Fun with Red Star OS

November 22, 2021    Article    2786 words    14 mins read
Fun with Red Star OS

Red Star OS (붉은별 사용자 영체계) is a North Korean operating system based on the Linux kernel. Its development began at the Korean Computer Center in 2002; until that time, English-language versions of Windows were commonly used in North Korea. As of 2018, the latest version of the system is Red Star OS 4.0, it is reported that the fourth version exists and is being tested locally, but at the moment most people in North Korea are still on the third version. Only the localized Korean version is distributed, in English-language sources it is referred to as Red Star OS.

Let’s say you got your filthy hands on an ISO of Red Star OS Desktop 3.0 (like, 5 years ago but you forgot about it). The obvious next step is to install it on your main computer and give it access to the outside so it can spread love and goodness. Just kidding, install that motherfucker in a virtual machine (VirtualBox, VMware, etc), just because.

Install

The Networking part in the Setup is not set to use DHCP by default so make sure you change that. Just click on the rightmost button (Next) until it starts installing. We can boot the installer into English but we’re larp-ing as a leet North Korean hacker, right?

After it finished installing, rebooting (press Esc if you want verbose boot) and taking over your internal network like a good Skyne… Kimnet should, start by enabling root access for your default user because you want to mess around and hackers always mess around as root.

$ rootsetting

I’m not posting any screenshots of what to do next but considering you’re trying to install Red Star motherfucking OS i’m pretty confident you’ll figure it out even though the buttons and messages are in Korean. If not, well, you could install something easier. Like Gentoo or Arch.

Once you get root access you might want to enable English locale unless you understand Korean:

$ su
Password:
# sed -i ‘s/ko_KP/en_US/g’ /etc/sysconfig/i18n
# sed -i ‘s/ko_KP/en_US/g’ /usr/share/config/kdeglobals

Reboot after that.

If you want network access, you need to remove the default iptables rules:

# rm /etc/sysconfig/iptables
# service iptables restart
View the original iptables rules
# Generated by iptables-save v1.4.7 on Fri Apr 13 08:55:11 2012
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:APPLICATION_FILTER - [0:0]
:INTRUSION_PREVENTION_FILTER - [0:0]
:USER_DEFINED_FILTER - [0:0]
-A INPUT -i lo -j ACCEPT 
-A INPUT -j INTRUSION_PREVENTION_FILTER 
-A INPUT -j APPLICATION_FILTER 
-A INPUT -j USER_DEFINED_FILTER 
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 22 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 80 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 80 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 443 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 443 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 5900 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 5900 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 631 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 631 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 135 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 135 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 137 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 137 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 137 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 137 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 138 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 138 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 139 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 139 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 445 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 445 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 445 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 445 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 20 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 20 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 21 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 21 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 548 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 548 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 1:65535 --dport 5353 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 1:65535 --dport 5353 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 22 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 80 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 80 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 443 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 443 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 5900 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 5900 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 631 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 631 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 135 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 135 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 138 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 138 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 139 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 139 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 20 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 20 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 21 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 21 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 548 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 548 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p tcp -m tcp --sport 5353 --dport 1:65535 -j ACCEPT 
-A APPLICATION_FILTER -p udp -m udp --sport 5353 --dport 1:65535 -j ACCEPT 


COMMIT
# Completed on Fri Apr 13 08:55:11 2012
View the list of processes
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.2  0.0   2796  1308 ?        Ss   04:57   0:01 /sbin/init
root         2  0.0  0.0      0     0 ?        S    04:57   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    04:57   0:00 [ksoftirqd/0]
root         4  0.0  0.0      0     0 ?        S    04:57   0:00 [kworker/0:0]
root         6  0.0  0.0      0     0 ?        S    04:57   0:00 [migration/0]
root         7  0.0  0.0      0     0 ?        S<   04:57   0:00 [cpuset]
root         8  0.0  0.0      0     0 ?        S<   04:57   0:00 [khelper]
root         9  0.0  0.0      0     0 ?        S<   04:57   0:00 [netns]
root        10  0.0  0.0      0     0 ?        S    04:57   0:00 [sync_supers]
root        11  0.0  0.0      0     0 ?        S    04:57   0:00 [bdi-default]
root        12  0.0  0.0      0     0 ?        S<   04:57   0:00 [kintegrityd]
root        13  0.0  0.0      0     0 ?        S<   04:57   0:00 [kblockd]
root        14  0.0  0.0      0     0 ?        S<   04:57   0:00 [kacpid]
root        15  0.0  0.0      0     0 ?        S<   04:57   0:00 [kacpi_notify]
root        16  0.0  0.0      0     0 ?        S<   04:57   0:00 [kacpi_hotplug]
root        17  0.0  0.0      0     0 ?        S<   04:57   0:00 [ata_sff]
root        18  0.0  0.0      0     0 ?        S    04:57   0:00 [khubd]
root        19  0.0  0.0      0     0 ?        S<   04:57   0:00 [md]
root        21  0.0  0.0      0     0 ?        S    04:57   0:00 [kswapd0]
root        22  0.0  0.0      0     0 ?        SN   04:57   0:00 [ksmd]
root        23  0.0  0.0      0     0 ?        SN   04:57   0:00 [khugepaged]
root        24  0.0  0.0      0     0 ?        S    04:57   0:00 [fsnotify_mark]
root        25  0.0  0.0      0     0 ?        S<   04:57   0:00 [aio]
root        26  0.0  0.0      0     0 ?        S<   04:57   0:00 [crypto]
root        32  0.0  0.0      0     0 ?        S<   04:57   0:00 [kthrotld]
root        33  0.0  0.0      0     0 ?        S    04:57   0:00 [kworker/u:1]
root        34  0.0  0.0      0     0 ?        S    04:57   0:00 [scsi_eh_0]
root        35  0.0  0.0      0     0 ?        S    04:57   0:00 [scsi_eh_1]
root        36  0.0  0.0      0     0 ?        S    04:57   0:00 [scsi_eh_2]
root        37  0.0  0.0      0     0 ?        S    04:57   0:00 [kworker/u:2]
root        39  0.0  0.0      0     0 ?        S<   04:57   0:00 [kpsmoused]
root        41  0.0  0.0      0     0 ?        S    04:57   0:00 [kworker/0:2]
root       183  0.0  0.0      0     0 ?        S    04:57   0:00 [kjournald]
root       222  0.0  0.0      0     0 ?        S    04:57   0:00 [kauditd]
root       278  0.0  0.0   3772  1992 ?        S<s  04:57   0:00 /sbin/udevd -d
root       329  0.0  0.1   3708  2068 ?        S<   04:57   0:00 /sbin/udevd -d
root       330  0.0  0.1   3708  2068 ?        S<   04:57   0:00 /sbin/udevd -d
root       948  0.0  0.0      0     0 ?        S    04:57   0:00 [flush-8:0]
root       967  0.0  0.0   6328  1432 ?        Ss   04:57   0:00 /bin/bash /etc/rc.d/rc 5
root       972  9.3  0.3  43076  7872 ?        Ssl  04:57   0:43 /usr/bin/opprc
root       973  0.0  0.0   1988   644 ?        Ss   04:57   0:00 syslogd -m 0
root       978  0.0  0.0   1932   396 ?        Ss   04:57   0:00 klogd -x
dbus      1031  0.0  0.0  11148  1164 ?        Ssl  04:57   0:00 dbus-daemon --system --fork
68        1073  0.0  0.1  14196  3648 ?        Ssl  04:57   0:00 hald --daemon=yes
root      1075  0.0  0.0   3720  1168 ?        S    04:57   0:00 hald-runner
root      1142  0.0  0.0   3796  1004 ?        S    04:57   0:00 hald-addon-input: Listening on /dev/input/event2 /dev/input/event4 /dev/input/event1 /dev/input/event0
avahi     1156  0.0  0.0   2980  1304 ?        Ss   04:57   0:00 avahi-daemon: running [linux.local]
avahi     1157  0.0  0.0   2980   368 ?        Ss   04:57   0:00 avahi-daemon: chroot helper
root      1170  0.0  0.0   3796  1004 ?        S    04:57   0:00 hald-addon-storage: polling /dev/sr0 (every 2 sec)
68        1173  0.0  0.0   3424   752 ?        S    04:57   0:00 /usr/libexec/hald-addon-acpi
root      1178  0.0  0.0   4804   720 ?        Ss   04:57   0:00 /usr/bin/kdm
root      1203  1.3  1.8  58888 38620 tty2     Ss+  04:57   0:06 /usr/bin/X -br -novtswitch -nolisten tcp :0 vt2 -auth /var/run/xauth/A:0-ji31BQ
root      1206  0.0  0.1   5564  2096 ?        S    04:57   0:00 -:0         
root      1222  0.9  0.2  31272  4788 ?        Sl   04:57   0:04 /usr/sbin/intcheck --daemon
root      1302  0.0  0.0  11912  1400 ?        Ss   04:57   0:00 nmbd -D
root      1337  0.0  0.1  18292  2124 ?        Sl   04:58   0:00 /usr/sbin/console-kit-daemon --no-daemon
user      1404  0.0  0.0   6140  1248 ?        Ss   04:58   0:00 /bin/sh /usr/bin/startkde
user      1421  0.0  0.0   3856   536 ?        S    04:58   0:00 dbus-launch --sh-syntax --exit-with-session
user      1422  0.0  0.0  11016   876 ?        Ssl  04:58   0:00 /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
user      1519  0.0  0.0   7024   548 ?        Ss   04:58   0:00 /usr/bin/ssh-agent /etc/X11/xinit/Xclients
user      1643  0.0  0.3  46412  8004 ?        Ss   04:58   0:00 kdeinit Running...
user      1646  0.0  0.1  44400  3180 ?        S    04:58   0:00 dcopserver [kdeinit] --nosid
user      1648  0.0  0.4  47788  8684 ?        S    04:58   0:00 klauncher [kdeinit]
user      1653  0.1  0.6  49776 13508 ?        S    04:58   0:00 kded [kdeinit]
user      1659  0.0  0.0   1908   240 ?        S    04:58   0:00 kwrapper ksmserver
user      1661  0.0  0.4  47280  8888 ?        S    04:58   0:00 ksmserver [kdeinit]
user      1665  0.0  0.6  51104 13792 ?        S    04:58   0:00 kwin [kdeinit]
user      1669  0.1  0.0   4728  1692 ?        Ss   04:58   0:00 /usr/bin/kompmgr
user      1670  0.3  0.1  18524  2508 ?        Sl   04:58   0:01 /usr/bin/ibus-daemon --xim
root      1671  0.9  0.9  60596 18656 ?        Sl   04:58   0:04 scnprc
user      1672  0.0  0.1  10684  2680 ?        S    04:58   0:00 /usr/libexec/ibus-gconf
user      1674  0.0  0.8 201024 16992 ?        S    04:58   0:00 python /usr/share/ibus/ui/gtk/main.py
user      1676  0.0  0.2  24496  5344 ?        S    04:58   0:00 /usr/libexec/ibus-x11 --kill-daemon
user      1678  0.0  0.1   8196  2584 ?        S    04:58   0:00 /usr/libexec/gconfd-2
user      1679  0.0  0.1  12816  3204 ?        S    04:58   0:00 /usr/libexec/ibus-engine-hana --ibus
root      1691  0.0  0.1   6944  3456 ?        Ss   04:58   0:00 /usr/sbin/restorecond
user      1699  0.4  0.8  53492 16876 ?        S    04:58   0:01 kicker [kdeinit]
root      1724  0.0  0.0      0     0 ?        S<   04:58   0:00 [rpciod]
root      1731  0.0  0.0   2092   324 ?        Ss   04:58   0:00 rpc.idmapd
root      1749  0.2  0.0   5792   852 ?        Ss   04:58   0:01 /usr/sbin/securityd
root      1760  0.0  0.1  16756  2544 ?        Ss   04:58   0:00 smbd -D
root      1768  0.0  0.0  16756   912 ?        S    04:58   0:00 smbd -D
root      1775  0.0  0.2  19108  4804 ?        S    04:58   0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd -a
root      1790  0.0  0.0  18492  1940 ?        Ss   04:58   0:00 /usr/sbin/snmptrapd -Lsd -p /var/run/snmptrapd.pid
user      1799  0.9  0.9  72928 20468 ?        S    04:58   0:04 kdesktop [kdeinit]
root      1819  0.0  0.0  10308   516 ?        S<sl 04:58   0:00 auditd
user      1822  0.5  1.0  62988 22548 ?        S    04:58   0:02 rsdock
root      1839  0.0  0.1  12088  2376 ?        Ss   04:58   0:00 cupsd -C /etc/cups/cupsd.conf
user      2029  0.0  0.3  46544  6300 ?        S    04:58   0:00 kio_file [kdeinit] file /tmp/ksocket-user/klaunchermw1pwb.slave-socket /tmp/ksocket-user/rsdockNwZgKb.slave-socket
root      2034  0.0  0.0   4188   564 ?        Ss   04:58   0:00 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0
root      2106  0.0  0.0   6328  1252 ?        S    04:58   0:00 /bin/sh /etc/rc5.d/S06battery start
root      2107  0.0  0.0   6192   992 ?        S    04:58   0:00 /bin/bash -c ulimit -S -c 0 >/dev/null 2>&1 ; /usr/bin/battery_monitor
root      2108  0.0  0.5  45800 12052 ?        S    04:58   0:00 /usr/bin/battery_monitor
user      2111  0.0  0.5  52644 11164 ?        S    04:58   0:00 knotify [kdeinit]
user      2117  0.1  0.2  15080  5628 ?        S    04:58   0:00 /usr/bin/artsd -F 10 -S 4096 -a alsa -s 60 -m artsmessage -c drkonqi -l 3 -f
user      2135  0.0  0.5  49708 11760 ?        S    04:58   0:00 kmix [kdeinit] -caption KMix -icon kmix -miniicon kmix
user      2138  0.0  0.5  50144 10588 ?        S    04:58   0:00 esavermanager
user      2143  0.0  0.5  46112 11496 ?        S    04:58   0:00 kcontroltray
user      2145  0.0  0.7  49828 15020 ?        S    04:58   0:00 chkutil_client
user      2146  0.1  0.6  37492 14288 ?        S    04:58   0:00 /Applications/APM_Manager.app/Contents/RedStar/apm_manager
user      2152  0.0  0.5  65220 10436 ?        S    04:58   0:00 klipper [kdeinit]
user      2190  0.0  0.8  50648 17208 ?        S    04:58   0:00 rssidebardaemon
user      2212  0.0  0.4  42360  9040 ?        Sl   04:58   0:00 intcheck_kde
user      2233  0.0  0.7  61912 14544 ?        S    04:58   0:00 /Applications/kCal.app/Contents/RedStar/kcald --miniicon kcal
user      2372  0.0  0.5  49436 12176 ?        S    04:58   0:00 kio_uiserver [kdeinit]
user      2392  1.9  0.8  69824 17084 ?        S    04:58   0:08 konsole [kdeinit] --inputstyle overthespot
user      2418  0.0  0.0   6196  1440 pts/0    Ss   04:58   0:00 /bin/bash
root      2472  0.0  0.0   7092  1896 pts/0    S    04:58   0:00 su
root      2499  0.0  0.0   6196  1484 pts/0    S    04:58   0:00 bash

Boot loading screen
Boot loading screen

The system is absolutely network-silent except when you actively do something that requires network access, like using the browser. It does not call the mothership, not for updates, not for telemetry, not to let Kim Jong Un know the status of your internal organs. Spoiler, he doesn’t give a fuck about your hentai porn. You’re not trusting me? Well, you should, because if you listened and installed the OS inside a VM, you can now mitm/firewall the external connections and notice the absolute silence.

# uname -a
Linux user-C 2.6.38.8-24.rs3.0.i686 #1 SMP Fri Mar 22 09:35:36 KST 2013 i686 i6

There is Python 2.6, Perl 5.10.1, gcc 4.4.9 and many more goodies.

Main screen
That's how the main screen looks. macOS all the way!

The OS looks pretty damn polished (and stable) to be honest and doesn’t appear to steal your organs (at least not yet in my case, maybe I just got added to a list and when an organ is needed, the doorbell will ring? Who knows, I’ll let you know if that’s the case.)

It does have some components that prevent the normal user from editing/deleting various protected files (securityd, scnprc and opprc). We call it “oppression” if we’re speaking of DPRK and “defending your privacy and security” if we’re speaking of Apple. Two sides of the same coin, I guess, depends on which side you’re on.

If you want to disable the security, check this out.

I love how Red Star OS mimics macOS .app bundle format for the applications. Executabiles are in the Contents/RedStar directory (similar to Contents/MacOS on … macOS). /System/Library is a symlink to /usr/share.

Applications

Most of the applications are forks of the original KDE apps.

Login screen
Login screen

Software Manager
Software Manager

Naenara Web Browser
Naenara (translated into English it means My Nation) Web Browser is a fork of Firefox 3.5.

KFinder
KFinder

System Preferences
System Preferences

Activity Monitor
Activity Monitor

SogwangOffice
SogwangOffice is a fork of OpenOffice.org 3.0.

QuickTime Player
Not actually QuickTime Player.

Crosswin
The Crosswin compatibility layer is a wrapper around Wine 1.2.2.

SamTaeSong IDE
SamTaeSong IDE 3.0 is KDevelop.