Sometimes in an accident things happen in slow motion and all the mistakes it took to get to where there is no escape“the Korean government made Redmond’s software a requirement for online shopping and banking; a historically weak spot in online security.” pile up in great clarity. That’s happening in Korea where the government made a long chain of mistakes in setting up an ID-system for citizens.
The biggy is that they required the use of M$’s OS to do all kinds of on-line and financial transactions. Now most of the citizens’ unique identification numbers are the property of criminals who stole them from various businesses. This was an election issue a couple of years ago and now the mess has hit the fan. It might be instructive for Koreans to read Exhibit 465 in US DOJ v M$: “We have won platform battles before. To_make history happen again, we must make the industry embrace Internet Explorer and ActiveX:
* establish a significant installed base of users (browser share is starting point),
*sell the beneï¬ts of our platforms to the content developers,
* convince the inï¬‚uential webmasters to switch to our standards and promote them,
* reach the producers,
* help the traditional developers (ISVs and corporate developers) write to the ActiveX platform, so they develop the
rich base of Web applications and controls that establishes the value of the platform,
* “activate” our partners to create a supportive environment of partners – able to sell, integrate and support our solutions and 3rd party ActiveX technology.”
Yep. M$ set the trap and Korea and many others fell for it. M$’s salesmen weren’t the least bit interested in Korea’s security. Korea just got over migrating from XP to “7”. They largely skipped “8”. Now would be a good time to have a security fiasco with “7”. Everyone clearly sees that other OS as insecure. China banned it in government. It would be sweet if Korea did the same. I can see legislators considering this legislation while the phone calls and e-mails pile up.
I expect Korea will have to redo everything and get it right this time. Let’s hope they demand GNU/Linux be used for on-line/financial transactions and to protect data but failing that let’s hope they make GNU/Linux optional and the people can decide. There’s something refreshing about a whole country aroused about insecurity with that other OS on the check-list of things to fix.