Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tinfoil Hat Linux: A Distribution for the Paranoid

Posted by timothy on from the either-a-joke-or-a-good-idea dept.

An Anonymous Coward writes: " Tinfoil Hat Linux is a distribution designed to allow the signing and encrypting of documents with the utmost in security. The floppy-image has numerous security features including: entering your passphrase via a video game style selection process to combat hardware keystroke loggers, turning the contrast of your screen down to foil prying eyes and cameras, and to run background PGP processes."

13 of 247 comments (clear)

  1. Uh huh... by Anonymous Coward · · Score: 5, Funny

    Like I'm going to trust *them* to secure my Linux box.

  2. UberSecureLinux by TedCheshireAcad · · Score: 5, Funny

    The distribution UberSecureLinux, is actually a standard distribution of RedHat Linux 6.2, default installation, but it requires you to remove the PowerCord(TM) device from your PC. With PowerCord(TM) removed, your machine is effectively hacker-proof.

    UberSecureLinux hopes to dispel the myths that RedHat 6.2 is one of the most hackable distributions of Linux.

    1. Re:UberSecureLinux by TedCheshireAcad · · Score: 5, Funny

      Wireless networking in USL is quite simple, it only requires that you compile libpenandpaper-1.0, and exchange messages using the HandToHand networking model.

  3. Re:Hoax by CitznFish · · Score: 5, Informative
    here si the site for those that may not get to it...
    What is Tinfoil Hat linux ? It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.
    Tinfoil hat is useful if:
    • You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
    • You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
    • If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
    • If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
    • The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.
    Tinfoil hat linux files FAQ
    • Q: Why doesn't the floppy I got at codecon match the signature above?
      A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
    • Q: How do I undo that horrible screen in paranoid mode?
      A: Type "contrast" at the command prompt, or play with ctheme.
    • Q: Is this really a 1.0 stable release?
      A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
    • Q: What sort of hardware is required to run tinfoil hat?
      A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
    • Q: where do I send complaints, bugs & feature requests?
      A: anonymous AT nameless DOT cultists.net
    • Q: What is the license for this distribution?
      A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.
    Links
    --
    'mmmmmmmmm.... forbidden donut'
  4. Copper cube ? by ZeroZenith · · Score: 5, Funny

    From the readme:
    If at all possible, boot THL on a laptop & disconnect all external
    cables, including the power & mouse. Turn off nearby
    radios, including cell phones and microwaves. Put yourself
    and the computer in a well grounded opaque copper cube. Download
    your tinfoil hat plans from http://zapatopi.net/afdb.html.
    Boot the floppy....

    Where can I get well grounded opaque copper cube? Can't find any on ebay.

    --
    -- ZeroZenith
  5. Re:Hoax by JabberWokky · · Score: 5, Informative
    Considering that he distributed floppies of this at codecon, you're wrong.

    It's rather tongue-in-cheek, and more of a tech demo of what can be done than a useful configuration, but it sure has loads of nifty ideas.

    --
    Evan

    --
    "$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
  6. Coka? Cola? by Graymalkin · · Score: 5, Interesting

    So..does it come with TEMPEST-proof console fonts too? I think that would be the big todo for the really paranoid (aside from coming with a foldout F cage). Highly anti-aliased fonts work decently (in theory) thrwarting VE screen captures but if you're running soley in the console I would think you're at a decent risk of having your data captured considering the regularity of the screen and the unique shaping of console fonts. A little off topic but I was wondering if one could impliment a Matrix style command shell where white space was replaced on screen from /dev/rand in a light font like light grey and then when you type the letters would either be dark grey or white to distinguish them from the random letter replacing white space. While somewhat hard to read it would cause so much static VE screen captures which of crappy monitors can be done with a slightly hacked AM radio, would be pretty difficult to make out. It would just be cool to make a shell that just did that to begin with. Pop open a terminal and have it look super funky would make a pretty badass shell theme.

    --
    I'm a loner Dottie, a Rebel.
  7. Fired for Playing Games? by MattRog · · Score: 5, Funny

    I can see it now:

    PHB: Johnson! Are you playing space-invaders again?

    Johnson: :amidst the beeping and explosions: No, I'm logging into my Linux box!

    PHB: Oh.. Can I get one for my system, too? That looks fun!

    --

    Thanks,
    --
    Matt
  8. /.'d already - Google to the rescue by h2so4 · · Score: 5, Informative

    Google's Cache of the page

  9. Mark McGuire by sharkey · · Score: 5, Funny

    But does it keep Major League Baseball from spying on us from space?

    --

    --
    "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
  10. Tempest fonts by morcheeba · · Score: 5, Interesting

    A nice addition would be tempest-resistant fonts! Here's a great article on tempest about tempest & creating fonts that are unreadable. Basically, the tempest setup only picks up the upper 30% of the frequency range, so this font has those components filtered out. But, the cool thing is that you can superimpose a (low amplitude) high-frequency pattern that isn't very visible to the user, but is visible to the tempest receiver. A whole fake Win98 screen transmitted? Here's the slide presentation for the above article (if you just want to look at the pretty pictures)

    --
    HIV Crosses Species Barrier... into Muppets
  11. Re:http://www.linuxfromscratch.org/ by Ratbert42 · · Score: 5, Insightful

    But how did you build your binaries? You really should read this before you trust a compiler that you didn't bootstrap yourself.

  12. Re:http://www.linuxfromscratch.org/ by Lionel+Hutts · · Score: 5, Interesting

    Absolutely. For those who haven't read it, "Reflections on Trusting Trust" is Ken Thompson's story of the greatest hack of all time: changing a compiler so that it not only created a backdoor whenever compiling login.c, but so that the modification persisted when the modified compiler was applied to the source of a standard C compiler. There's just no easy way to do without trusting anyone at all.

    --
    I Can't Believe It's A Law Firm, LLP does not necessarily endorse the contents of this message.