back to article Internet Explorer becomes Korean election issue

Microsoft’s Internet Explorer market share may soon take a tumble in South Korea if presidential candidate Ahn Cheol-soo wins looming elections. The hot seat hopeful plans to abolish an anachronistic government crypto standard which has effectively locked users into Internet Explorer for over a decade. At the tail end of the …

COMMENTS

This topic is closed for new posts.
  1. Ashton Black

    ... not the only one.

    There are some public bodies, here in the UK, that are not just locked into IE, but to IE6, because the bespoke apps written in the "naughties", won't be updated. The firm responsible, knowing they have said body over a barrel, are pushing for an outrageous fee to update.

    (As an aside, it appears, finally, that the management are going to 'do something' not because of the MASSIVE security flaws, us in IT have been pounding into their skulls over the last few years, but various sites 'don't look right'.... *sigh*)

  2. dssf

    Now is the Time...

    NOW IS THE TIME FOR ALL GOOD MEN AND WOMEN TO COME TO THE AID OF THEIR COUNTRY!!!! NOW is the time to depose crypto and certificates that stymie home-grown startups that dearly do not want to se IE, windows, or only one browser.

  3. Charlie Clark Silver badge
    Stop

    Why they did it

    At the tail end of the 1990s, the Korean government decided in its wisdom to develop a home-grown 128-bit SSL encryption standard to increase security around e-commerce.

    They didn't choose to do this out of vanity. US export restrictions prevented versions of IE with 128-bit encryption from being distributed to Korea, 64-bit was known to be compromised and ActiveX was a reasonable solution to a big problem then.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why they did it

      "ActiveX was a reasonable solution to a big problem then"

      ActiveX has always been a big problem

      Fixed

    2. Anonymous Coward
      Anonymous Coward

      Re: Why they did it

      "US export restrictions prevented versions of IE with 128-bit encryption from being distributed to Korea,"

      So, don't use IE would seem to be a better solution.

      1. Charlie Clark Silver badge

        Re: Why they did it

        So, don't use IE would seem to be a better solution.

        The same export restrictions also applied to the other browser of the time: Netscape and there was no workaround for it at the time. So, the decision at the time was either use ActiveX and have encryption or don't use ActiveX and have no encryption.

        There has since been plenty of time to start moving towards using 128-bit https encryption in the browser but changes like this have very high inertia: you have to maintain both systems while you migrate customers. And, once developers have got used to a monoculture they are even more resistant to change which, let's face it, is not required by the job in hand and is going to incur considerable costs. Of course, it is exactly to avoid this kind of lock in that people advocate open standards for.

    3. Christian Berger

      Re: Why they did it

      Yes, but even back then it was known that if you enforce a technology you must first publicly document it. Enforcing the use of some age old ActiveX "plugin" which only exists in binary form was, even by 1990s standards, stupid.

    4. Dan 55 Silver badge
      Holmes

      Re: Why they did it

      Wouldn't Java have done the job too?

  4. Proud Father
    Mushroom

    " home-grown 128-bit SSL encryption standard"

    So it's secure unless the government want to have a look thru that built-in back door?

    Just saying.

    1. Anonymous Coward
      Anonymous Coward

      @Proud Father

      Considering the US Gov via the NSA provides "official" encryption standards like DES and AES, this should be obvious to all. Taken with the fact they use alternative methods for encrypting their own comms should highlight the built in back door even more.

      1. Wim Ton

        Re: @Proud Father

        AES was chosen after an international public competion and is designed by two Belgian cryptographers (Joan Daemen and Vincent Rijmen)

  5. xperroni
    Facepalm

    Amazing

    So they turned to IE and ActiveX for security?

    Wow. Just wow.

    1. Christian Berger

      My boss...

      turned to the NetBIOS Frames protocol http://en.wikipedia.org/wiki/NetBIOS_Frames_protocol for security!

      He claimed it's not routable and therefore secure.

      1. Anonymous Coward
        Anonymous Coward

        Re: My boss...

        Not as daft as it sounds, really. Well, daft from a usability standpoint, but not running IP on your network would certainly prevent the usual hacks. But it'd be simpler to not use the 'net in the first place.

        Sent using NetWare 3.13

  6. mrweekender
    Mushroom

    Microsoft

    ...innovators of the web - MY ARSE!

This topic is closed for new posts.

Other stories you might like