Tinfoil Hat Linux: A Distribution for the Paranoid

An Anonymous Coward writes: " Tinfoil Hat Linux is a distribution designed to allow the signing and encrypting of documents with the utmost in security. The floppy-image has numerous security features including: entering your passphrase via a video game style selection process to combat hardware keystroke loggers, turning the contrast of your screen down to foil prying eyes and cameras, and to run background PGP processes."

Hoax

[zpengo]

I'd like to be among the first to point this out as a hoax. Maybe I'm wrong, but...dibs!

Re:Hoax

[MaxVlast]

Seems legit to me.

Actually, a floppy-based distro that can be used for really secure work is a great idea. I can keep a trusted environemnt with me at all times, and know what's going on (I never trust another person's computer when sitting down at it. I know how my machine is set up which gives me no cause to trust others!)

Re:Hoax

[CitznFish]

here si the site for those that may not get to it...
What is Tinfoil Hat linux ? It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.
Tinfoil hat is useful if:

• You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
• You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
• If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
• If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
• The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.

Tinfoil hat linux files

• readme.txt, also on the floppy image
• The source code for files on the floppy
• The tinfoilhat linux floppy image plus disk signature file Transfer this image to disk using rawrite (on windows) , dd on unix (dd if=tinfoil.img of=/dev/floppy ), or Diskcopy on a MAC.

FAQ

• Q: Why doesn't the floppy I got at codecon match the signature above?
  A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
• Q: How do I undo that horrible screen in paranoid mode?
  A: Type "contrast" at the command prompt, or play with ctheme.
• Q: Is this really a 1.0 stable release?
  A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
• Q: What sort of hardware is required to run tinfoil hat?
  A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
• Q: where do I send complaints, bugs & feature requests?
  A: anonymous AT nameless DOT cultists.net
• Q: What is the license for this distribution?
  A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.

Links

• Aluminum foil deflector beanie from zapatopi
• The man in the Tinfoil Hat . A good example for people confused by the tinfoil hat reference.
• http://www.gnupg.org
• Joelm's comprehensive TEMPEST site.
• Tempest for Eliza A fun tool for observing the radiation from your computer. If anybody ports this to Direct FB, I'll put it on tinfoil hat in a flash.
• Diceware a tool for generating very secure passphrases.

Re:Hoax

[JabberWokky]

Considering that he distributed floppies of this at codecon, you're wrong.

It's rather tongue-in-cheek, and more of a tech demo of what can be done than a useful configuration, but it sure has loads of nifty ideas.

--
Evan

Re:Hoax

[HCase]

I think people managed to miss the humor in your claiming the "tin hat" story to be a hoax.... i laughed though. For anyone confused, the writer of the post most likely had to rest his own tin hat to write it. didncha?

Re:Hoax

[Tackhead]

> FAQ:
>[...]
>Q: Why doesn't the floppy I got at codecon match the signature above?
> A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56

Hah! A likely story!

As if I'm gonna trust that They(tm) didn't h4x0r Slashdot and change the MD5sum in CitznFish's FAQ repost to the MD5sum for Magic Lantern Linux!

(For the record, I wear mine shiny side out. Shiny-side-in folks are nuts or part of the Conspiracy. Though I suppose I could transmit messages by switching back and forth between shiny-side-out and shiny-side in on a daily basis. Bandwidth would kinda suck, though. ;-)

Re:Hoax

[CitznFish]

You do realize that the CEO's at Reynolds are part of the Illuminati? This is why those, and only those, that wish to be protected from 'them' roll our own foil. :)

Re:Hoax

[Russ+Steffen]

But, how can you be sure your tin wasn't pre-tained? Do you mine the tin yourself? The Reynolds people have great influence over those who provide tin. And, if you're thinking of switching to aluminum, forget it. The Alcoa people are iluminati as well.

Re:Hoax

[Tackhead]

> But, how can you be sure your tin wasn't pre-tained? Do you mine the tin yourself? The Reynolds people have great influence over those who provide tin. And, if you're thinking of switching to aluminum, forget it. The Alcoa people are iluminati as well.

Yeah, but look at the front page of www.alcoa.com! You'll see "Reynolds Wrap" right there. Alcoa's taken over everything!

I was gonna say they were aluminati as opposed to illuminati (there's a difference, believe you me!), but then I saw Alcoa's corporate logo, and realized that it's nothing more than a stylized eye-in-the-pyramid.

Then I went to the Reynolds site. The aluminum starts out in Hot Springs, Arkanasa (Bill Clinton's home state!) Then, according to the site, the 30,000-pound aluminum coils that make Reynolds Wrap are turned into aluminum foil in two locations: Louisville, Kentucky and Richmond, Virginia. That's right! Richmond, VA! A stone's throw from CIA headquarters in Langley!

All that's left is to explain what the CIA is doing in fnord Louisville. It's all a conspiracy, I tell you, all a conspiracy! A great big giant conspir$^&}}!{!NO CARRIER.

Uh huh...

Like I'm going to trust *them* to secure my Linux box.

Re:Uh huh...

[mar1no]

i agree, tinfoil isn't very strong if you ask me, i prefer to use a ziploc bag instead.

Re:Uh huh...

[llamalicious]

You don't have to, simply send me $50 via PayPal and drop-ship your workstation to me and I'll secure it for you.

:)

Re:Uh huh...

I put a big condom over mine!

Re:Uh huh...

[TheRain]

I put a big condom over mine!

... and then what do you use it for?

I mean I've known people who are infactuated with Linux but....

Re:Uh huh...

[craw]

Yup, and make sure you disable java script before going to their web-site.

Re:Uh huh...

[bwulf]

ObMLP: http://leech.dk/tux.jpg

Re:Uh huh...

[TheRain]

I think the problem here is that it's difficult to give short comments the correct tone to be interpreted correctly. Maybe next time I should append to the beginning of the comment "TheRain laughs in prethought,", or "TheRain proclaims quite seriously without knowing what the hell is going on,". Then people would know if I was being an idiot or making a joke.

Or maybe I should just pre-moderate myself... :)
"Warning, the following comment is Score: 5, Funny"

Set up a "secure document" server / workstation...

[Nijika]

Cool.

I gotta try this when I get home. I guess you could have this as the workstation, and then have an OpenBSD box as a vault type NFS or something.

Faraday cage????

[isotope23]

Does it include instructions on building a faraday cage to block stray em radiation (so noone can rebuild your screen?)

Re:Faraday cage????

[Palidine]

um...

faraday cage doesn't prevent your computer from emitting detectable EM radiation. it only shields it from external radiation. with a faraday cage, EM waves initiated inside the cage pass just fine through the cage walls.

to prevent someone from detecting your computer using a faraday cage, you'd need to put THEM inside a cage...

-me

Re:Faraday cage????

Pull the Cryptonomicon out of your ass and come join us for a bit of reality.

Re:Faraday cage????

[AlgUSF]

then just reverse the walls of the cage, therefore your EM radiation becomes external, and the whole world is in the cage. :-)

Re:Faraday cage????

[Chris+Burke]

Not true. That's why Faraday Cages are the primary way to reduce EM emissions... That's what your PCs case is doing, and the metal case on your microwave.

Re:Faraday cage????

[VikingBerserker]

to prevent someone from detecting your computer using a faraday cage, you'd need to put THEM inside a cage...

...or you can install this on a computer built to Tempest specs (http://www.eskimo.com/~joelm/xtempestsource.html) . Not only are these systems shielded with various metals in places (lead's a good choice), but some circuitry is reconfigured to make emissions less likely to be decoded remotely.

The main use for such hardware is for spyproofing your data. The business was booming around Desert Storm, but pretty much dried up after that. Apparently the Government figured they'd never need machines faster than 386's.

Re:Faraday cage????

Also need half a dozen grape fruits/lemons and zinc/copper nails, aligator clips for a pda. And if you are running athlon, you need 5 truck batteries (5*24V). You wouldn't trust the power network, nor the outside world.

Re:Faraday cage????

you need 5 truck batteries (5*24V) Except you'd be pushing a 120 volt DC signal to your power adapter which is expecting a 120 volt AC signal...small difference.

Tinfoil Hats

[Foehg]

Speaking of Tinfoil Hats, the coolest comprehensive Tinfoil Hat site (More properly, Aluminum Foil Deflector Beanie) is here.

Also, it may be sampling error or psychosomatic effects, but I have never lost a chess game while wearing my Aluminum Foil Deflector Beanie.

Re:Tinfoil Hats

[heliocentric]

A) Your linkage is bad, you mean to go http://zapatopi.net/afdb.html

B) The real link to the zapatopi page returned this message to me: "Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later."

C) The link in question is also on the bottom of the main story page (ie, the Tinfoil Hat Linux).

D) The site at zapatopi has a discussion about Tin vs. Aluminum as well as which direction you should point the shinny side.

Re:Tinfoil Hats

[Foehg]

Gadzooks! You are correct.
I see now what happened, thank you sir.
Service temporarily unavailable should fix up nicely as soon as I get around to covering my DSL router with aluminum foil and canadian pennies.

Re:Tinfoil Hats

Follow the link helocentric gave and get the 'Faraday Tent' - only 300 bucks! (of course it is probably sponsered by the CIA!)

Re:Tinfoil Hats

Whoops!! - - my bad!!!
that should have been the link 3waygeek gave!!!

Obligatory Cluster Remark(tm)

Imagine! A secure Beowulf Cluster of these!

Yeah, i know it doesnt support networking, you needn't point it out...

Re:Obligatory Cluster Remark(tm)

It doesn't support networking, pinhead!

Great Marketing

[woolite]

"a distribution designed to allow the signing and encrypting of documents with the utmost in security"

I guess this is why it is called "Tinfoil Hat" and not "Wet Paper Bag Hat".

The most secure distribution...

[$0+31337]

... is no distribution at all!!

Re:The most secure distribution...

[$0+31337]

Yeah.. I guess it was a troll :( I was just trying to be funny... I'm sorry. You should revoke my slashdot account because I'm just a giant screw-up *SNIFF* All I ever wanted was the respect of the people that I lookup to.. people like jon katz and cowgirlneal... *SNIFF* I promise that *SNIFF* I'll never *SNIFF* visit *SNIFF* slashdot *SNIFF* again *SOB SOB SOB*

In case this gets slashdotted, here's the text...

[Badam]

What is Tinfoil Hat linux ?
It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.
Tinfoil hat is useful if:
You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.
Tinfoil hat linux files
readme.txt, also on the floppy image
The source code for files on the floppy
The tinfoilhat linux floppy image plus disk signature file Transfer this image to disk using rawrite (on windows) , dd on unix (dd if=tinfoil.img of=/dev/floppy ), or Diskcopy on a MAC.
FAQ
Q: Why doesn't the floppy I got at codecon match the signature above?
A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
Q: How do I undo that horrible screen in paranoid mode?
A: Type "contrast" at the command prompt, or play with ctheme.
Q: Is this really a 1.0 stable release?
A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
Q: What sort of hardware is required to run tinfoil hat?
A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
Q: where do I send complaints, bugs & feature requests?
A: anonymous AT nameless DOT cultists.net
Q: What is the license for this distribution?
A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.

Announced at CodeCon

[burtonator]

For those of you not there.

This was announced at codecon. The author passed out about 50 floppies with the distribution on it.

Really good idea. I may have to run this on my laptop :)

Re:Announced at CodeCon

[mrroot]

I am guessing you are a troll, but...

50 distributions, 1 floppy each.

Re:Announced at CodeCon

[T3kno]

heh, I did it with the first versions of Windows 95 and Office that I got :) I can still hear the whirunk-whirunk-wrirunk Boing please insert Windows 95 disc 19 into drive a:. Arrghhh...

Re:Announced at CodeCon

So you must be the one who modded me troll. Well Pox on you it is at +2 now.

Lighten up. It was a joke. He was not clear, all he said was 50 floppies.

-Commienst

Re:Announced at CodeCon

I like Linux. It is the best. I wish that everybody would use Linux.

Re:Announced at CodeCon

NAZI mods. Why does everyone use their mod poinsts modding things down. It was at 1.

I am gonna hunger strike in solidarity with comrade T3kno.

-Commienst

Don't trust 'em, it's a trap:

* why doesn't the floppy I got at codecon match the signature above?

A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56

Right, like we believe that!

Re:In case this gets slashdotted, here's the text.

[client32]

Thank you, the slashdotting has already taken place.

Video Game Root Passwords...

[leviramsey]

This topic just has too much potential....

Does this mean that the root passwords are limited to three letters? (and that ASS is the most common password?)

On a serious note, this doesn't protect against the special glasses the invisible NSA agents that are dropped from black helicopters that allow them to see through walls and watch my screen as I type my root password. I'm not using it.

Re:Video Game Root Passwords...

You can pickup the conventional CRT using nothing but a coil, an amplifier and another CRT about an mile away. I don't think you can get rid of the low frequency magnetic fields (at your CRT horizontal scan rate)with a faraday cage.

A safer bet is use a decoy CRT. Use LCD panel for secret stuff.

UberSecureLinux

[TedCheshireAcad]

The distribution UberSecureLinux, is actually a standard distribution of RedHat Linux 6.2, default installation, but it requires you to remove the PowerCord(TM) device from your PC. With PowerCord(TM) removed, your machine is effectively hacker-proof.

UberSecureLinux hopes to dispel the myths that RedHat 6.2 is one of the most hackable distributions of Linux.

Re:UberSecureLinux

[JabberWokky]

UberSecureLinux hopes to dispel the myths that RedHat 6.2 is one of the most hackable distributions of Linux.

USL is useless. Not only was it a pain to get my wireless networking installed on it, I followed instructions precisely, disconnected the PowerCord(TM), and evil hackers still got into my laptop!

(Incidently, I prefer this USL, anyway).

--
Evan "insert SubGenius motto here" E.

Re:UberSecureLinux

[TedCheshireAcad]

Wireless networking in USL is quite simple, it only requires that you compile libpenandpaper-1.0, and exchange messages using the HandToHand networking model.

Re:UberSecureLinux

[crawling_chaos]

No, no, he needs the new release, Uber Secure Extended Linux - Enhanced Services Support. The laptop module in this release also removes the Battery(tm) in addition to the PowerCord(tm).

It's been a long day.

Copper cube ?

[ZeroZenith]

From the readme:
If at all possible, boot THL on a laptop & disconnect all external
cables, including the power & mouse. Turn off nearby
radios, including cell phones and microwaves. Put yourself
and the computer in a well grounded opaque copper cube. Download
your tinfoil hat plans from http://zapatopi.net/afdb.html.
Boot the floppy....

Where can I get well grounded opaque copper cube? Can't find any on ebay.

Re:Copper cube ?

> Where can I get well grounded opaque copper cube? Can't find any on ebay.

More interesting, where can I get a non-opaque copper cube? Someone's doing some interesting chemistry to make such an element..

Re:Copper cube ?

[quan74]

If I disconnect all the cables how am I going to download tinfoil hat?

Re:Copper cube ?

[legend]

Not sure about the copper cube, but one of these might do well. http://www.ramseyelectronics.com/cgi-bin/commerce. exe?preadd=action&key=scrm1

Re:Copper cube ?

[cduffy]

Where can I get well grounded opaque copper cube?

The NSA has a big one -- but I don't think they'll share.

Re:Copper cube ?

Also need some EM absorbing cones made up of ferrite material inside (~ a few hundred bucks a piece). This is exactly what my company has before it sold off the 2 floors EM testing chamber. It looked like the Star Trek shuttle bay.

If you are really worry about the TLA listerning to you by detecting the minute vibration of the magnet fields in the iron in your blood or pocket change, you might also have a lining of soft iron core on the outside to close the magnetic loops. Light bulbs fliment are know to vibrate and emit modulate magnetic fields. ;)

Re:Copper cube ?

[Futs]

I just don't get how I'm supposed to download stuff from the internet from inside the cube...

Re:Copper cube ?

Use the tinfoil hat to download tinfoil hat, sheesh, don't you guys know anything about security?!

For the paranoid?

[FortKnox]

Yeah, your distro might be secure, but the illuminati can watch you type, and can enter your hardware. It'll just be a matter of time until they can read the software indirectly.

Do what I do. Compute ONLY in your head! They'll never get that data!!

Oh shit... the orderly is comi...

Re:For the paranoid?

[NWT]

I agree. In fact you can never be secure enough :)

But how do i get the ssh authkey from that schweet girl over there?

Re:For the paranoid?

> Yeah, your distro might be secure, but the illuminati can watch you type, and can enter your hardware. It'll just be a matter of time until they can read the software indirectly.

The Illuminati don't bother with such inefficiencies, they already have telepaths to do this kind of work..compute in your head, then immediately forget the results.. ;-P

Re:For the paranoid?

[Rich0]

Digging through minds is too messy - that necessiatates taking prisoners. They'll just tell an old 486 to factor your keys and jump a billion years into the future to read the results off the terminal. Then they jump 10 years into the past and erase any trace that you ever existed in the first place...

Re:For the paranoid?

Heh. We don't use 486's.

Re:For the paranoid?

[gnovos]

Yeah, your distro might be secure, but the illuminati can watch you type, and can enter your hardware. It'll just be a matter of time until they can read the software indirectly.

Um, I think you are forgetting something... The Illuminati are the ones BEAMING THE THOUGHTS TELEPATHICALLY INTO YOUR HEAD, so they don't need to watch what you type, they are already know it!

Re:For the paranoid?

What do you mean? They can already read your thoughts. The only way I have found around this is by running a background process which plays a random song - but that only acts as an encryptor. If they can figure out what song your are playing in your head, they can still decrypt the traffic.

.. and you thought *you* were paranoid...

-ghost

You need instructions?

[Chris+Burke]

Just surround your computer with a cage made of chicken wire.

The problem is that as soon as you have to connect to the world outside (like through a network cable... or a power cord) you break the cage, and you've pretty much defeated the whole purpose.

And don't tell me about the incredibly tiny radiation leakage from your monitor carried by the power cord! The Illuminati can still read it!

Re:You need instructions?

[isotope23]

Of course I need instructions!

How in the hell can one make ANYTHING without instructions! I mean it's not like I could just
run down to home depot and buy some chickenwire and wrap it around my computer now is it?.....

WAIT! I have just received the instructions via
my tinfoil head mounted satellite dish!
Never mind............

Re:You need instructions?

[Chris+Burke]

WAIT! I have just received the instructions via
my tinfoil head mounted satellite dish!
Never mind............

Sorry. I'd assumed you'd already had the instructions downloaded into your head. I got mine yesterday...

Re:You need instructions?

[gnovos]

The problem is that as soon as you have to connect to the world outside (like through a network cable... or a power cord) you break the cage, and you've pretty much defeated the whole purpose.

You aren't using microwave lasers to send power to and from your monitor through the cage? And you call yourself a paranoid nutball? You should be ashamed!

Re:You need instructions?

[isotope23]

And you call yourself a paranoid nutball? You should be ashamed!

According to the worldwide conspiracy conspiracy, it is now "Nutroll with or without paranoia"

Re:You need instructions?

[__aafutm5472]

Yes, you must beware of Van Eck Phreaking

Coka? Cola?

[Graymalkin]

So..does it come with TEMPEST-proof console fonts too? I think that would be the big todo for the really paranoid (aside from coming with a foldout F cage). Highly anti-aliased fonts work decently (in theory) thrwarting VE screen captures but if you're running soley in the console I would think you're at a decent risk of having your data captured considering the regularity of the screen and the unique shaping of console fonts. A little off topic but I was wondering if one could impliment a Matrix style command shell where white space was replaced on screen from /dev/rand in a light font like light grey and then when you type the letters would either be dark grey or white to distinguish them from the random letter replacing white space. While somewhat hard to read it would cause so much static VE screen captures which of crappy monitors can be done with a slightly hacked AM radio, would be pretty difficult to make out. It would just be cool to make a shell that just did that to begin with. Pop open a terminal and have it look super funky would make a pretty badass shell theme.

Re:Coka? Cola?

[swb]

From the description of "video-game style selection" I was assuming that instead of typing, they'd put an (ascii-)graphical collection of letters and numbers on the screen, in a random pattern, that you would click on. Since no real text characters were written to the screen, the character-replacements are in random places on the screen each time you use it (annoying as shit for repetition) it would be tough to guess from afar what you were clicking on.

Re:Coka? Cola?

[Graymalkin]

There's two problems with the picture click password schemes. Both methods are susceptible to keystroke logging programs as the authentication module is going to have entry and exit points which means they can be monitored. The second problem is specifically with choosing icons as a password. There's a definite feasible number of icons you can fit on a screen and have people be able to distinguish, this limiting factor affects your ability to have a complex enough password so that it can't be easily guessed. With a typed ASCII password you've got 2^128*n password combinations (where n is the number of symbols in your password), with an iconic password you've only got y^n password combinations (where y in the total number of icons which is limited to how many can be displayed on the screen at once). You could have as many icons as ASCII characters I suppose but that would be difficult for many people to cope with. Any two similar icons would cause confusion in users. If you remember an icon by general visual cues you might end up screwed over if multiple icons had the same cues with slightly varying colours or something. This is an Roman alphabet reading American point of view though, Asian readers probably think I'm retarded because my alphabet has less than 3000 characters.

Re:Coka? Cola?

[swb]

I was asssuming that the "icons" would actually be somewhat representative of the characters displayed. If you can't fit the full alphabet on the screen at once, make it scrollable. I would however randomly position the character/icons on the screen so that the x,y coords of a click wouldn't be translatable into a specific character by coordinate.

Any system securable enough is also going to be so unusable from a get-shit-done perspective that criticizing some security feature as "difficult to cope with" implies that security breaches are easy to cope with.

Re:Coka? Cola?

2 words: Autostereogram console.

Re:Coka? Cola?

[Zerth]

Why would you limit yourself to how many can fit on one screen? Take the video game idea, run with it and have many, many icons over an area larger than the screen and you have to chase them down(pun intended).

Re:Coka? Cola?

[jgerman]

I would however randomly position the character/icons on the screen so that the x,y coords of a click wouldn't be translatable into a specific character by coordinate

That's going to make it awfully difficult to enter a password isn't if there's no way to map a click to a symbol :)

Re:Coka? Cola?

[swb]

No, you can map a click to a symbol, but there's no guarantee that the symbol for "A" will appear in the upper left corner of the display the next time its entered. The character positions are randomized each time the symbol matrix is displayed. To be truly user hostile and spy hostile, randomize the display each time a character is clicked so that even "AAAA" will appear to be a bunch a different characters since the icon location would change every time its clicked.

Re:Coka? Cola?

[Graymalkin]

The video game idea is still iconic, if you run around selecting the proper icon (eg. character model standing around) you're still limited by the number of character models you've got available and the number of them you've got to select. The only real benefit iconic password schemes have over is it is sort of difficult to use a wetware exploit by watching over someone's shoulder or spying on what they type on the keyboard. I can still attack the password conventionally and with a limited set of icons it would be fairly quick work to search through the possible keyspace for the correct password. That's what I'm getting at here. Iconic video game passwords only add complexity to an already complex system for a user. Sure remebering to click a white rabit model and then a japanese schoolgirl model and then a red suited super hero model might be easy to remember but the interface is going to suck and far too much time is going to be wasted jumping through those hoops.

Re:Coka? Cola?

[Graymalkin]

That would work only so far as to disgruntle both the intended user and unintended user. If it took me a minute to type in my username and password how often do you think I would do it? Would I maybe leave myself logged in when I got up to take a walk or to get a drink? That'd set me up for a whole new security mess. It's been shown that difficult to use authentication schemes are far too often left unused simply because users are too lazy (even the security conscious). This of course makes you question your paranoia level. If you wanted to impliment this sort of thing on your system I'd say go for it but if you were my sys admin and I had to hunt for every character of my password you'd end up with a shoe shoved sideways up your ass.

Re:Coka? Cola?

[swb]

But the original specification was to defeat keyboard loggers and to confuse ESCHELON-type listening devices which otherwise might be able to grab the screen (and can be confused by obfuscated color schemes).

I didn't say it was easy, but it would be nearly impossible through remote monitoring to figure out what the fuck was going on, which was the primary goal.

I think'd be a waste of time as a real-world system. Too hard, too complicated.

Re:Coka? Cola?

[Corgha]

With a typed ASCII password you've got 2^128*n password combinations (where n is the number of symbols in your password), with an iconic password you've only got y^n password combinations (where y in the total number of icons which is limited to how many can be displayed on the screen at once).

I think you are confused. The number of combinations of N characters in a character set of size Y is y^n, not 2^y*n (if order is significant and repetition is allowed, both of which are usually the case for passwords). ASCII does not have 2^128 characters; it has 128 (0x00 through 0x7F), but that's not necessarily equivalent to what one can type on a keyboard. If one could type all of them and only all of them on the keyboard, that would allow 128^n passwords of length n.

In any case, even with a relatively modest 80x25 grid (much like a standard DOS or Linux console screen), one can fit 80 * 25 = 2000 symbols on the screen, giving 2000^n possible combinations, provided one can come up with 2000 easily distinguishable symbols (well, the Chinese have done it) and display them in a resolution at which they could be distinguished.

If one just wanted to display 128 characters, one could use an 8 x 16 grid. That is hardly a challenge. Then the user can select whatever ASCII characters he/she wants to select in whatever order he/she wants to select them, again yielding 128^n possible passwords of length n.

Re:Coka? Cola?

[Cybrr]

Or you could just use a non-CRT display.

Re:Coka? Cola?

[Kanasta]

Yes

But what would you do once you become blind trying to read your own screen?

Re:Coka? Cola?

[Graymalkin]

I'm not really sure even a iconic password is going to be secure from key loggers as they can just as easily monitor mouse click events as they can monitor keyboard click events. A slightly sophisticated trojan could easily so screen captures and correlate them with mouseclicks or key presses. Remember Back Orifice, it was basically remote desktop mirroring with a remote control function. The infiltration of a system inserting a slightly perverted system service the user wouldn't notice would be pretty effective at stealing passwords. Whether you're clicking icons in a 3D game or typing them. Maybe though you could make a self contained system consisting of an infrared camera and IR lighting to track the focus of someone's eyeballs. They would just focus on the icon and click a button to select it, after all the icons were selected it could send a hash of your password to the system for verification. At least then snoopers would have to get REALLY sophisticated to figure out what your password was, at least replace your camerawith an uber-hacked version.

Re:Coka? Cola?

[Graymalkin]

Security problem solved, no one can snoop your password if you can't type it in anymore. Unless of course they phreak your brain with a PET scanner or crush your balls in a walnut cracker until you tell them. Methods to circumvent either wetware attack is an exercise for the reader.

Re:Coka? Cola?

[Bartmoss]

Learn Braille, use braille terminal. No tempest danger there, or is there?

Free bundled DVDs?

[jamesmartinluther]

The following DVDs ought to come bundled:

Enemy of the State
One Who Flew Over the Cuckoo's Nest
No Way Out
Pi
The Matrix
The Net

Re:Free bundled DVDs?

sorry, but The Net should not come bundled with anything. If you want something to be paraniod about, it is the fact that sandra bullock still gets to make movies after that piece of crap.

Re:Free bundled DVDs?

[crystalplague]

mmmmm...Pi...

Re:Free bundled DVDs?

[GigsVT]

I think you misspelled some of those movie titles:

Sneakers
Antitrust
Wargames
1984 (Yeah OK, the book is a lot better than the movie)
The Conversation

:)

Re:Free bundled DVDs?

Where the hell do you guys get off moderating like this?

Encrypted Filesystem

[Coryoth]

Hopefully the default install does the partitioning and encryption of the filesystem via rubberhose. I can't find mention on the site, but it seems a logical precaution, being the best filesystem encryption program I've encountered.

Jedidiah
--

White glove Linux

[ajaygautam]

White Glove Linux is another similar distro. Ajay

Fired for Playing Games?

[MattRog]

I can see it now:

PHB: Johnson! Are you playing space-invaders again?

Johnson: :amidst the beeping and explosions: No, I'm logging into my Linux box!

PHB: Oh.. Can I get one for my system, too? That looks fun!

/.'d already - Google to the rescue

[h2so4]

Google's Cache of the page

Google Cache (for those who can't get to site)

[zpengo]

http://www.google.com/search?q=cache:Q4R-UBjh3wkC: tinfoilhat.cultists.net/+&hl=en

Re:Google Cache (for those who can't get to site)

Think about it. Would a paranoid trust the cached version of a security site?

Re:Google Cache (for those who can't get to site)

They would trust it exactly as much as they would the original site- i.e., not at all.

Hmmm.. in other words

[Orre]

This Tinfoil Hat linux would be called "Folie Hat Linux" in Swedish.

Bootable cdroms

[rangerx]

Instead of a floppy, why not use a cdrom? It can hold alot more, has faster load times, and many other features.
PLAC - Portable Linux Auditing CD

LNX-BBC

LBT

Re:Bootable cdroms

Or 5 1/4 anyone?

Accessories for the Paranoid

[Captain+Large+Face]

Apparently it comes with the following:

• a pair of dark glasses with reflective mirrors in them, to see if people are following you
• a book entitled "people only think you're paranoid because they tell them you are"
• seven dead bolt locks for your front door (in case the existing 12 break)

Re:Accessories for the Paranoid

What about reenforcing the dry walls, door frame, door and hinges before adding in the 10th dead bolt. A few antitank land mines and rocket launcher around the house in case the LAPD come crashing in with their vehicle Die Hard style.

Mark McGuire

[sharkey]

But does it keep Major League Baseball from spying on us from space?

Re:Mark McGuire

[MattRog]

Nothing can keep the MLB out of your life. By the way, here's an autographed baseball bat.

Re:Mark McGuire

[sharkey]

Sigh. Not even a tank, I suppose.

Re:Mark McGuire

[Snap+E+Tom]

We can keep discussing Linux thing, but wouldn't you rather watch me hit some dingers?

Re:Mark McGuire

[rsteele19]

ok, I don't get it. What's the reference here?

Re:Mark McGuire

[joekool]

simpsons, naturally

I have a theory that most any reference you don't get will be a simpsons reference

Re:Mark McGuire

A simpsons episode.

Re:Mark McGuire

[sharkey]

At least from me, anyways.

Another safety feature ...

[A+nonymous+Coward]

Slashdot your box, then nothing gets in or out.

I'm confused by the Tin Foil Hat Link

[Desperado]

The writeup has a link to Tin Foil Hat which is really a rant on how Liberals and Democrats are insane and cites the Presidential election of 2000 as proof.

It seems to me that Liberals and Democrats have historically been supporters of an Individual's right to privacy. Which is what this Linux distro. aims to provide. So why put in an inflamatory reference like this?

Could that link be the best explanation of the origin of the "Tin Foil Hat"? I shure hope it isn't.

Re:I'm confused by the Tin Foil Hat Link

[connorbd]

Yeah... the first half of the piece was good reading, but the second half... Knee-jerk conservatism. The problem with conservatives is that they scoff before thinking about it.

As for the election -- both sides tried to steal it. The Republicans succeeded, and Gore botched it (he'd have lost when he should have won if they'd done it his way). But that's a debate for another day (a year ago).

/Brian

Re:I'm confused by the Tin Foil Hat Link

> It seems to me that Liberals and Democrats have
> historically been supporters of an Individual's
> right to privacy.

That's a nice myth, but reality is somewhat different. The number of wiretaps carried out more than doubled during the first Clinton administration. Under Clinton, the phone companies were required to rearchitect their systems to make them wiretap-friendly. And do you remember the Clipper chip that the Clinton administration so heavily pushed?

Re:I'm confused by the Tin Foil Hat Link

[JCCyC]

Ask Mr. Keller (the author of the rant) if maybe he's guilty of tinfoilhatism too. But be sure to have two bulky male nurses between you and him.

Re:I'm confused by the Tin Foil Hat Link

[Rick+the+Red]

The only people who would call Bill Clinton a "Liberal" are Republicans on the far Right (am I being redundant? I don't think so). I tend to vote Democrat (when there isn't a Libertarian on the ballot) and FWIW I certainly don't consider him very Liberal. The only real difference between the Democrats and the Republicans is who's money they're pocketing (and, lately, the answer on both sides has been "Micro$oft's").

Re:I'm confused by the Tin Foil Hat Link

[cduffy]

Neither major party has historically been a supporter of the individual's right to privacy. Democrats have historically been more concerned with effective law enforcement than individual privacy. Look at Truman's role with the CIA or Roosevelt's founding of the FBI -- and both were Democrats. See Clinton's emnity towards public availability of strong crypto, or just see http://www.spintechmag.com/9911/ma1199.htm for another take.

The Libertarian party is the only political party I know of that takes a consistant, strong view on defending individual privacy rights.

Re:I'm confused by the Tin Foil Hat Link

[Kewlhand`tek]

Well i agree he aint no liberal, I vote for republicans when there are no Libertarians to vote for. Clinton was just for himself.

Re:say what?

[autocracy]

Try again. Passphrase not entered directly by typing. Enjoy!

Re:say what?

[Ageless+Stranger]

Read the post again-

"entering your passphrase via a video game style selection process to combat hardware keystroke loggers"

That sounds like the coolest feature to me.

Wierd Error

[autocracy]

Anybody else find this: "INVALID DNS SERVERS CONFIGURED AT CLIENT." on the site? Seems that there front page prints that, and anything else just shows up as not being there. A move to duck the Slashdotting?

I kid you not

[DragonWyatt]

When I saw this article for the first time appear on slashdot, I saw the following at the bottom:
( Read More... | 6 of 66 comments )
Does THAT make ME paranoid?

If *I* were the Illuminati

[BranMan]

I'd just put the spy code in the Bios. What else is distributed on every computer, and run every time they boot?

BWAHAAAAAHAAAA

Re:If *I* were the Illuminati

[angst_ridden_hipster]

What else is distributed on every computer, and run every time they boot?

Uh... Memory chips? Realtime clock chips? Capacitors and resistors and power supplies?

Re:If *I* were the Illuminati

[charon_on_acheron]

Shhhh. It's a secret.

Re:If *I* were the Illuminati

[yukonbob]

I'd just put the spy code in the Bios. What else is distributed on every computer, and run every time they boot?

Ya, but it's never used after boot, so would it still be useful?

-yb

Re:If *I* were the Illuminati

Duh! Yes. The bios can control EVERYTHING if its large enough. A compromized bios is how the nsa can get keystrokes on this or any OS.

Its very hard, but not impossible. Even if the Bios is not called, it can setup technologies to ensure it continues to get cpu time.

Interesting side links..

[Lumpy]

follow to the diceware link off of the main page. pretty neat idea except for this ....
Recently, she wanted to give her Internet password to her husband so that he could get on line. However, she still wanted to be
able to exchange private messages with me that he would not be able to read. I, of course, introduced her to PGP.

Sorry, why the hell was that woman married? sorry but if you cant trust your spouse then you need to not be married, not ever get married, and probably even stop dating for that matter.

Re:Interesting side links..

[david+duncan+scott]

Planning a surprise party?

Seriously, though, maybe she (gasp!) married the wrong guy! Maybe they should get divorced.

Maybe he was a nice guy, once, and then he changed. It happens.

Re:Interesting side links..

[Rick+the+Red]

The better question is "Why would they share the same email account?"

There are lots of things I might email my sister that I wouldn't want my wife to see (such as "what do you think I should get her for our anniversary?")

Tempest fonts

[morcheeba]

A nice addition would be tempest-resistant fonts! Here's a great article on tempest about tempest & creating fonts that are unreadable. Basically, the tempest setup only picks up the upper 30% of the frequency range, so this font has those components filtered out. But, the cool thing is that you can superimpose a (low amplitude) high-frequency pattern that isn't very visible to the user, but is visible to the tempest receiver. A whole fake Win98 screen transmitted? Here's the slide presentation for the above article (if you just want to look at the pretty pictures)

http://www.linuxfromscratch.org/

[corebreech]

The tinfoil hat only serves to deliver a false sense of security.

To be truly secure, you need to build your own distribution. You need to understand what is being put on your system, and why. You need to be able to verify that the program that says it edits streams really does that, and does it without any funny business.

I ***know*** what it running on my system. I know this because I built the binaries myself. I know this because I can look at the source code and see what it does. This is the most beautiful feature of open source; the ability to let tinfoil hat wearers like myself have near-total assurance that our systems are running only the code we want them to run.

You don't get to say that if you're running Red Hat or Suse, or Windows or Mac. How do you know that any of these companies haven't been approached by the Feds and forced to include code that compromises your security and privacy?

Admittedly, it's going to be some time before I get to running KDE or Gnome. Of course, I can always install a standard distribution and see what is available today. But I appreciate the ability not to have to trust one of these distributions with my personal data, or my source code.

Actually, I'm still not to the point where I can run XFree86 yet, but EMACS using SVGATextMode on new hardware is so obscenely fast, why should I care? Except when I want to look at naked women.

That's why I have a Mac.

Re:http://www.linuxfromscratch.org/

[autocracy]

Where are you stuck? As soon as I get through the book and the system is usable, X is one step away. And KDE is compilation of QT and a few KDE packages. Feel free to post to the list for help here or e-mail me... (note: I'm only on the blfs-support list!)

Re:http://www.linuxfromscratch.org/

[GGardner]

What about the compilers? Are you sure they aren't inserting any funny business into the binary code?

While we're at it, what about the CPU, and other support chips? Have you inspected the VHDL?

Re:http://www.linuxfromscratch.org/

[Ratbert42]

But how did you build your binaries? You really should read this before you trust a compiler that you didn't bootstrap yourself.

Re:http://www.linuxfromscratch.org/

[corebreech]

It ain't that I'm stuck. It's only that I don't want to install packages that I'm not prepared to fully understand.

No doubt most of the new stuff available today only needs a ./configure and a make install, and there it is, on your disk.

But in my mind that's no different than installing using somebody else's distribution.

I should fess up and say that I don't always use my installation, but that's mostly because my paycheck demands I use other code.

That doesn't change my lust for a system I can understand, down to the statement, and one that I have complete control over. I'm sure that a lot of you who've been with Linux forever you've acquired a sense for this a long time ago; I'm kind of new to the OS though, I've only been using it for a couple of years.

It's biggest attraction for me is that I get to be anal about learning it. Taking it one step at a time, and leaving nothing to chance.

So what if I don't have windows! Most everything I end up doing on the Mac or on Windows is all text-based anyways. Look at the interface for Visual C or Codewarrior on the Mac and tell me exactly what I'm missing when using something like EMACS on a screen that has a resolution of over 200 characters across.

Pretty colors? Alpha-blending? Anti-aliased fonts? It's all shit! It makes everything go slower, while making me put my nose up to the monitor so I can see what the fuck is going on!

Why do I need that?

Re:http://www.linuxfromscratch.org/

[Lionel+Hutts]

Absolutely. For those who haven't read it, "Reflections on Trusting Trust" is Ken Thompson's story of the greatest hack of all time: changing a compiler so that it not only created a backdoor whenever compiling login.c, but so that the modification persisted when the modified compiler was applied to the source of a standard C compiler. There's just no easy way to do without trusting anyone at all.

Re:http://www.linuxfromscratch.org/

[5KVGhost]

"I ***know*** what it running on my system. I know this because I built the binaries myself. I know this because I can look at the source code and see what it does."

But _have_ you actually audited the source code, and do you have the knowledge and expertise to understand all of it? If so, then more power to you.

Re:http://www.linuxfromscratch.org/

[autocracy]

Words of the wise there. I've done the same thing. I'm getting ready to try mass-rolling this thing out in a corporate style environment. My experience is that the first time, you are better off just doing it so that you can. Then scrap it and do it "perfect" the next time. More effort to be used this way, but I found it easier. Regardles...

Re:http://www.linuxfromscratch.org/

[Laplace]

You want to look at naked women on your terminal? Try using the aalib (ascii art library). It does an outstanding job of converting graphics files to ascii output.

Re:http://www.linuxfromscratch.org/

[Aknaton]

Well, I could following the instructions for Linux From Scratch (if I wanted to) but that doesn't ensure security.

In my opinion, if works only if you are willing to personally audit all the code that you use for bugs/errors/security problems. At some point, you're trusting someone else.

Re:http://www.linuxfromscratch.org/

[corebreech]

Note that I said "near-total assurance".

I have a lot of faith in you guys, even though I realize that when the gcc source is broadcast that not everybody reads through every single expression.

But we're all single-stepping through the code it produces at some point.

I've seen people reporting compiler bugs that makes you wonder just what the fuck these people are doing. When you read the back-and-forth between the people who use the compilers and those who write them it's pretty clear who's on top.

Plus, there's Codewarrior, and Borland (is that right?) and there's always the archived compilers to compare against.

In short, it's all out there in the open, and there are like at least ten million eyeballs on the case.

I'm willing to risk letting the compiler prove me to be the fool.

Re:http://www.linuxfromscratch.org/

[corebreech]

Yes!

Er, no!

Um, sort of.

glibc, gcc, emacs, gawk... there is some non-trivial code here, I'm not sure I'll ever understand gcc completely, for instance, but the others over time I'm sure I will learn.

This is why I haven't moved to XFree86 yet. It's going to be some time before I'm comfortable with even the few components contained within the basic linuxfromscratch distro.

I'm not committing myself to *understanding* it all, as much as I am being *comfortable* with it. In other words, if there's a program that has had its source out there for over ten years, and I can inspect all the patches made to it over that time, and see that nothing funky was inserted while at the same time noticing that none of you guys found anything funky with the code, well... where I come from that's good code.

You know, it's not like the effort to understand this code is a waste. There's a lot I've learned from even the simplest programs here.

Also, one of the things to remember when perusing this code is that the ratio of dangerous code to harmless code is fairly low. Which is to say, you don't need to spend a lot of time looking at whether somebody's pointer arithmetic is correct, but you do need to take a close look at the system calls, like when files are being played with.

I figure in another couple of years I'll have this shit down cold. Maybe to some it seems like I'm mastering the obvious... I see it more as building a sturdy foundation.

To each his own.

Re:http://www.linuxfromscratch.org/

[kwj8fty1]

Ever wonder what that 'SRPM' cd is all about? Well, it's the source to everything on your system. If your paraniod to the level of wanting to rebuild from source, then I assume you've reviewed all of the kernel source (how many lines these days?)

I'm paraniod. I run openbsd. I trust what's on the CD.

Re:http://www.linuxfromscratch.org/

[GGardner]

I suppose that is reasonable. How many security problems have you found in your audit?

Re:http://www.linuxfromscratch.org/

[Cro+Magnon]

I've also tried LFS, not so much from paranoia, just because I'd like my own distro, but I've hit some snags, including trouble subscribing to the list so I can ask questions (I get error messages from Listar). I managed to get a bootable system, but had no clue how to set up DHCP for online access :(

Re:http://www.linuxfromscratch.org/

[c_wraith]

That's a good start, but not good enough. Unless, that is, you bootstrapped the compiler yourself, directly in machine code. And that's not secure either, because whatever tool you used to enter and verify the machine code could have been compromised also.

For a better idea of this, check out these two sites:

http://www.tuxedo.org/~esr/jargon/html/entry/back- door.html

http://www.acm.org/classics/sep95/

Re:http://www.linuxfromscratch.org/

[piranha(jpl)]

"I ***know*** what it running on my system. I know this because I built the binaries myself. I know this because I can look at the source code and see what it does." (emphesis added)

A couple points:

• You can look at the source yourself? Woohoo. But do you actually audit the code yourself? Are you competent enough to not only know what every line of code is doing, but know enough to look out for obvious backdoors, and not-so-obvious backdoors disguised as unintentional security holes? Compiling from source is little better than using the binaries unless you've answered 'yes' to these questions.
• Let's say you finished looking at the source code you use and finished auditing it thoroughly, on a box called 'Sparcy' some 2 months ago. You even wrote down the version numbers. Now let's say you download the source again because Sparcy's hard drive crashed, and you need to recompile everything. You hit the usual sites and download the same versions. How do you know the distributors or mirror operators didn't add a few unmentioned features? What about your ISP, and their uplink? Can you trust everyone from point A to point B? The same would apply to one of your e-mail buddies or even a reputable friend telling you GnuPG 1.06 is "clean".

For the latter situation, you should write down md5sums for anything important that you audit like that. But mostly the point was this really isn't practical.

Suggestions? Maybe rely on a group of trusted people to audit code for you and the general public, PGP-signing the md5sums as their official seal-of-approval. How about using a system like Freenet to collaborate and organize such an effort? Freenet is uncensorable, and provides for anonymous publication and retrieval of content. A method of code peer-review that the feds/aliens/Elvis/Jesus/Dr. Evil can't stop, bribe, or censor, or otherwise put to a halt. Unfortunately, Freenet is far from mainstream. However, it's stuff like this Freenet is designed for, and does the best job for.

By the way, if such a group/organization is formed, there's no reason they couldn't compile binaries in the exact environment popular distribution packagers build packages, that is, by using the exact same libraries, etc. Theoretically, if a source package can be marked clean, and a distributor's diffs can be marked clean, the exact binary could be reproduced, and the package management utilities could recreate what should be the official package binary. If it really is exactly the same as the official package, that package (and the md5sum!) could be declared as "clean" as well. I don't know about other distributions/OSs, but Debian and NetBSD provide for detailed build logs, and probably give enough information to recreate the official packages.

Re:http://www.linuxfromscratch.org/

How do you know that any of these companies haven't been approached by the Feds and forced to include code that compromises your security and privacy?

If slashdot really exists, then this has not happened. The fact is that someone has looked at the code, and if the Feds forced security comprimises into the OS, this would be all over slashdot for the next 10 years (and trolled for 20 years after that).

Re:http://www.linuxfromscratch.org/

[corebreech]

None.

Then again, the software contained in the stock LFS system is pretty minimal, and has been around forever.

The other thing I should mention is that at some point I want to put some machines on the Net and I am convinced that the best way to achieve security is through simplicity. By building your own system you know very well what is and isn't running on it.

Re:say what?

That is what the "video game" style password entry is for.

Re:say what?

[FrostyWheaton]

I dont see how software will help you get around this

It gets around this by not allowing users to input their passwords by using the letters on the keyboard. They use something similar to the arcade "Insert your name here:" interface where you move a cursor up and down to select the letters/numbers/symbols/spaces. It would probably start at a random place in the sequence too, so that the keylogger's capture of up x 15 down x 27 etc. is rendered useless.

Re:say what?

[LMCBoy]

As I understand it, that's where the "video game" interface comes in. It displays all the letters of the alphabet on screen, and you "type" your passphrase using the mouse, naver touching the keyboard.

The keylogger will get all your other keystrokes, but not your GPG passphrase...maybe the onscreen keyboard can be invoked at other times too.

Even easier: LCD (was: Tempest fonts)

[dstone]

Operator: Main LCD turn on
Cat: All my fonts are not belong to Tempest
Captain: What you say!!
Captain: You know what you doing

Re:Even easier: LCD (was: Tempest fonts)

[pangloss]

as someone else posted, i don't think lcd's defeat tempest monitoring. it may change the interpretation of the monitoring, but what would there be about lcd's that would defaet tempest monitoring? maybe passive matrix displays are more difficult than active?

anyway, it's not like lcds don't cause any electrical interference--they're still fcc class b devices for the most part right?

hey and plus, that whole tempest-ish scene in cryptonomicon wouldn't have been possible if laptop lcd's were van eck phreak proof ;)

video game style passwords?

Cool, my new root password will now be up-up-down-down-left-right-left-right-B-A-start.

Re:video game style passwords?

isn't that the god mode ?? Sex, god etc are some of the most common 3 letters password.

Re:video game style passwords?

[Clubber+Lang]

Cool, my new root password will now be up-up-down-down-left-right-left-right-B-A-start.

Better make that up-up-down-down-left-right-left-right-B-A-select-s tart if you wanna be in multi-user mode

Re:video game style passwords?

8 bit nintendo Contra, right? 30 lives...those were the days. sigh.

Re:video game style passwords?

[the+endless]

you silly sod.

now EVERYBODY KNOWS.

you think posting as an anonymous coward will help? you poor naive fool.

so much for secure.

Another option

[the_rev_matt]

KRUD (http://www.tummy.com/krud) is another great secure option. A hardened Red Hat, comes out every month with all security updates/patches/etc. It's put together by Kevin Fenzi (author of the Security HOW-TO).

Re:UberSecureLinux (and wireless)

[McFly777]

Wireless networking in USL is quite simple, it only requires that you compile libpenandpaper-1.0, and exchange messages using the HandToHand networking model.

No No No! ... The HandtoHand protocol is succeptable to a "man in the middle" attack. Even worse, if you don't properly install the BicLighter module it can be subject to a DOS (Dumpster OutSide) attack.

VIdeo Game Style passwords?

[Marsh+Jedi]

Clearly:
Up,Up,Down,Down,Left,Right,Left,Right,B, A

Re:Set up a "secure document" server / workstation

[bob@dB.org]

I guess you could have this as the workstation, and then have an OpenBSD box as a vault type NFS or something.

OpenBSD may or may not be a vault, but if you'r running a NFS server on it it'd be the equivalent of forgetting to lock the vault-door.

NFS is to security what Microsoft is to competition.

Re:trademark issues

[Aknaton]

They probably could. After all, the Red Hat name is what they are actually selling.

Say What?

[clump]

Like I'm going to trust *them* to secure my Linux box.

So you not only make your own distribution, but you make your own userland tools? Unless yes to the above, your trusting someone.

You gotta love...

[Jon+Abbott]

...the reference he gave for a keylogger:

http://www.keyghost.com is an example of a tiny & cheap hardware logger.

The price of Keyghost Keylogger: $999.

Re:You gotta love...

[pryan]

That was for the Pro II pack, which includes five keyloggers. That makes each Keylogger Pro $200.

Re:You gotta love...

[Jon+Abbott]

I noticed that immediately after posting (doesn't it always work that way?). Still, at $200, it's a far cry from cheap.

Re:You gotta love...

[jhanson]

ummm, according to the keyghost page it costs $139.

Re:Say What?

but the cia can read my mind with their satelites!
thats what the tinfoil is for

the politics...

[bob@dB.org]

of this guy could probably be considered quite suspect by a large portion of the Slashdot community. have a look at this link listed as the second link in his "links" section.

Re:say what?

[euphline]

Of course, the camera placed behind your chair will catch it all ...

Isn't the whole point that we _don't show_ anything as we type?

-jbn

In PDF format?

[isotope23]

Yep, just got them in PDF, format!

Paranoid
Delusional
Freak

HA HA!

I'm late I'm Late for a very important date
no thorazine and so I cry, I'm late I'm late I'm Late!

Alright Ill bite, this is cooler, from their links

[CDWert]

http://www.erikyyy.de/tempest/

Ive heard about scavenging screenshots from computers a couple hundred feet away using the EM signal, but had serious questions on how easy this was.

The above link does it in reverse plays MP3's through your MONITOR as an antenna !!!

Now, that said, I have more of a belief in a tempest like system, guess its time to get my copy of tinfiol linux

Other secure distros

[InodoroPereyra]

Of course there are many other distros focused in security, including Bastille, Trustix, EnGarde ...

-- Don Inodoro

Simpsons (nt)

or at least, as little text as possible. goddamn filter.

Re:Say What?

[lw54]

Well, you better write your own compiler too ;-)

Re:Set up a "secure document" server / workstation

[Com2Kid]

"NFS is to security what Microsoft is to competition."

Uh, the one who ownz all?

Seriously, might want to rework that metaphore. :)

NFS is to security what Windows95osr1 is to stability?

Hmm, too long.

NFS is to security what Win95 is to stability.

Works I guess. Grammericaly incorrect, but the concept gets through. :)

defeating keystroke loggers

[purlhax0r]

So I guess I can't say that I fully understand how keystroke loggers work... do any of them (most of them?) also record a high-res timestamp with each keystroke?

What if you were able to type in a passphrase, but with a particular rhythm? Say, typing each individual letter of your passphrase to the rhythm of "shave and a haircut, two bits" or some such nonsense?

Of course this way, they could get the keystrokes, but if they don't know the precise rhythm of the keystrokes, they're SOL.

Go ahead, cynics. Now tell me it's a stupid idea... I'm waiting.

Re:defeating keystroke loggers

About a 100 years ago, morse code operators could be recognised by their 'hand' - the rythmn of the dots & dashs. Keystrokes on a keyboard are the same. Guy in my ComSci class at uni, wrote a password entry library that analysed time between keystrokes, then tried to match it with the stored password.
Works well when typing in your name or commonly written phrase such as your home town, as people tend to develop a natural cadiance. Passwords are more of a problem - given a random string of text, natural patterns take a while to develop.
So... been done but when used for passwords (esp. those that change frequently or are machine generated), generally difficult to find a balance between giving too many false negatives & not being secure at all.

Re:defeating keystroke loggers

[GigsVT]

I guess you would have to modify all your auth programs to look for that rhythm?

That won't work very well for a network login, TCP will packetize keys that are sent close to each other, throwing you off. I won't even attempt to think about how that work work over satellite, when I ssh, I usually type fast enough so that my keystrokes all get sent at once (the satellite has special proxy software that assumedly avoids sending lots of little packets).

Insecurity?

[tym]

The "utmost in security" or the "utmost insecurity". The second is what I heard when the article was read to me this morning...

Re:Sigh...

[TheRain]

what's even more ironic is the fact that I added
"I mean I've known people who are infactuated with Linux but...."
just to make the point of the joke clearer to those who would not pick up on it.

What about monitor companies?

[sean23007]

turning the contrast of your screen down to foil prying eyes and cameras

So basically, you're going back to the old days. If monitors keep getting better and better, we'll have to make the OS interface worse and worse to compensate. Then maybe monitor manufacturing companies, when they see that demand for their new products is through the floor, perhaps they will stop advancing their technology. And when that happens, we can all blame the halt in technological advancement on Microsoft's anticompetitive business practices!

Everyone use Tinfoil Hat Linux! Surely it is the key to defeating Microsoft!

If I was using this...

[msouth]

...I would never tell _you_. Go away! Why are you reading this, anyway? Are you trackin everything I post on the net? Don't I recognize you from behind the newspaper at the coffe shop?

Wrong.

[moyix]

From: The Complete, Unofficial TEMPEST information Page:

No way. I get a few channels in my apartment via rabbit-ear and UHF loop antenna reception - they're pretty weak, but on a good day and in the absence of major interference, I can watch Ally McBeal. I'm also a longtime notebook computer user, mostly Apple Powerbooks. The TFT LCD screen specifically interferes with the lower-numbered VHF channels on my TV, which also happen to be more poorly propagated at my location. The CPU and motherboard also interfere, but the screen is by far the worst and can't be within twenty feet and/or two interior walls of the antennae without substantial, patterned interference. And this is a low-power laptop with a relatively small 10" screen (800x600, 60Hz refresh), using under seven watts including the 180MHz CPU. Shutting off the screen independently of the rest of the machine greatly reduces the interference.

And if it's causing interference, it's giving out a signal, most likely one that can be intercepted and read. The best solution is to buy TEMPEST certified products.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

I'm the author of this program. It was intended as a clever

give away at code-con, but it should also be useful for other

people who carry their keys on floppy disks.

I hadn't intended a widespread distribution until I could put the kernel config

up & get a bunch of signatures on the signing key .

Oh well.

In response to slashdot and the email flooding in:

The key will be up on keyservers shortly (if it isn't already. )

signatures to follow in the next few days. There isn't any TCP/IP

or network on this distribution, I'm not a christian redneck, keyghost

used to be cheaper, I can't fit tempest fonts on, since the console

is only greyscale. Direct FB fonts would be the answer, but I didn't do it.

And the "video game style" entry is clumsy, since I didn't want to re-invent

curses. It's all free if you want to improve it.

And now I'm about to get on a plane and be out of communication for a while

;-)

Slashcode is certain to break the signature, but here goes:

Anonymous

~

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.0.6 (GNU/Linux)

Comment: For info see http://www.gnupg.org

iD8DBQE8csA+Fr26O2gKKPMRAp79AJ9/Ej1GyB2lnIxEPv2x Tq /MvKzBdACgg++K

uYFX2VCz3Bq9BPuv8kLGCQM=

=6oTm

-----END PGP SIGNATURE-----

Who brought you CDA, Carnivore, and the DMCA?

It seems to me that Liberals and Democrats have historically been supporters of an individual's right to privacy.

Keep reading history and when you get to the part about Carnivore^H^H^H^H^H^H^H^H DCS-1000, notice which party implemented it and which party opposed it.

Tinfoil Hats....

[3waygeek]

are for weenies. Real paranoids shop here.

Re:trademark issues

[GigsVT]

Why did the parent of this get modded down? Quick Robin, to the metamod-cave.

Actually...

The phrase "tinfoil hat" has been a symbol of paranoia for several years now; it had apparently already grown into somewhat common usage I first ran across it in 1997. The link was to a copy of the original story that it was derived from, but most, if not all, of the political rantings were added in 2000.

Anyway, I'd like to make it clear that the content of the page probably in no way reflects the author's views; he most likely just thought it would be a good pun on "Red Hat."

yeah...

[Jack_of_Hearts]

boy, these jokes just never get old... *cough*

Re:say what?

[amitola]

It would probably start at a random place in the sequence too, so that the keylogger's capture of up x 15 down x 27 etc. is rendered useless.

Not only that, but the alphabet on screen would have to be randomly rearranged on each invocation. If you know that the alphabet is arranged a certain way, and you have a list of keystrokes such as "up,up,up,enter,left,down,enter", it's less-than-trivial to brute force the space of possible cursor starting locations.

And hopefully you'll have a very strong "random" number generator to do it with, since the security of your key now depends entirely on the security of the pseudorandom algorithm.

Once you start going paranoid, there's no end of possibilities...

BSOD

At least with grey/black LCD's, we won't have to worry about seeing a blue screen of death.... :-P

Re:Late!?

'The Late isotope23'!
Whatever will we do without isotope23???

it IS cheap

[wunderhorn1]

Well, obviously if you're a student operating on a typical student's budget, $1K is a lot to spend on compromising your roommate's box.

But to even the smallest corporation or local government, a thousand dollars is pocket change, particularly when you consider the value of the information that could be gained with such a device.

(and as the other poster pointed out, they're actually only $200, which does make it a viable option for getting at your roommate's pr0n (assuming you aren't clever enough to find a cheaper alternative))

Re:trademark issues

[alec314159]

I wonder if Redhat owns the rights to the word "Hat" the way Microsoft "owns" the rights to the word "Window".

Apparently, two morons moderated this as "offtopic". Let me explain:

Windows -> Lindows

Redhat -> Tinfoil Hat

The Paranoid

[greening]

Maybe Tinfoil is for the mildly paranoid but for the true paranoiac, there is OpenBSD. It hasn't had a hole in it's build in over 2 years and so forth. (There's more that I wont bother to go into. Maybe it's because I can't remember. What's there might be wrong, it's been a while.) *BSD is by far superior to anything Linux anyways, so why bother with Linux?

Re:The Paranoid

[Ziviyr]

Because it'd be pretty easy to tempest out your passwords with BSD. :-)

Re:The Paranoid

[panic911]

My windows box is more stable than my openbsd box (no joke) and maybe it's the hardware, but back when it was running linux, it never crashed once. Not to mention that OpenBSD's FS seems to be a lot slower than Ext2.

Btw, OpenBSD hasn't been hacked with its default build in over 2 years, that doesn't mean that it hasn't been hacked though. When you install it, it doesn't have ftp, telnet, or ssh activated (2.6 didn't anyways, that's what i use), which could be looked upon as lack of features, rather than security.

Note: sibling post (not parent post) is a troll!

For the love of god, don't click on its link!

I was naïve to click on it...

storing keys on media is for the weak...

[kbroom]

The only secure storage is yourself, and you
must also be able to type directly in ciphertext.

Re:Say What?

[joto]

Well, you'd better write your own kernel as well. Come to think about, what is stored in the microcode for the P6? Better make your own computer...

Re:Say What?

So you not only make your own distribution, but you make your own userland tools? Unless yes to the above, your [sic] trusting someone.

Or you just don't trust your linux box. Personally, I trust mine to some extent, but not completely, of course.

Re:Say What?

[berserker2001]

not the CIA. Major League Baseball. They're the ones we have to watch out for

Offtopic: How does one join the illuminata?

Offtopic: How does one join the illuminata?

Re:Offtopic: How does one join the illuminata?

[WeedMonkey]

Bury $3,125 in a cigar box in your back yard. An agent will be in touch shortly.

What are you doing?

What the hell are you doing the requires this much protection from the MiBs, NSA, Illuminati, or Big Brother? Jesus, get a life people, or a lawyer. Unless you are selling trade or state secrets, fermenting armed insurection or planning a terrorist action, or stealing from the above listed parties, you got NO REASON to use this much security.

Paranoid freaks!

Modern OSes installed via diskette

[rjamestaylor]

You never installed OS/2 2.1, did you? THAT was long, tedious and the disks would alternate between working/not working. I still have it somewhere...