![]() Ahn Cheol-soo, right, accompanied by medical doctor Park Kyung-chul, takes off his jacket during the 2011 Youth Concert at the Seodaemun District Office, Seoul, Friday. / Yonhap |
By Kim Tong-hyung
His supporters will offer all sorts of reasons for hoping that Ahn Cheol-soo will be the next mayor of Seoul and maybe even a future president of Korea. He seems highly intelligent. He carries an air of elegance and sincerity. Unlike his politically-seasoned opponents, he visibly epitomizes change and hope at a time when voters are desperate for both.
But while the computer software guru and Seoul National University (SNU) professor might be a successful businessman and inspirational speaker, Ahn’s critics would say he is anything but a person to be admired.
Ahn, a doctor-turned-techie, is the founder of AhnLab, the country’s leading provider of anti-virus software that touts itself as among the guardians of the networked world.
The company’s profile has been enhanced greatly over the past decade due to the increasing demand for online security.
In the process Ahn, clearly benefiting from his unique personal story, began to be regarded as more than just an astute moneymaker, but a model for social responsibility, perhaps a cross between Steve Jobs and the Pope.
The public’s love affair with Ahn is somewhat confounding when it’s debatable whether companies like AhnLab are pushing progress toward a safer Internet or derailing it.
A slew of data breaches in recent years, including the hacking at SK Communications last month that compromised the personal information of more than 35 million Internet users, have proved repeatedly that the country doesn’t have a computer security defense.
While AhnLab and other security firms have profited massively from the shaky Internet environment, it’s hard to see how they improved it. It could be argued that they have been massaging the symptoms with one hand but feeding the disease with the other, extending problems when they had a shot at stemming them just to keep the money coming in.
Korea’s exceptionally poor security levels are based on its Microsoft monoculture in computer operating systems and Web browsers, blamed for sticking computer users with outdated technology and making them easier targets for cyber criminals.
For most of the past decade, the law has mandated all encrypted online communications to be based on electronic signatures that are enabled through public-key infrastructure.
Since the fall of Netscape in the early 2000s, Microsoft’s Active-X, which only functions on its Internet Explorer (IE) Web browsers, remains the only plug-in tool used to download public-key certificates to computers. This prevented users of non-Microsoft browsers like Firefox and Chrome from banking and buying products online and accessing e-government services and reduced Macs to fashion items.
It was only recently that the Korea Communications Commission (KCC) and the Financial Supervisory Service (FSS) decided that there should be other security options than just public-key certificates, but the process of approving alternative technologies has been slow.
The Korean dependence on Active-X is unique as security concerns have limited its use elsewhere. Instead of providing a security-based model, Active-X relies on simple yes or no confirmations by the user over downloading programs and controls. This is a risky arrangement, since Active-X tools require full access to the Windows operating system, and could be abused by hackers to intercept the user’s control of a computer.
The biggest problem of Active-X-installed programs is that they create an illusion of security when there is none. The security provided by Active-X plug-ins is only active during the banking session, which means that the computers are left vulnerable most of the time. And these programs are completely irrelevant when the device has been compromised already.
Aside of the security issues, usability also becomes a problem as a computer user will need to install several Active-X controls just to access a single banking service.
Even Microsoft seems ready to bail on Active-X, as it looks to phase it out from its products over security and compatibility issues. This leads to awkwardness whenever the company introduces new operating systems and Web browsers here.
Ahn, media-molded golden calf?
In an ideal world, firms like AhnLab would be leading campaigns to educate the public to reduce the usage of Active-X plug-ins. In the real world, they continue to invent excuses to promote them.
There is an irony in that these anti-virus firms, the self-proclaimed crusaders of the safe Internet, forces users to download their products through the risky Active-X plug-ins instead of through file downloads.
While AhnLab has put itself on a high horse for offering many of its programs through free downloads, increasing the number of users this way clearly helps its business, as it is paid by Internet service providers whenever its plug-in programs touch servers.
Ahn as an entrepreneur has displayed an impressive ability in identifying business opportunities and exploiting them but it’s hard to say he has been a model citizen who compromised his greed for the greater good.
Kim Kee-chang, a Korea University law professor who had led a series of unsuccessful lawsuits against the government for the overwhelming reliance on Active-X, goes as far as to suggest AhnLab as an example of an irresponsible and unethical corporation.
“Considering their role as computer security experts, what they did over the years is indefensible. You can never count on government officials to have detailed knowledge about computer security issues and security firms like AhnLab had them in their pockets for years — these companies were willing to sink very low in terms of morality to squeeze out every ounce of profit,” Kim said in a telephone conversation.
“Ahn’s popularity looks to be a creation of the public’s simple and childlike imagination, that of a good-willed doctor dressed in a white gown and curing viruses in computers as if they were similar to those in humans.”
Perhaps, Ahn’s soaring popularity is based more on what the public wants him to be than what he actually is.
Korea’s advanced broadband and wireless networks and status as a major provider of smartphones and computer memory chips have the country declaring itself the information technology (IT) capital of the world.
However, such claims sound less convincing when the levels of advancement between the hardware and software industries have been more lopsided than a Pyongyang election.
In Korea’s depressing software market, antivirus firms like AhnLab remain as the only ones that have enjoyed any resemblance of success. Ahn, therefore, became Korea’s software success story that didn’t exist.
“Korea, a self-proclaimed IT powerhouse, was in desperate need of a collective alibi to cosmetically cover its software shortcomings. As mediocre a company as AhnLab was and continues to be, Ahn was somehow the person that best fit the story,” Kim said.