Skip navigation

Tag Archives: korea

Prosecutors forwarded the case to the financial watchdog Jan 8 saying that an unidentified, outsourced staff in charge of data-processing jobs stole the data and sold it to advertising agents illegally.

From South Korea Plans to Prevent Personal Data Leakage

You know what their solution (simplified) was?  “Under the revised rule, mandatory collection will be limited to six to 10 essential information, including names, ID numbers, home address, mobile phone numbers, type of job and nationality.”

Seriously?  That’s all you got to give us?  Nothing about ‘no more outsourcing’.  Nothing about “security clearance required to handler personal information”?  Just limit how much info is collected?  Oh, and something about you agreeing to share any info before hand….yeah, how many of you read the fine print?

See, being in Korea you see a lot of really dumb things.  While they have mostly done away with ‘pin codes’ for debit purchases, they were replaced with ‘signing pads’.  While this can be theoretically more secure, the Koreans just make some sort of random scribble.  Even the staff will make those scribble for you thus completely by-passing the more secure method.  Before you needed to know someone’s pin….now all you need to do is make a squiggle and BAM, purchase done.

There is a cool option to have every purchase you complete sent to you an SMS message summary.  This is really useful but rarely used.

To even just LOOK at a Korean website, you will need to download a programs which acts as a firewall/keylogger while you are just LOOKING at the website.  This used to be utterly limited to Windows and Internet Explorer but a few years ago they mandated that FireFox be allowed as well.  Still, some sites haven’t bothered with this (non-banks) and I don’t know about you but I don’t have a lot of faith in programs that haven’t been analyzed by independent security experts.  This is also severely limiting for those with Macs and Linux.  The few tech-savy ones can run emulators and such but it’s a real pain.

So, none of this really matters if you put data into the hands of money-hungry people.  Data will always be leaked if the rewards are worth the risk.