Security
Headlines
HeadlinesLatestCVEs

Headline

North Koreans Are Jailbreaking Phones to Access Forbidden Media

A new report suggests that a small but vibrant group of smartphones hackers may be challenging the world’s most digitally restrictive regime.

Wired
#vulnerability#web#android#windows#apple#google#git#auth#wifi

For most of the world, the common practice of “rooting” or “jailbreaking” a phone allows the device’s owner to install apps and software tweaks that break the restrictions of Apple’s or Google’s operating systems. For a growing number of North Koreans, on the other hand, the same form of hacking allows them to break out of a far more expansive system of control—one that seeks to extend to every aspect of their lives and minds.

On Wednesday, the North Korea-focused human rights organization Lumen and Martyn Williams, a researcher at the Stimson Center think tank’s North Korea–focused 38 North project, together released a report on the state of smartphones and telecommunications in the Democratic People’s Republic of Korea, a country that restricts its citizens’ access to information and the internet more tightly than any other in the world. The report details how millions of government-approved, Android-based smartphones now permeate North Korean society, though with digital restrictions that prevent their users from downloading any app or even any file not officially sanctioned by the state. But within that regime of digital repression, the report also offers a glimpse of an unlikely new group: North Korean jailbreakers capable of hacking those smartphones to secretly regain control of them and unlock a world of forbidden foreign content.

“There has been a sort of constant battle between the North Korean government and its citizens over use of technology: Each time a new technology has been introduced, people have usually found a way to use it for some illicit purpose. But that hasn’t really been done through this kind of hacking—until now,” says Williams. “In terms of the future of free information in North Korea, it shows that people are still willing to try to break the government’s controls.”

Learning anything about the details of subversive activity in North Korea—digital or otherwise—is notoriously difficult, given the Hermit Kingdom’s nearly airtight information controls. Lumen’s findings on North Korean jailbreaking are based on interviews with just two defectors from the country. But Williams says the two escapees both independently described hacking their phones and those of other North Koreans, roughly corroborating each others’ telling. Other North Korea–focused researchers who have interviewed defectors say they’ve heard similar stories.

Both jailbreakers interviewed by Lumen and Williams said they hacked their phones—government-approved, Chinese-made, midrange Android phones known as the Pyongyang 2423 and 2413—primarily so that they could use the devices to watch foreign media and install apps that weren’t approved by the government. Their hacking was designed to circumvent a government-created version of Android on those phones, which has for years included a certificate system that requires any file downloaded to the device to be “signed” with a cryptographic signature from government authorities, or else it’s immediately and automatically deleted. Both jailbreakers say they were able to remove that certificate authentication scheme from phones, allowing them to install forbidden apps, such as games, as well as foreign media like South Korean films, TV shows, and ebooks that North Koreans have sought to access for decades despite draconian government bans.

In another Orwellian measure, Pyongyang phones’ government-created operating system takes screenshots of the device at random intervals, the two defectors say—a surveillance feature designed to instill a sense that the user is always being monitored. The images from those screenshots are then kept in an inaccessible portion of the phone’s storage, where they can’t be viewed or deleted. Jailbreaking the phones also allowed the two defectors to access and wipe those surveillance screenshots, they say.

The two hackers told Lumen they used their jailbreaking skills to remove restrictions from friends’ phones, as well. They said they also knew of people who would jailbreak phones as a commercial service, though often for purposes that had less to do with information freedom than more mundane motives. Some users wanted to install a certain screensaver on their phone, for instance, or wipe the phone’s surveillance screenshots merely to free up storage before selling the phone secondhand.

One of the two jailbreakers, by contrast, said he was motivated in part by the same kind of mentality that drives some hackers in the West, according to Sokeel Park, the country director for Liberty in North Korea, who also spoke with the same defector who was interviewed by Lumen. “There isn’t necessarily a super rational reason for this kind of hacking,” says Park. “It’s just like, doing stuff because you can, playing this cat-and-mouse game to test your own abilities.”

Exactly what technical methods the two hackers used to defy their devices’ restrictions is far from clear, given their limited, secondhand accounts. But both described attaching phones to a Windows PC via a USB cable to install a jailbreaking tool. One mentioned that the Pyongyang 2423’s software included a vulnerability that allowed programs to be installed in a hidden directory. The hacker says they exploited that quirk to install a jailbreaking program they’d downloaded while working abroad in China and then smuggled back into North Korea. The other hacker didn’t make clear the source of his jailbreaking tool, but said he had been a student in a computer science group at Pyongyang’s elite Kim Il Sung University.

The hackers Lumen describes are broadly representative of the two emerging classes of people jailbreaking phones in North Korea, says Nat Kretchun, the vice president for programs at the Open Technology Fund and a longtime researcher of North Korean media and technology. “There are the folks who come out of Kim Il Sung University or Kim Chaek University or part of the North Korean state who are essentially building these tools and doing kind of cheeky things on the side to allow themselves a little bit of room to undo the things that they implemented themselves,” says Kretchun, who has independently interviewed several North Korean jailbreakers. “Then there’s this other class of folks who have some amount of computer science literacy and are spending so much time with the phones that they’re basically mapping out exactly how the thing works in practice and finding pretty clever work-arounds.”

Kretchun and other researchers say that the number of jailbreakers remains fairly small, given the rarity of computer literacy in the country and the difficulty of sharing the tools. Changes to North Korean phones to disable their USB connections may have made jailbreaking even more of a challenge, says 38 North’s Williams. But he points to a new law implemented in late 2020 that forbids “illegally installing a phone manipulation program” and includes a fine for possessing a smartphone without safeguards designed to block “impure publications,” as the law puts it.

“While it is difficult to estimate the number of North Koreans modifying their phones, and interviewees did not seem to think the practice was widespread,” reads Lumen’s report, “the existence of this specific wording would imply it is happening at a scale where authorities are aware and potentially concerned.”

Despite the relatively small scale of jailbreaking in the DPRK, Liberty in North Korea’s Sokeel Park argues that even a small community of phone hackers represents a sign that North Koreans have the will to fight against government controls. He adds that jailbreakers elsewhere in the world should perhaps focus their efforts on building and distributing hacking tools designed to help them.

“I think it’s a very obvious call to action for the international community of technologists,” Park says. “There is a dynamism there. This kind of hacking shows North Koreans are not passive subjects of oppression and surveillance and censorship. North Korean people are creating solutions and work-arounds so that they can learn things that the North Korean government doesn’t want them to learn, sharing things the government considers subversive, and ultimately so they can create a challenge to the regime.”

More Great WIRED Stories

  • 📩 The latest on tech, science, and more: Get our newsletters!
  • Sober influencers and the end of alcohol
  • For mRNA, Covid vaccines are just the beginning
  • The future of the web is AI-generated marketing copy
  • Keep your home connected with the best wi-fi routers
  • How to limit who can contact you on Instagram
  • 👁️ Explore AI like never before with our new database
  • 🏃🏽‍♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers, running gear (including shoes and socks), and best headphones

Wired: Latest News

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist