North Korea's 'Paranoid' Computer Operating System

North Korea’s homegrown computer operating system mirrors its political one – marked by a high degree of paranoia and invasive snooping on users, according to two German researchers.

Their investigation, the deepest yet into the country’s Red Star OS, illustrates the challenges Pyongyang faces in trying to embrace the benefits of computing and the Internet while keeping a tight grip on ideas and culture.

The operating system is not just the pale copy of western ones that many have assumed, said Florian Grunow and Niklaus Schiess of the German IT security company ERNW, who downloaded the software from a website outside North Korea and explored the code in detail.

“[The late leader] Kim Jong-il said North Korea should develop a system of their own. This is what they’ve done,” Gunrow told the Chaos Communication congress in Hamburg recently.

North Korea, whose rudimentary Intranet system does not connect to the world wide web, but allows access to state media and some officially approved sites, has been developing its own operating system for more than a decade.

This latest version, written around 2013, is based on a version of Linux called Fedora and has eschewed the previous version’s Windows XP feel for Apple’s OSX – perhaps a nod to the country’s leader Kim Jong-un who, like his father, has been photographed near Macs.

But under the bonnet there’s a lot that is unique, including its own version of encrypting files. “This is a full blown operation system where they control most of the code,” Grunow said. The researchers say this suggests North Korea wants to avoid any code that might be compromised by intelligence agencies.

“Maybe this is a bit fear-driven,” Grunow said. “They may want to be independent of other operating systems because they fear back doors,” which might allow others to spy on them.

Grunow and Schiess said they had no way of knowing how many computers were running the software. Private computer use is on the rise in North Korea, but visitors to the country say most machines still use Windows XP, now nearly 15 years old.

The Red Star operating system makes it very hard for anyone to tamper with it. If a user makes any changes to core functions, like trying to disable its antivirus checker or firewall, the computer will display an error message or reboot itself.

Red Star also addresses a more pressing concern - cracking down on the growing underground exchange of foreign movies, music and writing.
Illegal media is usually passed person-to-person in North Korea using USB sticks and microSD cards, making it hard for the government to track where they come from.

Red Star tackles this by tagging, or watermarking, every document or media file on a computer or on any USB stick connected to it. That means that all files can be traced. “It’s definitely privacy invading. It’s not transparent to the user,” Grunow said. “It’s done stealthily and touches files you haven’t even opened.”

Nat Kretchun, an authority on the spread of foreign media in North Korea, said such efforts reflected Pyongyang’s realisation that it needs “new ways to update their surveillance and security procedures to respond to new types of technology and new sources of information”.

There is no sign in the operating system of the kinds of cyber-attack capability North Korea has been accused of, the researchers say.
“It really looks like they’ve just tried to build an operating system for them, and give the user a basic set of applications,” Grunow said. That includes a Korean word processor, a calendar and an app for composing and transcribing music.

North Korea is not the only country to try to develop a bespoke operating system. Cuba has National Nova, and China, Russia and others have also tried to build their own.

Guardianhttp://bit.ly/1mZDyH6

« Fighting Cybercrime As The World Goes Digital
China Passes Controversial Counter-terrorism Law »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Arete

Arete

Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

QuoLab

QuoLab

QuoLab empowers security professionals to analyze, investigate and respond to threats within an integrated ecosystem.

ImpactQA

ImpactQA

ImpactQA is a global leading software testing & QA consulting company. Ten years of excellence. Delivering unmatched services & digital transformation to SMEs & Fortune 500 companies.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

LANCOM Systems

LANCOM Systems

LANCOM Systems is the leading European manufacturer of secure, reliable and future-proof networking (WAN, LAN, WLAN) and firewall solutions for the public and private sectors.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.