Comments on: the cost of monoculture

By: err

err — Sat, 19 Jan 2008 14:53:27 +0000

Dan and Crowder this is not just a problem for Firefox, it essentially breaks every non Microsoft product on the planet.
To re engineer every Browser on the planet to support one encryption system in one country would be throwing allot time and money at a problem with a relatively simple fix. just use the same superior open system as the rest of the world.
Also you underestimate the legal and technical issues involved in building and maintaining your own version of a closed source product (Active X) that Microsoft owns.

By: dan

dan — Fri, 18 Jan 2008 10:27:50 +0000

“adding support for Active-X in Firefox opens Mozilla up to a whole host of issues where there is little benefit”
Little benefit? I think your article does well enough to explain the huge problem; would solving this partly not be even a small benefit? I’d, and your article, would say so.

By: Simon

Simon — Thu, 12 Apr 2007 20:11:45 +0000

Enabling ActiveX support in Firefox, so missed the monoculture issue.

ActiveX support in Firefox only works in Microsoft Windows, and presumably for these controls only in XP or earlier.

My operating system of choice fixes all reported security issues, in all shipped applications, BEFORE they release a new version.

MacOSX has never had a virus in the wild.

Koreans presumably would like to be able to choose such an operating system for their online banking, rather than Microsoft’s “we fix them after they start being exploited” approach to security.

By: sententia fredericiana » Von den Kosten einer Monokultur

sententia fredericiana » Von den Kosten einer Monokultur — Fri, 09 Mar 2007 08:34:09 +0000

[...] Gen Kanai, von Mozilla Japan, hat jüngst einen Artikel gebloggt von seinen Erfahrungen bei einem Besuch in Südkorea. “The cost of monoculture” hat er ihn getauft, und er handelt von der einzigartigen Internetlandschaft dort und von den Problemen, denen das “technologische Wunderland” gerade entgegensieht. Auszüge (Übersetzung von mir): Was würden Sie sagen wenn ich Ihnen erzähle, dass es ein Land gibt, das ein technologischer Vorreiter ist, als einer der Ersten E-Commerce eingeführt hat, Weltführer bei der Einführung von Mobiltelefonen der dritten Generation, beim kabellosen Breitband-Internet und bei Breitbandanschlüssen ist, und außerdem bei Blogs etc ganz vorne mitspielt. Klingt nach einem tollen Ort, oder? Ein technologisches Wunderland, reine Utopie? [...]

By: OpenID

OpenID — Thu, 08 Mar 2007 05:05:03 +0000

Whatever happened with this?

By: Brian’s Blog » Blog Archive » Kozilla

Brian’s Blog » Blog Archive » Kozilla — Thu, 01 Mar 2007 18:32:40 +0000

[...] Reading Gen Kanai’s blog-post here makes me think we have a real opportunity in a market we haven’t cracked yet. What do we need to do to make the Korean SEED Active-X control work in our browser without introducing all the other mayhem which comes with Active-X? I looked at the source for the Active-X control in our tree and it looks as though some thought has been made for restricting (whitelisting/blacklisting) controls, but in my cursory examination I didn’t find the actual code that uses the preferences documented for this. I’m not very familiar with this code. Who is? How good is our Korean localization, in general? Am I wrong in thinking this is a very big, very obvious opportunity? [...]

By: crowder

crowder — Thu, 01 Mar 2007 03:53:14 +0000

Well, as I said, it wouldn’t be full ActiveX support. Instead it would be just enough support to handle this one plugin and nothing else… that seems a surmountable problem to me.

By: Gen Kanai

Gen Kanai — Thu, 01 Mar 2007 01:54:02 +0000

crowder, adding support for Active-X in Firefox opens Mozilla up to a whole host of issues where there is little benefit and a lot of risk. It’s something we’ve certainly thought about but cannot recommend.

By: crowder

crowder — Wed, 28 Feb 2007 19:15:21 +0000

Well, there is a plugin for firefox which enables ActiveX, yes? Perhaps a modified version of this plugin which -only- operates for this specific product would be a good solution?

By: Gen Kanai

Gen Kanai — Wed, 28 Feb 2007 07:50:05 +0000

Anders, thank you for your comment. Unfortunately, implementing SEED in Firefox will not fix the problem. It is much more complex.

Each Korean citizen is issued a nation ID number. This is embedded into the certificate issued by the Korean CA. Thus non-Koreans in Korea (such as US military in Korea) cannot make secure transactions like online banking or online commerce. The ‘package’ (including SEED, the national ID, and the Active-X cert.) that the CA’s distribute is Active-X based, and thus only works in Windows and IE.