Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Star Linux Adds Secret Watermarks To Files

Posted by timothy on from the but-it's-open-source dept.

An anonymous reader writes: ERNW security analyst Florian Grunow says that North Korea's Red Star Linux operating system is tracking users by tagging content with unique hidden tags. He particularizes that files including Word documents and JPEG images connected to but not necessarily executed in Red Star will have a tag introduced into its code that includes a number based on hardware serial numbers. Red Star's development team seems to have created some quite interesting custom additions to Linux kernel and userspace, based on which Grunow has written a technical analysis.

9 of 100 comments (clear)

  1. Re:"privacy of North Koreans" by Archangel+Michael · · Score: 4, Interesting

    Yeah, I can see it now. NSA Linux, "Freedom Edition with Proprietary Patriot Act Protection!"

    And a Obama working with Boehner will get it done.

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  2. Is this any different than the US government? by AndyKron · · Score: 4, Insightful

    Is this any different that our government forcing printer manufacturers to put secret watermarks on pages printed?

  3. Re:custom kernel? by behrooz0az · · Score: 3, Insightful

    Ken Thompson's C compiler is an interesting read on the subject:
    http://programmers.stackexchan...
    http://www.reddit.com/comments...
    Basically, It's a compiler with a backdoor that injects it's source code when it's compiling itself. pretty interesting idea for 1984.

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
  4. Oh the horror by Blaskowicz · · Score: 3, Insightful

    Desktop software is really horrible these days. To preserve your freedoms, use Chrome OS or Android and organize your collaborations and activities over Facebook. Capitalist computing is much more trustworthy than that evil communist Linux thing.

  5. Re:custom kernel? by gstoddart · · Score: 4, Insightful

    Seriously?

    Most North Koreans don't have access to the internet. Most North Koreans don't know a damned thing about Linux. Most North Koreans don't know a damned thing about kernels or spying modules installed on their computers.

    Do you really think people are going to compile a custom kernel to get around the brutal dictatorships surveillance and risk their lives for something they probably don't know exists?

    Come on, guys, learn a little about North Korea before suggesting the populace just whips up a custom kernel to work around this.

    Under a third generation pisspot dictator, the overwhelming majority of North Koreans will only know what they've been told. They're poor, starving, and isolated from much of the rest of the world.

    And the suggestion is to go to kernel.org? Pathetic.

    --
    Lost at C:>. Found at C.
  6. Re:"privacy of North Koreans" by rockmuelle · · Score: 3, Insightful

    That already exists. It's called SELinux: https://en.wikipedia.org/wiki/...

    -Chris

  7. No, it doesn't by kromozone · · Score: 4, Interesting

    Before: https://i.imgur.com/oOoWssF.pn...
    Open in Red Star 3.0: https://i.imgur.com/MiORhD3.jp...
    After: https://i.imgur.com/uqAvXC6.pn...

    The above uses an MS Word document created in Office 2011.

    I've tried jpg, docx created in MS Word, docx from LibreOffice, and numerous other random file formats copied onto my thumb drive - the MD5 remains exactly the same in every case.

  8. English as she is spoke by jeremyp · · Score: 3, Interesting

    He particularizes

    I don't know what makes me sadder: that he used that word or that it apparently is a word.

    --
    All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
  9. NSA SELinux open source, in mainline kernel 12 yrs by perpenso · · Score: 4, Informative

    As far as you know.

    Actually we do know, we have the source code, have had it for about 15 years. Its been in the mainline Linux kernel for about 12 years. In case you haven't heard changes to the kernel get, uh, ... reviewed.