back

Lifting the Fog on Red Star OS

A deep dive into the surveillance features of North Korea's operating system

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:56:51
Language
English
Abstract
Angae means "Fog" in Korean. The term is widely used in parts of custom code used by the Red Star OS. We will lift the fog on the internals of North Korea's operating system. Our talk will provide information about how privacy is invaded for all users of Red Star OS and how an operating system designed by a totalitarian dictatorship works.

In 2014 the version 3 of North Korea's Red Star operating system was leaked. It is based on Linux and has the look and feel of a Mac. There is also a server version available. We will start the presentation by giving a general overview and presenting findings that already hit the net during the last year, like research on Red Star’s custom browser and its configuration.

The focus of the presentation is to explain in depth how the architecture of the components is made up and to give a detailed overview of the privacy invading custom code implemented into the OS.

The system is designed to defend and protect itself from changes made from user space. We will analyze the interaction of the components and the protection mechanisms and provide information on how to deactivate some of the malicious functionality of Red Star OS.
North Korea abuses the principals of free software to provide an operating system that suppresses free speech. Therefore we think it is necessary to disclose this information to the public and present the audience on how to get around the limitations introduced by North Korea.

Investigating functionality that can be used to invade the privacy of users was our primary goal. We found that the features implemented in Red Star OS are the wet dream of a surveillance state dictator. It provides a set of surveillance features like the capabilities to watermark different types of files that can be used to track the distribution of documents and multi-media files. We will have an in depth look on how some of these features built the foundation for a suppressive state in a modern world.

Talk ID
7174
Event:
32c3
Day
1
Room
Hall 6
Start
4 p.m.
Duration
01:00:00
Track
Ethics, Society & Politics
Type of
lecture
Speaker
Florian Grunow
Niklaus Schiess
Talk Slug & media link
32c3-7174-lifting_the_fog_on_red_star_os

Talk & Speaker speed statistics

Very rough underestimation:
159.7 wpm
867.9 spm
While speaker(s) speak(s):
162.7 wpm
883.7 spm
159.7 wpm
862.8 spm
165.5 wpm
904.3 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
159.7 wpm
867.9 spm
systemfilefilesredstarnorthkoreainterestingkernelstuffversionprettyoscodeoperatingflorianbitmoduleuserlaughterquestiontalkinternetintegritykoreanwatermarksoftwareisobasicallyprocessopenpackageniklausvirusleakedmaliciousthoughtfindhardcustombackdoorschecktalkingthingrootmacwatermarkingsecurityusbscanner
While speakers speak:
162.7 wpm
883.7 spm
filesystemfilesredstarinterestingnorthkoreakernelosversionprettyoperatingmodulecodebitusertalkinternetstuffintegritylaughterthoughtpackageprocessmaliciouswatermarksecuritymackoreanrootvirusthinghardbackdoorsisobasically3.0findosximplementedservicesusbstickservicecustomopenscannercheckscnprc
Florian Grunow:
159.7 wpm
862.8 spm
systemredstarnorthkoreafilesoperatingosinterestingbitkernellaughterversionmacintegritytalkinternetosxfileuser3.0stuffkoreanaspectsfindprettycustommoduleyearbasicallysecuritysoftwareservercalledcryptotooltamperedsecurityddprkscottpresentationleakedbrowserguessimplementedtouchedkdmpigantivirusreboot
Niklaus Schiess:
165.5 wpm
904.3 spm
filefilessysteminterestingprettycodekernelwatermarkpackagemodulethoughtversionusbstickservicemaliciousservicesvirusexamplenorthkoreawatermarkinghardosweirdfunctionalityprocessuserscnprcscanningwatermarksserialopenthingbackdoorsrunningrootkillreaddisableupdatetrackisoredstarstufftalkingoperatingcheckconfirm