世論 What Japan Thinks

japan.internet.com recently published the results of a survey by JR Tokai Express Research into spyware counter-measures. They interviewed 330 people employed in public or private enterprises (why they limited it like that, I don’t know!), with 81.8% of the sample male, 12.7% in their twenties, 40.9% in their thirties, 31.8% in their forties, 13.3% in their fifties, and 1.2% in their sixties.

One thing that isn’t clear is whether or not the anti-spyware tools are part of an anti-virus package, a firewall, or a specialised checking tool. Personally, I use, and strongly recommend, Spybot – Search & Destroy, and to some extent suggest AdAware as a secondary tool. I also recommend that Windows users ditch Explorer and try Opera instead.
Read the rest of this entry »

japan.internet.com published the results of a survey by goo Research into the use of web site passwords carried out at the start of this month. 1,091 members of goo’s research monitor group successfully completed the private web-based questionnaire. 56.7% of the sample was female, and 20.3% were in their twenties, 41.5% in their thirties, 24.5% in their forties, 10.2% in their fifties, and 3.6% in their sixties.

The stunning figure is that 266 people, or 24.4%, admitted to using a password identical to their user name, if allowed by the web site. 43.4% said they wrote it down, which arguably can be better than memorising a simpler one, although no questions were asked in this survey on how complex passwords were.

This survey highlights perhaps two possible approaches to hacking in addition to the headline’s method of using the same user name and password. Another would be a phishing attack, but one that on password entry presented a password error. Since almost half the people say they repeatedly guess at the password, this type of fake site might yield multiple passwords for various sites. Finally, an attack that I have never heard of, but seems ridiculously simple for such situations as online game bulletin boards for competing clans, where, by means of a backdoor into the password routines, one can extract user names and passwords which can then be used for whatever purposes, once you track down the places that that user frequents.

Back on the subject of personal password management, I once tried using a password management tool, but it was excessively cryptic and after entering two or three passwords I forgot exactly how to go about entering a master password, and couldn’t recover from the situation, so I had to delete the tool!

I can’t find a similar survey of passwords from other countries, but if anyone can provide a link, it would make a useful comparison.
Read the rest of this entry »

japan.internet.com, in conjuction with Cross Marketing, recently investigated mobile phone privacy. They sampled 150 men and 150 women, 16.6% aged 18 or 19, 16.6% in their twenties, and so on up to 16.6% in their sixties.

Note that over three times as many people take their mobiles into public toilets than into their toilet at home. I wonder what is hidden behind that statistic! Im also rather surprised to see that less than a third of all user employ any security locks on their phone; note almost all phones have lock features what require a four digit code to open them. Some of the more advanced phones go as far as having a fingerprint reader that may be used to unlock the device.
Read the rest of this entry »

With stories about the dangers of Winny flying around, japan.internet.com jumped on the bandwagon (see my previous stories on Winny usage and the greatest security threats of 2005), publishing a survey carried out in conjuction with goo Research to find out about people’s use of file sharing software. They interviewed 1,071 people from their internet monitor group. 41.6% of the respondents were male, 23.2% in their twenties, 44.1% in their thirties, 25.2% in their forties, and 7.5% in their fifties.

This survey talks about confidential data leakage due to Winny viruses, but I have not seen any information that confirms it is due to viruses, and not just down to people sharing their whole hard disk or the like.

I did once or twice use Winny, but gave up as first the download rate was unbelievably slow, second the selection of material was pretty poor (or my understanding of Japanese was), and third it was, as is much Japanese user interface design, incredibly cluttered and unintuitive for me to use.
Read the rest of this entry »

In the middle of March this year iShare surveyed the users of their CLUB BBQ mail forwarding service to see what they thought about file-sharing (or P2P) software. They got replies from 783 people, 74% male, but no age breakdown is available.

The most (in)famous P2P program in Japan is Winny, which has been responsible for rather a few data leaks. To be strictly correct, however, the software is not responsible, it’s the user for not knowing how to set it up correctly that’s the problem, along with lax security that allows people to install dodgy software on work computers, or to place confidential information on their home PCs. See also my other recent article that ranks it as the second greatest threat of 2005!

Note that since people are being asked to describe how they may be breaking the law, there might be some degree of reluctance for people to answer truthfully, so perhaps the true rate of file-sharing within this survey group is higher than reported. Note also that the population that has been surveyed here is perhaps a bit heavy on otaku.

Finally, BitTorrent is P2P but has a decent number of legitimate uses – how did that affect the results obtained? Is it even well-known in Japan?

UPDATE: translated and published another file sharing software use poll.
Read the rest of this entry »

The Information-Technology Promotion Agency, Japan, or IPA for short, or even 情報処理推進機構, jouhoushorisuishinkikou in Japanese, just published their lists of the top ten threats to information security in Japan in 2005 (Japanese PDF).

Please follow the linked articles to find out more information about each vulnerability. Please also read my recently-translated survey on the use of Winny and other P2P software.
Read the rest of this entry »

Toppan, a large Japanese corporation, published a press release relating to a survey they performed regarding views on financial institution security and Smart Card-based services. They questioned just 416 adults from Tokyo and surrounding area by means of a private internet-based survey over a couple of days in mid-November. The detailed survey results were not published, but instead the data was presented as a report, so will be translated in that form.

Note that an IC Cash Card is the Japanese term for a SmartCard-based ATM card. This definition excludes, I believe, credit cards with Chip and Pin functionality, and is sometimes associated with extra biometrics information – a good number of the ATMs in Japan are fitted out with fingerprint or vein scanners.

The bank I am with has recently changed their rules so that when using ATMs with a standard magnetic strip-based card, only (only?) 2,000,000 yen (£10,000 or US$20,000) can be transferred to another account per day, down from 5,000,000 yen per day; the same two million yen can also be withdrawn as cash. If using a Smart Card, the amount that can be transferred or withdrawn has been raised to TEN MILLION YEN, fifty thousand pounds or one hundred thousand dollars!
Read the rest of this entry »