Why Internet Explorer Still Dominates South Korea. 218
New submitter bmurray7 writes "You might think that the country that has the fastest average home internet speeds would be a first adapter of modern browsers. Instead, as the Washington Post reports, a payment processing security standard forces most South Koreans to rely upon Internet Explorer for online shopping. Since the standard uses a unique encryption algorithm, an ActiveX control is required to complete online purchases. As a result, many internet users are in the habit of approving all AtivceX control prompts, potentially exposing them to malware."
Timmay! (Score:5, Insightful)
AtivceX? Go, Timmay! You're a kickass editor!
Re:Timmay! (Score:5, Funny)
His spellcheck is an ActiveX plug-in
Re: (Score:3)
I think 'editor' is entirely too charitable a term if they can't even proof-read the summary (or, last week, THE HEADLINE). 'Blind rubber-stampers' has a nice ring to it.
Re:Timmay! (Score:5, Funny)
I think 'editor' is entirely too charitable a term if they can't even proof-read the summary (or, last week, THE HEADLINE). 'Blind rubber-stampers' has a nice ring to it.
You've been fooled apparently. Spell checking is so 90s. Just post your document to Slashdot and it will be checked for grammar, spelling, and fact.
Re: (Score:3)
Nooo, he only encrypted the term with that unique algorithm.
Re:Timmay! (Score:4, Informative)
AtivceX? Go, Timmay! You're a kickass editor!
You too, since you missed the chance to pick on him for:
- "first adapter"
- "South Korean's"
This is actually the most illiterate post in a few weeks!
Re: (Score:2)
Re: (Score:2)
He also spells Internet without the capital I. It's a proper noun.
Re:Timmay! (Score:4, Funny)
AtivceX: So wrong you can't even spell it right.
Macs? Linux? (Score:5, Interesting)
From TFA:
Holy crap!
Re:Macs? Linux? (Score:5, Insightful)
Macs and Linux? Those *are* a tiny minority, especially Linux. Your main problem is: the *extremely* common Android doesn't support ActiveX, neither do common iOS devices, the Metro version of IE (Windows is very common too obviously) and the only version of IE for WinRT/Phone/Mobile/CE don't support it as well (although very uncommon). Oh, and not the x64 version of desktop IE. It also doesn't work in very common web browsers like Firefox, Chrome and Safari (anything besides IE). And it won't work on anything that doesn't have a x86 CPU. Relying on ActiveX in 2013 is insane.
Re: (Score:2)
On tablets and smartphones, South Koreans donâ(TM)t need any particular browser for purchases â" but they do need to download special security apps that meet government standards.
There's some kind of non-ActiveX solution for mobile devices. Who knows what the actual support list actually looks like, though...still, it means that some things without X86 and Windows will work.
Re: (Score:2)
No virtual machines in South Korea?
Taiwan does it too (Score:5, Funny)
Re: (Score:3)
Some banks in the UK do that as well, but it requires you to type an 8 digit number from the card reader into a text box on the website.
Re: (Score:2)
Some banks in the UK do that as well, but it requires you to type an 8 digit number from the card reader into a text box on the website.
But at least these are completely separate from the computer (don't require ActiveX or anything) and they're standardised too so you can use the card reader from one bank, with a completely different bank.
Re: (Score:2)
So how does mobile banking work?
Android nor iOS support that.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
That is all you really need to do banking. There is no need for a separate application.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
That sounds even more insecure. Some malware that copies the read contents of the card and sends it off to some database. A different type of card skimming.
Re: (Score:2)
Hmm, reminds me that I haven't logged into my banking account in a year. I just don't see the point of it, except when I can't find some paperwork for taxes.
Re: (Score:2)
The same system is in use in The Netherlands with most banks. Some banks use their own remote cardreaders though. The Dutch banks were helped by the fact that they automated a looooong time ago.
Re: (Score:2)
the same system can be used for paying pizza orders from 423423 pizza places in finland as well(it just links to the bank and then back).
though I still wish my finnish bank went back 13 years, because their design back then was better(the fucks by the way changed for couple of years in 2009 or so to using a java plugin for typing in the pin for no security benefit whatsoever! they stopped it now though... ).
but local association monopolies who are in good terms with each other tend to go for stupid standar
Re: (Score:3)
The reason the Koreans (and some of the other Asian countries) created these banking standards is that at the time, getting any kind of secure mass-market crypto from US vendors was nearly impossible thanks to export controls (remember the old "Export" versions of things like Netscape and IE?)
So because they couldn't get high-strength crypto from the US, they had to roll their own, hence things like SEED.
Re:Taiwan does it too (Score:5, Informative)
Re:Taiwan does it too (Score:4, Informative)
Finland was even more back-to-basics 20 years ago, IIRC, you could just SSH into the bank, and have an interactive banking session from a menu driven interface.
And some parts of the world still have cheques, sigh...
SEED in Flash, Java, JS, NPAPI, or PPAPI (Score:4, Interesting)
Re:SEED in Flash, Java, JS, NPAPI, or PPAPI (Score:4, Informative)
Well, according to the Wikipedia article linked in the summary, it is is supported in NSS, and hence in Firefox (since version 3.5.4).
As for whether or not there is something else required as well as the cipher itself, dunno.
Re: (Score:2)
Samsung Galaxy S series (Score:4, Insightful)
Korea is a tiny country
...on whose soil is headquartered the company that makes smartphones whose popularity challenges Apple's. Besides, the Republic of Korea has about as many people as the entire West Coast of the USA (California, Oregon, Washington, Alaska, and Hawaii) combined.
there is no demand (and thus, no financial incentive) for anyone except the Korean government to implement SEED.
Or for anyone who wants to interoperate with Korea, such as users of web browsers that might get deployed on Korean devices. If Chromium supports SEED, for example, then Samsung phones, tablets, and phablets shipping with Chrome for Android will support SEED by default. Likewise with Firefox for Android.
Re: (Score:3)
One of the most technologically advanced countries on the planet with over 50 million inhabitants is too small to re-implement some crypto? Doesn't sound like a plausible reason to me.
ActiveX controls (Score:5, Informative)
I know too much about this. I'm a Korea-phile, so last year I applied to a graduate school in South Korea and they required me to download like 2 or so add-ons to IE to even complete the online application.
Re: (Score:3)
Is there an IE for non-Microsoft phones? Or do they just not buy anything from their phones/tablets?
Re: (Score:2)
Is there an IE for non-Microsoft phones? Or do they just not buy anything from their phones/tablets?
Even if there were, it probably wouldn't help. 'ActiveX', in practice, is really woven more into Windows(and x86 Windows specifically, especially for the ActiveX controls that are basically just a dangerously easy way of executing native win32 code) than it is into IE, IE is just the transmission vector where you run into it.
IE for Mac never supported it in any meaningful way, and even Windows Phone and WinRT either don't support it at all, or support only the architecture agnostic bits, which precludes
Re: (Score:2)
So, that's a no?
Re: (Score:3)
Re: (Score:2)
On tablets and smartphones, South Koreans donâ(TM)t need any particular browser for purchases â" but they do need to download special security apps that meet government standards.
Also, from Wikipedia [wikipedia.org]:
As of late 2009, the NSS software security library in Mozilla's Gecko platform has implemented support for SEED and Mozilla Firefox as of 3.5.4 supports SEED.
So, who knows exactly which mobile devices has the "special security apps", but people have been able to use Firefox for a few years (assuming the sites don't have hardcoded lists of user-agent IDs or something).
Re: (Score:3)
Even Windows Phone 7 and 8 won't run ActiveX. It's been deprecated by Microsoft for years, and I believe it'll be canned completely when IE7 runs out of support.
Which means either Korea or Microsoft is going to have to do a lot of work in a little time.
Re: (Score:2)
Dang, here I thought their internet connections were so fast that it didn't matter if you had a slow browser.
Re: (Score:3)
Korea is very culturally rich, and very beautiful. I've only been there once, for work earlier this year, and after reporting back to my g/f, we're planning on both heading there next year for several weeks. If you ignore the concrete jungles, the ancient parts are wonderful. However, if you spend all day in the concrete jungles, you are stupid and get what you deserve.
Strange classification (Score:2, Insightful)
So IE 11 isn't a "modern browser"?
Re: (Score:3, Insightful)
Years upon years of problems (Score:4, Insightful)
Re: (Score:2)
If that isn't good enough, we keep a stash of assorted antique VMs in the freez
WTF? (Score:5, Funny)
Even Microsoft is looking at SK and saying: "WTF? We don't even use ActiveX anymore."
Re:WTF? (Score:5, Funny)
Don't get on too high of a horse; Microsoft is also looking at Netflix and saying "WTF? Even we don't use Silverlight anymore."
Re: (Score:2)
Re: (Score:2)
Amazon seems to use both. Sometimes it starts with the flash player and sometimes a silverlight player. I have not figured out any pattern to it so I suspect it is some kind of a test. The silverlight player though works MUCH better than the flash player does. This is true for netflix also.
Re: (Score:2)
But they've become like IBM used to be, and nobody got fired for going with IBM back in the day.
Microsoft is not *that* IBM. By a very large margin.
Don't get me wrong: I like a number of MS products. But comparing Microsoft to IBM on this point is incorrect IMO.
Re: (Score:2)
Microsoft has a long history of producing shitty, proprietary technology and then abandoning it later.
Sure, but it's more fair to say: Microsoft has a long history of producing new technologies/tools, and then abandoning the shitty ones. Most ideas that look good on paper don't work out well in the long run. There's nothing specific to Microsoft about that, except they're one of the few software companies that's been around for 20+ years to have so much baggage.
And, seriously, would you prefer they kept COM and ActiveX around? Eesh.
I can relate... (Score:4, Informative)
My work's HR system requires an ActiveX control with our smart card system. To make things worse, this system barely supports IE7 (apparently IE8 in compatibility mode works, as well, but IE9+ absolutely does not) and they only upgraded it to support 7 because Microsoft stopped supporting IE6. I actually created a VM explicitly so I can log into the HR system (because I HAVE to have IE9 or higher for my other work, since I work in html 5 and need to test on most major browsers). My ops group thought it was odd that I requested key card software installed on a VM, but when I explained my situation they did it (in fact, they set up a lab machine specifically for others with similar circumstances).
Incidentally, nobody really uses IE except for the HR system, and everybody has an old version also because of the HR system. I believe the HR issue is money related and more related to SAP upgrade costs than key card (and I believe we paid SAP to integrate our key card access).
Re: (Score:3)
IE incompatibilities is the only reason we use XP Mode on any of our work PCs - some websites require 6, some requires 8 or newer. For us, it's mostly healthcare/insurance companies that we have to interface with that have the strictest (worst) compatibility requirements.
Re: (Score:3)
I wonder about using XenDesktop for a solution for something like that. That way, there is one VM with Windows Server 2003 or XP, and it isn't taking up space and resources on everyone's desktop.
I've dealt with companies that even now, still require IE6, and actually use JScript hacks to check if a browser is masquerading. Those, I just fire up an XP VM, use that to browse the web, then when done, shut the VM down, drop the redo log. In fact, the VM is stored on one volume read-only and changes are store
Re: (Score:2)
I believe the HR issue is money related and more related to SAP upgrade costs than key card (and I believe we paid SAP to integrate our key card access).
Aha! So that's why Elon builds his own IT [slashdot.org] backend system!
Re: (Score:2)
My work's HR system requires an ActiveX control with our smart card system.
I think our university uses that same damn system. There's been a few instances when the doors wouldn't work because the the card controller got infected with some virus.
Crisis averted (Score:5, Funny)
It's like a microcosm of what might have happened worldwide had ActiveX been as popular as they'd wanted to be.
Same (Score:2)
Much more effective (Score:2)
Internet Explorer IS a modern browser (Score:2)
You might think that the country that has the fastest average home internet speeds would be a first adapter of modern browsers. Instead...
Disingenuous. Just because you don't like it, doesn't mean you can seriously consider IE not to be a modern browser.
Re: (Score:2)
Yeah, it's modern because of release dates.
Re: (Score:2)
Why don't you list some reasons for regarding IE to be behind the times instead of only snidely implying it to be so?
IE requires new Windows (Score:2)
Re: (Score:2)
I wouldn't, because one can't. What's that got to do with it being a modern browser though?
Active fucking X?! (Score:2)
What the fucking fuck? You can run 3D game engines [unrealengine.com] completely in JavaScript, yet those bozos couldn't be bothered just to emscripten their fucking encryption code to let it run in the browser without using MS-specific technology? Sigh.
Re:Active fucking X?! (Score:4, Funny)
Re: (Score:2)
You can run 3D game engines completely in JavaScript
Unless the installed browser blocks WebGL due to "unresolved driver issues" (such as Firefox on Ubuntu on an Atom N450 according to about:support). Or unless the installed browser doesn't implement WebGL at all (such as IE on XP or Vista, or Safari and Safari wrappers on iOS).
Same origin policy (Score:2)
IT work in South Korea (Score:4, Informative)
As someone who did IT work in South Korea this year for couple of weeks, I never felt so defeated trying to upgrade 15 computers from XP to Windows 7. We basically had to give everyone admin rights just for them to do their job. Bank sites that had 11 (!) ActiveX plugins with 3-factor security (password, token, plus USB key with a cert) just for them to log in - and they routinely "update" their controls, which of course, require Admin rights.
The branch manager didn't understand at first why we were having so much difficulty. I had to explain to him that if we adhered by our security standards, we'd have to close the branch because there wasn't a single operation they did which would otherwise be allowed.
I'd rather stay off the net (Score:2)
I'd read about this before ... last year, I think. It's not exactly news.
Having had to do some normal things in IE8 this week, I'm reminded that if I were forced to use that browser I'd probably spend a lot less time on the Internet (maybe that would be a good way to kick the addiction?) I find IE to be a stunningly unusable piece of software, that perfect nexus of slow, not helpful, and capable of choking on a website like a box of dicks.
They don't know any better... (Score:3)
M$ has made most of its profits from gov't contracts and users who don't know to expect better from a computing experience.
I taught ESL in South Korea in 2001/2002...it was right after 9/11 and during the World Cup. The country was burgeoning as a bankable international business player...competiting with **Japan** with companies like Samsung...no coincidence that they co-hosted with Japan that year ;)
Korea was **all about it**...they wanted the best of what was available...to them, the USA was the best at computer tech...so obviously they went with the most *popular* Operating System, and they **made sure** to buy **ALL** the expansion packs and do exactly as M$ suggested...
Which means they've been on a never-ending nightmare Mobeius strip of a ride to user hell.....that, b/c of their trusting nature has painted them into an IT Engineering corner...which was M$ plan all along!
Re:They don't know any better... (Score:4, Funny)
I was beginning to doubt your post, but your repeated use of "M$" instead of "MS" shows you are both erudite and a wonderful writer: a combination sorely lacking elsewhere in this discussion.
Hint: grow up.
Re: (Score:2)
Trying over and over and over to tell people they are "childish" just makes you look childish. If it's "childish" then it will stand on it's own that way. People like you posting this sort of knee-jerk response every single time somebody says M$ just looks like desperation.
In addition "MS" is no more valid of an abbreviation than "M$". The only proper abbreviation is "MSFT" as that is the stock symbol. Otherwise Microsoft wants the name spelled out. "MS" is the stock symbol for Morgan Stanley, and the abbre
Korean internet purchasing is very backwards (Score:5, Informative)
The summary is slightly miss-leading. There isn't 1 standard for ActiveX control, every single goddamn site uses their one ActiveX or Java applet, and you have to install it. I have never seen a more backwards methodology than what Korea has for online purchasing.
The strange thing is, if you use a phone, things are much simpler (generally there is an app). In addition, because of Naver's dominance in the country, almost all sites are integrated with it, and at least offer ways of finding information through it (but not purchasing).
Re: (Score:2)
The summary is slightly miss-leading.
And where is it leading this hapless miss? To a handy haystack, perhaps? :o)
Sounds legit (Score:2)
users are in the habit of approving all AtivceX control prompts
Sure! What could possibly go wrong!?
Now, where did I put the remote for my genuine Sorny television again...ah, here we go, right beside the Magnetbox stereo!
Re: (Score:2)
Why does your company not import their CA cert into your machines?
That way no one gets the error and they can self sign all they like.
Re: (Score:2)
I'd just push the cert out from AD as a trusted root and be done with it... or at least have an internal CA.
Re: (Score:2, Interesting)
"Modern browsers" have real developer tools. IE 10 does not. Therefore, only IE 11 could possibly be considered modern. Since it represents less than 1% of all IE web traffic, it's probably fair to just lump them all together for the purpose of their argument.
Re: (Score:2, Troll)
Press F12.
Personally, IE10+ has surpassed Chrome with regard to being a modern HTML 5 browser.
Re: (Score:3)
The tools aren't as great, but they're there at least. I prefer to debug in Firefox most of the time still.
I think it's nice that Chrome and Firefox update so fast, quickly adding HTML5/CSS3 features so after a short while the majority of people have browsers that can use those features. Even with the difference in release models, IE10 manages to get quite a lot of things right that Chrome still hasn't fixed, like CSS3 linear gradients over large areas without horrible dithering for example, and CSS3 font-s
Can't run new IE on old Windows (Score:2)
The writeup assumes that no version of Internet Explorer can be thought of as a modern browser. This is not true for IE 10 and 11.
For someone who bought a PC before the release of Windows 7, IE 10 and 11 cost money.
Re: (Score:2)
It's called technology. If we all waited for the few left behind we would still be working on an alternative to horses for travel. In the mean while there are other options for those left behind. This is one of many reasons why IE got displaced with Chrome and Firefox.
Re: (Score:2)
The writeup assumes that no version of Internet Explorer can be thought of as a modern browser. This is not true for IE 10 and 11. That said, a countrywide de-facto standard forcing vendor lock-in is bad.
The first problem is that standards evolve much more slowly than practice ---- and tend to codify existing practices rather than staking out new ground.
South Korea's government was among the first to encourage shopping and banking online, but many people were concerned about Internet safety. The government's goal was to make Internet shopping nearly as secure as a trip to a small-town market, one where vendors know all their customers by name and face.
To reassure South Korean customers, the government created its own system to authenticate the identities of online buyers. To make purchases, shoppers had to supply their names and social security numbers and apply for government-issued ''digital certificates,'' which they could present to sellers as proof of ID. The whole process took just a few clicks.
But the back-and-forth was technologically complicated, and it came with a catch: It required a piece of additional software, or ''plugin,'' known as ActiveX --- which is also made by Microsoft and worked in tandem only with Internet Explorer.
That system, implemented in 1999, remains largely in place today.
South Korea is stuck with Internet Explorer for online shopping because of security law [washingtonpost.com]
The second problem is that alternative desktop operating systems have never gained a significant --- barely visible ---- share of the South Korean market, Top 7 OSs in South Korea from October 2012 to October 2013 [statcounter.com]
Re: (Score:2)
Damm, I remember when Pizza Pizza had one of the first online food ordering systems in Canada, and it required Windows, Netscape, AND Java!
Re: (Score:2)
Yeah, but it was Pizza Pizza, so by giving you lousy technology they spared you from eating the lousy pizza. ;-)
Re: (Score:3)
"Super Size Me" says innocent Koreans to M$ (Score:5, Interesting)
You're wrong about Korean culture...
Well, partially wrong. They built their IT infrastructure based on the *best* available at the time: Microsoft
Blame Microsoft for making shitty products that lock-in users (and whole countries) to an inefficient half-assed software system.
caveat emptor? sure...but at some point you have to acknowledge that they culpability can't rest only on the consumer....M$ parasitic system design was/is truly evil
If you want to fault Korean culture, fault them for being too trusting of the USA in general....poor people actually take what we say at face value.
I lived there for 1 year...I know the ass-backwards way they sometimes adapt new technology...but this isn't that...the aren't inherently inefficient as a culture...they showed us what happens when a country actually does what M$ suggests...
Sort of like a 'Super Size Me' kind of project only with IT infrastructure for a whole country not fast food
Re: (Score:2)
I'm just curious. What technology would you have recommended that was open source in the late 90s? Java?
ActiveX or Java at the time both had the potential to progress to the next level. The only difference is Sun was smart enough to make it cross platform something MS didn't do. I think MS expected it's standard to grow faster and to entice other browsers into implementing ActiveX support.
On a side note, we just purchased a Samsung camera system and the stupid web interface required an ActiveX to be instal
good question (Score:2)
tl;dr I would have said 'java' but for them at that time, I think we can say fairly certainly that they at least saw ActiveX's problems and knew an alternative existed
Trying to put myself in the situation at the time, with the information available to them, using ActiveX in the late 90s would have been frustrating enough to make them at least consider Java...but I can't say they **should** have used eithe
Re: (Score:2)
If you want to fault Korean culture, fault them for being too trusting of the USA in general....poor people actually take what we say at face value.
He gave a non-ActiveX related anecdote to help explain that it is not a technical reason that ActiveX is still being used, but instead that it is a problem with the bureaucracy in that country.
ActiveX has been around for 17 years and there have been news stories about how insecure it is for 16 of those years so they have had plenty of time to figure out it was a stupid idea and to do something about it.
Re: (Score:2)
BootCamp in Mac OS X is free.
Except installing Wndows on a Mac costs you a piece of your soul...
Re: (Score:2)
Not the way I do it - I'll grab discarded XP boxen, or buy cheap at a pawn shop and re-use those license keys.
Skipped Vista, and the Win7 boxes aren't cheap enough, yet, but they will be soon.
The boxes then become linux things (or landfill).
Re: (Score:2)
Bootcamp is free, Windows is not, but it is still possible the person was actually thinking about Parallels.
Re: (Score:2)
ROR!
Re: (Score:2)
Little over nine years between those posts. Those heels don't look so hot to me.