The Internationalization of Malware

Ant brings us a write-up from a former malware analyst about the difficulties in fighting malware as it expands beyond English-language targets and into societies with different standards for privacy and security. Quoting: "One of the most fascinating facets of the increasing internationalization of malware is the cultural assumptions around such software. What is considered malware in the US may be commonly accepted in China or Japan, and this is largely due to the society that it exists in. Anti-cheating rootkits are very common in games released in these countries. What is considered to be invasive in the North American or European world is acceptable there. These anti-cheating rootkits would hook into the kernel space in a very invasive way, and have the behavioral characteristics of malware such as hooking into the keyboard driver. This made it very difficult from a purely technical standpoint to distinguish them."

Define it

Malware is supposed to do Bad Things to your computer/information. If it's hooking into the kernel, it may not necessarily be malware, per se. It may just be doing business in the entirely wrong place.

Yeah, everything is relative.

I hear in some countries they kill women who commit adultery. In some countries families depend on the kids finding work in factories. It's all relative. You have to look at cultural background before you judge someone for child labor or killing a woman, right? Can't call a rootkit a rootkit if it's acceptable somewhere else. It's all relatively fucked up.

Re:Yeah, everything is relative.

[Hurricane78]

Nope. Simple example. Have a small town of 50 people. If they all (even the kids) agree, that killing and eating someone who stole something from you, then you are oppressing them when you try to ban it.

What's the problem is, if some people (e.g. the one stealing) disagree with others, and still are forced to take part (e.g. the one being oppressed).
Laws are just a book of things, that a group agreed upon.

And this is the most basic argument against big (e.g. world, state) governments and punishments (e.g. jails): There are always people who disagree.
If you just banish them, and always let them a part of some land out there... Eventually they will try to survive in their own group, create a country on their own rules, and maybe turn up to become another Australia. Works nicely, even for murderers, child molesters and dictators.

Just always remember the basic rule, that humans do things *only* because they think it's right or because they are forced to do it. The first case happens when they genuinely believe it's the right thing because it makes sense. And the second one can be because their situation is so desolate that they think they have to do this (either by being forcey by another one, or by being forced by the own twisted ("twisted" by the horrible things that happened) mind.
There are no "bad" guys. It's a matter of POV. Always. Period.
The sooner you accept this, the sooner you can help them becoming happy (and maybe your friend) again.

Considered to be invasive...bla bla bla

[sakdoctor]

Or is it lack of awareness. Add south Korea to that list because is currently seems acceptable to have about 10 useless browser bars attempting to take over and uninstall the competitors bar in internet explorer.

Awareness didn't come overnight in North American or European either.

Up front, or covert?

[petes_PoV]

The main differentiator between an invasive monitor and malware is whether the author (or organisation employing it) uses it covertly, or if they make the user aware of what will happen.

If a piece of software makes it clear, before you purchase it, that it will install monitoring software on your machine and/or it would phone home then that's one thing. You have the option of not buying it.

If this situation only becomes apparent after the package has been installed, then (IMHO) that's not an acceptance practice.

Re:Up front, or covert?

No, that's a culturally influenced point of view. In other cultures, where it's normal that software performs "hidden" functions, the package would not need to make the user aware of that fact prior to the purchase, or afterwards. It would just be software that does what software does. Bring that software into a western country and it's a lawsuit waiting to happen.

What people don't understand about the internet is that the person on the other side of the net isn't just a clone of yourself with a funny accent. Those people are actually very different and some of the differences are intolerable when push comes to shove. People with a multicultural world-view tend to focus on the things we have in common, which is a lot, but they have yet to come up with a good way of dealing with the grave differences, other than mild economic coercion and mostly leaving each other alone (usually hoping that economic progress brings the same western mindset to everyone). Unfortunately the internet doesn't include a "leave eachother alone" option, so we have to actually deal with the differences now.

I'm sure it's true within countries, too

[grizdog]

While most people probably don't consider them malware, a lot of people find internet ads intrusive and obnoxious and we install popup blockers to get away from some of them. But the advertisers wouldn't pay for them if someone wasn't reading them and clicking on them.

More to the point, there is a huge difference in what people care about regarding their computers. Many of my friends think I "put up" with a lot because I use Linux and install things relatively methodically, always keeping control of my system. I think they "put up" with a lot, because they have no idea what is running on their computers and what the machines might be doing with their information.

It concerns me that the anti-privacy people have time on their side, because after a few more years, they will just point out how so many people haven't been enjoying much privacy anyway, so what's the big deal?

Japan's computer ignorancy is here to stay

[MasaMuneCyrus]

I'm currently living and Japan and would like to note that for all of the notoriously computer-ignorant people in America, Japan's computer ignorancy problem is ten-fold. Computers simply aren't used as a part of every day life in Japan as they are in America, and there aren't even basic use classes is most schools through college. IE6 is still the big web browser, and the most important factor in buying a computer (which is terribly overpriced because of Japan's tendency to use only Japan-made products for everything) is how cute it is.

It's a learning experience...

[argent]

In the 70s and 80s it was common for games to bypass the operating system and talk directly to the hardware, for copy protection, to prevent cheating, for performance, for all kinds of reasons. Many of them booted directly and completely ignored the OS. Over the years these games were the first to break when new software and hardware came out, and badly behaved games got a bad reputation. Other countries haven't been through the experience of having badly behaved software rot because it couldn't be updated for new systems... yet.

It's a learning experience. They will learn.

In other words...

[DrYak]

...a computer in Japan is just another appliance.

They buy it as they would buy a second TV set for the kitchen, or a vacuum cleaner or table-top cooling fan, etc.

Nobody in his/her right mind care of the stats of a vacuum cleaner, except complete nerds.

Computers are slowly drifting toward that situation.

GSM phone have already reached that point almost worldwide - the only thing most people care is if there's "Apple iPhone" written on it.
And there are often enough articles on /. about remote cellphone's mic tapping, remote GPS polling, etc... to show that there slightly more than "what's written on the case" about a phone.