Unsurprisingly, terrible Korean internet strikes again. ISPs try to charge companies insane fees because customers want to connect to their servers. Company decides to use peer-ro-peer instead so the ISP starts installing spyware on customer computers.
Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
I hope everyone involved in this catches criminal charges, all the way up the chain. Completely unacceptable behavior.
South Korea at least used to have blazingly fast internet infrastructure. Of course that didn't make up for shitty banking websites that you could only use by running Internet Explorer and allowing it to install "security plugins" that hook into Windows kernel, but at least the internet was fast, and it did give Korea an edge for its IT industry.
That was, I think, about twenty years ago.
I've been living in the US for 10+ years so I'm not very well informed, but basically the ISP industry ended up in an oligopoly where everybody's friends with the government, and they kept raising prices while neglecting infra upgrade. Until nobody can call Korea's internet "fast" any more.
Now all we've got is shitty websites. (To be fair, they are somewhat less shitty now... you can now access your banking websites on Mac!)
It's also worth noting the SK has some pretty terrible laws around the internet in general. Distribution of porn is illegal there and they do their best to block it from outside. They are pretty big on cyber defamation and will go after people who make fun of government officials[0]. They have a comparatively low internet freedom score because they do things like fine middle schoolers for having anti-government websites and the president pursues legal action against YouTubers[1].
It's pretty interesting when coming from the west where all the problems are often spoken about in the open. I mean the great American past time is complaining about the government. But in SK there's a lot more trust of the government and similarly, a lot more control by them. And it is a fairly tight knit group and there's only a few companies that dominate the country.
Another memory from the terrible South Korean Internet is how the national banks required customers to log in using Internet Explorer because of mandatory ActiveX blobs of code.
> Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
Same here in Japan. The funny thing is that both me here and my parents back in Spain have gigabit fibre, yet my parents' connection is much faster than mine.
>Is it because all the customers and services are in the same city so it appears low latency?
Yes. It's because the internet of Korea is so well done between nearly all areas of the country with great speeds.
But it's true that Korean internet is super fast only within Korea, but the borders are also normal fast borders to other countries so they're just as fast as say a 1gbps connection in Australia.
Good Korean internet is not a myth, they had fibre everywhere by the time rich people in the US or Europe were getting it. Korean internet is good, it's just that their ISPs are also fairly evil like the rest of the world, but they have less freedom constraining their evils.
> According to the news report, KT said it directly planted the malware on its customers that use Webhard’s Grid Service, as it was a malicious program and that “it had no choice but to control it.”
Looks like the major ISP and some cloud service provider are having some kind of ridiculous fight, and they're using their customers' computers as the battlefield. I'd be pretty disgusted if I were a customer.
Wow, are they trying to have worse internet than DPRK?
Funny how both spectrums of fully controlled market and fully free market can be terrible. Apparently what they did was a crime but it shows the spirit, they though at least that they can do it and get away with it.
I imagine keeping at the front of the pack on any infrastructure investment is very difficult. I mean, it’s an investment, you want to give it time to amortize, right?
>Police officials acted on the information and discovered it came from KT’s own data center south of Seoul. ... They’ve since identified and charged 13 individuals, including KT employees and subcontractors directly connected to the malware attack last November,...
I'm actually very impressed. If this happened in the US, the police wouldn't care about it at all, and would just tell everyone affected that "it's a civil matter" and they'll have to file a lawsuit if they don't like it.
I think you're too optimistic. My reading is that the police is investigating low-level employees and subcontractors. I.e., profit for the corporation, consequence for the employees. And especially subcontractors. (Workplace discrimination against subcontractors has been a hot topic in Korea: subcontractors literally die in factories because they're pushed to handle dangerous tasks while "regular employees" get cushy desk jobs.)
It took 3 years but the FBI published the names of the fellows they believe are responsible for breaching equifax and stealing private data about half of americans
South Korea information technology (as distinguished from hardware-related technology) is unbelievably bad. Much of it is purely technical: domestic firms like Naver are simply not as good as global incumbents like Google, but also they are terrible compared to other regional players (The Kakao chat app is vastly inferior to Zalo, a Vietnamese chat app). However, just as much is due to poor cultural and interpersonal decisions. This news case highlights such a cultural factor.
Note that KT, while relatively recently privatized, is still a national corporation that is considered a critical national asset under the law (thus if the North attacks, KT towers are first priority to be protected by the South's military). So, it is not as if some rogue SME infected its users with malware; it's a national corporation infecting its users over and not even be sorry about it (as in the article).
Plenty of other comments detail the strange Active X requirement: The national law had dependency on Internet Explorer/Active X. (I do not know of any developed nation having a national legal dependency on a specific corporation's consumer technology at this scale.) Also, many comments on South Korea's purportedly great infrastructure (albeit two decades ago). There is more to this.
Interestingly, if you ask an average Korean, he would say Korea is literally the best nation in IT/internet technology, topping or at least on par with the US. The national propaganda effort that went into forming this collective conscious should not be understated. Even many of the top programmers in South Korea I met strongly believe in this superiority. I wonder if this strong sense of superiority is both (1) preventing SK from improving its actually-lagging tech and (2) act in Dostoevskian-Raskolnikov manners thinking that it is above the law and consensus ("the best can break the rules and set new ones"). Whatever the underlying reason may be, there is a serious techno-cultural issue going on in the country.
One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
> One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
To be fair I can see why the practices of Amazon could be considered a scam. Every time you buy something you have to untick "I want Prime"
Bittorrent normally hash checks all content against metadata in the torrent file so a simple MITM wouldn't be enough to inject malicious data unless the torrent metadata itself is being sent in the clear.
South Korean internet had been one of the best and fast network in the world; especially up to the point before KT was privatized. After privatization, three internet service providers have been focusing on exploiting profits, not on making better and faster network infrastructure because they don't have to.
wouldnt competition naturally produce better products if there are 3 providers? from what i remember services from companies, or really any type of services were top notch in korea. due to culture, competition, etc. also noting pricing in general is very high in korea
The title is very clickbaity. These are not users downloading torrents in the normal sense. It's users that are using a specific piece of software that happens to utilize the BitTorrent protocol.
There is an enormous issue here. A service provider committed crimes against customers and their justification is the customers were using a protocol to exchange something. The service provider has no idea what the something exchanged was.
It's similar to arresting someone because they are speaking French. I don't speak French and I don't like people who speak French because sometimes French people say stuff I don't agree with. I don't know what they're saying but I hate it.
Yeah, until any details are provided, I would just assume that the ISP already requires that users install some kind of software, and they just pushed the malware through that program.
I reckon they used a good old fashioned honeypot. Seed a torrent of some random popular content that also contains malware payload, and let users download it.
KT built fiber connection here in Poland ~15y ago. Project was made in a large part of the country, strongly subsidised and thought as a backbone for other ISPs. 4k km of fiber underground and multiple nodes.
Project is now being nationalised as kt:
- didn't pay subcontractors. Many of them went bankrupt
- offered prices so large, that other isps would rather create their own infra than use theirs
- abandon the project totally
Of course i shouldn't put this under KT's name, as they used a subcompany - SungGwang - for all the dirty stuff.
So, fast forward: we laid a new infra parallel to this one in many cases and that one lays in the ground and rots.
For context, the legal situation of network usage in South Korea is something akin to Ajit Pai's wet dream. Network operators are legally empowered to charge troll tolls on both ends of any connection they want. Infrastructure costs are to be borne by literally anyone BUT the network operators.
To compound this, South Korea is economically an authoritarian hellscape. Large megacorporations[0] own everything and the government is just a clearinghouse and mediator for their interests. Corruption is so rampant that even administrations run by ardent anti-corruption activists wind up being toppled by rampant and widespread corruption.
I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct. Anyone with the power to put people behind bars in South Korea will be unmade if they touch a chaebol.
[0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
> [0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
More like the Allied occupation forced them to dissolve the zaibatsu. They later reformed as the keiretsu, and while still immensely powerful, are nowhere the level of the old zaibatsu or the Korean chaebol.
> I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct.
I mean, you're assuming that an SK Telecom executive did something illegal. I don't think anyone here is a supporter of corruption, but you're making a huge, completely unjustified leap to say that an SK executive was involved.
> Even SK constitution said it is illegal. but they don't give a damn about it.
This is a popular meme that is also not entirely correct. I should stress that this incident is very different from the usual MITM from ISP and government though. I assumed you are talking about the general MITM because you mentioned SNI (because you can't put malwares with just SNI sniffing).
The constitution only says about the "privacy of correspondence" in the Article 18, and several acts including the Protection of Communications Secrets Act (통신비밀보호법) [1] and the Act on Promotion of Information and Communication Network Utilization and Information Protection (정보통신망 이용촉진 및 정보보호 등에 관한 법률) [2] do have many exceptions that make them legal at least in principle. Indeed, most websites blocked by SK ISPs host either illegal obscene materials (distinct from the legal pornography in the SK legal system) or advocacy for North Korea (illegal due to the National Security Act 국가보안법). I'm not necessarily for such blocks but it is plain wrong to say that they are illegal.
Reminds me a lot of the telecom situation in the US. There are lots of people who e.g. hate Comcast but basically have no choice in their area if they want broadband. Granted, a malware attack, is another level of terrible, but isn't it "interesting" how pseudo-monopolists seem to be resistant to meritocratic forces?
In Korea, ISPs often encourage their customers to install programs to access additional services. For example, antivirus and parental control programs are quite common. Parents also use these programs to monitor and restrict their children's gaming and internet usage. Distributing malware as part of the installation process for these services is not difficult for ISPs.
> The judiciary actually ruled in favor of KT. It said that Webhard didn’t pay KT network usage fees for its peer-to-peer system and didn’t explain to its users how the Grid Service works in detail
Huh? The users are paying for their network, so they should be free to do with it as they wish. How is Webhard involved in this discussion? This is something the ISP may wish to discuss with its users, if the ISP feels the users are consuming more than they paid for.
Just charge them 250 a head for the equivalent for analysis and remediation should only cost about 150M usd plus about 10-20M to administer. Liquidate the executives holdings including stock then the companies assets and it will never ever happen again.
As a former resident of Russia, I'm not the least bit surprised. The practice of implementing parasitic scripts there began in 2014, and to date has been continued at the level of the largest provider as well as the monopoly owner of international channels (Rostelecom).
Good luck to the believers that someone there will be punished for this. For everyone else, switch to encrypted protocols.
Aerroon|1 year ago
Makes me wonder where this myth of "good Korean internet" even came from if everything ends up so bandwidth constrained. Is it because all the customers and services are in the same city so it appears low latency?
I hope everyone involved in this catches criminal charges, all the way up the chain. Completely unacceptable behavior.
yongjik|1 year ago
That was, I think, about twenty years ago.
I've been living in the US for 10+ years so I'm not very well informed, but basically the ISP industry ended up in an oligopoly where everybody's friends with the government, and they kept raising prices while neglecting infra upgrade. Until nobody can call Korea's internet "fast" any more.
Now all we've got is shitty websites. (To be fair, they are somewhat less shitty now... you can now access your banking websites on Mac!)
godelski|1 year ago
It's pretty interesting when coming from the west where all the problems are often spoken about in the open. I mean the great American past time is complaining about the government. But in SK there's a lot more trust of the government and similarly, a lot more control by them. And it is a fairly tight knit group and there's only a few companies that dominate the country.
[0] https://www.nytimes.com/2012/08/13/world/asia/critics-see-so...
[1] https://freedomhouse.org/country/south-korea/freedom-net/202...
nayuki|1 year ago
lifthrasiir|1 year ago
It is not a myth! A decade ago, though. I would still consider it is "good" in terms of objective metrics, but other countries have since caught up.
> Is it because all the customers and services are in the same city so it appears low latency?
No, because it would only apply to a quarter of the entire population of South Korea if it were true.
pezezin|1 year ago
Same here in Japan. The funny thing is that both me here and my parents back in Spain have gigabit fibre, yet my parents' connection is much faster than mine.
seoulmetro|1 year ago
Yes. It's because the internet of Korea is so well done between nearly all areas of the country with great speeds.
But it's true that Korean internet is super fast only within Korea, but the borders are also normal fast borders to other countries so they're just as fast as say a 1gbps connection in Australia.
Good Korean internet is not a myth, they had fibre everywhere by the time rich people in the US or Europe were getting it. Korean internet is good, it's just that their ISPs are also fairly evil like the rest of the world, but they have less freedom constraining their evils.
ryandrake|1 year ago
Looks like the major ISP and some cloud service provider are having some kind of ridiculous fight, and they're using their customers' computers as the battlefield. I'd be pretty disgusted if I were a customer.
mrtksn|1 year ago
Funny how both spectrums of fully controlled market and fully free market can be terrible. Apparently what they did was a crime but it shows the spirit, they though at least that they can do it and get away with it.
bee_rider|1 year ago
monkfish328|1 year ago
NL807|1 year ago
shiroiushi|1 year ago
I'm actually very impressed. If this happened in the US, the police wouldn't care about it at all, and would just tell everyone affected that "it's a civil matter" and they'll have to file a lawsuit if they don't like it.
yongjik|1 year ago
BillTthree|1 year ago
It took 3 years but the FBI published the names of the fellows they believe are responsible for breaching equifax and stealing private data about half of americans
Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei
jrflowers|1 year ago
antonvs|1 year ago
Perhaps this would be a good moment to pause and ask yourself why this hasn’t happened in the US.
quanto|1 year ago
Note that KT, while relatively recently privatized, is still a national corporation that is considered a critical national asset under the law (thus if the North attacks, KT towers are first priority to be protected by the South's military). So, it is not as if some rogue SME infected its users with malware; it's a national corporation infecting its users over and not even be sorry about it (as in the article).
Plenty of other comments detail the strange Active X requirement: The national law had dependency on Internet Explorer/Active X. (I do not know of any developed nation having a national legal dependency on a specific corporation's consumer technology at this scale.) Also, many comments on South Korea's purportedly great infrastructure (albeit two decades ago). There is more to this.
Interestingly, if you ask an average Korean, he would say Korea is literally the best nation in IT/internet technology, topping or at least on par with the US. The national propaganda effort that went into forming this collective conscious should not be understated. Even many of the top programmers in South Korea I met strongly believe in this superiority. I wonder if this strong sense of superiority is both (1) preventing SK from improving its actually-lagging tech and (2) act in Dostoevskian-Raskolnikov manners thinking that it is above the law and consensus ("the best can break the rules and set new ones"). Whatever the underlying reason may be, there is a serious techno-cultural issue going on in the country.
One of the biggest banks in South Korea blacklisted Amazon as a financial scammer because it's Prime subscription renews monthly and customers complained after seeing the renewal charge on their credit cards. The ban was national -- no customer of this bank could buy a product from Amazon unless he calls the bank personally and ask the charge to be approved. Again, the issue wasn't technical. It was cultural.
anal_reactor|1 year ago
To be fair I can see why the practices of Amazon could be considered a scam. Every time you buy something you have to untick "I want Prime"
ken47|1 year ago
Odd statement. How did you know that the people you met are "top programmers?"
Affric|1 year ago
batch12|1 year ago
Edit: While looking for an answer, I ran across this article. Apparently they've been fighting for a while (2015):
https://www.opennetkorea.org/en/wp/1529
silotis|1 year ago
esjeon|1 year ago
aaron695|1 year ago
[deleted]
chunsj|1 year ago
pennybanks|1 year ago
poikroequ|1 year ago
BillTthree|1 year ago
It's similar to arresting someone because they are speaking French. I don't speak French and I don't like people who speak French because sometimes French people say stuff I don't agree with. I don't know what they're saying but I hate it.
brokenmachine|1 year ago
zb3|1 year ago
WatchDog|1 year ago
NL807|1 year ago
mateusz_|1 year ago
Project is now being nationalised as kt: - didn't pay subcontractors. Many of them went bankrupt - offered prices so large, that other isps would rather create their own infra than use theirs - abandon the project totally Of course i shouldn't put this under KT's name, as they used a subcompany - SungGwang - for all the dirty stuff.
So, fast forward: we laid a new infra parallel to this one in many cases and that one lays in the ground and rots.
kmeisthax|1 year ago
For context, the legal situation of network usage in South Korea is something akin to Ajit Pai's wet dream. Network operators are legally empowered to charge troll tolls on both ends of any connection they want. Infrastructure costs are to be borne by literally anyone BUT the network operators.
To compound this, South Korea is economically an authoritarian hellscape. Large megacorporations[0] own everything and the government is just a clearinghouse and mediator for their interests. Corruption is so rampant that even administrations run by ardent anti-corruption activists wind up being toppled by rampant and widespread corruption.
I guarantee you that not one SK Telecom executive will spend time behind bars for this blatantly illegal conduct. Anyone with the power to put people behind bars in South Korea will be unmade if they touch a chaebol.
[0] These are specifically called chaebols and the group includes LG, Hyundai, Samsung, Lotte, and a few others. Japan used to have something similar, but they ate their rich... and then brutally invaded and colonized half of East Asia.
pezezin|1 year ago
More like the Allied occupation forced them to dissolve the zaibatsu. They later reformed as the keiretsu, and while still immensely powerful, are nowhere the level of the old zaibatsu or the Korean chaebol.
ken47|1 year ago
I mean, you're assuming that an SK Telecom executive did something illegal. I don't think anyone here is a supporter of corruption, but you're making a huge, completely unjustified leap to say that an SK executive was involved.
lazydonkey456|1 year ago
They are scanning SNI field and manipulate packet to prevent user visit certain sites.
lifthrasiir|1 year ago
This is a popular meme that is also not entirely correct. I should stress that this incident is very different from the usual MITM from ISP and government though. I assumed you are talking about the general MITM because you mentioned SNI (because you can't put malwares with just SNI sniffing).
The constitution only says about the "privacy of correspondence" in the Article 18, and several acts including the Protection of Communications Secrets Act (통신비밀보호법) [1] and the Act on Promotion of Information and Communication Network Utilization and Information Protection (정보통신망 이용촉진 및 정보보호 등에 관한 법률) [2] do have many exceptions that make them legal at least in principle. Indeed, most websites blocked by SK ISPs host either illegal obscene materials (distinct from the legal pornography in the SK legal system) or advocacy for North Korea (illegal due to the National Security Act 국가보안법). I'm not necessarily for such blocks but it is plain wrong to say that they are illegal.
[1] https://elaw.klri.re.kr/eng_service/lawView.do?hseq=7235&lan...
[2] https://elaw.klri.re.kr/eng_service/lawView.do?hseq=38422&la...
ken47|1 year ago
hsbauauvhabzb|1 year ago
cronex|1 year ago
beeboobaa3|1 year ago
Huh? The users are paying for their network, so they should be free to do with it as they wish. How is Webhard involved in this discussion? This is something the ISP may wish to discuss with its users, if the ISP feels the users are consuming more than they paid for.
j-bos|1 year ago
michaelmrose|1 year ago
unknown|1 year ago
[deleted]
Lockal|1 year ago
Good luck to the believers that someone there will be punished for this. For everyone else, switch to encrypted protocols.
seydor|1 year ago
[deleted]
squigz|1 year ago
pelagicAustral|1 year ago
dolf|1 year ago
[deleted]
Copenjin|1 year ago