[KS] Ch'oe Cha's SamgyOng-bu poem and, separately, dolmen (Andrew)

[Frank Hoffmann]

Dear Andrew:

A brief reply to two of your notes and questions:

> One other question about this Korean Studies list: 
> how is it when I submit a question, in its first 
> posting there may already be responses?  Are these 
> specifically from the moderators?

There was no response by any of the list owners and moderators TO THE 
LIST -- maybe to you privately but not to the list. The list owners and 
moderators are: Min Paek, Werner Sasse, Michael J. Pettid, and Brother 
Anthony. 
(http://koreanstudies.com/ks/moderators.html)
You might have had me in mind? I am just relatively active on the list. 
For me this is a way to keep in touch, while I am otherwise not being 
in Korean studies in any professional occupation, and that means I also 
am not part of other Korean studies discussions in any academic 
institution -- something that I do miss. That is all there is to it. 
And often I would wish for more content related actual discussions on 
major issues on the list, and sometimes I try to provoke those (in a 
positive sense, I mean). 

> In any event, it is good to have been encouraged to install 
> the Papyrus plugin as usually I shy away from Korean sites 
> requiring plugins and software.

That is certainly a misunderstanding. I suggest to be EXTREMELY careful 
in installing ANY plugins or addons from anywhere (including 
institutional sites). Especially "plugins" are a _perfect_ tools for 
any agency or hacker to take over your home computer and see exactly 
what you are doing at all times. This is also true for programs such as 
"Kies," plugins or programs that connect your cell phone and other 
devices to your computer. This allows anyone, especially if you connect 
to institutions via VPN (such as university or research institutions) 
to do whatever they want to do, e.g. going through the shared printer 
connection over the router to your computer. Since institutions all use 
third party plugins, these plugins VERY regularly include code that 
those institutions have no ideas about, and that will not show up in 
the usual virus scanners. So, by installing plugins such as this 
ePapyrus plugin you open your data, all data, and all activity logs 
(key stroke recording, etc.) to just anyone who wants to have *direct* 
access. You may want to look at it like spreading a virus program -- 
this is often not aimed at specific users. But it "spreads" through the 
installation. And you (the hacker, the agency, etc.) can then do a 
world-wide search, often regionally limited by IP range, that will 
produce a list of all the devices that have such plugins installed (and 
are active at the time of the search). Attacks and spying can then be 
decided based on the IPs found.

What can you do against this?
(a) Use a Mac -- and/or: see (e) below.
(b) Do never install any plugins for your web browser on your main OS
(c) If you have your own website, avoid WordPress and other 
module-based scripting that requires or works with plugin -- avoid any 
sort of plugins whatsoever, unless the source is absolutely trustworthy 
(such as code coming from a credit card processor, for example)
(d) Never ever use any free or paid 'cloud' system to store files, 
photos, or access programs; do not believe ANY promises Internet 
companies make about security (those are not worth a penny), no matter 
if for paid or free services; do not believe in 'encryption' -- the 
kind of code you would have to deal with are encryption codes provided 
by major companies and they can all be decoded within a seconds. (A 
simple example: ionCube is the leading encryption system used for PHP 
script encryption, but not just there. Every time a new version of PHP 
or ionCube comes out it takes about a week or two and the decryptions 
system is known also.) The only thing you can do is to AVOID THE RISKS 
(e.g. by not installing plugins and by following my general advice 
here). There is no ONE THING you can do, but to follow your instincts 
is a good idea.
(e) If you need to access Korean websites, institutional or others, 
such as Kyujanggak's, then create a "virtual" Windows OS -- I suggest 
using 'VirtualBox' for that. That way you can ISOLATE and contain any 
activity that relates to highly risky software and plugin installations 
to this virtual system. That virtual OS is, by default isolated from 
your main OS -- you can open one specific folder on your main OS system 
(that's very easy to do), for file exchanges with the virtual OS, but 
otherwise keep the virtual OS isolated. You can do the very same for 
OTHER tasks, say if you run some serious business, developmental or 
banking tasks, then just create one more virtual Windows OS. Keep each 
group of tasks to a separate system. (Of course, you can also use 
different physical machines -- but that makes yourself less mobile.) 
Please note that you can do all this also on a Windows system ... that 
is, you can also create a virtual Windows OS on a machine that runs 
Windows as a main OS. However, basic security, unless you are 
extra-careless on purpose, is far better (!) on Macs. 

While the above might seem complicated, it is in fact a very simple 
setup, and you do not need to have any special technical knowledge to 
install various virtual OS systems on your computer (using 'VirtualBox' 
or 'Parallels Desktop'). 


Best regards,
Frank