Open DerekTurtleRoe opened 8 years ago
Your presentation at 32C3 was very interesting indeed! (As well as Will Scott’s presentation at 31C3.)
It's nice to see people are interested to contribute!
What kind of cosmetic changes do you have in mind? I don't think the contents of the files from the ISOs should be changed in any way to make sure anyone can analyze the untouched files. But feel free to submit pull requests at any time.
A Wiki would also be pretty nice. I guess we would have some stuff to add.
@vgturtle127 you can send me any stuff regarding Red Star or DPRK in general via mail (in my profile) at any time. I'm always interested in any of this stuff :)
@takeshixx Alright, I wasn't talking about sending you files, more like adding a repository of knowledge to the project.
The only thing I would do with the actual files is what I like to call the 3D system.
Decompress, decrypt, document
I know, I know. It's lame. BUT...
We can possibly get information about the distro by extracting everything. It may not lead to anything, but on a rare occasion I find something in the partitions or something. An example being, with the Nintendo DS, an invisible encrypted partition is found on the disk, but only if you extract it manually with something like ISOBuster.
Anyway, I will fork and start doing some work on my own local fork and see if you guys think it looks good. :smile:
@vgturtle127 Though many years later, did you get anywhere with this? Unfortunately technological analysis in a pure 'open-source reverse engineering' fun way seems to have died after the file hashing system was understood. There are only now some analysis of the tablet/phone OS they use which is interesting but with the usage of USB sticks and their known use of illicit data transfer, it does feel there is more to look in to this. I am surprised at the lack of Frida or IDA databases for it.
@darvell the signature-based system and other aspects of the tablets and phones are actually way more interesting. The main reson is that those are far more used than the actual Red Star distribution. Many systems still run Windows and there is also a new major version (4.0) for a couple of years already. I personally haven't done any further analysis of Red Star OS 3, but in the near future I (hopefully) should get access to a copy of Red Star OS 4.x. I think it makes way more sense to then focus on that analysis. Maybe they switched from the watermarking-based system to a signature-based system that is compatible with the Android versions.
Especially for the phones a have tons of stuff that has never been published, but I often struggle to find proper ways and formats to publish some information. If you want to continue in any of the DPRK subjects let me know if I can assist you in any way. At some point I will release more work, but currently everything is halted due to COVID (borders closed).
A late comment but anything you can get your hands on I'm interested. The mail in/mail out issue has also affected myself with collecting silly little pieces of propaganda/music but could never find a source for tech. (I assume you have to just know someone in CN.)
Sorry I haven't been active here, I got busy with a job, then lost my job, been looking for work, had some health issues, all kinds of personal stuff. Anyway, I may take a look into this at a later date. I have learned a lot in the last few years, so hoping to do some datamining and more interesting research at some point. 😄
So I saw your presentation at 32C3, and I wanted to help.
First, I wanted permission to make some cosmetic changes to some of the files and expand upon the data to better explain some of the information.
Second, I wanted to start by doing some basic information gathering and start a Wiki about Red Star OS.
Third, I wanted to share some information about Red Star OS and related topics that you may find interesting or useful.
An example being, in your presentation you said that KCC use to have a building in Berlin, and actually not only did they have one there, but they have also had buildings in other parts of Europe, China, South Korea, Japan, Syria, the United Arab Emirates, and the Middle East. I'm not sure if they are still up, but they were there.
Anyway, I am basically asking for permission to start contributing, but I also want feedback on what you guys think you want.
Thanks for the presentation and thanks for inspiring me to get back into security and privacy stuff! :smile: