Notes on Red Star OS 3.0

Updated 2020-03-31: Part 2 is now up.

The latest version of North Korea’s custom Linux distribution, Red Star OS – that one with the Mac OS X style interface – has leaked onto the internet. While the individual who talked about technology in North Korea at the 31C3 conference claimed he didn’t see anybody using Red Star seriously, it’s still an interesting distribution to check out.

Installation

The Korean installer is quite easy to go through blind. All you need to watch out for is the network configuration, which is not set to DHCP by default. Some extras, including compilers and a LAMP stack, are available through the Customize screen. The installer – a customized version of Fedora’s Anaconda – can be started in English by two different methods:

Method 1: As soon as your machine starts booting from the Red Star installation media – for example, right after pressing Enter on the BIOS boot menu – keep pressing Esc repeatedly for a few seconds. You’ll be stuck on a screen with nothing but a blinking cursor. Type the following command line (which won’t appear on the screen) and press Enter: linux lang=en

Method 2: Modifying the ISO file. In /isolinux/isolinux.cfg , replace lang=ko with lang=en on the kernel parameters.

Some minor parts of the UI remain untranslated as they are static images. The installed system will still be in Korean, but we’ll fix that later.

Obtaining root access

Just like OS X, the root user is disabled by default and the system provides an utility to enable it, however getting to said utility through the Korean user interface is a challenge. Luckily, it can be executed from a terminal, which is relatively easy to get to:

Click the Applications folder on the dock Click the plain folder (called “AppLink” in English) Click the Utilities folder with a hammer and wrench icon (on a full install, there will be another folder with a hammer icon, which is not the one you should click) Click the Terminal icon

Run the rootsetting command to open the root utility. Click the padlock to unlock the settings, enter your password and click the blue button.

Check the checkbox. You’ll be prompted to enter and confirm a password for the root user. Type the password into both boxes and click the blue button. The root user is now enabled; the utility can be closed.

My old rootsh RPM – which takes advantage of the unprivileged package installer – is still available here for reference.

English

Like the installer, the system can run in English, and the included apps have English translations as well. After enabling root access through a terminal as described above, run the su command to log in as root, then run the following command to change the language (thanks davidiwharper on OSNews):

sed -i 's/ko_KP/en_US/g' /etc/sysconfig/i18n /usr/share/config/kdeglobals

Reboot the system (through the menus or by running the reboot command) to apply the changes. These steps are reported to work on Red Star 2.5 Server as well, with the difference that su is not required since you’re already logged in as root.

Internet connectivity

For some reason, Red Star’s iptables firewall is set to only allow outgoing connections to certain ports. DNS is blocked as North Korea’s intranet uses IP addresses only, so you can’t get a proper internet connection on Red Star by default. To fix that, run the following commands as root to clear Red Star’s default firewall rules:

rm /etc/sysconfig/iptables

service iptables restart

The included “Naenara Browser” is Firefox 3.5 with a custom skin and a Korean language pack. Its language can be changed to English by disabling the language pack (thanks Chocohead):

Go to the second-to-last menu Select the third option Go to the second-to-last tab Select the “(ko-KP)” add-on and click the first button to disable it Click the button on the yellow bar to restart the browser The browser will ask for confirmation if more than one tab is open, click the blue button if it does

Despite the browser being configured to browse on the North Korean intranet, it works on the internet (about as well as Firefox 3.5 does these days) once you apply the iptables fix above.

Dubious components

As highlighted on the 32C3 follow-up talk, Red Star contains several shady components, including but not limited to a file watermarking system service and a supposed “virus scanner”. The speakers provided instructions on how to disable these components.

Other notes

This version of Red Star was released no sooner than June 2013, according to file dates.

There appears to be a system file modification detector, which warns about modified system files when you log in. It might warn you about the kernel and initramfs images in some configurations. To disable it, run this command as root to remove its autorun entry:

rm /usr/share/autostart/intcheck_kde.desktop

The 32C3 talk also mentions a similar service which automatically reboots the system if files related to the aforementioned malicious components are modified.

The disc includes a Windows executable named install.exe , which displays a window with two buttons. The leftmost one displays an error message, presumably telling you to boot from the DVD, and the rightmost one closes the window. The windows consist of static images stored in the EXE’s Bitmap resources, and strangely there are a few more of them – it remains to be seen what are they for.

Press Esc on the boot splash for verbose boot.

English or South Korean locales were replaced to accommodate the new North Korean locales throughout the system.

The English translation is surprisingly good. One theory is that all English text was taken straight out of OS X.

The “Crosswin” Windows compatibility layer is a wrapper around Wine 1.2.2.