North Korea spreads total control to digital realms with its own OS
North Korea’s Red Star OS based on a Linux 2009 version called Fedora 11 does not just copy its western analogues, as previously anticipated, but also contains a lot of unique elements, including its own encryption code, according to two German researchers that conducted an in-depth analysis of the operating system.
“It really looks like they’ve just tried to build an operating system for them, and give the user a basic set of applications,” said one of the researchers, Florian Grunow. For example, the OS includes a Korean word processor, a calendar, and an app for composing and transcribing music.
Most of the system’s unique features were designed to give its creators full control over the OS and make it independent from the any code that could be compromised and used by foreign intelligence services, Florian Grunow and his fellow computer scientist, Niklaus Schiess from the German ERNW IT security company, said as they presented their research findings at the Chaos Communication Congress in Hamburg on Sunday.
“(Late leader) Kim Jong II said North Korea should develop a system of their own. This is what they’ve done,” Grunow said as quoted by Reuters.
The researchers also stressed that it had taken the North Koreans more than a decade to eventually create their own OS with its latest – third – version coming out around 2013.
Although the Red Star OS’s interface closely resembles that of the Mac OSX, while its previous versions were closer to Windows, it is still a separate “highly customized” OS with “a lot of features to improve the security of the system.”
“This is a full blown operation system where they control most of the code,” Grunow said as quoted by Reuters.
“Maybe this is a bit fear-driven. They may want to be independent of other operating systems because they fear back doors” potentially allowing spying on North Korea’s digital activities, he added.
Additionally, the system rigorously resists any changes that could be made by its user and closely monitors a user’s every move. The Red Star OS is provided with its own firewall and antivirus system, which receives updates from an internal North Korean server. Additionally, its core system files have extra protection against tampering.
The OS also includes a small program that constantly monitors the computer for any changes made to the system files. As a result, any attempt by a user to change the system’s core functions, such as disabling the antivirus, would lead to the computer showing an error message or rebooting itself. Under certain circumstances, a computer could even get stuck in an infinite cycle of rebooting, as reported by Motherboard.
The Red Star OS is also designed to contribute to a crackdown on illegal exchange of foreign media content, such as films, music or document files, which in North Korea are usually distributed via USB sticks from person-to-person.
The Red Star watermarks every document or media file on a computer as well as on any USB drive attached to it, encrypting it with the serial number of the computer’s hard-disk. This measure allows authorities to trace any file back to any computer that has ever stored it, even if the user hasn’t viewed its content.
“It’s definitely privacy invading, it’s not transparent to the user. It’s done stealthily, and touches files you haven’t even opened,” said Grunow.
However, according to Grunow and Schiess, their analysis of the North Korean operating system hasn’t revealed any kind of cyber-attack capabilities, such as those which the country has been accused of.
The researchers also said they have no data on how many computers in North Korea are already using this system, as they obtained it from a website located outside the country, while visitors to the country say most computers there still use 15-year-old Windows XP.
North Koreans also have no access to the World Wide Web and can only use a rudimentary intranet system that provides access to state media and some websites approved by the government.
Only foreign diplomats and representatives of international organizations can use the internet within North Korean borders, although even they have been banned from using such social media services as Facebook and YouTube since September 16.