DPRK’s RedStar OS on 32c3

Niklaus and me had the chance to talk about our research on RedStar OS on the 32nd Chaos Communication Congress in Hamburg this year. You can see the talk online at or on Youtube.

We talked about the details of the watermarking mechanism that we found in July and additional features of RedStar OS like it’s “Virus Scanner” and the system architecture. During the days after our talk we were able to find watermarks applied by RedStar OS in the wild on some sites on the Internet. We can confirm at least 7 different instances of RedStar OS that have applied watermarks to JPGs. Cleaning up the data is work in progress and we will get back to you with the results! Niklaus has put our presentation and additional resources in the git. Feel free to join us in our research and make the world a safer place!

32c3 was amazing, as every time! Big thanks to all the volunteers who made this possible. Niklaus and I enjoyed every second! 🙂

Hope to see some of you at Troopers 16 in March 2016!



Continue reading

RedStar OS Watermarking

During the last few months information about one of North Koreas operating systems was leaked. It is a Linux based OS that tries to simulate the look and feel of a Mac. Some of it’s features have already been discussed on various blog posts and news articles. We thought we would take a short look at the OS. This blog post contains some of the results.

As you can imagine, most interesting for us was to investigate features that impact the privacy of the users. There are some publications concerning the security of the OS, this is an aspect that we will not cover in this post. We will stick to a privacy issue that we identified in this post. As ERNW has a long history of “Making the World a Safer Place”, we consider this topic an important one. The privacy of potential users (especially from North Korea) may be impacted and therefore we think that the results must be made available for the public. So, here we go … Continue reading “RedStar OS Watermarking”

Continue reading