“We ran a multi-week engagement with a professional services firm to do a Red Team exercise with us. They sent a beautiful phish with fantastic social engineering, and one of our corporate Mac users fell for it. Very shortly after the firm dropped Empire on the Mac, Red Canary caught it.
The desktop of Red Star OS 3.0, localized with North Korean terminology and spelling | |
Developer | Korea Computer Center, North Korea |
---|---|
OS family | Unix-like (desktop and server), Android (on Woolim, Ariang, Samjiyon, and Manbang) |
Working state | Current |
Source model | Closed source with open source components |
Latest release | 4.0 |
Marketing target | General Public |
Available in | Korean (North) |
Platforms | i386 (x86), ARM |
Kernel type | Monolithic (Linux) |
Default user interface | KDE 3[1] |
License | GPL (Linux kernel and other GNU software only), Proprietary |
Preceded by | Fedora 11[2] |
Red Star OS (Korean: 붉은별; MR: Pulgŭnbyŏl) is a North KoreanLinux distribution, with development first starting in 1998 at the Korea Computer Center (KCC). Prior to its release, computers in North Korea typically used Red Hat Linux[3] and Windows XP.[4]
Version 3.0 was released in the summer of 2013, but as of 2014, version 1.0 continues to be more widely used. It is offered only in a Korean language edition, localized with North Korean terminology and spelling.[5]
Red Star OS features a modified Mozilla Firefox browser called Naenara ('My country' in Korean), which is used for browsing the Naenara web portal on the North Korean internet network known as Kwangmyong. Naenara comes with two search engines. Other software includes a text editor, an office suite, an e-mail client, audio and video players, and video games.[6] Version 3, like its predecessors, runs Wine, a piece of software that allows Windows programs to be run under Linux.[7]
Red Star OS 3.0, unlike its predecessors, uses a KDE 3 desktop. However, version 3.0 closely resembles Apple's macOS, whereas previous versions more closely resembled Windows XP;[8][9] current North Korean leader Kim Jong-un was seen with an iMac on his desk in a 2013 photo, indicating a possible connection to the redesign.[6][10][11]
The Japan-based North Korea-affiliated newspaper Choson Sinbo interviewed two Red Star OS programmers in June 2006.[3] In February 2010, a Russian international student at the Kim Il-sung University in Pyongyang purchased a copy and posted about it on his LiveJournal account; Russian television station RT picked up his LiveJournal post and translated it into English.[6] English-language technology blogs, including Engadget and OSnews, as well as South Korean wire services such as Yonhap, went on to repost the content.[5][12][13] In late 2013, Will Scott, who was visiting the Pyongyang University of Science and Technology, purchased a copy of version 3 from a KCC retailer in southern Pyongyang, and uploaded screenshots to the internet.[7]
In 2015, two German researchers speaking at the Chaos Communication Congress[14] described the internal operation of the OS.[15] The North Korean government wants to track the underground market of USB flash drives used to exchange foreign films, music and writing,[16] so the system watermarks all files on portable media attached to computers.[17]
System requirements | |||||||||
---|---|---|---|---|---|---|---|---|---|
|
The first version appeared in 2008. It is very reminiscent of the Windows XP operating system.
It featured the 'Naenara' web browser, based on Mozilla Firefox, and an Office suite based on Open Office, called 'Uri 2.0'. Wine is also included.
So far, no copies have been leaked online. The screenshots of the operating system were officially published by KCNA and discovered by South Korean news sites.[20]
The development of version 2.0 began in March 2008, and was completed on 3 June 2009. Like its predecessor, it is based on the appearance of Windows XP, and was priced at 2000 North Korean won (approx. US$15).
The 'Naenara' internet browser is also included in this version. The browser was released on 6 August 2009, as part of the operating system, and was priced at 4000 North Korean won (approx. US$28).
The operating system uses a special keyboard layout that differs greatly from the South Korean standard layout.[citation needed]
Version 3.0 was introduced on 15 April 2012, and appears heavily based on macOS operating systems of various versions.[21] The new version supports both IPv4 and IPv6 addresses.
The operating system comes pre-installed with a number of applications that monitor its users - if a user tries to disable security functions, the operating system often restarts in continuous loops or destroys itself. In addition, a watermarking tool integrated into the system marks all media content with the hard drive's serial number, allowing the North Korean authorities to trace the spread of files. The system also has hidden 'anti-virus' software that is capable of removing censored files that are remotely stored by the North Korean secret service. There is a user group called 'administrator' in the operating system. Users do not have root access by default, but are able to elevate their privileges to root by running a built-in utility called 'rootsetting'. However, provisions are made in kernel modules to deny even root users access to certain files, and extensive system integrity checks are done at boot time to ensure these files have not been modified.[14]
Red Star OS 3 comes with a customized version of OpenOffice called Sogwang Office.[14]
Very little information is available on version 4.0.
As of late 2017 it is known that a Red Star 4.0 exists and is being field tested.[22]A server variation of version 4.0 appears to be currently used on the website of North Korea's national airline Air Koryo, Voice of Korea, and The Pyongyang Times according to the HTTP server header.[23][24]
According to The Pyongyang Times, an official version of Red Star OS 4.0 has been developed as of January 2019, with full network support as well as system and service management tools.[25]
In June and July 2020, South Korea's NKEconomy (NK경제) obtained Red Star 4.0 and published articles about it.[26][27][28][29]
In 2016, the security company Hackerhouse found a security vulnerability in the integrated web browser Naenara. This vulnerability makes it possible to execute commands on the computer if the user clicks on a correspondingly crafted link.[30][31]
Wikimedia Commons has media related to Red Star OS. |