are simply not as good as global incumbents like Google, but also they are terrible compared to other regional players (The Kakao chat app is vastly inferior to Zalo, a Vietnamese chat app). However, just as much is due to poor cultural and interpersonal decisions. This news case highlights such a cultural factor.
Note that KT, while relatively recently privatized, is still a national corporation that is considered a critical national asset under the law (thus if the North attacks, KT towers are first priority to be protected by the South's military). So, it is not as if some rogue SME infected its users with malware; it's a national corporation infecting its users over and not even be sorry about it (as in the article).
Plenty of other comments detail the strange Active X requirement: The national law had dependency on Internet Explorer/Active X. (I do not know of any developed nation having a national legal dependency on a specific corporation's consumer technology at this scale.) Also, many comments on South Korea's purportedly great infrastructure (albeit two decades ago). There is more to this.
Interestingly, if you ask an average Korean, he would say Korea is literally the best nation in IT/internet technology, topping or at least on par with the US. The national propaganda effort that went into forming this collective conscious should not be understated. Even many of the top programmers in South Korea I met strongly believe in this superiority. I wonder if this strong sense of superiority is both (1) preventing SK from improving its actually-lagging tech and (2) act in Dostoevskian-Raskolnikov manners thinking that it is above the law and consensus ("the best can break the rules and set new ones"). Whatever the underlying reason may be, there is a serious techno-cultural issue going on in the country.
One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
> many of the top programmers in South Korea
Odd statement. How did you know that the people you met are "top programmers?"
> One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
To be fair I can see why the practices of Amazon could be considered a scam. Every time you buy something you have to untick "I want Prime"
lol, that is a scam though
South Korean internet had been one of the best and fast network in the world; especially up to the point before KT was privatized. After privatization, three internet service providers have been focusing on exploiting profits, not on making better and faster network infrastructure because they don't have to.
wouldnt competition naturally produce better products if there are 3 providers? from what i remember services from companies, or really any type of services were top notch in korea. due to culture, competition, etc. also noting pricing in general is very high in korea
https://en.wikipedia.org/wiki/Natural_monopoly
Competition theory assumes that if firms are abusing their market position by overcharging consumers, competitors can enter the market and undercut them.
When you have a market with very high barriers to entry (government regulation + physical infrastructure costs), you can't just start your own internet service provider to undercut existing Korean telecommunications, because you won't make enough money to pay your investment back.
Yes, this is called a ‘natural monopoly’. It’s the case with most infrastructure - basically there is little incentive for a private company to be more efficient than a public utility, since anybody building competing infrastructure is infeasible, but because they want to make profit there is incentive for them to charge more and to cut costs in other ways (like not investing in more than the bare minimum of maintenance). So it generally tends to work out worse for the customers.
Unfortunately some people genuinely believe the private sector will always deliver services cheaper and more efficiently than the public sector, so all around the world this mistake keeps being made. And the continual failures seem to never affect the firm belief of the adherents to that theory…
It's like people who support drug prohibition... ample evidence that something doesn't work won't stop people believing it.
The EU forces telcoms and ISPs to allow competition on their infra. Decent prices and good service
Germany checks in.
I’m not sure how is the reality in South Korea but, if my country is anything to go by, these 3 companies are probably a hidden cartel that monopolizes the price and offers while offering the bare minimum.
Hello fellow Canadian?
There's no economic motivation to compete. The motivation is to raise prices slightly, wait for the other two companies to follow suit as a signal, then to raise prices again. If you raise and someone doesn't follow, backtrack to the previous level. This is assuming that they don't just have a meeting and set prices over drinks.
Right. There are two possible very different strategies - even illegal collusion. There is no reason to compete aggressively until one of the "several" chooses to break ranks and do so.
And if the one that breaks ranks is tiny, that might still not be enough reason for the others. Since there is a good chance they will just fail.
This is one of those situations where rubber hits the road on theory vs real life. The concept of multiple vendors being better for the user seems to not play out as the multiple vendors are still a low number (3 in the current example) which means it's very easy for them to collude even if they never actually get in the same room, chat session, email chain, etc to do the colluding.
Who said it's a competition? Three providers could simply build a cartel.
This has been the argument for decades to justify privatisation of state infrastructure. Anything with high barriers or physical limitations instead just becomes monopolised. It’s a failed experiment at this point. I’d be highly suspicious of the motivations of anyone arguing for this in 2024.
Forgive me, one time: LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOLLLLL
[dead]
Did they exploit a vulnerability or MITM the traffic somehow?
Edit: While looking for an answer, I ran across this article. Apparently they've been fighting for a while (2015):
https://www.opennetkorea.org/en/wp/1529
Bittorrent normally hash checks all content against metadata in the torrent file so a simple MITM wouldn't be enough to inject malicious data unless the torrent metadata itself is being sent in the clear.
I had the same thought, i'm very confused about the details of the attacks.
As an ISP if they detect you doing it, and they control DNS servers, maybe they mark your account for death, and they could like randomly hijack you going to google.com to some download for malware, and unsuspecting user clicks accept? Not sure, i'm curious how they pulled this off.
Any http exe-file download could be hijacked if you are an ISP. Maybe KT have some "dailup login" app the user needs to login with?
But why would it be http?
I am wondering if this is one of those "using the term bittorrent for anything peer to peer" cases... maybe Webhard has its own peer-to-peer protocol that is more vulnerable, and they are just calling it bittorrent?
I’m pretty sure it’s not literally BitTorrent, but a distorted version of it to build private paid peer-to-peer networks.
[dead]
The title is very clickbaity. These are not users downloading torrents in the normal sense. It's users that are using a specific piece of software that happens to utilize the BitTorrent protocol.
There is an enormous issue here. A service provider committed crimes against customers and their justification is the customers were using a protocol to exchange something. The service provider has no idea what the something exchanged was.
It's similar to arresting someone because they are speaking French. I don't speak French and I don't like people who speak French because sometimes French people say stuff I don't agree with. I don't know what they're saying but I hate it.
Unfortunately, it's not explained in the article how the malware was actually sent to users. I wonder how they did it.
Especially because BitTorrent is mitm-resistant (uses hashes).. did they find a 0day in the client?
Or mitm your download of the .torrent file (and/or anchor link site)
Yeah, until any details are provided, I would just assume that the ISP already requires that users install some kind of software, and they just pushed the malware through that program.
The torrentfreak article seems more informative and has links to the source video report https://torrentfreak.com/south-korean-isp-infected-torrentin...
From what I understand of the autotranslation, the ISP planted the malware somehow and that malware interfered with the P2P system, but no mention of actually using the P2P protocol to spread the malware
https://news.jtbc.co.kr/article/article.aspx?news_id=NB12201...
You don't need to install any software to use the internet at home in Korea. You just get a modem that connects to fiber at one end and exposes an ethernet port (or wifi) at the other end. Just connect to that port and you're online immediately.
ISPs also provide TV and a bunch of other services, though, and some of them might require installing specific software in order to use on a PC. Or perhaps they hijacked an unencrypted download of someone else's software, most likely some component of the file sharing service in dispute.
I reckon they used a good old fashioned honeypot. Seed a torrent of some random popular content that also contains malware payload, and let users download it.
KT built fiber connection here in Poland ~15y ago. Project was made in a large part of the country, strongly subsidised and thought as a backbone for other ISPs. 4k km of fiber underground and multiple nodes.
Project is now being nationalised as kt: - didn't pay subcontractors. Many of them went bankrupt - offered prices so large, that other isps would rather create their own infra than use theirs - abandon the project totally Of course i shouldn't put this under KT's name, as they used a subcompany - SungGwang - for all the dirty stuff.
So, fast forward: we laid a new infra parallel to this one in many cases and that one lays in the ground and rots.
Hell Joseon strikes again.
For context, the legal situation of network usage in South Korea is something akin to Ajit Pai's wet dream. Network operators are legally empowered to charge troll tolls on both ends of any connection they want. Infrastructure costs are to be borne by literally anyone BUT the network operators.
To compound this, South Korea is economically an authoritarian hellscape. Large megacorporations[0] own everything and the government is just a clearinghouse and mediator for their interests. Corruption is so rampant that even administrations run by ardent anti-corruption activists wind up being toppled by rampant and widespread corruption.
I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct. Anyone with the power to put people behind bars in South Korea will be unmade if they touch a chaebol.
[0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
> [0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
More like the Allied occupation forced them to dissolve the zaibatsu. They later reformed as the keiretsu, and while still immensely powerful, are nowhere the level of the old zaibatsu or the Korean chaebol.
> I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct.
I mean, you're assuming that an SK Telecom executive did something illegal. I don't think anyone here is a supporter of corruption, but you're making a huge, completely unjustified leap to say that an SK executive was involved.
MITM by ISP and the government! Even SK constitution said it is illegal. but they don't give a damn about it.
They are scanning SNI field and manipulate packet to prevent user visit certain sites.
> Even SK constitution said it is illegal. but they don't give a damn about it.
This is a popular meme that is also not entirely correct. I should stress that this incident is very different from the usual MITM from ISP and government though. I assumed you are talking about the general MITM because you mentioned SNI (because you can't put malwares with just SNI sniffing).
The constitution only says about the "privacy of correspondence" in the Article 18, and several acts including the Protection of Communications Secrets Act (통신비밀보호법) [1] and the Act on Promotion of Information and Communication Network Utilization and Information Protection (정보통신망 이용촉진 및 정보보호 등에 관한 법률) [2] do have many exceptions that make them legal at least in principle. Indeed, most websites blocked by SK ISPs host either illegal obscene materials (distinct from the legal pornography in the SK legal system) or advocacy for North Korea (illegal due to the National Security Act 국가보안법). I'm not necessarily for such blocks but it is plain wrong to say that they are illegal.
[1] https://elaw.klri.re.kr/eng_service/lawView.do?hseq=7235&lan...
[2] https://elaw.klri.re.kr/eng_service/lawView.do?hseq=38422&la...
So pornography threats national security? I don't think so. "Quis custodiet ipsos custodes?"
Even NK advocacy sites do not threat national security either, but I meant that such restriction is allowed by the law which was ultimately passed the Congress and so you are wrong to claim that it's "illegal". See also my other comment for the background.
Also the watchmen argument against such restrictions is so old at this point that there are lots of counterpoints available for you, if you wish.
which exception by the way? please explain which exception makes them `legal` to scan every communication for censorship. not everyone and not every network requests are related to national security and illegal action(i.e. gamble, drugs, etc.)
> which exception by the way? please explain which exception makes them `legal` to scan every communication for censorship.
Oh yeah, see the Act on Promotion of Information and blablabla, Articles 42-2, 44-2, 44-3 and 44-7. In particular Article 44-7 (2) through (4) explicitly allow for such technical measure to be enforced. ("Information and communications services" include ISPs for sure, see the definitions in Article 2.) Like it or not, it is legal in principle and your claim doesn't make it illegal.
> not everyone and not every network requests are related to national security and illegal action(i.e. gamble, drugs, etc.)
By the way, you seem to acknowledge that the government can scan them for illegal actions then?
> By the way, you seem to acknowledge that the government can scan them for illegal actions then?
nice try.
Reminds me a lot of the telecom situation in the US. There are lots of people who e.g. hate Comcast but basically have no choice in their area if they want broadband. Granted, a malware attack, is another level of terrible, but isn't it "interesting" how pseudo-monopolists seem to be resistant to meritocratic forces?
How exactly was the malware deployed?
In Korea, ISPs often encourage their customers to install programs to access additional services. For example, antivirus and parental control programs are quite common. Parents also use these programs to monitor and restrict their children's gaming and internet usage. Distributing malware as part of the installation process for these services is not difficult for ISPs.
> The judiciary actually ruled in favor of KT. It said that Webhard didn’t pay KT network usage fees for its peer-to-peer system and didn’t explain to its users how the Grid Service works in detail
Huh? The users are paying for their network, so they should be free to do with it as they wish. How is Webhard involved in this discussion? This is something the ISP may wish to discuss with its users, if the ISP feels the users are consuming more than they paid for.
Facinating to see the same game played across nations, technologies, and time: https://slate.com/technology/2010/02/the-little-told-story-o...
Just charge them 250 a head for the equivalent for analysis and remediation should only cost about 150M usd plus about 10-20M to administer. Liquidate the executives holdings including stock then the companies assets and it will never ever happen again.
As a former resident of Russia, I'm not the least bit surprised. The practice of implementing parasitic scripts there began in 2014, and to date has been continued at the level of the largest provider as well as the monopoly owner of international channels (Rostelecom).
Good luck to the believers that someone there will be punished for this. For everyone else, switch to encrypted protocols.
[flagged]
This is really not even close to being true.
Private trackers, anyone?
[flagged]
Not best Korea anymore.