Updated 2020-03-31: Part 2 is now up.
The latest version of North Korea’s custom Linux distribution, Red Star OS – that one with the Mac OS X style interface – has leaked onto the internet. While the individual who talked about technology in North Korea at the 31C3 conference claimed he didn’t see anybody using Red Star seriously, it’s still an interesting distribution to check out.
Installation
The Korean installer is quite easy to go through blind. All you need to watch out for is the network configuration, which is not set to DHCP by default. Some extras, including compilers and a LAMP stack, are available through the Customize screen. The installer – a customized version of Fedora’s Anaconda – can be started in English by two different methods:
Method 1: As soon as your machine starts booting from the Red Star installation media – for example, right after pressing Enter on the BIOS boot menu – keep pressing Esc repeatedly for a few seconds. You’ll be stuck on a screen with nothing but a blinking cursor. Type the following command line (which won’t appear on the screen) and press Enter: linux lang=en
Method 2: Modifying the ISO file. In /isolinux/isolinux.cfg, replace lang=ko with lang=en on the kernel parameters.
Some minor parts of the UI remain untranslated as they are static images. The installed system will still be in Korean, but we’ll fix that later.
Obtaining root access
Just like OS X, the root user is disabled by default and the system provides an utility to enable it, however getting to said utility through the Korean user interface is a challenge. Luckily, it can be executed from a terminal, which is relatively easy to get to:
- Click the Applications folder on the dock
- Click the plain folder (called “AppLink” in English)
- Click the Utilities folder with a hammer and wrench icon (on a full install, there will be another folder with a hammer icon, which is not the one you should click)
- Click the Terminal icon
Run the rootsetting command to open the root utility. Click the padlock to unlock the settings, enter your password and click the blue button.
Check the checkbox. You’ll be prompted to enter and confirm a password for the root user. Type the password into both boxes and click the blue button. The root user is now enabled; the utility can be closed.
My old rootsh RPM – which takes advantage of the unprivileged package installer – is still available here for reference.
English
Like the installer, the system can run in English, and the included apps have English translations as well. After enabling root access through a terminal as described above, run the su command to log in as root, then run the following command to change the language (thanks davidiwharper on OSNews):
sed -i 's/ko_KP/en_US/g' /etc/sysconfig/i18n /usr/share/config/kdeglobals
Reboot the system (through the menus or by running the reboot command) to apply the changes. These steps are reported to work on Red Star 2.5 Server as well, with the difference that su is not required since you’re already logged in as root.
Internet connectivity
For some reason, Red Star’s iptables firewall is set to only allow outgoing connections to certain ports. DNS is blocked as North Korea’s intranet uses IP addresses only, so you can’t get a proper internet connection on Red Star by default. To fix that, run the following commands as root to clear Red Star’s default firewall rules:
rm /etc/sysconfig/iptables
service iptables restart
The included “Naenara Browser” is Firefox 3.5 with a custom skin and a Korean language pack. Its language can be changed to English by disabling the language pack (thanks Chocohead):
- Go to the second-to-last menu
- Select the third option
- Go to the second-to-last tab
- Select the “(ko-KP)” add-on and click the first button to disable it
- Click the button on the yellow bar to restart the browser
- The browser will ask for confirmation if more than one tab is open, click the blue button if it does
Despite the browser being configured to browse on the North Korean intranet, it works on the internet (about as well as Firefox 3.5 does these days) once you apply the iptables fix above.
Dubious components
As highlighted on the 32C3 follow-up talk, Red Star contains several shady components, including but not limited to a file watermarking system service and a supposed “virus scanner”. The speakers provided instructions on how to disable these components.
Other notes
- This version of Red Star was released no sooner than June 2013, according to file dates.
- There appears to be a system file modification detector, which warns about modified system files when you log in. It might warn you about the kernel and initramfs images in some configurations. To disable it, run this command as root to remove its autorun entry:
rm /usr/share/autostart/intcheck_kde.desktop - The 32C3 talk also mentions a similar service which automatically reboots the system if files related to the aforementioned malicious components are modified.
- The disc includes a Windows executable named install.exe, which displays a window with two buttons. The leftmost one displays an error message, presumably telling you to boot from the DVD, and the rightmost one closes the window. The windows consist of static images stored in the EXE’s Bitmap resources, and strangely there are a few more of them – it remains to be seen what are they for.
- Press Esc on the boot splash for verbose boot.
- English or South Korean locales were replaced to accommodate the new North Korean locales throughout the system.
- The English translation is surprisingly good. One theory is that all English text was taken straight out of OS X.
- The “Crosswin” Windows compatibility layer is a wrapper around Wine 1.2.2.
RichardG's Ramblings 
You say that you can’t change the language in the browser, but you infact can, as the Korean language pack is really just an addon, meaning going to the addons menu lets you disable it, reverting the language back to English. Not sure if you need to tweak the settings shown here http://unix.stackexchange.com/questions/34965/how-to-change-firefox-language in order for it to revert to English over Korean, but I did that before disabling the language pack, so now everything apart from the previously closed tab menu is in English.
Thanks for the tip. Disabling the language pack was enough.
Have you managed to install any other browser on it? A combination of the butchering of yum and other general awkwardness has left me stuck to Naeara.
I don’t think it’s possible without breaking the system through yum. If there’s a way, I’ll add it here.
I’m running this on VMWARE. Trying to change to English. 2 problems. When I double click on iso it just opens bin file. Where is the “software manager” ? I’m losing the will to live here.
You need to mount the ISO on the virtual machine’s CD drive. When the CD appears on the Red Star desktop, open it, then open the RPM package. Or you can use a USB drive.
Or just share the drive in RedStar, then connect to it via SMB with the guest account (make sure the share permissions are sufficient). The r/w time may be long with this method (as a VM), but it works.
Well, that’s me stumped. Lol. I’ve spent all day on this and am at the point where I need to replace the ko_KP with en_US. That’s where I notice it needs to be done in “Vi”. I’ve never used Vi. Never heard of it. Can you tell I’m a noob?
Vi is just a terminal-based text editor (though for the uninitiated it can be highly confusing to use). You could alternatively try the more convectional nano, although that assumes that this OS has it installed.
Personally I’m quite proficient with vim (VI iMproved) but vi still confuses me (arrow keys? What arrow keys? You move the cursor using HJKL!)
RichardG, thanks so much for your insight in fixing this to be “usable”. I am kind of working on a side project to attempt to “map” the internal network on the DPRK by using some of the beaconing the OS might be doing. For example to an Update Server, or maybe an internal NTP server they might run. I know it won’t mean much to us on the outside, but maybe will provide further insight to how their network is at least subnetted (if it is at all). Thanks!!! Great great great work.
Wow, I actually independently discovered this just the other day, and wrote a blog about it too. I even noted the selinux issues. Awesome! https://crispyappstudiosblog.wordpress.com/2015/01/05/changing-the-language-in-north-koreas-red-star-os-v2-5-to-3-0-and-server/
You guys are all really on point, I’ve had the same findings as you. Great work, everyone! I think we might just be a secret world wide team working on the same thing.
Oh my gosh, I didn’t even realize the gigantic zero day right in the middle of the post the first time I read it. Man, you are a master. I had actually been looking for a way to get a root shell all day, and you found it last week. How cool is it that we’re all working on the same thing?
@hackerfantastic also got a 0day in the udev event scripts, but I found the RPM method.
Pingback: Red Star OS 3.0 发布,朝鲜开发的 Linux 系统 | 我爱互联网
Pingback: 北朝鮮が開発したOS「Red Star OS 3.0」がインターネットに流出
Pingback: More notes on North Korean Red Star OS | Crispy App Studios IT Blog
Pingback: Latest NORKS Linux and Android distros leak - Techbait Tech News
Pingback: Notes on Red Star OS 3.0 » {LF} LoadFoO | it's my nick ...
Pingback: North Korea’s Web Browser at A Geek With Guns
Pingback: Computing in North Korea | chadkoh
do you feel special requesting a CVE for an issue that you did not discover through your own research, but via a public disclosure
I have no association with whoever requested the CVE.
Pingback: Changing the language in North Korea’s Red Star OS v2.5 to 3.0 (and Server) | Crispy App Studios IT Blog
Pingback: 来自朝鲜的发行版 Red Star OS 3.0 - memleak.in | memleak.in
easier: after using “rootsh” do-> visudo, enable %wheel entry.
Now edit /etc/passwd and replace /sbin/nologin with /bin/bash,
add yourself to wheel group (i.e. usermod -G wheel) and use sudo command.
Pingback: Red Star 3.0 (And Backgrounds Download Link) | Quick Thoughts
Pingback: 来自朝鲜的发行版 Red Star OS 3.0 - cnwiti | cnwiti
Pingback: ste williams – SURPRISE: Norks Linux disto has security vulns
Pingback: Redstar OS 3.0, North Korea's own Operating system - Velnix
Pingback: ste williams – SURPRISE: Norks’ Linux distro has security vulns
Pingback: Looking at Redstar 3.0 (붉은별) closely | Kevin's Attic for Security Research
Pingback: (っ´∀`)っ ゃー | nullpopopo » [異種OS格闘戦]RedStar Linux 3.0をインストールしてroot取ってみた
Man, been trying for fairly long, but have had no success. Can y’all tell me how to run the terminal in RS3? Tried just about everything 😦
Open “Applications” folder > Open “AppLink” folder > Open “Utilities” folder > Open “Terminal” icon > Profit!
Thanks very much, yet I’m still in the Korean version, and not really good in Korean 😉 is there some kind of a key combination?
There is no combination. But you can follow these screenshots.
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
1 – http://itmages.ru/image/view/2210247/1bcf4f63
2 – http://itmages.ru/image/view/2210251/37793874
3 – http://itmages.ru/image/view/2210253/4500c028
Thank you SO very much, worked like a charm 🙂
There is a way to get directly to an Engish terminal (that even works in the installer), press control-alt-F1 and it’ll pop up with a terminal screen. Control-alt-F2 will swap it back to the normal desktop.
Dude where is the Terminal?? North Korea disables it maybe for more restrictions…
In the “AppLink” folder.
Is Red Star O’s ARM based? Because I think this would be awesome on raspberry pi 🙂
How to install google chrome? I installed it, but it will not start
I found that the iptables command worked only if i said iptables-config, maybe its specific to my copy, i don’t know.
Nevermind, still broken.
Pingback: Red Star OS 3.0 | Computing @ Mallow College
What does the rpm you provided exactly do? Could you please provide the source code? Thanks!!!
Pingback: Red Star OS 3.0 Action – North Korean Linux in OS X Style | The Linux Homefront Project
I will start this post by giving some general information of the operating system I use, it’s Redstar OS 3.0 installed from ISO on a Toshiba windows 7 laptop. I formatted it and installed Redstar from a bot-able USB drive, fixed root access, Ethernet and got the language to work in English. This blog here was too a huge help fixing root access and get the system to work in English. Trying to run Redstar as main operating system and here are the issues I have stumbled across trying to get Wi FI working by getting essentials trough Yum:
Is there any ways to get Yum working on this OS? Either by reinstalling it or finding the config so it becomes fixed like the internet. Since used the clear IP tables command in the terminal as root, fixed the firewall and set up my Ip and I can perfectly use the internet with the OS. So is there a way to fix Yum So I can get WiFi on it?
Here are the error messages I get when I try to use yum, when I either try to update it or try to install essentials this happens:
———————————
[root@localhost ~]# sudo yum update
/usr/lib/python2.6/site-packages/iniparse/ini.py:46:
DeprecationWarning: the sets module is deprecated
from sets import
Set
Options Error: Error parsing ‘/media/REDSTAR DES//’: URL must be http, ftp, file or https not “”
and:
[root@localhost ~]# yum groupinstall “Development Tools”
/usr/lib/python2.6/site-packages/iniparse/ini.py:46: DeprecationWarning: the sets module is deprecated
from sets import
Set
Options Error: Error parsing ‘/media/REDSTAR DES//’: URL must be http, ftp, file or https not “”
————————
If you wonder why my computer name is localhost, is just because it’s the default name the computer get’s after changing to Redstar. I need essensials for getting iw-4.1 to work but the program that I need to run Iw with, Libln-3.2.2.5 need a c compiler that, I try to install with Yum but it refuses to work, I always get the last part of the error message and I don’t know what /media/REDSTAR DES//`.
I have tried some fixes like these ones:
To enable software installation run:
mv /etc/yum/repos.d/rs-03000.repo /etc/yum/repos.d/rs-03000.off (causes yum errors)
Download fedora-upgrade-21.2-1.fc21.noarch.rpm, fedora-release-21-2.noarch.rpm, and fedora-repos-21-2.noarch.rpm from http://ftp.heanet.ie/pub/fedora/linux/releases/21/Everything/i386/os/Packages/f/ and run:
yum install fedora-upgrade-21.2-1.fc21.noarch.rpm
yum install fedora-release-21-2.noarch.rpm
yum install fedora-repos-21-2.noarch.rpm
yum update
In case of error: yum clean all
Source: http://computing.mallowcollege.ie/red-star-os-3-0/
Btw this is one of the guides I tried to use for fixing Yum, none of if works, Always get the same error message and can’t even use yum clean all since the error message doesn’t even allow me to that either, but I think there may be something too it though, any thoughts about this?
Most likely, the only way to update Red Star is through the DPRK Kmangmyong. There may also be a restriction on what rpms update. The repos are most likely different, so you can’t upgrade those. Release may be Fedora, but is most likely BASED ON Fedora with DPRK influences 😉
Thanks for the answer 🙂 It’s a long time since I wrote this post, lots of progress has been made though.
Yup it could be that I can’t upgrade some of the repos, but I can install other rpms, I got EPEL working on it, the only thing I need to fix now is Python. The error I got was just my baseurl, so I changed the redstar-core-03000.repo to .off-. I have a forum thread about it here: http://www.linuxquestions.org/questions/showthread.php?p=5407537#post5407537 I only need to reinstall python since Redstar had version 2.6 but I need to install the official rpm, which is in my redstar rpm folder on my drive where I have the ISO. It’s Python 2.6-7. Also one fun thing I found out, It has rpmbuild 🙂 Which was in the extra official DPRK package for reasons I don’t know. So going to use it with epel, also got the c compiler in the same repo I got the rpmbuild command, but Yum is soon working and don’t worry I scrapped the plan of installing fedora on it. It would also remove the beutifull KDE3 deskop 😉 But thanks for the reply, if you could give me any ideas of how to safely replace the 2.6 python with the 2.6-7 repo It would be very welcome.
How do you run an exe with the included wine distro?
I think you just open it on the file browser.
I’ve tried that, but it always gives me the ‘choose application’ dialogue.
A little bit late to the party, I guess , but hey….
There is a much easier, builtin way to get root privilege.
The distribution has /usr/sbin/rootsetting silently sitting there, patiently waiting to be called.
It will ask for your user password, after this you are able to set a password for root.
This activates the normal root superuser on the system and you can now use “su” to gain root.
Interesting discovery. Unfortunately I don’t have enough disk space to install Red Star again, but I will update the blog post as soon as I get around to installing it again.
Nice, if you find anyway getting software installation to work in this OS could you post it when you update this post? Since when you run yum install (name of program) you will get an error about /etc/yum.repos.d/rs-core-03000.repo baseurl not working, It could possible be annother way to fix it I tried adding file:// but it did not work in my case. I managed to turn it off by cd into /etc/yum.repo.d/ and running this command: mv /rs-core-03000.repo /rs-core-03000.off which got rid of the error. Then I installed Epel 5 in the software manager to get software mirrors up and running, but now I am stuck getting Python errors. Hope this was to help for you, will be interesting to hear if you manage to get this working. Hope this make sense if you if not just ask and I will try to clarify this more. Good luck with this blog and thanks for covering this OS
Also could you look into the server edition if it’s possible to set it up for use or if the software is to restricted? I am very curios about both these subjects since it would be very interesting to see if this OS could be configured enough so it can be suited for “normal” use by people interesting to test it.
Hey. Heads up, I’m a complete noob. I’m running Red Star OS 3.0 in VirtualBox, I downloaded the redstarroot.rpm, I now have a file called rootsh……what do I do now?
“To get root, get this RPM package I made into Red Star through an ISO (if you’re using a virtual machine) or USB key, double-click it to open it with the Software Manager, and click through the blue buttons until it’s done.
After that, run rootsh to get a root shell. ”
^^^^ How do I do this ?
Thanks 🙂
There’s an easier way to enable root on another comment.
I have installed it in VMWare but it seems that there’s no settings about DHCP.
i changed the language into English and disabled the iptables but the only problem is that I can’t load webpages using the explorer. How can I solve this problem?
thx
The message on the windows installer say,
이 프로그람을 사용하려면 설치파일들을 하드디스크에 복사하여야 합니다.
To use this program, you must copy the installation files to the hard drive.
Source: I’m Korean
I have not needed to use rootsh to have an access to the root. at startup, when the grub, press “insert” to modify the kernel launcher line and modify to “quiet 1” to start in single user (root) and then edit the sudoers file and the password “root”. Then, restart, and the sudo works.
I edited lang=ko to lang=en but now I cant even boot it!
help! how do I get the redstarroot file on the redstar desktop to install it? I cant find it. I have it saved in my downlaods folder and my usb stick
Hi can someone tell me any root password that RedStar OS 3.0 Server will accept when you set it in installation? I tried everything but I always get some Korean error that I can’t retype and can’t understand
Thanks for Anwsering and Best Regards
Is it possible to get a wireless connection to the internet? I know that in Korea they only use modems.
i haven’t found a way, unfortunately. i tried getting it to find my usb wifi adapter; i tried multiple ones too. and none were found
Is there a way to replace the Naenara browser? I’m not sure which distribution of Google Chrome, Firefox, etc that would be suitable for Red Star OS 3.0.
Also, Naenara crashes for some reason when attempting to visit the Firefox website.
Pingback: Red Star OS 3.0: North Korea's custom Linux distribution - Robert's Blog
Pingback: [Review] Red Star OS 3.0: Phần 2 – Thủ thuật root, thêm tiếng Anh và fix mạng – Dr.Sakamoto
Pingback: Red Star OS 3.0 – Juniper Monkeys
just thought i would add, for those who want to change red star 2.0 to english the steps apply exactly the same way. however you do not need to enable root access as you are the root user by default.
Pingback: Red Star OS 3.0 – Mallow College Blog
Pingback: [Review] Red Star OS 3.0: Phần 2 – Thủ thuật root, thêm tiếng Anh và fix mạng – Dr.Sakamoto
Pingback: [Review] Red Star OS 3.0: Phần 1 – Hướng dẫn cài đặt – Dr.Sakamoto
Pingback: #Linux Red Star OS, une distribution made in Corédunore… – MIAMONDO
hey do you know how to get the sogwang office in English it just stays in Korean and doesn’t change to English after
OMG I can’t wait for new tutorial, I use this one always when I configure Red Star OS. Thank you very much, this is the beest tutorial on the internet.
Have you heard about RedStar 4? It was described here: https://kcnawatch.org/wp-content/uploads/sites/5/2019/01/Pyongyang-Times-2019-01-12.pdf (page 6). I’ve thought about writting a letter to KCC to ask them for a DVD, is it a good idea?
This post will remain as it is, the new one will have some additional notes though.
Red Star 4 sounds interesting. Maybe it will leak one day, who knows.
Pingback: Des Führers neue Tablet | Mothers Dirt
There are efforts by some really cool individuals at https://flashdrivesforfreedom.org/ to get USB Flash Drives to the North Koreans which are then distributed via their Black Market. I think a really cool project would be to modify Red Linux OS 3 to remove the restraints on the system. I’m not sure if there are any methods one can access the wider intranet from inside the DPRK but certainly a way of accessing a terminal in-country which then routes to Tor Bridges might be an option. Providing outside connectivity would be the most tricky part I think and I’m sure DPRK Military Systems are fairly well hardened. Either way, sending your spare USB Thumb Drives to Flash Drives for Freedom is one way to assist the North Korean people in getting access to outside information.
Pingback: RedStar Linux 3.0 – Oficjalny system Korei Północnej oparty na RedHat/Fedora oraz KDE 3.5 | Linux - OS of future
I currently have this issue but every time I try to change the language to English from Korean in the terminal it always say this error: “Couldn’t open temporary file /etc/sysconfig//sed9BhQ0Z : Permission denied.” Is there a way to solve this issue? Please give me some advice, thanks!