Skip to main content

Researchers get a glimpse into North Korea’s homemade operating system

A group of security researchers have taken an in-depth look at how North Korea’s state-built operating system RedStar OS works and tracks the citizens that use it.

Florian Grunow and Niklaus Schiess from German security company ERNW presented their findings at this week’s Chaos Communication Congress in Hamburg after the duo managed to get their hands on the code for the operating system.

Recommended Videos

RedStar OS operates much like the totalitarian regime in North Korea. It’s primitive and completely controlled by its creators, though it’s based on Linux’s Fedora 11, an open source technology that is ironically all about free speech and access to information.

The OS that Grunow and Schiess have analyzed is a version from 2013. The researchers have not revealed how exactly they got access to the code, but mentioned they downloaded the code from a site outside North Korea.

The RedStar OS was devised by Kim Jong-il, the father of current leader Kim Jong-un, over a decade ago as a means for North Korea to run a basic internet-like network while also controlling it entirely. The network is actually an intranet running off servers in North Korea, which allows access to a limited number of government-approved sites.

Most striking, the operating system tracks any changes that the user might make to the OS. This is most likely a means to track any possible back doors implanted for foreign agencies to spy on the regime, according to Grunow and Schiess. “They may want to be independent of other operating systems because they fear back doors,” Grunow told The Guardian.

Any time a user inserts a USB stick into their computer, RedStar OS will watermark the files in order to track them, and keep tabs on who has access to them. This is done covertly. “It’s done stealthily and touches files you haven’t even opened,” said Grunow. This is particularly interesting as one of the main avenues for sneaking western or South Korean content like films and TV shows into the hermit kingdom is via smuggled USB drives.

The OS is largely tamper proof, too. Any time a user attempts to make any changes to the main settings, like disabling the antivirus or firewalls, the OS will automatically reboot itself.

However, the researchers found no evidence that the RedStar OS has ever been used in cyber-attacks on foreign targets, despite North Korea being accused several times for attacks on western nations and companies. This doesn’t mean the country wasn’t involved — but it does seem unlikely the attacking computers ran RedStar OS.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
This compact HP Omen gaming PC is on sale at 39% off today
The HP Omen 16L gaming desktop sitting on a desk.

For those who want a proper gaming desktop but don't have enough space for a big and bulky machine, the HP Omen 16L could be what you need. You're in luck because it's on sale from the gaming PC deals of HP right now, with this configuration featuring the Nvidia GeForce RTX 3050 graphics card available at 39% off. You'll only have to pay $800 instead of its original price of $1,330, but you need to push through with your purchase immediately if you want to make sure you pocket the savings of $530.

Why you should buy the HP Omen 16L gaming PC

Read more
SpaceX’s Starlink rival is about to launch more internet satellites — here’s how to watch
Amazon's KA-01 mission for Project Kuiper gets underway from the Space Coast.

[UPDATE: A technical issue with the rocket has caused the launch to be postponed. We'll update this article with the new launch schedule just as soon as it becomes available.]

Amazon is preparing to launch its second batch of Project Kuiper internet satellites to orbit as it seeks to build out a constellation to take on SpaceX’s Starlink service.

Read more
Weird Mac mini issue prompts Apple to take action
A top-down view of the Mac Mini.

Following multiple reports of specific Mac mini computers failing to power on, Apple has launched a global repair program to sort the problem out.

Apple launched the  M2 Mac mini in January 2023, though the affected units were made between June 16 and November 23 of 2024, according to a notice about the repair program that was first spotted by MacRumors.

Read more