Schneier on Security
A blog covering security and security technology.
« QR Code Scams |
| The History of Security Economics »
December 13, 2012
The Internet in North Korea
How Internet censorship works in North Korea.
Posted on December 13, 2012 at 12:33 PM
• 6 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
That very interesting, especially given what happening at the UN WICT meeting going on today.
@ Bob Hinden,
given what is happening at the UN WICT
Yes I'm very surprised the International Telecommunications Union (ITU) meeting in Dubia has attracted as little attention as it has.
There have been a number of proposals for what is in effect a "power grab" over the Internet, oddly perhaps originating from Russia and China and other countries on the "dodgy list".
The problem with the ITU like many other UN bodies is it's "Member Nations Government Reps" making choices behind closed doors. It is actually a very undemocratic process full of corruption in one form or another. Until recently it's impact on ordinary every day lives was minimal. But since it's last meeting, the usage of the Internet, Mobile Phones and other personal communications has turned broadcasting the other way around from Autocratic "State to citizen" to the almost anarchic "citizen to citizen". And worse for them a more recent technology move that has many regulatory bodies running scared is "Software Defined Radio".
It would be interesting to find out more about the N.K. Red Star OS, (supposadly modified KDE3 on modified Linux Kernal http://news.bbc.co.uk/1/hi/technology/8604912.stm ).
Because if Red Star is not based directly compatable with Apps for MS or Apple OS's or any standard *nix then most of the supposed tools in the US and other countries "Cyber-Weapons Arsenals" will be worthless.
Now whilst N.Korea is supposadly backwards in many ways (and currently subject to more Western Saber Rattling over it's missile/rocket developments). We tend not to hear in the West about N.Korea's Cyber-attack capabilities.
Both Japan and S.Korea have (supposadly) been subject to some quite sophisticated attacks from N.Korea and Australia likewise. Which if true (and not another nation running false flag activities) tends to sugest that N.Korea has some quite sophisticated knowledge of the vulnerabilities in the West's main OS's and Apps...
@Clive R "It would be interesting to find out more about the N.K. Red Star OS"
It's a couple of years out of date but the talk page on the Wikipedia article on Red Star OS has an interesting comment on the reliability of Western information about it. http://en.wikipedia.org/wiki/Talk:Red_Star_OS
There's also a bit torrent link in the article itself (no idea if this is still current). Again, the talk page has a report by someone who examined the download "It seems to be mostly based on Fedora (core) 6 and Fedora 8. Almost all packages have been at least rebuilt (530 out of 575 in the first CD include '.rs2' as part of the revision "number"). Looking at the rpm changelog, it seems that some of them have seen work. I did not verify signatures of packages. [...] the install.exe on the first CD looks a bit odd."
Seeing that the people aren't legally allowed to use operating systems used in the rest of the world I wouldn't imagine that there would be many nationals with experience writing malicious code for them. Of course, if they can afford to send rockets into space they can afford talent from elsewhere
Actually, I'm pretty sure Red Star is of Chinese origin. The publicly-stated motivation for creating it was to ensure that China would not have to rely on US-based companies. I suspect it's *mostly* a fairly standard Linux distro, although presumably any packages specifically designed to circumvent censorship or promote free speech would have been excluded, as well as most or all references to Taiwan (e.g. in l10n packages), and a few other things of that nature.
The real issue in North Korea is that internet access is only available in extremely limited geographic areas where the government has a very marked presence. (Out in the countryside there isn't even electrical power, nevermind internet.) Of course it goes without saying that the government is the only ISP.
The information about getting Chinese cellphones smuggled in and using them within a few miles of the border is interesting, though.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..