North Korea’s Paranoid Operating System Revealed

This post is also available in: עברית (Hebrew)

Two German researchers recently ran an analysis of North Korea’s homegrown operating system, Red Star OS. Turns out, Red Star mirrors quite closely the political climate in Pyongyang: it’s rife with invasive snooping on users and paranoia.

Florian Grunow and Niklaus Schiess from German security company ERNW said that while expectations were for a system that is a pale copy of western counterparts, Red Star OS has quite a lot of unique features, and is a fully fledged operating system.

“[The late leader] Kim Jong-il said North Korea should develop a system of their own. This is what they’ve done,” Gunrow told the Chaos Communication congress in Hamburg last month.

North Korea has been working on its operating system for more than a decade now. The latest version was written around 2013, and is based on Fedora Linux. Unlike previous version, it no longer sports the look and feel of Windows XP, and has adopted an appearance similar to Apple’s OSX.

Beneath the facade, however, there is a fair bit that has been developed specifically to serve the dictatorship’s needs, including its own version of file encryption. “This is a full blown operation [sic] system where they control most of the code,” Grunow said.

This suggests North Korea is fearful of any code that could compromise their internal security, including backdoors inserted by western security agencies.

“Maybe this is a bit fear-driven,” Grunow said. “They may want to be independent of other operating systems because they fear back doors” that could allow western agencies to spy on North Korean computers.

While most users in the country are barred from the wider internet and can only access the country’s own rudimentary intranet, there is a growing underground exchange market of foreign films, music, and texts. Red Star is designed to target these exchanges, that usually happen with the aid of USB sticks and microSD cards, by tagging every document that is connected to the computer. This allows the government to track the spread of forbidden files.

“It’s definitely privacy invading. It’s not transparent to the user,” Grunow said. “It’s done stealthily and touches files you haven’t even opened.”

However, there is no sign of the cyber capabilities many in the west fear North Korea possesses. “It really looks like they’ve just tried to build an operating system for them, and give the user a basic set of applications,” Grunow said.