Archive for January, 2015


Notes on Red Star OS 3.0

Updated 2016-01-04: A year after Red Star 3.0 surfaced on 31C3, 32C3 held a talk on its internals. The talk documents the official root method and some malicious components; I have updated this post accordingly.

The latest version of North Korea’s custom Linux distribution, Red Star OS – that one with the OS X style interface – has leaked onto the internet. While the individual who talked about technology in North Korea on the 31C3 conference said he didn’t see anybody using Red Star seriously, it’s a rather interesting distribution to check out.




The Korean installer is quite easy to go through blind. All you need to watch out for is the network configuration, which is not set to DHCP by default. Some extras (including compilers and a LAMP stack) are available through the Customize dialog right before it starts the actual installation.

The installer (a customized version of Fedora’s Anaconda) can run in English with a modification to the ISO: in /isolinux/isolinux.cfg, replace lang=ko with lang=en on the kernel parameters. Some minor parts of the UI are images which weren’t translated. The final system will still be in Korean, but we’ll fix that later.

Red Star 3-2015-01-01-20-47-52


Obtaining root

The root user is disabled by default on Red Star. You can enable it with the /usr/sbin/rootsetting command, although I cannot verify how it works.

My old root-shell RPM is still available here for reference.



Like the installer, the system can run in English, and the included apps have English translations as well. Run the following commands as root, reboot, and the system will be in English:

sed -i 's/ko_KP/en_US/g' /etc/sysconfig/i18n
sed -i 's/ko_KP/en_US/g' /usr/share/config/kdeglobals

Thanks to davidiwharper on OSNews for the sed command.

Red Star 3-2015-01-02-13-50-04


Fixing internet

For some reason, Red Star’s iptables is set to only allow outgoing connections to certain ports. That doesn’t include DNS (North Korea’s intranet uses IP addresses only), so you can’t get a proper internet connection on Red Star. To fix that, run this command as root to clear Red Star’s default iptables rules, and reboot:

rm /etc/sysconfig/iptables

The included “Naenara Browser” is Firefox 3.5, and despite being set to browse on the North Korean intranet, it works just fine on the internet. Its language can be changed to English by disabling the Korean language pack (thanks Chocohead): go to the second-to-last menu, select the third option, go to the fourth tab, select the “(ko-KP)” add-on, click the first button to disable it, and click the button on the yellow bar to restart the browser.

Red Star 3-2015-01-02-22-23-36


Dubious components

As highlighted in the 32C3 follow-up talk, Red Star contains several shady components, including but not limited to a file watermarking service and a supposed “virus scanner”. The speakers provided instructions on how to disable these components.


Other things

  • The system seems to be dated October 2012. UPDATE: Packages as new as 2013 are in the system.
  • There appears to be a system file modification detector, which warns about modified system files when you log in. Running the installer in English was enough for it to complain about the kernel files, at least for me. To disable it, run this command as root: rm /usr/share/autostart/intcheck_kde.desktop
    • The 32C3 talk also mentions a similar service which automatically reboots the system if files related to the aforementioned malicious components are modified.
  • The disc includes a Windows executable named install.exe, which displays a dialog (actually an image lifted from the EXE resources) with two buttons. The first one displays an error, which probably tells you to boot from the DVD, and the second one closes the dialog.
    XP Pro-2015-01-08-20-20-29XP Pro-2015-01-08-20-20-55
  • Press Esc on the boot splash for verbose boot.
  • In several places, you’ll see English or South Korean locales replaced to accommodate the North Korean locales.
  • There is a surprising lack of Engrish in the included apps. One theory is that all English text was taken straight out of OS X.
  • The “Crosswin” Windows compatibility layer is a wrapper around Wine 1.2.2.