My understanding is that there are three mobile networks in North Korea: the normal one used by the citizens (they have smartphones made specifically for North Korea), one used by the government/military and one for tourists (requires a local SIM card only available in a specific hotel in Pyongyang).
The last one is connected to the internet and this is why you can see (or at least before the pandemic could see) Instagram posts from North Korea.
I have no idea if this information is still or ever was completely true though.
There's a somewhat dated but very interesting AMA on Reddit by an American teaching computer science in Pyongyang:
Reading about the internet knowledge possessed by North Korean students, I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking.
foota 7 hours ago [-]
Re: "I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking."
I sort of suspect this is just the result of a nation state that is willing to be a pariah. That is, I think nearly any large state could do it if they didn't mind burning bridges.
louthy 7 hours ago [-]
It’s not just that they don’t care about being a pariah state, it’s a literal fund raising exercise, unlike most other state sanctioned hacking.
ipdashc 3 hours ago [-]
This is my assumption as well. In general it seems like hacking becomes a lot easier (still not easy of course, just easier) when you have no fear of getting caught or going to jail.
Does anyone remember LAPSUS$ https://en.wikipedia.org/wiki/Lapsus$ from a while back? It was reported for a while that it was largely made up of teenagers, and it seems two did get caught. I recall their whole MO being brazen social engineering/using stolen credentials in a way that got them caught pretty quickly, but also got results fast.
seized 4 hours ago [-]
Probably helps that the stance is likely "Hack this target or your family dies". That's always pretty uhhhh motivational.
AngryData 26 minutes ago [-]
Why would they need such incentives? All they gotta do is give them a decent wage and they will be happy, which in North Korea is a paltry sum. Its not like regular North Koreans are traveling around the world, they couldn't afford it even without any other restrictions, so they have zero risk of arrest or punishment from other nations.
If I told you today that I will pay you a million dollars to go fuck around with some North Korean servers, and doing it completely anonymously with the full protection and sanction of your government, would you say no?
I think you may have some unrealistic views on how North Korea operates internally. 99% of their population lives completely normal lives and has zero extra interactions with the government beyond basic grunt military service which is common across much of the world, and paperwork for licensing, permits, and taxes. We only see the worst possible views of North Korea from the outside, slathered with thick layers of additional propaganda on top of it.
engineer_22 3 hours ago [-]
Maybe they hire international talent.
cmwelsh 3 hours ago [-]
Hire is not always the correct word. There is evidence they acquire international talent without consent.
NedF 8 hours ago [-]
[dead]
tehjoker 10 hours ago [-]
[flagged]
bigfishrunning 9 hours ago [-]
How cunning and evil it is that America funded the internet and then allowed it to spread around the world.
If you're worried about "absolute control over digital systems", notice how many standards get published describing how those digital systems work -- you're welcome to reimplement them if you'd like more control.
lawlessone 8 hours ago [-]
The Roman Empire built lots of roads wherever they went and the British Empire built lots of rail networks.
bigfishrunning 7 hours ago [-]
What I'm saying is this: there's nothing stopping you from using communication methods that aren't controlled by Americans. All of the protocols that the internet uses are documented.
tehjoker 6 hours ago [-]
This is exactly what China and North Korea do shrug but they get a lot of criticism for it.
nephihaha 8 hours ago [-]
The Roman Empire merely improved roads in many places. Gaul already had a road system, and the Greek and Egyptian spheres did too.
JumpCrisscross 6 hours ago [-]
> Roman Empire merely improved roads in many places
/s? This is literally a Monty Python sketch.
nephihaha 4 hours ago [-]
Like most Python material that ceased to be funny decades ago thanks to people quoting it endlessly...
The Romans were true imperialists. They considered their opponents to be barbarians, and claimed they lived in wastelands. The truth is more complex. In many places — yes, including Judaea — they inherited infrastructure and buildings. Judaea was previously occupied by the Greeks and a number of other civilisations had left behind remains. The idea that it was terra nullis or a tabula rasa is nonsense. Even Gaul which was considered to be a frontier already had a road system (some of which has been only rediscovered in recent times), and what is now Marseilles was a Greek city going way back before the Roman conquest.
Romanes eunt domum indeed.
JumpCrisscross 2 hours ago [-]
> Romans were true imperialists. They considered their opponents to be barbarians
The Romans also aggressively appropriated from and integrated the people they conquered, extending the concept of citizenship and thus what it meant to be Roman in the process.
Nobody is saying the Romans came across terra nullis. But describing their engineering and culture as "merely improving roads" is silly.
lawlessone 7 hours ago [-]
>The Roman Empire merely improved roads in many places.
why did they invest in those roads? They weren't a charity.
nephihaha 4 hours ago [-]
So that they could move troops and goods from one place to another.
lawlessone 3 hours ago [-]
Yes, and more specifically so they could move resources back to Rome.
tehjoker 8 hours ago [-]
“allowed” is doing a hell of a lot of work for monopoly capitalism backed by us state diplomacy
you may want to read this book about the military history of the internet originating in counter insurgency strategy in vietnam.
Thanks for sharing my site. Happy to answer any questions
monerozcash 11 hours ago [-]
Don't have questions, but your blog is very cool.
A bit over a decade ago I used to spend a lot of time hacking North Korean web infrastructure, I mostly found that they tended to have firewalling around almost all boxes exposed to the global internet and usually had pretty impressive reaction times if you tried to access the country intranet through a compromised web server.
I've always wondered how successful NSA and the likes have been at infiltrating DPRK networks, as it would inherently be fairly easy to detect any sketchy traffic from the outside. I wonder if the recent NYT story essentially confirms that difficulty.
I guess I have a question after all: I'm not exactly clear on how NK treats end-user devices. Do you know if the endpoints used by NK based remote workers have internet and intranet access at the same time? If they do, such an endpoint could offer an easy and stealthy channel to access the intranet.
superducktoes 11 hours ago [-]
the end user devices are also really interesting. as far as i know they require a piece of software called netkey or oconnect as it's recently been renamed. that's for getting access inside the country and then for anyone outside they have software called hangro that is similar to a vpn for connecting back to north korea and getting messages
superducktoes 11 hours ago [-]
thanks really appreciate that!
I've seen that doc before and it does really make me wonder. part of the leaks from the NSA tools years back had some references in there for detecting north koreas ant-virus silivaccine
I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
South Korean NIS was in fact a hacking team client, so it would make sense. Especially considering how terrible Red Star OS was at the time, a HT engineer could probably have whipped those up in a couple of days.
>I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
I'm sure they've had some success, but I'd expect it to be a really difficult environment to operate in. Even for the NSA. I suppose eventually there'll be a better leak and we'll get to find out just how well it's been going.
anonu 4 hours ago [-]
> this document from 2007
Interesting document - confirming "everyone spies on everyone". Is this from some sort of corporate NSA chat room?
monerozcash 4 hours ago [-]
It's like the NSA Reddit, they've got memes and up- and downvotes.
Some excerpts from a seemingly unreleased Snowden leak (from Dark mirror: Edward Snowden and the American Surveillance State):
> “Why is a scoop of potatoes larger than a scoop of eggs in the cafeteria?” a contributor named Michael wondered one day. Paul jumped in to play the troll. “Let me be the first to down-vote you,” Paul wrote, naming several pedantic reasons. A side debate erupted: should Michael’s post be down-voted, flagged, or removed? Clyde returned to the topic at hand with a facetious theory that scoop volume is proportional to the relative size of potatoes and eggs themselves. In that case, Scott replied, what would happen if “we served eggs that were bigger than potatoes, like of an Ostrich?” Someone proposed a uniform system, “One Spoon to scoop them all,” an homage to Lord of the Rings. Punsters demanded the “inside scoop” and lamented the waste of time on “small potatoes.”
Gotta say, it's pretty disappointing that Gellman, Greenwald, Poltras et. al. have been so stingy with these documents. It's definitely starting to have been long enough for them to just dump everything.
metadat 11 hours ago [-]
Impressive sleuthing!
It's interesting to discover the reality that packet routing ends up following political affiliations. I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
toast0 11 hours ago [-]
> It's interesting to discover the reality that packet routing ends up following political affiliations.
Certainly political affiliations have some influence, but also China and Russia have land borders with North Korea and are not at war. It's very common to run fiber optic on/under railroads and vehicle roads, so there you go. It's probably pretty hard to attract an international cable consortium to land in North Korea given everything, but terrestrial cabling is easier to start with anyway.
> I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
They would have asked APNIC, the Regional Internet address Registry for their region (Asia-Pacific). I can't find an assignment date, but 175/8 was assigned to APNIC in 2009. 2009 lines up with wikipedia reporting of the startup of the current ISP joint venture.
monerozcash 11 hours ago [-]
DPRK can certainly get however many IP addresses they want, DPRK just doesn't have that much infrastructure that they want externally accessible.
As far as I know, end-user traffic from within North Korea usually does not originate from those few IP addresses. Or at least not visibly so, they might be connecting to a proxy from a DPRK IP address.
lukan 8 hours ago [-]
"DPRK can certainly get however many IP addresses they want"
IP4 is quite limited as far as I know and not given out freely since a long time, or what do you mean here?
jauer 7 hours ago [-]
IPv4 continues to be available to entities that have a need that fits a particular policy shape, just most people don't.
Specifically, you can get IPv4 /24s for IPv6 transition purposes. This includes anycast DNS, MX, etc for legacy clients on other networks, v4-side of CGNAT, etc.
E.g. I was able to get a /24 in the ARIN region in 2021 and could justify 2 more for a _logical_ network topology similar to what NK presents to the world.
APNIC has some addresses [1] and will assign up to two /24s to qualified new accounts within the region. There are also carve outs for National Internet Registries and Internet eXchange Points.
IPv4 is readily available and not very expensive. DPRK can just buy or lease them.
apercu 10 hours ago [-]
What a great read. Thanks.
NedF 7 hours ago [-]
[dead]
mikkupikku 10 hours ago [-]
Do those small utility boxes alongside the tracks make sense for fiber optic? I expected things like that to be larger, if only because fiber has a minimum bend radius.
Edit: Good article though, I enjoyed it a lot.
adamcharnock 8 hours ago [-]
The min bend radius isn’t that large in my experience. On the order of 10cm IIRC, possibly even less.
Lukas_Skywalker 7 hours ago [-]
Even less is correct: outdoor fibers (G.652.D) have a minimum bend radius of about 30mm. The indoor counterpart (G.657.A1 and A2) have 10mm and 7.5mm.
Isn't it easier to hang optic cable on the poles? It seems that burying the cable requires more work.
As for utility boxes along the track, it could be something railway-related, for example, some railway control or monitoring equipment.
actionfromafar 6 hours ago [-]
A few inches of dirt protects against cables darkening from nuclear blasts, if you care about that sort of thing.
bigiain 3 hours ago [-]
If you hang your fibre optic cable from poles, you will inevitably evolve flying backhoes.
samus 7 hours ago [-]
They are too vulnerable to the elements there.
dboreham 7 hours ago [-]
I found the railroad part of the article unpersuasive. Optical repeater stations are fairly large and therefore wouldn't show up as random small underground vaults or little boxes on poles. These look like a collection of pictures of train tracks with no particular indicators of optical cables therein.
petcat 5 hours ago [-]
Can we back up and just recognize how insane North Korea is? I think that future generations will look back on our history and wonder why nobody ever did anything about the incredible atrocities that took place in that country for decades.
TheBicPen 59 seconds ago [-]
At least NK's human rights abuses are contained within their borders. I hope future generations will look back on the many US invasions of foreign countries over the years and all the war crimes that took place during those invasions with the scrutiny they deserve.
joecool1029 1 hours ago [-]
I will get buried for saying this, but DPRK survived as a people, investing everything into a nuclear program to survive. The reason nobody did anything is they firmly built a defense against intervention, and given how the korean war went, how various US interventions looked after that, it was the correct thing to do. The most the US could do to them in recent years was murder some innocent fishermen. It has tried to starve them and failed.
AngryData 11 minutes ago [-]
Except we aren't blameless either for the state North Korea ended up in. We leveled nearly every building in the country, we even targeted rural thatch huts with bombing runs. We dropped so many bombs on North Korea that the bombers started dropping bombs on thrice bombed rubble and open land because they couldn't find any targets left to attack. Why should we be surprised that a strong arm authoritarian leadership rose up among the chaos and put every effort towards military power and obtaining nuclear weapons at the expense of everything else?
I can't even say that they made the wrong decision either, North Korea still exists as an independent nation which is amazing in itself.
nephihaha 4 hours ago [-]
North Korea is a buffer state and continues to exist because of China.
VWWHFSfQ 5 hours ago [-]
It will definitely go down as one of the biggest failures of mankind. Especially since it was so easily preventable if MacArthur was permitted to just take the whole peninsula.
AngryData 6 minutes ago [-]
Or how about us not blowing them to bits in the first place? South Korea was on the very edge of capitulation before the US came in full force and even most South Korean citizens were in support of Korean unification at that time. The current state of North Korea would have never come to reality if they hadn't been blown to bits by the US because of big ol' scary "communism".
antonymoose 5 hours ago [-]
Think how many tens of millions could have been saved if we had ended the Soviet Union as Churchill advocated, before the world got nukes.
denkmoon 4 hours ago [-]
Think how many tens of millions would have died in such a war. Just for some other evil to pop up anyway.
etc-hosts 1 hours ago [-]
You mean when Churchill wanted to hire 100,000 "former" Nazis to invade the Soviet Union?
timschmidt 5 hours ago [-]
China was already sending troops and material to the front lines when MacArthur was ordered to stand down. Pushing further would have meant a hot war with China.
petcat 5 hours ago [-]
A hot war with China in 1950 was going to end quickly with the firepower USA had on-hand.
nl 1 hours ago [-]
In what way?
The US nearly lost the Korean war.
The US army was nearly overrun at least once.
The US airforce never achieved air superiority, and Soviet aircraft were better in most ways.
The only undisputed advantage the US had was nukes, which is why MacArthur wanted to use them tactically (!)
timschmidt 4 hours ago [-]
There is no way we could match them in numbers on the ground. Such a conflict would have inevitably led to us nuking them as a result. Which is probably the reason decision makers chose not to.
petcat 4 hours ago [-]
And maybe that's really the humanitarian failure. That USA didn't nuke China in 1950 or 1951. Would have solved a lot of problems for generations of people.
yongjik 4 hours ago [-]
Wow, just half a dozen comments from why we're not saving North Koreans to "we could've nuked China and solved a lot of problems."
Some Hacker News threads are on their own level.
petcat 3 hours ago [-]
Well we know what happened to North Korea after China "won". And it's pretty fucking god-awful for 10s of millions of people for 80+ years.
USA dropping nukes probably would have been the better outcome for humanity.
gpm 3 hours ago [-]
USA dropping nukes would have prevented the convention against using nukes in wars from being started. I think there's a pretty good chance we wouldn't have any civilization left by now if we went down that fork in history.
5 hours ago [-]
5 hours ago [-]
etc-hosts 1 hours ago [-]
You know the US destroyed nearly 75 percent of all buildings in North Korea during the Korean War, right?
NK is paranoid for very valid reasons.
s5300 2 hours ago [-]
[dead]
9 hours ago [-]
Rendered at 04:59:05 GMT+0000 (Coordinated Universal Time) with Vercel.
The last one is connected to the internet and this is why you can see (or at least before the pandemic could see) Instagram posts from North Korea.
I have no idea if this information is still or ever was completely true though.
There's a somewhat dated but very interesting AMA on Reddit by an American teaching computer science in Pyongyang:
https://www.reddit.com/r/IAmA/comments/1ucl11/iama_american_...
Reading about the internet knowledge possessed by North Korean students, I'm always surprised how they supposedly also manage to be some of the most cunning and evil actors when it comes to hacking.
I sort of suspect this is just the result of a nation state that is willing to be a pariah. That is, I think nearly any large state could do it if they didn't mind burning bridges.
Does anyone remember LAPSUS$ https://en.wikipedia.org/wiki/Lapsus$ from a while back? It was reported for a while that it was largely made up of teenagers, and it seems two did get caught. I recall their whole MO being brazen social engineering/using stolen credentials in a way that got them caught pretty quickly, but also got results fast.
If I told you today that I will pay you a million dollars to go fuck around with some North Korean servers, and doing it completely anonymously with the full protection and sanction of your government, would you say no?
I think you may have some unrealistic views on how North Korea operates internally. 99% of their population lives completely normal lives and has zero extra interactions with the government beyond basic grunt military service which is common across much of the world, and paperwork for licensing, permits, and taxes. We only see the worst possible views of North Korea from the outside, slathered with thick layers of additional propaganda on top of it.
If you're worried about "absolute control over digital systems", notice how many standards get published describing how those digital systems work -- you're welcome to reimplement them if you'd like more control.
/s? This is literally a Monty Python sketch.
The Romans were true imperialists. They considered their opponents to be barbarians, and claimed they lived in wastelands. The truth is more complex. In many places — yes, including Judaea — they inherited infrastructure and buildings. Judaea was previously occupied by the Greeks and a number of other civilisations had left behind remains. The idea that it was terra nullis or a tabula rasa is nonsense. Even Gaul which was considered to be a frontier already had a road system (some of which has been only rediscovered in recent times), and what is now Marseilles was a Greek city going way back before the Roman conquest.
Romanes eunt domum indeed.
The Romans also aggressively appropriated from and integrated the people they conquered, extending the concept of citizenship and thus what it meant to be Roman in the process.
Nobody is saying the Romans came across terra nullis. But describing their engineering and culture as "merely improving roads" is silly.
why did they invest in those roads? They weren't a charity.
you may want to read this book about the military history of the internet originating in counter insurgency strategy in vietnam.
https://www.amazon.com/Surveillance-Valley-Military-History-...
another way to look at american internet penetration is as “radio free asia dot com”
North Korea is responsible for adding the hot beverage, umbrella with raindrops, and lightning bolt emojis
https://en.wikipedia.org/wiki/KPS_9566
A bit over a decade ago I used to spend a lot of time hacking North Korean web infrastructure, I mostly found that they tended to have firewalling around almost all boxes exposed to the global internet and usually had pretty impressive reaction times if you tried to access the country intranet through a compromised web server.
I've always wondered how successful NSA and the likes have been at infiltrating DPRK networks, as it would inherently be fairly easy to detect any sketchy traffic from the outside. I wonder if the recent NYT story essentially confirms that difficulty.
Regarding the NSA and DPRK, there's this document from 2007 least https://www.eff.org/files/2015/02/03/20150117-spiegel-fifth_...
I guess I have a question after all: I'm not exactly clear on how NK treats end-user devices. Do you know if the endpoints used by NK based remote workers have internet and intranet access at the same time? If they do, such an endpoint could offer an easy and stealthy channel to access the intranet.
https://github.com/b30wulf/Malware-collection/blob/4f5906c93...
There was also the hacking team leak from years ago and they were selling exploits for north korea's red star OS: https://nkinternet.wordpress.com/wp-content/uploads/2025/12/...
I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
South Korean NIS was in fact a hacking team client, so it would make sense. Especially considering how terrible Red Star OS was at the time, a HT engineer could probably have whipped those up in a couple of days.
https://web.archive.org/web/20180302155452/http://english.yo...
>I assume they've been on their networks in the past but i think North Korea has also done a lot over the years to secure their side. it used to be a lot easier when they left everything as an open directory and didn't realize what they were doing.
I'm sure they've had some success, but I'd expect it to be a really difficult environment to operate in. Even for the NSA. I suppose eventually there'll be a better leak and we'll get to find out just how well it's been going.
Interesting document - confirming "everyone spies on everyone". Is this from some sort of corporate NSA chat room?
Some excerpts from a seemingly unreleased Snowden leak (from Dark mirror: Edward Snowden and the American Surveillance State):
> “Why is a scoop of potatoes larger than a scoop of eggs in the cafeteria?” a contributor named Michael wondered one day. Paul jumped in to play the troll. “Let me be the first to down-vote you,” Paul wrote, naming several pedantic reasons. A side debate erupted: should Michael’s post be down-voted, flagged, or removed? Clyde returned to the topic at hand with a facetious theory that scoop volume is proportional to the relative size of potatoes and eggs themselves. In that case, Scott replied, what would happen if “we served eggs that were bigger than potatoes, like of an Ostrich?” Someone proposed a uniform system, “One Spoon to scoop them all,” an homage to Lord of the Rings. Punsters demanded the “inside scoop” and lamented the waste of time on “small potatoes.”
Gotta say, it's pretty disappointing that Gellman, Greenwald, Poltras et. al. have been so stingy with these documents. It's definitely starting to have been long enough for them to just dump everything.
It's interesting to discover the reality that packet routing ends up following political affiliations. I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
Certainly political affiliations have some influence, but also China and Russia have land borders with North Korea and are not at war. It's very common to run fiber optic on/under railroads and vehicle roads, so there you go. It's probably pretty hard to attract an international cable consortium to land in North Korea given everything, but terrestrial cabling is easier to start with anyway.
> I didn't know North Korea only has 1,024 IPv4 addresses. Do you know why so few IPs? How did they get them?
They would have asked APNIC, the Regional Internet address Registry for their region (Asia-Pacific). I can't find an assignment date, but 175/8 was assigned to APNIC in 2009. 2009 lines up with wikipedia reporting of the startup of the current ISP joint venture.
As far as I know, end-user traffic from within North Korea usually does not originate from those few IP addresses. Or at least not visibly so, they might be connecting to a proxy from a DPRK IP address.
IP4 is quite limited as far as I know and not given out freely since a long time, or what do you mean here?
E.g. I was able to get a /24 in the ARIN region in 2021 and could justify 2 more for a _logical_ network topology similar to what NK presents to the world.
APNIC similarly has a pool available for IPv4 allocations: https://www.apnic.net/manage-ip/ipv4-exhaustion/#the-situati...
[1] as of Nov 2025, approximately 3 million or a little more than 12,000 /24s https://www.apnic.net/manage-ip/ipv4-exhaustion/#how-to-tras...
Edit: Good article though, I enjoyed it a lot.
https://www.seeclearfield.com/fiber-optic-wall-box/metal-wal...
As for utility boxes along the track, it could be something railway-related, for example, some railway control or monitoring equipment.
I can't even say that they made the wrong decision either, North Korea still exists as an independent nation which is amazing in itself.
The US nearly lost the Korean war.
The US army was nearly overrun at least once.
The US airforce never achieved air superiority, and Soviet aircraft were better in most ways.
The only undisputed advantage the US had was nukes, which is why MacArthur wanted to use them tactically (!)
Some Hacker News threads are on their own level.
USA dropping nukes probably would have been the better outcome for humanity.
NK is paranoid for very valid reasons.