This is a thread dedicated to research of North Korea's operating system, Red Star OS, and general research about North Korea's technology and network infrastructure.
>Red Star download
archiveos.org
>Watermarking
Red Star apparently uses watermarking, and scanning as well, supposedly in the following binaries:
- opprc
- scnprc
- rtscan.ko
>/usr/bin/opprc and scnprc
github.com
>rtscan.ko
github.com
Previous:
One of the greatest moments in internet history will always be when TPB messed around with routing fuckery and momentarily managed to appear as if they'd truly been hosted in N. Korea
>thread dedicated to research of North Korea's operating system, Red Star OS, and general research about North Korea's technology and network infrastructure.
I'm not going to do your job for you, glowie.
Didn't this watermarking stuff turn out to be bullshit?
Here is the RemoveProfileInfo function. It seems that in some files, a "profile information" will be appended at the end.
I have not yet figured what that is, however.
// What it does:
// Reads 4 bytes from srcFile[end - 12] into an integer (let's call it i)
// Copies all data from the begining of the file until end - 12 - i in 10MB chunks
int RemoveProfileInfo(char *srcFileName, char *dstFileName, bool param_3)
{
int iVar1;
FILE *__stream;
FILE *__s;
long lVar2;
void *__ptr;
int iVar3;
size_t sVar4;
size_t sVar5;
int iVar6;
int local_20 [4];
if (param_3 != false) {
__stream = fopen(srcFileName,"rb");
if (__stream == NULL) {
return -1;//0xffffffff;
}
__s = fopen(dstFileName,"wb");
if (__s == NULL) {
fclose(__stream);
return -1;//0xffffffff;
}
fseek(__stream,-0xc,2);
fread(local_20,4,1,__stream); // Move to last 12 bytes and read 4 bytes
fseek(__stream,-0xc - local_20[0],2); // Move backwards for the value of these 4 bytes
lVar2 = ftell(__stream); // Get stream position
fseek(__stream,0,0); // Move to begining
__ptr = calloc(0xa00000,1); // Allocate 10MB of data
iVar1 = lVar2 / 0xa00000; // Divide pos by 10MB
if (0 < iVar1) { // If pos is at least at 10MB
iVar6 = 0;
do {
iVar3 = __fread_chk(__ptr,0xa00000,1,0xa00000,__stream); // Read 10MB into buffer
if ((iVar3 != 0xa00000) || (sVar4 = fwrite(__ptr,1,0xa00000,__s), sVar4 != 0xa00000)) {
// Writing failed
if (iVar6 < iVar1) goto LAB_0805100b;
break;
}
iVar6 = iVar6 + 1;
} while (iVar6 < iVar1);
}
sVar4 = lVar2 % 0xa00000;
sVar5 = __fread_chk(__ptr,0xa00000,1,sVar4,__stream);
if ((sVar4 == sVar5) && (sVar5 = fwrite(__ptr,1,sVar4,__s), sVar4 == sVar5)) {
free(__ptr);
fclose(__stream);
fclose(__s);
return 0;
}
// ... Too long. it's just cleanup from here ...
It's only called once and the output (the decoded file) is stored at
puVar4 = (undefined4 *)"/usr/lib/tmpsrc.tmp";
How much spyware is on there? I cannot imagine a scenario where the DPRK government isn't monitoring their citizens' computers for signs of dissent and other "counterrevolutionary" activity.
Well, someone else already tested the watermarking, by copying files to and from redstar and he found that the file had 32 bytes more at the beginning. It was a word file afaik. What is strange is that he ran wireshark for virtualbox and he found that the system was completely network silent. Strange, but perhaps NK's network capabilities are not powerful enough to surveil citizens in real time. Do know however that this is the version 3.0. They now have 4.0 and rumors are that 5.0 is going to be finished soon as well
This is the VOK website. It indeed runs red star 4, or so it claims.
Also that apache version looks old as fuck
did nobody, open the image file in a hex editor and see what it said? thats frustrating, im not going to do it. if i had to guess, the operating system adds your system information to the image file so that they can track exactly who posts what.
what a scary type of system. if you disagreed with your government, not using the os was a telltale sign
Nice
with all the degenerate criminal shit the DPRK does i wouldn't be surprised if they ended up actually hosting pirated content to spite the western piggus
I would bet that if this is the case their "pirated software" is actually a crypto miner virus
based general, have a bump
Mental Outlaw did a video where he changes the language to English and tried to despook the OS
I'm not watching some random "celebrity" but there is nothing to "despook".
is redstar 4.0 available anywhere?
>did nobody, open the image file in a hex editor and see what it said?
>32 bytes
probably a UUID desu
would it be possible to get the wallpapers and icons in this red star pic? they are comfy
tpb actually tried aswell
torrentfreak.com
You can choose north Korea on windows timezones. They're probably just using windos.
that's because you consoom mainstream media
they do use windows aswell as red star
but ive only ever seen windows XP and older from being autistic and looking at the PCs in the backgrounds of north korean videos