Home / Software & Gaming / Operating Systems / North Korea’s Red Star OS is insecure

North Korea’s Red Star OS is insecure

Brendon Morgan January 9, 2015 Operating Systems, Security, Software & Gaming

North Korea for all of its virtues, is not a country that is known for a thriving software industry, but did you know that they have their own homegrown operating system? Well they do and it's called Red Star OS. The Democratic People's Republic of Korea (DPRK) first launched the OS, which is based on Red Hat Linux, in 2003 and version 3.0 was released sometime in the summer of 2013. Red Star OS Desktop 3.0 recently leaked out of the DPRK though and found its way onto, you guessed it, torrent sites.

After taking a look at the OS, a security researcher knowns as “Hacker Fantastic” has let us know about a security vulnerability in the Red Star OS, that gives full root (administrator) access to the system: “Red Star OS 3.0 desktop & 2.0 desktop ship with local privilege escalation vulnerabilities due to insecure files permissions on configuration and script files executed with root privileges.”

Red Star OS
It seems that the culprit in this case is some misconfigured permissions for a printer driver, a Hewlett-Packard LaserJet 1000 in this case. This driver can be executed and modified to execute arguments, ending up with commands running as with root privileges. For any other mainstream OS, this would be considered a critical vulnerability and would be patched as soon as possible.

Lets hope that the DPRK can issue a security update soon so that they can be protected against any intrusions, as we wouldn't want Kim Jong-un's private emails to leak, in a similar way to what happened in the Sony hack, or the whole countries internet to go down

Discuss on our Facebook page, HERE.

KitGuru Says: Now that Red Star OS has leaked I would expect that there will be a lot of security researchers looking at the OS trying to find vulnerabilities, but most of these are probably already known by the NSA. Besides there is only one internet cafe in DPRK anyway and with no firm number on how many users Red Star OS has, we can assume any security issues such as this can be safely ignored, for everyone outside of North Korea at least.

Source: SeclistsArsTechnica

Become a Patron!

Tags

Check Also

Omni-movement DOOM

KitGuru Games: Omni-movement culminates 30 years of FPS innovation

Black Ops 6 is officially here, bringing the innovative new Omni-movement system to the game. While on the surface a relatively simple change, I argue that Treyarch intimately studied DOOM and the past 30 years of first-person shooter evolution to craft one of the most satisfying gameplay systems yet.

3 comments

  1. Jack
    January 9, 2015 at 10:40 pm

    Now I want to learn how to hack just so that I can mess with them. Too bad I’m lazy.

  2. 12John34
    January 10, 2015 at 12:14 am

    I am shocked to see DPRK using Red Hat Linux. Isn’t it an inferior product from inferior west programmers who live in inferior west countries?

  3. Sepiaa
    January 10, 2015 at 12:31 pm

    But the people of the country don’t know that. They were probably told the great ruler himself created it by sitting on a keyboard.

© Copyright 2024, Kitguru.net All Rights Reserved Standard Terms