Tinfoil Hat Linux: A Distribution for the Paranoid

An Anonymous Coward writes: " Tinfoil Hat Linux is a distribution designed to allow the signing and encrypting of documents with the utmost in security. The floppy-image has numerous security features including: entering your passphrase via a video game style selection process to combat hardware keystroke loggers, turning the contrast of your screen down to foil prying eyes and cameras, and to run background PGP processes."

Re:Hoax

[CitznFish]

here si the site for those that may not get to it...
What is Tinfoil Hat linux ? It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.
Tinfoil hat is useful if:

• You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
• You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
• If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
• If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
• The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.

Tinfoil hat linux files

• readme.txt, also on the floppy image
• The source code for files on the floppy
• The tinfoilhat linux floppy image plus disk signature file Transfer this image to disk using rawrite (on windows) , dd on unix (dd if=tinfoil.img of=/dev/floppy ), or Diskcopy on a MAC.

FAQ

• Q: Why doesn't the floppy I got at codecon match the signature above?
  A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
• Q: How do I undo that horrible screen in paranoid mode?
  A: Type "contrast" at the command prompt, or play with ctheme.
• Q: Is this really a 1.0 stable release?
  A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
• Q: What sort of hardware is required to run tinfoil hat?
  A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
• Q: where do I send complaints, bugs & feature requests?
  A: anonymous AT nameless DOT cultists.net
• Q: What is the license for this distribution?
  A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.

Links

• Aluminum foil deflector beanie from zapatopi
• The man in the Tinfoil Hat . A good example for people confused by the tinfoil hat reference.
• http://www.gnupg.org
• Joelm's comprehensive TEMPEST site.
• Tempest for Eliza A fun tool for observing the radiation from your computer. If anybody ports this to Direct FB, I'll put it on tinfoil hat in a flash.
• Diceware a tool for generating very secure passphrases.

Re:Hoax

[JabberWokky]

Considering that he distributed floppies of this at codecon, you're wrong.

It's rather tongue-in-cheek, and more of a tech demo of what can be done than a useful configuration, but it sure has loads of nifty ideas.

--
Evan

/.'d already - Google to the rescue

[h2so4]

Google's Cache of the page