Red Star Linux Adds Secret Watermarks To Files

← Back to Stories (view on slashdot.org)

Red Star Linux Adds Secret Watermarks To Files

Posted by timothy on Tuesday July 21, 2015 @01:37AM from the but-it's-open-source dept.

An anonymous reader writes: ERNW security analyst Florian Grunow says that North Korea's Red Star Linux operating system is tracking users by tagging content with unique hidden tags. He particularizes that files including Word documents and JPEG images connected to but not necessarily executed in Red Star will have a tag introduced into its code that includes a number based on hardware serial numbers. Red Star's development team seems to have created some quite interesting custom additions to Linux kernel and userspace, based on which Grunow has written a technical analysis.

19 of 100 comments (clear)

Min score:

Reason:

Sort:

"privacy of North Koreans" by xxxJonBoyxxx · 2015-07-21 01:50 · Score: 2, Insightful

>> privacy of potential users (especially from North Korea) may be impacted
I didn't know privacy was a thing in North Korea.
1. Re:"privacy of North Koreans" by Archangel+Michael · 2015-07-21 02:01 · Score: 4, Interesting
  
  Yeah, I can see it now. NSA Linux, "Freedom Edition with Proprietary Patriot Act Protection!"
  And a Obama working with Boehner will get it done.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
2. Re:"privacy of North Koreans" by rockmuelle · 2015-07-21 02:23 · Score: 3, Insightful
  
  That already exists. It's called SELinux: https://en.wikipedia.org/wiki/...
  -Chris
3. Re:"privacy of North Koreans" by barbariccow · 2015-07-21 04:03 · Score: 2
  
  But... It's GPL... and they're modifying it! And Distributing it!
Is this any different than the US government? by AndyKron · 2015-07-21 02:02 · Score: 4, Insightful

Is this any different that our government forcing printer manufacturers to put secret watermarks on pages printed?
1. Re:Is this any different than the US government? by Gravis+Zero · 2015-07-21 02:38 · Score: 2
  
  Is this any different that our government forcing printer manufacturers to put secret watermarks on pages printed?
  actually, yes it is! the point of the watermarks made on color printers is to make it easy to track down counterfeiters, specifically those printing USD. fun fact, North Korea loves to counterfeit $100 USD notes.
  
  --
  Anons need not reply. Questions end with a question mark.
2. Re:Is this any different than the US government? by gstoddart · 2015-07-21 03:03 · Score: 2
  
  Sorry, but it has the net effect of making every printed document uniquely identifiable.
  Which means whatever pretense they used, they can now use it for anything else they damned well please.
  You can keep believing your government isn't trying to monitor and control everything you do. But you'd be wrong.
  Much like terror laws are being used to piggy back for the rest of law enforcement, despite assurances to the contrary, they can and will abuse any other technology which is made available to them.
  There's really no difference between one government spying on everybody and another. The only difference is in how much people believe there's a difference. But if they can get away with it, Western governments are just as likely to do it.
  
  --
  Lost at C:>. Found at C.
Re:custom kernel? by behrooz0az · 2015-07-21 02:09 · Score: 3, Insightful

Ken Thompson's C compiler is an interesting read on the subject:
http://programmers.stackexchan...
http://www.reddit.com/comments...
Basically, It's a compiler with a backdoor that injects it's source code when it's compiling itself. pretty interesting idea for 1984.

--
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Oh the horror by Blaskowicz · 2015-07-21 02:10 · Score: 3, Insightful

Desktop software is really horrible these days. To preserve your freedoms, use Chrome OS or Android and organize your collaborations and activities over Facebook. Capitalist computing is much more trustworthy than that evil communist Linux thing.
Re:custom kernel? by gstoddart · 2015-07-21 02:10 · Score: 4, Insightful

Seriously?
Most North Koreans don't have access to the internet. Most North Koreans don't know a damned thing about Linux. Most North Koreans don't know a damned thing about kernels or spying modules installed on their computers.
Do you really think people are going to compile a custom kernel to get around the brutal dictatorships surveillance and risk their lives for something they probably don't know exists?
Come on, guys, learn a little about North Korea before suggesting the populace just whips up a custom kernel to work around this.
Under a third generation pisspot dictator, the overwhelming majority of North Koreans will only know what they've been told. They're poor, starving, and isolated from much of the rest of the world.
And the suggestion is to go to kernel.org? Pathetic.

--
Lost at C:>. Found at C.
No, it doesn't by kromozone · 2015-07-21 02:23 · Score: 4, Interesting

Before: https://i.imgur.com/oOoWssF.pn...
Open in Red Star 3.0: https://i.imgur.com/MiORhD3.jp...
After: https://i.imgur.com/uqAvXC6.pn...
The above uses an MS Word document created in Office 2011.
I've tried jpg, docx created in MS Word, docx from LibreOffice, and numerous other random file formats copied onto my thumb drive - the MD5 remains exactly the same in every case.
1. Re:No, it doesn't by penguinoid · 2015-07-21 09:03 · Score: 2
  
  Did you wait long enough for their "virus scanner" to run? Also, maybe you need to spoof it so it looks like your computer is in Korea.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
2. Re:No, it doesn't by psyclone · 2015-07-21 11:31 · Score: 2
  
  And you've verified you have the same kernel modules and binaries running described in TFA?
  Is there a slight chance if the VM can't access the hardware IDs needed to watermark, that it does not apply one? You have an old box you can run Red Star on natively?
English as she is spoke by jeremyp · 2015-07-21 02:30 · Score: 3, Interesting

He particularizes
I don't know what makes me sadder: that he used that word or that it apparently is a word.

--
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
1. Re:English as she is spoke by ScentCone · 2015-07-21 03:02 · Score: 2
  
  Well, all you have to do is come up with an enbiggened disincentivicationism to counterproduce the linguinistical resultifacts that meet your desirenessifity.
  
  --
  Don't disappoint your bird dog. Go to the range.
2. Re:English as she is spoke by Deep+Esophagus · 2015-07-21 03:03 · Score: 2
  
  That was my first reactification, too, but apparently that word has been verbed since at least the 19th century.
3. Re:English as she is spoke by glwtta · 2015-07-21 03:29 · Score: 2
  
  I don't know what makes me sadder: that he used that word or that it apparently is a word.
  
  I feel sadder for the poor fellow who apparently spontaneously disassociated into a cloud of particles.
  
  --
  sic transit gloria mundi
Re:custom kernel? by PPH · 2015-07-21 04:01 · Score: 2

Most North Koreans don't have access to the internet.
This sort of thing is aimed at government employees who might become disaffected and begin working for some western intelligence agency. Your office PC watermarks every document on its way to the thumb drive (or floppy disk). In the event the media is intercepted on its way out of the country, they know whose desk to visit.

--
Have gnu, will travel.
NSA SELinux open source, in mainline kernel 12 yrs by perpenso · 2015-07-21 04:06 · Score: 4, Informative

As far as you know.
Actually we do know, we have the source code, have had it for about 15 years. Its been in the mainline Linux kernel for about 12 years. In case you haven't heard changes to the kernel get, uh, ... reviewed.