North Korea’s Operating System Copies Apple’s OSX and Has Many Security Features
Here is a look at North Korea’s computer operating system for their Intranet software. It looks like the NSA will have a very difficult time ever snooping on the North Koreans based on how their Intranet and Red Star software is designed:
North Korea’s homegrown computer operating system mirrors its political one, according to two German researchers who have delved into the code: a go-it-alone approach, a high degree of paranoia and invasive snooping on users.
Their research, the deepest yet into the secretive state’s Red Star OS, illustrates the challenges Pyongyang faces in trying to embrace the benefits of computing and the internet while keeping a tight grip on ideas and culture.
The researchers, Florian Grunow and Niklaus Schiess of German IT security company ERNW GmbH, spoke to Reuters before presenting their findings to the Chaos Communication Congress in Hamburg on Sunday, a gathering of hackers and security researchers.
The operating system is not just the pale copy of western ones that many have assumed, they concluded after downloading the software from a website outside North Korea and exploring the code in detail,
“(Late leader) Kim Jong Il said North Korea should develop a system of their own,” said Grunow. “This is what they’ve done.”
North Korea, whose rudimentary intranet system does not connect to the outside internet but allows access to state media and some officially approved websites, has been developing its own operating system for more than a decade.
This latest version, written around 2013, is based on a version of Linux called Fedora and has eschewed the previous version’s Windows XP feel for Apple’s OSX — perhaps a nod to leader Kim Jong Un, who like his father has been photographed near Macs.
But under the hood there’s a lot that’s unique, including its own version of encrypting files. “This is a full blown operation system where they control most of the code,” said Grunow.
This, the researchers say, suggests North Korea wants to avoid any code that might be compromised by intelligence agencies.
“Maybe this is a bit fear-driven,” said Grunow. “They may want to be independent of other operating systems because they fear back doors” which might allow others to spy on them. [Reuters]
You can read more at the link.


I’ve just recently began messing with Linux, using Linux Mint, and Cairo Dock as a launcher. CD is what makes Linux look like a Mac, with the launcher on the bottom row. It’s s nice bit of eye candy, but I haven’t gotten into it enough to know what’s under the hood.
I’m using it on an old Asus netbook laptop, just because I was curious how it would work on an old XP system. It works pretty well, considering the Atom processor’s limitations, and the 200gb hard drive.
Considering that North Korea has to buy “on the cheap,” and their paranoia would want them to avoid anything that might have a built in hardware backdoor, this makes sense.
I’ve tossed out the Raspberry Pi computers on the main thread, and people with a lot more interest and ability have been kicking back a few ideas. I suggested that during the next balloon drop sending Raspberry Pi systems preloaded with one of the many flavors of Linux might be a way around the Red Star’s fingerprint system.
Hard to say what the “man on the street” uses though, with limited electricity and knowledge base, and no access to the real Internet. And I’m pretty sure a satellite link would be noticed by the powers that be.
The DPRK has a market in DVD players with USB ports. Put an official propaganda DVD in the player, then watch your K-Dramas on a USB. If the Secret Police come knocking, slip the USB into your pocket, and show that you were just innocently watching “Comrade General Supreme Leader and All Around Nice Guy Kim Jong Un Teaches Proper Toe Nail Trimming Techniques” or whatever passes for entertainment up north…
I bet their cell phone network is a gold mine for the NSA. Also, if North Korea is importing computers, you can install compromising software before the computers enter the north.
The title is really misleading, but I have seen it similarly titled at almost every other outlet that is covering the story. The graphical user interface (GUI) is a clone, but this is not simply a cracked version of OS X. It’s a linux kernel. There are thousands of linux flavors out there in the wild.
The DPRK is very well aware that files are distributed largely through USB, which is why the fingerprinting system is so effective. It creates a digital signature for each new “permutation” of the file, thus creating a complete “crumb trail” of how the files were distributed, and to and from whom. Of course, this doesn’t work on a DVD player, because it isn’t running the linux flavor RedStar OS. However, any file that touches the RedStar OS will have a fingerprint. If you attempt to disable some core “features” in the OS, it will instantly reboot and “heal” the corrupted files.
There is no such thing as an unhackable operating system. But, unlike in the free world, when vulnerabilities are discovered in Red Star nobody will be willing to tell them.
It is probably well pwned by now and they don’t even know it.
@ DD
Installing compromising software would be pointless, as RedStar OS would be installed, removing any software previously installed. If you wanted to go this route you would use some sophisticated malware on the firmware of the HDDs.
@ MTB
Not a bad idea with the USB stick. But, it would be really easy for some DPRK goon to write a script to determine the last x amount of files that have been running on the DVD player, and the file names. Imagine that when the goons come knocking, they not only check what DVDs are in the drive, but stick a USB into the port with an LCD screen that displays the output from the simple script. I hope I’m not giving these turds any (really simple) ideas!
Given it’s only going to be select Party members and higher-level employees with PCs, They probably don’t need to be terribly sophisticated. Everyone is expected to rat on everyone else if they don’t want to end up as shark-bait or even Soylent Green…
Boot from an alternative operating system on USB that removes access to the hard drive… do your thing… hide USB stick and reboot when the black sedan pulls up.
There. Simple. Solved the problems of both the free and non-free world. Time to move on.
Monoclonal antibodies with a modified protein sheath should cure cancer and muon-catalized fusion should solve our energy needs.
Great advice, CH…
There are ways to tinker with the firmware on most USB devices. BadUSB is an example of this.
The BIOS can also be modified to hide malicious code. Not sure where the NorKs get their computers from but if they come from a U.S. based manufacturer or anyone the U.S. may have co-opted into massive spying efforts, then one of the alphabet agencies has probably already gone this route.
I’m sure the NorKs have thought of this, but simply overwriting a computer’s preloaded OS and installing their Red Star wouldn’t necessarily get rid of anything written into the BIOS. The BIOS would likely have to be flashed to get rid of the underlying code. That’s my take on it anyways.
CH’s idea seems to be best for those trying to get around the Red Star issue on PC. Live Versions of Linux can be run from a disc or a USB. Tails OS is designed to run securely and privately in live sessions from a USB. I doubt it would be compatible on a DVD player, but is a handy solution for those looking to wipe their session clean on a PC. As with anything, somebody somewhere has probably already found a way to back door it. Perhaps with one of the methods mentioned above. The NSA undoubtedly spends a lot of money and man hours looking for ways to break into anything and everything.
I suspect this is a big deal over nothing.
If a digital “fingerprint” was so easy, the RIAA would be all over it.
In reality, it is probably a trivial excercise to log activity and observe where the fingerprint (encrypted hard disk serial number) is written in a file and then erase it or change it to some meaningless number… at first with a sector editor, then an automated program, and finally with a background process that does it automatically after the OS does its thing.
The obvious next step is to make a Red Star Hacker Toolkit that takes care of all the nonsense and then release it into North Korea and let sharing take care of the rest.
There is a good chance North Korean computer culture has exploitable similarities with 80s Soviet and American pre-Internet culture.
If there is no greed in this project… meaning the toolkit doesn’t contain NSA malware that makes it untrustworthy, it will quickly negate NK controls and encourage further sharing of banned/subversive/enlightening material.
Interestingly, everyone gasps when North Korea tracks activity on their computers… yet Microsoft, Apple, ISPs, telephone companies, and everyone else looking for fat taxpayer dollars for selling information yo yhe government that the government is restricted from collecting itself, have been doing it pretty openly for years.
There we have it folks, expert opinion and advice from MBT, you know, the guy that has “just recently began messing with Linux”.
Manners, dear Mr. Ruthers.
This is the start of 2016 and we wish to perpetuate some degree of decorum except in the most extreme cases, of which this is not.
Happy new year, Mr. Ruthers.
Ruthers,
You seem like a pretty smart guy. Since many of us are into tech as a career or a hobby, I’m sure you will fit right in.
Please don’t pick on MTB for expressing his enthusiasm for messing around with a new operating system. Do you remember how it felt the first time you realized there really was another OS besides Microsoft or Apple’s brand and that it was actually usable and not some mystical wizardry only for advanced users?
Recently, our resident troll seems to have vacated his spot under the bridge. I hope that you become an active member here and participate in respectful, mutually beneficial conversations, and don’t move in to fill the position.
Don’t take this as an attempt at a reprimand or scolding. Just friendly conversation. We’re all adults here and we are happy to have new ideas or opinions kicked around as long as we can keep it mostly civil.
Welcome to ROKDrop. Happy commenting.
Sorry MTB. 😉 I get overzealous on occasion. I will do 3x bows next time I pass the TDC MTB sign off the highway.
I’m pretty thick skinned. No worries.
I just know that Linux seems to be the growing OS, and it’s been fun to mess around with. When I saw the reporter compare it to Mac OS X I knew it was just the Cairo Dock launcher at the bottom, something I put on my Mint after I switched from the side launcher of Ubuntu. I mostly use it as a word processor, Libre Office.
As for the TDC MTB sign, head for the shops there, and get a bike. Han Kook MTB and Mountain Story MTB both have English speakers on staff, and Mountain Story tends to keep bigger bikes in stock. They realized Americans tend to be bigger than Koreans, and are impulse shoppers.
Dongducheon has the last race of the season, and it attracts several thousand riders, including a couple pros. A lot of fun every year, and the soldiers at Casey get to race for free. The MTB course from Dongducheon Stadium is well marked, challenging, and a great workout.