|
 Their research, the deepest yet into the secretive state's Red Star
OS, illustrates the challenges Pyongyang faces in trying to embrace
the benefits of computing and the internet while keeping a tight
grip on ideas and culture.
The researchers, Florian Grunow and Niklaus Schiess of German IT
security company ERNW GmbH, spoke to Reuters before presenting their
findings to the Chaos Communication Congress in Hamburg on Sunday, a
gathering of hackers and security researchers.
The operating system is not just the pale copy of western ones that
many have assumed, they concluded after downloading the software
from a website outside North Korea and exploring the code in detail,
"(Late leader) Kim Jong Il said North Korea should develop a system
of their own," said Grunow. "This is what they've done."
North Korea, whose rudimentary intranet system does not connect to
the outside internet but allows access to state media and some
officially approved websites, has been developing its own operating
system for more than a decade.
This latest version, written around 2013, is based on a version of
Linux called Fedora and has eschewed the previous version's Windows
XP feel for Apple's OSX — perhaps a nod to leader Kim Jong Un, who
like his father has been photographed near Macs.
But under the hood there's a lot that's unique, including its own
version of encrypting files. "This is a full blown operation system
where they control most of the code," said Grunow.
This, the researchers say, suggests North Korea wants to avoid any
code that might be compromised by intelligence agencies.
"Maybe this is a bit fear-driven," said Grunow. "They may want to be
independent of other operating systems because they fear back doors"
which might allow others to spy on them.
Grunow and Schiess said they had no way of knowing how many
computers were running the software.
While private computer use is on the rise in North Korea, visitors
to the country say most computers still use Windows XP, now nearly
15 years old.
NO TAMPERING
The Red Star operating system makes it very hard for anyone to
tamper with it. If a user makes any changes to core functions — like
trying to disable its antivirus checker or firewall — the computer
will display an error message, or reboot itself.
[to top of second column] |
Red Star also addresses a more pressing concern: cracking down on
the growing underground exchange of foreign movies, music and
writing.
Illegal media is usually passed from person-to-person in North Korea
using USB sticks and microSD cards, making it hard for the
government to track where they come from.
Red Star tackles this by tagging, or watermarking, every document or
media file on a computer or on any USB stick connected to it. That
means that any file could be traced back to anyone who had
previously opened or created the file.
"It's definitely privacy invading, it's not transparent to the
user," said Grunow. "It's done stealthily, and touches files you
haven't even opened."
Such efforts, says Nat Kretchun, an authority on the spread of
foreign media in the isolated country, reflect North Korea's
realization that it needs "new ways to update their surveillance and
security procedures to respond to new types of technology and new
sources of information."
There's no sign in the operating system, the researchers say, of the
kinds of cyber attack capability North Korea has been accused of.
"It really looks like they've just tried to build an operating
system for them, and give the user a basic set of applications,"
says Grunow. That includes a Korean word processor, a calendar and
an app for composing and transcribing music.
North Korea is not the only country to try to develop its own
operating system. Cuba has its National Nova, while China, Russia
and others have tried to build theirs.
(Editing by Dean Yates)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
