Tinfoil Hat Linux: A Distribution for the Paranoid

← Back to Stories (view on slashdot.org)

Tinfoil Hat Linux: A Distribution for the Paranoid

Posted by timothy on Tuesday February 19, 2002 @08:46AM from the either-a-joke-or-a-good-idea dept.

An Anonymous Coward writes: " Tinfoil Hat Linux is a distribution designed to allow the signing and encrypting of documents with the utmost in security. The floppy-image has numerous security features including: entering your passphrase via a video game style selection process to combat hardware keystroke loggers, turning the contrast of your screen down to foil prying eyes and cameras, and to run background PGP processes."

4 of 247 comments (clear)

Min score:

Reason:

Sort:

Re:Hoax by CitznFish · 2002-02-19 09:01 · Score: 5, Informative
here si the site for those that may not get to it...
What is Tinfoil Hat linux ? It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.
Tinfoil hat is useful if:
- You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
- You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
- If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
- If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
- The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.
Tinfoil hat linux files
- readme.txt, also on the floppy image
- The source code for files on the floppy
- The tinfoilhat linux floppy image plus disk signature file Transfer this image to disk using rawrite (on windows) , dd on unix (dd if=tinfoil.img of=/dev/floppy ), or Diskcopy on a MAC.
FAQ
- Q: Why doesn't the floppy I got at codecon match the signature above?
  A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
- Q: How do I undo that horrible screen in paranoid mode?
  A: Type "contrast" at the command prompt, or play with ctheme.
- Q: Is this really a 1.0 stable release?
  A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
- Q: What sort of hardware is required to run tinfoil hat?
  A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
- Q: where do I send complaints, bugs & feature requests?
  A: anonymous AT nameless DOT cultists.net
- Q: What is the license for this distribution?
  A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.
Links
- Aluminum foil deflector beanie from zapatopi
- The man in the Tinfoil Hat . A good example for people confused by the tinfoil hat reference.
- http://www.gnupg.org
- Joelm's comprehensive TEMPEST site.
- Tempest for Eliza A fun tool for observing the radiation from your computer. If anybody ports this to Direct FB, I'll put it on tinfoil hat in a flash.
- Diceware a tool for generating very secure passphrases.
--
'mmmmmmmmm.... forbidden donut'
Re:Hoax by JabberWokky · 2002-02-19 09:03 · Score: 5, Informative

Considering that he distributed floppies of this at codecon, you're wrong.
It's rather tongue-in-cheek, and more of a tech demo of what can be done than a useful configuration, but it sure has loads of nifty ideas.
--
Evan

--
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
/.'d already - Google to the rescue by h2so4 · 2002-02-19 09:09 · Score: 5, Informative

Google's Cache of the page
-----BEGIN PGP SIGNED MESSAGE----- by Anonymous Coward · 2002-02-19 12:50 · Score: 4, Informative

Hash: SHA1

I'm the author of this program. It was intended as a clever

give away at code-con, but it should also be useful for other

people who carry their keys on floppy disks.

I hadn't intended a widespread distribution until I could put the kernel config

up & get a bunch of signatures on the signing key .

Oh well.

In response to slashdot and the email flooding in:

The key will be up on keyservers shortly (if it isn't already. )

signatures to follow in the next few days. There isn't any TCP/IP

or network on this distribution, I'm not a christian redneck, keyghost

used to be cheaper, I can't fit tempest fonts on, since the console

is only greyscale. Direct FB fonts would be the answer, but I didn't do it.

And the "video game style" entry is clumsy, since I didn't want to re-invent

curses. It's all free if you want to improve it.

And now I'm about to get on a plane and be out of communication for a while

;-)

Slashcode is certain to break the signature, but here goes:

Anonymous

~

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.0.6 (GNU/Linux)

Comment: For info see http://www.gnupg.org

iD8DBQE8csA+Fr26O2gKKPMRAp79AJ9/Ej1GyB2lnIxEPv2x Tq /MvKzBdACgg++K

uYFX2VCz3Bq9BPuv8kLGCQM=

=6oTm

-----END PGP SIGNATURE-----