My understanding is that there are three mobile networks in North Korea: the normal one used by the citizens (they have smartphones made specifically for North Korea), one used by the government/military and one for tourists (requires a local SIM card only available in a specific hotel in Pyongyang).
The last one is connected to the internet and this is why you can see (or at least before the pandemic could see) Instagram posts from North Korea.
I have no idea if this information is still or ever was completely true though.
There's a somewhat dated but very interesting AMA on Reddit by an American teaching computer science in Pyongyang:
Reading about the internet knowledge possessed by North Korean students, I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking.
>one for tourists (requires a local SIM card only available in a specific hotel in Pyongyang).
I do not think that exists. I imagine the diplomats and other foreigners living there will have this, though.
When I was there two times (in Pyongyang, and in villages in the north east & Rason) any access to the outside world was prohibited via a network other than telephone (I could make outgoing phone calls via the hotel). Even traveling very close to the border (which they use jammers to block outside connections), my guides were annoyed when they saw I was trying to connect to the Chinese network from my phone.
The only place I saw any access "to the outside world" was in Rason (https://en.wikipedia.org/wiki/Rason_Special_Economic_Zone), where one of the casinos had a computer which could be used to access the internet (through the Chinese GFW, of course).
Re: "I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking."
I sort of suspect this is just the result of a nation state that is willing to be a pariah. That is, I think nearly any large state could do it if they didn't mind burning bridges.
This is my assumption as well. In general it seems like hacking becomes a lot easier (still not easy of course, just easier) when you have no fear of getting caught or going to jail.
Does anyone remember LAPSUS$ https://en.wikipedia.org/wiki/Lapsus$ from a while back? It was reported for a while that it was largely made up of teenagers, and it seems two did get caught. I recall their whole MO being brazen social engineering/using stolen credentials in a way that got them caught pretty quickly, but also got results fast.
See also Russian hackers being notorious simply because Russia is willing to turn a blind eye to cyber crime that doesn't target Russia
Crime being illegal doesn't prevent crime, but it adds an enormous amount of friction. In the West if you are decent at hacking, low-level APIs or reverse engineering you could turn to cyber crime. But if you instead get a regular job in cyber security or software engineering you still get a good salary, and don't have to worry about your online friends being police informants, can tell your potential significant other what you do to earn a living, get money wired directly to your bank account instead of having to go through costly intermediaries with significant risks, don't have trouble with the tax authority, etc.
If you reduce the legal opportunities and remove the downsides of the illegal ones the calculation completely changes, and with it the talent pool
"Pariah", they've had the longest embargo on earth (which has caused hundreds of thousands of deaths), they had 90% of their whole countries infrastructure bombed by the US, and the Korean war has been called a genocide in the North by many scholars.
The world doesnt make sense if you ignore history.
They probably hack for the same reason the west does it: attack/defense and money.
Why would they need such incentives? All they gotta do is give them a decent wage and they will be happy, which in North Korea is a paltry sum. Its not like regular North Koreans are traveling around the world, they couldn't afford it even without any other restrictions, so they have zero risk of arrest or punishment from other nations.
If I told you today that I will pay you a million dollars to go fuck around with some North Korean servers, and doing it completely anonymously with the full protection and sanction of your government, would you say no?
I think you may have some unrealistic views on how North Korea operates internally. 99% of their population lives completely normal lives and has zero extra interactions with the government beyond basic grunt military service which is common across much of the world, and paperwork for licensing, permits, and taxes. We only see the worst possible views of North Korea from the outside, slathered with thick layers of additional propaganda on top of it.
Completely normal lives may be stretching your speech a bit too far. They provably had hundreds of thousands of deaths in famines when surrounding countries thrived, they have absolutely horrendous concentration camps where people are frequently beaten to death for small infractions and whole families are sent there, including small children (who also get beaten to death by their 'teachers').
If you consider numerous reports of people that managed to barely escape and report this consistently in the west as pure propaganda, thats... your paranoid mindset. Sometimes people and regimes are simply evil, 21st century is in no way immune to that.
"I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking"
This sentiment is probably overblown. The fact that they are effectively robbing people to earn some money for their pathetic regime means only that they are on the level of nowadays internet scammers. They are good at that too.
Spending enough money (and they spend a lot - 26 million people work only for this) one can train people to do this or hire people to do this for them.
How cunning and evil it is that America funded the internet and then allowed it to spread around the world.
If you're worried about "absolute control over digital systems", notice how many standards get published describing how those digital systems work -- you're welcome to reimplement them if you'd like more control.
What I'm saying is this: there's nothing stopping you from using communication methods that aren't controlled by Americans. All of the protocols that the internet uses are documented.
Like most Python material that ceased to be funny decades ago thanks to people quoting it endlessly...
The Romans were true imperialists. They considered their opponents to be barbarians, and claimed they lived in wastelands. The truth is more complex. In many places — yes, including Judaea — they inherited infrastructure and buildings. Judaea was previously occupied by the Greeks and a number of other civilisations had left behind remains. The idea that it was terra nullis or a tabula rasa is nonsense. Even Gaul which was considered to be a frontier already had a road system (some of which has been only rediscovered in recent times), and what is now Marseilles was a Greek city going way back before the Roman conquest.
> Romans were true imperialists. They considered their opponents to be barbarians
The Romans also aggressively appropriated from and integrated the people they conquered, extending the concept of citizenship and thus what it meant to be Roman in the process.
Nobody is saying the Romans came across terra nullis. But describing their engineering and culture as "merely improving roads" is silly.
They stole literature and architecture from the Greeks, chariot building techniques from the Gauls, their identity from the Etruscans and Latins, and probably more than they would ever admit to from the Carthaginians.
When I was growing up we were taught the Romans' own imperial myth that they had built upon nothing. The Monty Python film even promotes that as a joke. There are cities in the Holy Land like Jericho which were inhabited before Rome was even founded.
p.s. Do I get downvotes for pointing out archaeological and historical fact here? When I said "merely improved roads", I was talking about their road network not their entire civilisation.
Rome was entirely reliant upon the looting and expansion of the empire to support them. Without building up those roads Rome would have starved and fallen apart.
A bit over a decade ago I used to spend a lot of time hacking North Korean web infrastructure, I mostly found that they tended to have firewalling around almost all boxes exposed to the global internet and usually had pretty impressive reaction times if you tried to access the country intranet through a compromised web server.
I've always wondered how successful NSA and the likes have been at infiltrating DPRK networks, as it would inherently be fairly easy to detect any sketchy traffic from the outside. I wonder if the recent NYT story essentially confirms that difficulty.
I guess I have a question after all: I'm not exactly clear on how NK treats end-user devices. Do you know if the endpoints used by NK based remote workers have internet and intranet access at the same time? If they do, such an endpoint could offer an easy and stealthy channel to access the intranet.
the end user devices are also really interesting. as far as i know they require a piece of software called netkey or oconnect as it's recently been renamed. that's for getting access inside the country and then for anyone outside they have software called hangro that is similar to a vpn for connecting back to north korea and getting messages
thanks really appreciate that!
I've seen that doc before and it does really make me wonder. part of the leaks from the NSA tools years back had some references in there for detecting north koreas ant-virus silivaccine
I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
South Korean NIS was in fact a hacking team client, so it would make sense. Especially considering how terrible Red Star OS was at the time, a HT engineer could probably have whipped those up in a couple of days.
>I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
I'm sure they've had some success, but I'd expect it to be a really difficult environment to operate in. Even for the NSA. I suppose eventually there'll be a better leak and we'll get to find out just how well it's been going.
It's like the NSA Reddit, they've got memes and up- and downvotes.
Some excerpts from a seemingly unreleased Snowden leak (from Dark mirror: Edward Snowden and the American Surveillance State):
> “Why is a scoop of potatoes larger than a scoop of eggs in the cafeteria?” a contributor named Michael wondered one day. Paul jumped in to play the troll. “Let me be the first to down-vote you,” Paul wrote, naming several pedantic reasons. A side debate erupted: should Michael’s post be down-voted, flagged, or removed? Clyde returned to the topic at hand with a facetious theory that scoop volume is proportional to the relative size of potatoes and eggs themselves. In that case, Scott replied, what would happen if “we served eggs that were bigger than potatoes, like of an Ostrich?” Someone proposed a uniform system, “One Spoon to scoop them all,” an homage to Lord of the Rings. Punsters demanded the “inside scoop” and lamented the waste of time on “small potatoes.”
Gotta say, it's pretty disappointing that Gellman, Greenwald, Poltras et. al. have been so stingy with these documents. It's definitely starting to have been long enough for them to just dump everything.
It's interesting to discover the reality that packet routing ends up following political affiliations. I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
> It's interesting to discover the reality that packet routing ends up following political affiliations.
Certainly political affiliations have some influence, but also China and Russia have land borders with North Korea and are not at war. It's very common to run fiber optic on/under railroads and vehicle roads, so there you go. It's probably pretty hard to attract an international cable consortium to land in North Korea given everything, but terrestrial cabling is easier to start with anyway.
> I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
They would have asked APNIC, the Regional Internet address Registry for their region (Asia-Pacific). I can't find an assignment date, but 175/8 was assigned to APNIC in 2009. 2009 lines up with wikipedia reporting of the startup of the current ISP joint venture.
DPRK can certainly get however many IP addresses they want, DPRK just doesn't have that much infrastructure that they want externally accessible.
As far as I know, end-user traffic from within North Korea usually does not originate from those few IP addresses. Or at least not visibly so, they might be connecting to a proxy from a DPRK IP address.
IPv4 continues to be available to entities that have a need that fits a particular policy shape, just most people don't.
Specifically, you can get IPv4 /24s for IPv6 transition purposes. This includes anycast DNS, MX, etc for legacy clients on other networks, v4-side of CGNAT, etc.
E.g. I was able to get a /24 in the ARIN region in 2021 and could justify 2 more for a _logical_ network topology similar to what NK presents to the world.
Apnic used to hand out a /22 to most members. Its now a waiting list for 2 /24s. They would probably give some priority to a nation state over yet another mdu fibre isp.
APNIC has some addresses [1] and will assign up to two /24s to qualified new accounts within the region. There are also carve outs for National Internet Registries and Internet eXchange Points.
Do those small utility boxes alongside the tracks make sense for fiber optic? I expected things like that to be larger, if only because fiber has a minimum bend radius.
The larger cables tend to have strength members with higher physical bend radius restrictions, i.e. you can't bend the steel or kevlar elements that tightly without breaking things.
Yes, poles are standard practice in a lot of places, but not generally for backbone links. There's only a few of those and it makes sense to get the extra protection from burying them.
Also, installing general telco fibre next to railway lines is standard practice. Makes all the bureaucracy so much easier if you can just use the existing railway right-of-way. Not that the DPRK would care much about right-of-way ;D
Too late, already happened, it's called squirrels. cf. CCC NOC logo: https://events.ccc.de/camp/2019/wiki/Static:Network — it's an in-joke about rodents chewing through the (air/tree-strung) uplink fibre multiple times at the 2015 event.
Can we back up and just recognize how insane North Korea is? I think that future generations will look back on our history and wonder why nobody ever did anything about the incredible atrocities that took place in that country for decades.
I will get buried for saying this, but DPRK survived as a people, investing everything into a nuclear program to survive. The reason nobody did anything is they firmly built a defense against intervention, and given how the korean war went, how various US interventions looked after that, it was the correct thing to do. The most the US could do to them in recent years was murder some innocent fishermen. It has tried to starve them and failed.
If anybody gave a fuck about the Korean people they wouldn't have split Korea up to start with, they wouldn't have stopped the reunification of Korea, and they wouldn't have bombed millions of civilians to death.
Any proof of your emotional statements? Order of scale of those civilian deaths contradicts literally every public statistics out there.
You seem to have... very strong while also contrarian opinions in this thread to be polite, leaning heavily into apologist position for North Korean government
At least NK's human rights abuses are contained within their borders. I hope future generations will look back on the many US invasions of foreign countries over the years and all the war crimes that took place during those invasions with the scrutiny they deserve.
Except we aren't blameless either for the state North Korea ended up in. We leveled nearly every building in the country, we even targeted rural thatch huts with bombing runs. We dropped so many bombs on North Korea that the bombers started dropping bombs on thrice bombed rubble and open land because they couldn't find any targets left to attack. Why should we be surprised that a strong arm authoritarian leadership rose up among the chaos and put every effort towards military power and obtaining nuclear weapons at the expense of everything else?
I can't even say that they made the wrong decision either, North Korea still exists as an independent nation which is amazing in itself.
It will definitely go down as one of the biggest failures of mankind. Especially since it was so easily preventable if MacArthur was permitted to just take the whole peninsula.
China was already sending troops and material to the front lines when MacArthur was ordered to stand down. Pushing further would have meant a hot war with China.
There is no way we could match them in numbers on the ground. Such a conflict would have inevitably led to us nuking them as a result. Which is probably the reason decision makers chose not to.
And maybe that's really the humanitarian failure. That USA didn't nuke China in 1950 or 1951. Would have solved a lot of problems for generations of people.
USA dropping nukes would have prevented the convention against using nukes in wars from being started. I think there's a pretty good chance we wouldn't have any civilization left by now if we went down that fork in history.
How is nuking Japan different from nuking Korea? Everybody agrees that forcing Japan to surrender with nukes was much better for everyone involved than a ground invasion.
When Japan was bombed, nobody else in the world had nuclear weapons, the US only had 2, and there were only a handful of people outside of the US seriously researching nuclear weapons and were still years away from a test. By 1950 the USSR had working nuclear bombs, had proven so with a nuclear test, and a dozen other countries had started their own nuclear weapons programs.
Maybe the real humanitarian failure is that the US didn't nuke everybody and start over from the stone age. Can't any societal problems if no societies exist, right?
Does any serious historian believe that fully defeating the Soviet Union after WWII would have been possible? Even with the advantage of nuclear weapons, I doubt the US would have made it very far.
Or how about us not blowing them to bits in the first place? South Korea was on the very edge of capitulation before the US came in full force and even most South Korean citizens were in support of Korean unification at that time. The current state of North Korea would have never come to reality if they hadn't been blown to bits by the US because of big ol' scary "communism".
What makes 1950s Korea evil? You are equating North Korea today with Korea of 75 years ago, they aren't even remotely similar. You don't think your nation getting bombed to literal fields of rubble wouldn't change views and political stances afterwards?
Unification was supported by both sides among the people, most South Koreans supported communism and 70% of them supported unification with the North. South Koreans didn't even support their own government, they were dealing with internal insurrection from their own people. The North was an industrialized nation and the South was a poor farming country and their unification would of been hugely beneficial to both. The war would have been over in another 2 weeks without intervention and a minimal amount of casualties, and it had only been 3 months from the start of the invasion. The only people not in support of it at the time was the political leaders of SK at the time because it meant they personally as individuals would lose power and wealth, and the US who was on a crusade to crush and kill anybody who dared support communism. Korea never should have been split in the first place, but the US and USSR had to be little bitches and force their will upon these people.
Killing 5 million people, most of which were innocent civilians, in the name of "fighting communism" is evil, not the idea of a unified nation of people supported by those same people.
Soviet occupation. Korea was supposed to be unified and elect a government back in 1950, Soviets made sure it didn't happen because they had no chance of winning.
I found the railroad part of the article unpersuasive. Optical repeater stations are fairly large and therefore wouldn't show up as random small underground vaults or little boxes on poles. These look like a collection of pictures of train tracks with no particular indicators of optical cables therein.
My understanding is that there are three mobile networks in North Korea: the normal one used by the citizens (they have smartphones made specifically for North Korea), one used by the government/military and one for tourists (requires a local SIM card only available in a specific hotel in Pyongyang).
The last one is connected to the internet and this is why you can see (or at least before the pandemic could see) Instagram posts from North Korea.
I have no idea if this information is still or ever was completely true though.
There's a somewhat dated but very interesting AMA on Reddit by an American teaching computer science in Pyongyang:
https://www.reddit.com/r/IAmA/comments/1ucl11/iama_american_...
Reading about the internet knowledge possessed by North Korean students, I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking.
>one for tourists (requires a local SIM card only available in a specific hotel in Pyongyang).
I do not think that exists. I imagine the diplomats and other foreigners living there will have this, though.
When I was there two times (in Pyongyang, and in villages in the north east & Rason) any access to the outside world was prohibited via a network other than telephone (I could make outgoing phone calls via the hotel). Even traveling very close to the border (which they use jammers to block outside connections), my guides were annoyed when they saw I was trying to connect to the Chinese network from my phone.
The only place I saw any access "to the outside world" was in Rason (https://en.wikipedia.org/wiki/Rason_Special_Economic_Zone), where one of the casinos had a computer which could be used to access the internet (through the Chinese GFW, of course).
Re: "I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking."
I sort of suspect this is just the result of a nation state that is willing to be a pariah. That is, I think nearly any large state could do it if they didn't mind burning bridges.
This is my assumption as well. In general it seems like hacking becomes a lot easier (still not easy of course, just easier) when you have no fear of getting caught or going to jail.
Does anyone remember LAPSUS$ https://en.wikipedia.org/wiki/Lapsus$ from a while back? It was reported for a while that it was largely made up of teenagers, and it seems two did get caught. I recall their whole MO being brazen social engineering/using stolen credentials in a way that got them caught pretty quickly, but also got results fast.
It’s not just that they don’t care about being a pariah state, it’s a literal fund raising exercise, unlike most other state sanctioned hacking.
See also Russian hackers being notorious simply because Russia is willing to turn a blind eye to cyber crime that doesn't target Russia
Crime being illegal doesn't prevent crime, but it adds an enormous amount of friction. In the West if you are decent at hacking, low-level APIs or reverse engineering you could turn to cyber crime. But if you instead get a regular job in cyber security or software engineering you still get a good salary, and don't have to worry about your online friends being police informants, can tell your potential significant other what you do to earn a living, get money wired directly to your bank account instead of having to go through costly intermediaries with significant risks, don't have trouble with the tax authority, etc.
If you reduce the legal opportunities and remove the downsides of the illegal ones the calculation completely changes, and with it the talent pool
"Pariah", they've had the longest embargo on earth (which has caused hundreds of thousands of deaths), they had 90% of their whole countries infrastructure bombed by the US, and the Korean war has been called a genocide in the North by many scholars.
The world doesnt make sense if you ignore history.
They probably hack for the same reason the west does it: attack/defense and money.
What other options do they have? They've been sanctioned to the point where they have few options left but to turn to crime.
Their brutal dictatorship is a choice.
Probably helps that the stance is likely "Hack this target or your family dies". That's always pretty uhhhh motivational.
Why would they need such incentives? All they gotta do is give them a decent wage and they will be happy, which in North Korea is a paltry sum. Its not like regular North Koreans are traveling around the world, they couldn't afford it even without any other restrictions, so they have zero risk of arrest or punishment from other nations.
If I told you today that I will pay you a million dollars to go fuck around with some North Korean servers, and doing it completely anonymously with the full protection and sanction of your government, would you say no?
I think you may have some unrealistic views on how North Korea operates internally. 99% of their population lives completely normal lives and has zero extra interactions with the government beyond basic grunt military service which is common across much of the world, and paperwork for licensing, permits, and taxes. We only see the worst possible views of North Korea from the outside, slathered with thick layers of additional propaganda on top of it.
Completely normal lives may be stretching your speech a bit too far. They provably had hundreds of thousands of deaths in famines when surrounding countries thrived, they have absolutely horrendous concentration camps where people are frequently beaten to death for small infractions and whole families are sent there, including small children (who also get beaten to death by their 'teachers').
If you consider numerous reports of people that managed to barely escape and report this consistently in the west as pure propaganda, thats... your paranoid mindset. Sometimes people and regimes are simply evil, 21st century is in no way immune to that.
tragically, this is exactly what it is
> That's always pretty uhhhh motivational
If you only met the world on American TV, yes.
Maybe they hire international talent.
Hire is not always the correct word. There is evidence they acquire international talent without consent.
"I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking"
This sentiment is probably overblown. The fact that they are effectively robbing people to earn some money for their pathetic regime means only that they are on the level of nowadays internet scammers. They are good at that too.
Spending enough money (and they spend a lot - 26 million people work only for this) one can train people to do this or hire people to do this for them.
[dead]
[flagged]
How cunning and evil it is that America funded the internet and then allowed it to spread around the world.
If you're worried about "absolute control over digital systems", notice how many standards get published describing how those digital systems work -- you're welcome to reimplement them if you'd like more control.
The Roman Empire built lots of roads wherever they went and the British Empire built lots of rail networks.
What I'm saying is this: there's nothing stopping you from using communication methods that aren't controlled by Americans. All of the protocols that the internet uses are documented.
This is exactly what China and North Korea do shrug but they get a lot of criticism for it.
The Roman Empire merely improved roads in many places. Gaul already had a road system, and the Greek and Egyptian spheres did too.
> Roman Empire merely improved roads in many places
/s? This is literally a Monty Python sketch.
Like most Python material that ceased to be funny decades ago thanks to people quoting it endlessly...
The Romans were true imperialists. They considered their opponents to be barbarians, and claimed they lived in wastelands. The truth is more complex. In many places — yes, including Judaea — they inherited infrastructure and buildings. Judaea was previously occupied by the Greeks and a number of other civilisations had left behind remains. The idea that it was terra nullis or a tabula rasa is nonsense. Even Gaul which was considered to be a frontier already had a road system (some of which has been only rediscovered in recent times), and what is now Marseilles was a Greek city going way back before the Roman conquest.
Romanes eunt domum indeed.
> Romans were true imperialists. They considered their opponents to be barbarians
The Romans also aggressively appropriated from and integrated the people they conquered, extending the concept of citizenship and thus what it meant to be Roman in the process.
Nobody is saying the Romans came across terra nullis. But describing their engineering and culture as "merely improving roads" is silly.
They stole literature and architecture from the Greeks, chariot building techniques from the Gauls, their identity from the Etruscans and Latins, and probably more than they would ever admit to from the Carthaginians.
When I was growing up we were taught the Romans' own imperial myth that they had built upon nothing. The Monty Python film even promotes that as a joke. There are cities in the Holy Land like Jericho which were inhabited before Rome was even founded.
p.s. Do I get downvotes for pointing out archaeological and historical fact here? When I said "merely improved roads", I was talking about their road network not their entire civilisation.
>The Roman Empire merely improved roads in many places.
why did they invest in those roads? They weren't a charity.
Rome was entirely reliant upon the looting and expansion of the empire to support them. Without building up those roads Rome would have starved and fallen apart.
So that they could move troops and goods from one place to another.
Yes, and more specifically so they could move resources back to Rome.
“allowed” is doing a hell of a lot of work for monopoly capitalism backed by us state diplomacy
you may want to read this book about the military history of the internet originating in counter insurgency strategy in vietnam.
https://www.amazon.com/Surveillance-Valley-Military-History-...
another way to look at american internet penetration is as “radio free asia dot com”
a random interesting fact:
North Korea is responsible for adding the hot beverage, umbrella with raindrops, and lightning bolt emojis
https://en.wikipedia.org/wiki/KPS_9566
Thanks for sharing my site. Happy to answer any questions
Don't have questions, but your blog is very cool.
A bit over a decade ago I used to spend a lot of time hacking North Korean web infrastructure, I mostly found that they tended to have firewalling around almost all boxes exposed to the global internet and usually had pretty impressive reaction times if you tried to access the country intranet through a compromised web server.
I've always wondered how successful NSA and the likes have been at infiltrating DPRK networks, as it would inherently be fairly easy to detect any sketchy traffic from the outside. I wonder if the recent NYT story essentially confirms that difficulty.
Regarding the NSA and DPRK, there's this document from 2007 least https://www.eff.org/files/2015/02/03/20150117-spiegel-fifth_...
I guess I have a question after all: I'm not exactly clear on how NK treats end-user devices. Do you know if the endpoints used by NK based remote workers have internet and intranet access at the same time? If they do, such an endpoint could offer an easy and stealthy channel to access the intranet.
the end user devices are also really interesting. as far as i know they require a piece of software called netkey or oconnect as it's recently been renamed. that's for getting access inside the country and then for anyone outside they have software called hangro that is similar to a vpn for connecting back to north korea and getting messages
thanks really appreciate that! I've seen that doc before and it does really make me wonder. part of the leaks from the NSA tools years back had some references in there for detecting north koreas ant-virus silivaccine
https://github.com/b30wulf/Malware-collection/blob/4f5906c93...
There was also the hacking team leak from years ago and they were selling exploits for north korea's red star OS: https://nkinternet.wordpress.com/wp-content/uploads/2025/12/...
I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
>There was also the hacking team leak from years ago and they were selling exploits for north korea's red star OS: https://nkinternet.wordpress.com/wp-content/uploads/2025/12/...
South Korean NIS was in fact a hacking team client, so it would make sense. Especially considering how terrible Red Star OS was at the time, a HT engineer could probably have whipped those up in a couple of days.
https://web.archive.org/web/20180302155452/http://english.yo...
>I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
I'm sure they've had some success, but I'd expect it to be a really difficult environment to operate in. Even for the NSA. I suppose eventually there'll be a better leak and we'll get to find out just how well it's been going.
> this document from 2007
Interesting document - confirming "everyone spies on everyone". Is this from some sort of corporate NSA chat room?
It's like the NSA Reddit, they've got memes and up- and downvotes.
Some excerpts from a seemingly unreleased Snowden leak (from Dark mirror: Edward Snowden and the American Surveillance State):
> “Why is a scoop of potatoes larger than a scoop of eggs in the cafeteria?” a contributor named Michael wondered one day. Paul jumped in to play the troll. “Let me be the first to down-vote you,” Paul wrote, naming several pedantic reasons. A side debate erupted: should Michael’s post be down-voted, flagged, or removed? Clyde returned to the topic at hand with a facetious theory that scoop volume is proportional to the relative size of potatoes and eggs themselves. In that case, Scott replied, what would happen if “we served eggs that were bigger than potatoes, like of an Ostrich?” Someone proposed a uniform system, “One Spoon to scoop them all,” an homage to Lord of the Rings. Punsters demanded the “inside scoop” and lamented the waste of time on “small potatoes.”
Gotta say, it's pretty disappointing that Gellman, Greenwald, Poltras et. al. have been so stingy with these documents. It's definitely starting to have been long enough for them to just dump everything.
Impressive sleuthing!
It's interesting to discover the reality that packet routing ends up following political affiliations. I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
> It's interesting to discover the reality that packet routing ends up following political affiliations.
Certainly political affiliations have some influence, but also China and Russia have land borders with North Korea and are not at war. It's very common to run fiber optic on/under railroads and vehicle roads, so there you go. It's probably pretty hard to attract an international cable consortium to land in North Korea given everything, but terrestrial cabling is easier to start with anyway.
> I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
They would have asked APNIC, the Regional Internet address Registry for their region (Asia-Pacific). I can't find an assignment date, but 175/8 was assigned to APNIC in 2009. 2009 lines up with wikipedia reporting of the startup of the current ISP joint venture.
DPRK can certainly get however many IP addresses they want, DPRK just doesn't have that much infrastructure that they want externally accessible.
As far as I know, end-user traffic from within North Korea usually does not originate from those few IP addresses. Or at least not visibly so, they might be connecting to a proxy from a DPRK IP address.
"DPRK can certainly get however many IP addresses they want"
IP4 is quite limited as far as I know and not given out freely since a long time, or what do you mean here?
IPv4 continues to be available to entities that have a need that fits a particular policy shape, just most people don't. Specifically, you can get IPv4 /24s for IPv6 transition purposes. This includes anycast DNS, MX, etc for legacy clients on other networks, v4-side of CGNAT, etc.
E.g. I was able to get a /24 in the ARIN region in 2021 and could justify 2 more for a _logical_ network topology similar to what NK presents to the world.
APNIC similarly has a pool available for IPv4 allocations: https://www.apnic.net/manage-ip/ipv4-exhaustion/#the-situati...
IPv4 is a question of money in almost all cases at this point. You can get what you can pay for.
Apnic used to hand out a /22 to most members. Its now a waiting list for 2 /24s. They would probably give some priority to a nation state over yet another mdu fibre isp.
APNIC has some addresses [1] and will assign up to two /24s to qualified new accounts within the region. There are also carve outs for National Internet Registries and Internet eXchange Points.
[1] as of Nov 2025, approximately 3 million or a little more than 12,000 /24s https://www.apnic.net/manage-ip/ipv4-exhaustion/#how-to-tras...
IPv4 is readily available and not very expensive. DPRK can just buy or lease them.
> … 2.5 GB per second between all the provinces.
What's your source for that number? Is it GBit or GByte? Are they building out OTU1?
What a great read. Thanks.
[dead]
Do those small utility boxes alongside the tracks make sense for fiber optic? I expected things like that to be larger, if only because fiber has a minimum bend radius.
Edit: Good article though, I enjoyed it a lot.
Railroad minimum bend radius is orders of magnitude bigger than fiber's.
The min bend radius isn’t that large in my experience. On the order of 10cm IIRC, possibly even less.
Even less is correct: outdoor fibers (G.652.D) have a minimum bend radius of about 30mm. The indoor counterpart (G.657.A1 and A2) have 10mm and 7.5mm.
The larger cables tend to have strength members with higher physical bend radius restrictions, i.e. you can't bend the steel or kevlar elements that tightly without breaking things.
Those are more of a technically no?
Like I have fiber to the house and you really need to pinch it and whatnot to cause an internet outage.
A small bend radius means it can have a tight bend.
A large bend radius means it has to be a big bend.
A 7.5mm bend radius is really small. You can bend that stuff pretty tight before you create a problem.
Much smaller than that, some might even say a utility box is overkill: https://old.reddit.com/r/techsupportgore/comments/nvwcuh/the...
Fiber’s perfectly happy being joined in 12” by 16” boxes for small runs. The terminal box in my garage has a few loops and is more like 6” x 8”.
https://www.seeclearfield.com/fiber-optic-wall-box/metal-wal...
Isn't it easier to hang optic cable on the poles? It seems that burying the cable requires more work.
As for utility boxes along the track, it could be something railway-related, for example, some railway control or monitoring equipment.
Yes, poles are standard practice in a lot of places, but not generally for backbone links. There's only a few of those and it makes sense to get the extra protection from burying them.
Also, installing general telco fibre next to railway lines is standard practice. Makes all the bureaucracy so much easier if you can just use the existing railway right-of-way. Not that the DPRK would care much about right-of-way ;D
If you hang your fibre optic cable from poles, you will inevitably evolve flying backhoes.
Too late, already happened, it's called squirrels. cf. CCC NOC logo: https://events.ccc.de/camp/2019/wiki/Static:Network — it's an in-joke about rodents chewing through the (air/tree-strung) uplink fibre multiple times at the 2015 event.
A few inches of dirt protects against cables darkening from nuclear blasts, if you care about that sort of thing.
It is easier, but it is also far more vulnerable and won't last nearly as long.
They are too vulnerable to the elements there.
Can we back up and just recognize how insane North Korea is? I think that future generations will look back on our history and wonder why nobody ever did anything about the incredible atrocities that took place in that country for decades.
I will get buried for saying this, but DPRK survived as a people, investing everything into a nuclear program to survive. The reason nobody did anything is they firmly built a defense against intervention, and given how the korean war went, how various US interventions looked after that, it was the correct thing to do. The most the US could do to them in recent years was murder some innocent fishermen. It has tried to starve them and failed.
s/DRPK survived as a people/Kim dynasty survived in power/g.
Sure it was a correct thing for Kims to do, millions of Koreans be damned.
If anybody gave a fuck about the Korean people they wouldn't have split Korea up to start with, they wouldn't have stopped the reunification of Korea, and they wouldn't have bombed millions of civilians to death.
Any proof of your emotional statements? Order of scale of those civilian deaths contradicts literally every public statistics out there.
You seem to have... very strong while also contrarian opinions in this thread to be polite, leaning heavily into apologist position for North Korean government
[dead]
At least NK's human rights abuses are contained within their borders. I hope future generations will look back on the many US invasions of foreign countries over the years and all the war crimes that took place during those invasions with the scrutiny they deserve.
Is this how we are to attribute atrocities? Where does the buck stop?
It doesn't.
North Korea is a buffer state and continues to exist because of China.
Except we aren't blameless either for the state North Korea ended up in. We leveled nearly every building in the country, we even targeted rural thatch huts with bombing runs. We dropped so many bombs on North Korea that the bombers started dropping bombs on thrice bombed rubble and open land because they couldn't find any targets left to attack. Why should we be surprised that a strong arm authoritarian leadership rose up among the chaos and put every effort towards military power and obtaining nuclear weapons at the expense of everything else?
I can't even say that they made the wrong decision either, North Korea still exists as an independent nation which is amazing in itself.
> why nobody ever did anything about the incredible atrocities that took place in that country for decades.
Why in that country ? US controls much of western opinion and made a lot of atrocities, yet, nobody cares (see the ongoing https://en.wikipedia.org/wiki/2025_United_States_military_st... )
It will definitely go down as one of the biggest failures of mankind. Especially since it was so easily preventable if MacArthur was permitted to just take the whole peninsula.
China was already sending troops and material to the front lines when MacArthur was ordered to stand down. Pushing further would have meant a hot war with China.
A hot war with China in 1950 was going to end quickly with the firepower USA had on-hand.
In what way?
The US nearly lost the Korean war.
The US army was nearly overrun at least once.
The US airforce never achieved air superiority, and Soviet aircraft were better in most ways.
The only undisputed advantage the US had was nukes, which is why MacArthur wanted to use them tactically (!)
The subsequent Vietnam war reinforced this even more.
The only path that America had to win in Vietnam was to destroy it, including the population they were allegedly there to protect. Hence they lost.
There is no way we could match them in numbers on the ground. Such a conflict would have inevitably led to us nuking them as a result. Which is probably the reason decision makers chose not to.
And maybe that's really the humanitarian failure. That USA didn't nuke China in 1950 or 1951. Would have solved a lot of problems for generations of people.
Wow, just half a dozen comments from why we're not saving North Koreans to "we could've nuked China and solved a lot of problems."
Some Hacker News threads are on their own level.
Well we know what happened to North Korea after China "won". And it's pretty fucking god-awful for 10s of millions of people for 80+ years.
USA dropping nukes probably would have been the better outcome for humanity.
Wait - you think the solution to some people having a lower standard of living and others being persecuted is to kill them all?
USA dropping nukes would have prevented the convention against using nukes in wars from being started. I think there's a pretty good chance we wouldn't have any civilization left by now if we went down that fork in history.
How is nuking Japan different from nuking Korea? Everybody agrees that forcing Japan to surrender with nukes was much better for everyone involved than a ground invasion.
When Japan was bombed, nobody else in the world had nuclear weapons, the US only had 2, and there were only a handful of people outside of the US seriously researching nuclear weapons and were still years away from a test. By 1950 the USSR had working nuclear bombs, had proven so with a nuclear test, and a dozen other countries had started their own nuclear weapons programs.
It's different almost by definition?
Because it was a once (twice!) off the impact and significance of it is amplified.
Maybe the real humanitarian failure is that the US didn't nuke everybody and start over from the stone age. Can't any societal problems if no societies exist, right?
wtf
Think how many tens of millions could have been saved if we had ended the Soviet Union as Churchill advocated, before the world got nukes.
Think how many tens of millions would have died in such a war. Just for some other evil to pop up anyway.
Does any serious historian believe that fully defeating the Soviet Union after WWII would have been possible? Even with the advantage of nuclear weapons, I doubt the US would have made it very far.
It was way too late, look up Operation Unthinkable.
You mean when Churchill wanted to hire 100,000 "former" Nazis to invade the Soviet Union?
Or how about us not blowing them to bits in the first place? South Korea was on the very edge of capitulation before the US came in full force and even most South Korean citizens were in support of Korean unification at that time. The current state of North Korea would have never come to reality if they hadn't been blown to bits by the US because of big ol' scary "communism".
So, piecemeal cede every bit of land to the evil? Like Trump wants with Ukraine now?
If you exclude the outliers like Campuchia and Nazi Germany, even the most benign commies are always way more deadly than the most ferocious fascists.
What makes 1950s Korea evil? You are equating North Korea today with Korea of 75 years ago, they aren't even remotely similar. You don't think your nation getting bombed to literal fields of rubble wouldn't change views and political stances afterwards?
Unification was supported by both sides among the people, most South Koreans supported communism and 70% of them supported unification with the North. South Koreans didn't even support their own government, they were dealing with internal insurrection from their own people. The North was an industrialized nation and the South was a poor farming country and their unification would of been hugely beneficial to both. The war would have been over in another 2 weeks without intervention and a minimal amount of casualties, and it had only been 3 months from the start of the invasion. The only people not in support of it at the time was the political leaders of SK at the time because it meant they personally as individuals would lose power and wealth, and the US who was on a crusade to crush and kill anybody who dared support communism. Korea never should have been split in the first place, but the US and USSR had to be little bitches and force their will upon these people.
Killing 5 million people, most of which were innocent civilians, in the name of "fighting communism" is evil, not the idea of a unified nation of people supported by those same people.
Worth pointing out that South Korea had very limited democracy until the late 1980s: https://en.wikipedia.org/wiki/History_of_South_Korea
> What makes 1950s Korea evil?
Soviet occupation. Korea was supposed to be unified and elect a government back in 1950, Soviets made sure it didn't happen because they had no chance of winning.
That and, you know, the whole invasion thing.
You know the US destroyed nearly 75 percent of all buildings in North Korea during the Korean War, right?
NK is paranoid for very valid reasons.
[dead]
I found the railroad part of the article unpersuasive. Optical repeater stations are fairly large and therefore wouldn't show up as random small underground vaults or little boxes on poles. These look like a collection of pictures of train tracks with no particular indicators of optical cables therein.