Sophos Cloud Optix
North Korea’s national Red Star operating system is surely the strangest fork of Linux ever programmed.
Designed to be an ideologically pure and secure alternative to suspect western software, researchers have been pulling it apart with glee since the full install of version 3.0 leaked in early 2015.
What they found is odd: it boots up and closes down with a traditional Korean folk song. The installation serial number can be bypassed with any number. And it comes with a GUI so similar to the Mac, it’s a surprise that Tim Cook’s lawyers haven’t sent a cease and desist.
Naturally, it has security vulnerabilities, the latest example of which is a remotely exploitable flaw inside the OS’s bundled Firefox-derived browser, Naenara 3.5.
It’s a fairly serious flaw – a single malicious link would give an attacker complete control – although not the first discovered in Red Star. But to focus on the irony of serious security holes being found in an OS that was designed to escape the same problem in western software is to miss deeper paradoxes.
Exploiting the flaw would mean finding PCs running it inside the DPRK, but according to people who’ve visited the country, Windows 7 is probably as common. In a country where unsupervised PCs are extremely rare, Red Star might even have more users outside North Korea.
Neither the OS nor the browser seem to be updated that often, another problem for software with ambitions to maximum security.
But Red Star wasn’t built to keep the outside world out, nor even to counter the possibility that US-made operating systems have backdoors. Red Star is and always has been all about keeping the North Korea’s small population of PC users in.
Red Star’s browser is hardwired to access the country’s Kwangmyong Intranet, which hides the entire nation behind a single Class A IP address. It’s as if everyone in the country is on the same network.
Everything the user can do on a Red Star PC is tracked in detail, often using technology adapted from western monitoring systems. But, secure? That seems unlikely. As every teardown of it has mentioned, Red Star is full of errors.
Building operating systems and browsers takes non-stop effort and requires the involvement of lots of motivated developers. Nation states find that effort hard to keep going.
North Korea isn’t the only nation to have its own national operating system. China has something called Kylin, Iran’s is called Zamin while, more recently, Russia military has talked up Astra.
All are based on Linux and at least one, Turkey’s Pardus, has a following abroad. What do these countries have in common? Essentially, most of them don’t get on well with the US, which seems to be the point of the national OS idea.
Whatever North Korea and Iran think about the US, they fear internal dissent more and using permissive western software is seen as a high road to trouble.
The national OS offers an alternative, then, but one that is much about psychological separation as meaningful security.
Is it *really* a flaw? Or is it just the DPRK’s idea of a feature necessary to help keep the population under surveillance?
Why would we post a flaw on a system that we one day may need to guard against?
No-one else spot the irony here: “Everything the user can do on a Red Star PC is tracked in detail, often using technology adapted from western monitoring systems.”? Seems as if it might imply western monitoring systems are ahead in terms of how to repress, manipulate and control their populations. Did you not know cannabis grows wild just about everywhere in North Korea and is enjoyed by many, many people on a regular – even daily – basis with veritable impunity?
Reminds me of what my history teacher used to say about the Soviet Union. “At least the rents are low.”
Or is this just another source of Disinformation by the DPRK’s
It is not flawed, this is just what DPRK wants you to think. You won’t see them coming 🙂
Well if this is true its awful news. The most secure country in the world, run by a guy that doesn’t want his country knowing what is going on outside of the boarders. If hackers can get into this system, then they must be able to pretty much do what they want if they put there time and efforts into it. Scary reading!!
John E. Dunn wrote ” And it comes with a GUI so similar to the Mac, it’s a surprise that Tim Cook’s lawyers haven’t sent a cease and desist.”
I would doubt that Apple has applied for any patents in the DPRK. Hence nothing to assert.
Depends if you are going for a patent violation or a copyright infringement. According to Wikipedia, both the USA and DPRK have signed the 1886 Berne Convention on Copyright (the USA in 1988 and DPRK in 2003). IIRC there is no need for any application, registration or certification in any country that’s part of the deal. (Indeed, that’s part of the deal 🙂
So, even with toungue-in-cheek, I guess a lawsuit is theoretically possible…