We’re big fans of the North Korean (DPRK) Internet “Kwangmyong” and Red Star OS Linux in Computer Systems & Network Administrator class.
Korean for “bright” Kwangmyong is fascinating as an enclave of Internet technology inaccessible to the rest of the world and also blocked from accessing the Internet from the inside of the notoriously reclusive state. As evidenced by the Naenara (“My Country”), Firefox clone, browser every address in North Korea is within the 10.0.0.0 address range: a range reserved by the rest of the world for private internal networks only and never used on the Internet – something which makes routing in and out of the DPRK impossible.
Red Star OS 2.0
In development since 2002 at the Korea Computer Center (KCC), a copy of the Red Star 2.0 CD was purchased by a Russian student in North Korea in 2010 and subsequently uploaded to the Internet.
Based on Linux with a KDE 3.0 desktop it has a familiar WindowsXP-like look and feel.
- ISO Download http://www.openingupnorthkorea.com/downloads-2.
- RT Article http://rt.com/news/north-korea-cyber-weapon/.
- Korea Times Article http://www.koreatimes.co.kr/www/news/biz/2010/04/123_63669.html.
- OS Review http://desktoplinuxreviews.com/north-korea-linux-reviews/north-korea-linux-red-star-os/.
Red Star OS 3.0
In 2013 a student visiting Pyongyang University of Science and Technology released screenshots of a copy of Red Star 3.0 bought from a KCC outlet in southern Pyongyang.
Similarly based on Linux and KDE 3.0, unlike its predecessor version 3.0 has a distinctly Apple OS X based look and feel – reportedly as per the personal preferences of the new leader Kim Jong-un who is known to use an iMac.
Both version 2.0 and 3.0 are notable for using the North Korean Juche calendar which begins with the year of Kim Il-sung’s birth at year 1. 2015 is the year 104.
Badly photoshoped militaristic background views of North Korea let down the otherwise slick OS X like interface of version 3.0 (sound was disabled in our VM installation so we weren’t able to confirm the existence of a nationalistic opening jingle).
Unlike in every other normal Linux OS, version 3.0 is also of interest in that the root password is not known to the installer/user; as the firewall has blocked all returning DNS requests, it is not possible to leave the North Korean intranet and browse the web, even when installed outside of North Korea; and, it is reported, Red Star OS 3.0 routinely leaks information on the browsing habits of users back to the DPRK government.
However, and perhaps as a by-product of government spying interests, the system is also remarkably easy to hack.
- Download: www.openingupnorthkorea.com/downloads-2; a torrent download is also currently available.
- Install notes: http://www.northkoreatech.org/2014/12/30/red-star-3-0-desktop-the-install/
- Rooting and language: https://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/
- Technical details (and unidentified processes): http://fluxcoil.net/doku.php/software/red_star_3.0
- Hacking Red Star (and on how it leaks information back to the DPRK government): http://www.forbes.com/sites/thomasbrewster/2015/01/09/hacking-north-korea-red-star-is-easy/
- Download the ISO from www.openingupnorthkorea.com/downloads-2; (a torrent download is also currently available).
- Install as a virtual machine in either VirtualBox or VMWare.
- To access the command-prompt use alt-F2 and run konsole.
- Root access is disabled by default. To root install redstarroot.rpm which can be coped into a Red Star 3.0 virtual machine via the local network since Public is already shared by default. The package exploits a root flaw in the Red Star 3.0 package manager which allows installation of anything, and thus including root access. Once installed run rootsh to root.
- IPTables in Red Star 3.0 have blocked pings and DNS information from returning (even though requests are able to get out). Sites can still be accessed by IP address alone; but to fix Internet access run rm /etc/sysconfig/iptables. (If it now stalls on reboot – disable the VM network connection until the interface is up during reboot.)
- For routine editing use vi. At the bare minimum you need to remember i for insert mode, ESC to stop insert mode, and : x to exit. For more on learning vi see http://www.cs.colostate.edu/helpdocs/vi.html.
- To switch to English in the browser go to the second-last menu, select the third option, go to the fourth tab, select the “(ko-KP)” add-on, click the first button to disable it, and click the button on the yellow bar to restart the browser. At the command prompt run:
- sed -i ‘s/ko_KP/en_US/g’ /etc/sysconfig/i18n
- sed -i ‘s/ko_KP/en_US/g’ /usr/share/config/kdeglobals
- To enable software installation run:
- mv /etc/yum/repos.d/rs-03000.repo /etc/yum/repos.d/rs-03000.off (causes yum errors)
- Download fedora-upgrade-21.2-1.fc21.noarch.rpm, fedora-release-21-2.noarch.rpm, and fedora-repos-21-2.noarch.rpm from http://ftp.heanet.ie/pub/fedora/linux/releases/21/Everything/i386/os/Packages/f/ and run:
- yum install fedora-upgrade-21.2-1.fc21.noarch.rpm
- yum install fedora-release-21-2.noarch.rpm
- yum install fedora-repos-21-2.noarch.rpm
- yum update
- In case of error: yum clean all
- For example, to install Wireshark: yum install wireshark