A presentation from this past week’s Chaos Computer Congress shows how totalitarian states (like, in this case, North Korea) can leverage open source software in furtherance of their evil aims of repression. Case in point – the DPRK’s Red Star Linux distribution. In this talk, researchers describe their examination of added “features” which appear to allow the government to track documents and media created on users’ computers, track where documents and media have been shared, and remove “objectionable” content (such as references to politically sensitive subjects) from users’ machines. One surprise feature of the Red Star OS is the ability to encrypt files and disks, although it is very likely (but not yet proven) that such encryption is rigged to allow government access to such data. The OS seems to be very good at protecting itself from “tampering” by users to disable these (and probably other) key features.
The video is an hour long and gets into some detail on Linux internals, but even if you are not a Linux/techy person, you will be able to appreciate the skill and evilness that the DPRK put into this.
RSS - Posts