North Korea's 'Paranoid' Computer Operating System

Uploaded on 2016-01-09 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

North Korea’s homegrown computer operating system mirrors its political one – marked by a high degree of paranoia and invasive snooping on users, according to two German researchers.

Their investigation, the deepest yet into the country’s Red Star OS, illustrates the challenges Pyongyang faces in trying to embrace the benefits of computing and the Internet while keeping a tight grip on ideas and culture.

The operating system is not just the pale copy of western ones that many have assumed, said Florian Grunow and Niklaus Schiess of the German IT security company ERNW, who downloaded the software from a website outside North Korea and explored the code in detail.

“[The late leader] Kim Jong-il said North Korea should develop a system of their own. This is what they’ve done,” Gunrow told the Chaos Communication congress in Hamburg recently.

North Korea, whose rudimentary Intranet system does not connect to the world wide web, but allows access to state media and some officially approved sites, has been developing its own operating system for more than a decade.

This latest version, written around 2013, is based on a version of Linux called Fedora and has eschewed the previous version’s Windows XP feel for Apple’s OSX – perhaps a nod to the country’s leader Kim Jong-un who, like his father, has been photographed near Macs.

But under the bonnet there’s a lot that is unique, including its own version of encrypting files. “This is a full blown operation system where they control most of the code,” Grunow said. The researchers say this suggests North Korea wants to avoid any code that might be compromised by intelligence agencies.

“Maybe this is a bit fear-driven,” Grunow said. “They may want to be independent of other operating systems because they fear back doors,” which might allow others to spy on them.

Grunow and Schiess said they had no way of knowing how many computers were running the software. Private computer use is on the rise in North Korea, but visitors to the country say most machines still use Windows XP, now nearly 15 years old.

The Red Star operating system makes it very hard for anyone to tamper with it. If a user makes any changes to core functions, like trying to disable its antivirus checker or firewall, the computer will display an error message or reboot itself.

Red Star also addresses a more pressing concern - cracking down on the growing underground exchange of foreign movies, music and writing.
Illegal media is usually passed person-to-person in North Korea using USB sticks and microSD cards, making it hard for the government to track where they come from.

Red Star tackles this by tagging, or watermarking, every document or media file on a computer or on any USB stick connected to it. That means that all files can be traced. “It’s definitely privacy invading. It’s not transparent to the user,” Grunow said. “It’s done stealthily and touches files you haven’t even opened.”

Nat Kretchun, an authority on the spread of foreign media in North Korea, said such efforts reflected Pyongyang’s realisation that it needs “new ways to update their surveillance and security procedures to respond to new types of technology and new sources of information”.

There is no sign in the operating system of the kinds of cyber-attack capability North Korea has been accused of, the researchers say.
“It really looks like they’ve just tried to build an operating system for them, and give the user a basic set of applications,” Grunow said. That includes a Korean word processor, a calendar and an app for composing and transcribing music.

North Korea is not the only country to try to develop a bespoke operating system. Cuba has National Nova, and China, Russia and others have also tried to build their own.

Guardianhttp://bit.ly/1mZDyH6

« Fighting Cybercrime As The World Goes Digital
China Passes Controversial Counter-terrorism Law »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Gurucul

Gurucul

Gurucul predictive security analytics protects against insider threats, account compromise and data exfiltration on-premises and in the cloud.

NowSecure

NowSecure

NowSecure are the experts in mobile app security testing software and services.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Cofrac

Cofrac

Cofrac is the national accreditation body for France. The directory of members provides details of organisations offering certification services for ISO 27001.

Deepnet Security

Deepnet Security

Deepnet Security is a leading security software developer and hardware provider in Multi-Factor Authentication (MFA), Single Sign-On (SSO) and Identity & Access Management (IAM).

Hexaware Technologies

Hexaware Technologies

Hexaware is an automation-led next-generation service provider delivering excellence in IT, BPO and Consulting services.

AnaVation

AnaVation

AnaVation is a trusted partner delivering high-value, cost-effective solutions that solve the most complex technical and analytical problems for our customers.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

Apollo Information Systems

Apollo Information Systems

Apollo is a value-added reseller that provides our clients with the complete set of cybersecurity and networking services and solutions.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

Institute for Applied Network Security (IANS)

Institute for Applied Network Security (IANS)

For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for decision making and articulating risk.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.

Hive Systems

Hive Systems

Hive Systems specialize in tailored solutions that unify risk assessments, IT, security awareness, and cybersecurity operations for businesses of all sizes.