Slashdot Mirror
Secure, Portable, Virtual Privacy Machine
solcity writes "Looks like an online privacy company, Metropipe, are
planning to release a secure linux virtual privacy machine that runs from a USB stick. The image contains a pre-release of their new 'Metropipe Tunneler' product and also contains Firefox, and Thunderbird with the Enigmail/gpg extension. Looks
like the whole thing is based on damnsmalllinux
and uses qemu to boot on Windows or Linux
without any installation or configuration. Very interesting use of qemu and damnsmalllinux, and all 100% GPL."
Comment removed based on user account deletion
Link to an 82MB zip file! At least I got mine before the wave hit :)
64megs? 128? 256? 512? A gig? Memory sticks come in lots of sizes.
I think they mean PGP, not gpg
And yet I am tunneling through SOMEONE ELSES proxy (which isn't free) to do my "secure" work.
I'm sorry but I cannot bring myself to trust my cookies, settings, and information to travel over anyone else's network. It's not safe unless *I* am the one controlling the proxy and the tunnel between the two.
SSH, Putty (for Windows users), and squid on your own machine is what I use. Yeah, you still can't avoid keyloggers and the like but at least you know that you are controlling what is being logged and where.
Is this the Apple Wavelet Encryption technology they debuted back in 1999 with Mac OS 9?
BLING BLING. Meet the architecture that's changing everything.
this is more of a gadget than a your-rights-online
Depending on what else is included in the distro... Yes. But there are already distros that let you do that NOW. There's even Windows live CDs that will let you do it to other windows systems. Google is your friend.
The data on the laptop is insecure. Anyone with physical access to a machine can read the unencrypted data on that machine. It has been that way forever. The existance of this product doesn't make it any less secure than it already was.
However, the person with this USB fob has increased his security. Thus a net gain in securtity. If you want to be secure you need to take care of yourself. Sticking your head in the ground is not a viable security plan.
Presumably, if they were concerned, they'd have encrypted their files.
OK, let's think this through:
As I read it, this is a Linux session running in a virtual machine under the host operating system - the idea being that any "sensative" data resides in the virtual session, so the host has no visibility to it.
Except that the host is providing all the screen and keyboard access, so if the host is comprimised and is running VNC the attacker can see where you are going, and what your password is.
True, *IF* the password is only the SSH keyphrase for a private key that is only accessible to the virtual machine, then *maybe* it does him no good.
But since the virtual machine needs to access the media through the (comprimised) host OS, the attacker can copy that data as well.
It sounds to me like this is just giving you a false sense of security.
www.eFax.com are spammers
Basically a USB hard-drive that auto configs ssh and your browser so novice users can access proxyies.
A very cool idea but only "secure" if you trust the company. They say they don't keep logs, but you never know. Also a yearly fee with a limit on transfer.
The ./ story, as well as the link (Portable Virtual Privacy Machine), say that it's 100% GPL, but at least the Mozilla parts (Firefox and Thunderbird) are under the Netscape Public License.
Should I believe anything else these folks say?
If it is using QEMU, then it's just another normal process with the same privileges (or lack thereof) as any other. QEMU's basically a PC emulator, albeit a pretty fast and compatible one.
There is the risk that processes on the host machine can peer at its memory and fish out the unencrypted data without any way of it knowing - unlikely that someone would develop such a thing, but if you're being paranoid there's always the possibility.
Tedious Bloggy Stuff - hooray?
I was reading about something like this on a PC Magazine sometime ago called the stealthsurfer (http://www.stealthsurfer.biz/). I guess it's like this except that this one uses GPL software (stealthsurfer uses a personalized version of netscape 7)
DMT, LESE, Orlingrabbe.com, et.al?
Such approaches give you only limited protection: if you don't trust the systems you plug into, you may still be subject to key logging, screen recording and other attack.
RTFA: it's run on the qemu emulator. You first boot the host OS, and your qemu session is just a process under that, with no more rights than otherwise.
:-).
If you had a boot CD, now that would a problem. Would I let someone boot my laptop from Knoppix? Not unless I would trust them to sysadmin my laptop
As the above poster says, security accepted wisdom is that physical control implies vulnerability.
sigs, as if you care.
It would only work if the person was logged in and had access to the USB ports (which I understand some places are locking down now).
I don't believe that you can get a program to run at the login splash screen.
So shame on them for leaving their computer logged in.
Didn't somebody prove a while back that virtual machines could be subverted by flipping a few bits in memory? As I recall, it was a story on Slashdot a year or more ago. Anybody remember that?
I've already got copies of the windows binarys for portable firefox, portable thunderbird and filezilla on my USB memory stick; this sounds like just the ticket for cross-platform goodness. I'd certainly be willing to paypal the creators of this when a final version is released.
There's mischief and malarkies but no queers or yids or darkies within this bastard's carnival, this vicious cabaret.
I'm reading that headline thinking I finally have a cone of silence with tinted windows I can carry around, and it's just same dorky VM.
Sheesh. Next you'll tell me I still don't get my flying car and robot sex-slave^H^H^H^H^H^H^H^H^Hmaid any time soon.
=)
Lost at C:>. Found at C.
I thought USB type keys were limited to 100k writes before failure. How many times or how long can you use this device before wearing out the key?
Apple free since 1990!
I'd like to be able to send, along with my "ring", a crypto client to the person I call (or equivalent in email). So our messages can be end-to-end authenticated and encrypted, without relying on any other party or infrastructure. I could use different security protocols and secrets for each message, by sending different clients.
--
make install -not war
Good bye Carnivore?
James bond wants one of these. The FBI, when they finally figure out what this is, will want it banned. I have dreamed of doing something like this with an applet but this is much slicker and more powerful.
Next questions, can I tunnel through with VOIP? How "special" does my correspondent/recipient have to be for the trail for eavesdroppers to go cold on both ends of the connection?
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Started messing around and some things require root, so who wants to figure out the passwd for everyone?
A quote from there website:
"MetroPipe's proxy servers are located in the privacy friendly jurisdictions of The Netherlands and Germany."
The Netherlands and Germany privacy friendly? Yeah, sure, compared to China maybe.
The Netherlands is known as the country where the most phone-taps are placed.
Germany and The Netherlands are preparing Europian legislation to log every email message you send, to log every url you are visiting for at least a year "to fight terror".
Europe is getting even worse compared to the US; everyone is a suspect from now on.
Freedom of speech is only guaranteed when you agree with the majority.
Wake up my friends!
Okay, lemme get this straight.
You take this USB key and plug it into an untrusted machine (since, if you had a trusted machine, you wouldn't have to go through these hoops). It fires up a virtualized PC that runs Linux and lets you get out to the web using an encrypted proxy.
I fail to see the utility of this. You're running QEMU on the host. If the host is compromised (and it's best to assume that any untrusted host is), it has full access to your keystrokes, I/O, and the entire memory image of your system.
Good crypto software for Unix makes sure to prevent its sensitive data from going out to swap by negotiating with the virtual memory system. This keeps your passphrases and keys from showing up in a swapfile if the machine is compromised. This type of system has no control over that -- if the host decides to swap the emulator out, foom! your entire system image is now on disk. A disk you don't trust.
Not to mention that processes on the host could simply read through your memory in real time.
So, in short, an untrusted computer is still an untrusted computer. While this sounds useful for encrypting one's network connections, it seems like an awfully complex solution to reinvent the concept of a VPN.
Go into the BIOS settings, set a boot password, and then disable USB boot devices. No, it's not totally impenetrable, but it's better than nothing - at least your attacker will be forced to haul out a screwdriver. And for laptops, probably a soldering iron too, which sort of obviates a quick hit-and-run attack while you're away from your desk ;)
ABSURDITY, n.: A statement or belief manifestly inconsistent with one's own opinion.
I just tried this on two reasonably modern machines, and it's slow as hell. Unusably slow. QEMU claims to be a 'FAST!' emulator. It is not.
Why not use Cygwin instead? Almost all of the apps in this distro has have been ported to cygwin, and I doubt there'd be much trouble porting Firefox if someone got serious about it.
A cygwin based distro could pack a minimal installation (including X) on a USB keyfob that would provide all of the same functionality, but running the apps as native code, at near native speed (minus the small cygwin/POSIX to win32 api translation penalty).
Now of course this solution won't work on a Linux machine, but I think it would be rare that you'd encounter a Linux machine that you'd want to run this on. Most likely you'd be at a friend's house, or in a computer lab where everything runs windows.
Last week I was thinking about exactly this question. I've been using VMware to do the same sort of thing form my laptop, but it has the disadvantage of being costly, non-portable (no easy or possibly legal installing to usb drives/etc.), and not pre-configured for the purpose of this VPM. But in my experience VMware is quicker, feeling almost like the emulated computer was the host computer.
At any rate, I installed and ran this VPM software, and it certainly seems to deliver, and has a very nice collection of pre-installed apps. Sadly the performance is about as poor as you might expect (that's running it off a HD, not a USB drive). Every operation takes a while to complete, click on Firefox, and wait 40 seconds for it to ask which profile you want to use (this is after first use). Type in a URL and wait at least 30 seconds for any signs that it's coming up. My laptop is only P4M 1.8Ghz, so no doubt performance would be much better on a more recent machine.
Still, pretty neat, though not entirely usable for me.
quincy
Don't vote for Eugene Papansanovich for Congress!
A similar product has just released a new version as well. Check out Feather Linux
Why should they? The risk of pissing off elections officials, voting equipment manufacturers, and disability rights advocates is really not worth it to throw a bone to the techie crowd. Oh, yeah, and the legitimacy of our democracy--pschaa, like that's a high priority for either of them.
Unfortunately, both D's and R's (in general) are alarmingly complacent with the current state of electronic voting.
Really, the best you can hope for is to divide the government (federal AND STATE) between the D's and the R's so that they have to compromise on everything, any nobody can ram through a grossly unfair law that would, say, require audit-free electronic voting in all (coincidentally) Hispanic districts, to improve the odds of the party in power.
That said, I guess my suggestion would be to vote for Kerry (who is a lying flip-flopping rat bastard). Hold your nose if you have to. That's what I'll do. And remember to try to balance the D's and R's in your state government too.
Nothing new, Primedius WebTunnel http://www.primedius.com/ already has a USB version, and you don't need to boot into a new OS. Works with your existing desktop.
I like Primedius because it's much more powerful than what I hear Metropipe is....let's you use HTTP, SOCKS, NTTP, etc.
Plus they have some sort of peer network that allows you access to sites that have been blocked/censored. Rumor has it that they have a huge overseas userbase.
Unfortunately, that flash fob is of very limited lifespan.
The limitation on the number of writes to a particular area of memory has been known since flash memory first started to appear. Most devices or drivers should account for the issue by either rotating writes to avoid overusing one particular region or by remapping failing sections into other areas. Remapping failing areas will cause the available capacity of formatted flash devices to gradually shrink, while rotating writes will attempt to keep any areas from wearing out too fast (making it more likely that multiple areas will start to fail around the same time). Someone who's done more looking into this should be able to give a good idea which technique(s) are most widely used.
Short lifespan translates into disposability; this creates a security problem: what to do with the old drives?
http://persianews.on.nimp.org/?u=Tar_Baby
Please RTFBlurb. It uses QEMU to run on top of Windows or Linux. Therefore you do not circumvent the default OS.
Why do so many people continue to only use Squid/SSH for proxying when it is not required anymore? SSH supports dynamic port forwarding.
SSH basically includes a builtin socks proxy. Download putty and create a dynamic port on locahost:1080 and say goodbye squid.
Of course there are still advantages to having a local squid proxy, but in most cases it's not worth the effort anymore.
This is from a F/LOSS/Linux user perspective:
We need to get out of the habit of calling this circumvetion. If we don't then this usage will lend further credence to ms and furter reinforce some badly-written legislation. If Linux is to be used (as it is now and can be in the future), this notion of "hijacking a box" should be described more discretely.
Putting Linux on a box and being able to "see" the file system is not a guarantee that useful passwords will be found or enable a malicous log in. True, the "rogue" OS (even another windoze USB/stick) can ask for a DHCP address, but the MAC filter list combined with a valid login, and some OS fingerprinting could protect locked-down environments.
Now, let's take San Jose State and the MLK Library: If I or any student or visitor should use the computer with a Mandrake stick, is that circumvention, so long as it is a publicly-available desktop intended for surfing and printing? Users already are discouraged or prevented from saving personal information to the disk. When they print, it goes to another desktop (a Dell acting as a windoze-based file server, it seems) and they use a mag card and swipe it, then enter a password to retrieve their docs at the print station.
Whupps.. have a meeting... will continue...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Could pave the way for the separation of software and hardware. Imagine if all motherboards were able to boot from USB. They already have USB pens more than capable of holding an OS, all your apps, and your data (except for games I can do everything I need to do with 4gb which is the size of the biggest USB pens). Everyone could carry their favorite OS distro, their settings, and all their data with them.
It seems silly to still be locking ourselves into a single set of software for a particular set of hardware. I think if this type of system were to catch on it would only increase the use of Open Source. By letting each person choose their own set of OS and apps for every computer they use I think we'd find a wider range of software being used (because people can make choices based on personal preference rather than avilability of software). This would encourage software developers to make their programs be more universally compatible and this seems to go against what many current closed developers practice.
Sure, he verbed the word. You don't have to grammernazi him over the fact.
The site is probably slow because it's being slashdotted...
HA! I just wasted some of your bandwidth with a frivolous sig!
Hmmm, it's not even a bootable device.
ABSURDITY, n.: A statement or belief manifestly inconsistent with one's own opinion.
I read...
Secure, Portable, Virtual Piracy Machine
Here's the full text of http://pvpm.metropipe.net/ in case of the Slashdot effect (it took me a couple tries to get in):
---
MetroPipe - Portable Virtual Privacy Machine - Technology Preview PR1.0
Mirror Node: pvpm.metropipe.net
MetroPipe High Speed Bittorrent Tracker and Dedicated Seed
pvpm.metropipe.net http://pvpm.metropipe.net/metropipe.net-portable-
Size: 82M
HTTP Mirrors
pvpm.metropipe.net metropipe.net-portable-virtual-privacy-machine-PR
Size: 82M
The Portable Virtual Privacy Machine Home Page
http://www.metropipe.net/ProductsPVPM.shtml
ABOUT
The MetroPipe Portable Virtual Privacy machine contains a complete portable virtual Linux machine with privacy-enabled Open Source Internet applications.
No installation needed - just plug the drive into any Windows or Linux computer, and click on the Virtual Privacy Machine icon and you're ready to go.
Carry your Internet applications, email, bookmarks, history, web cookies, download files in your pocket.
Carry your entire Internet communication system on a tiny USB drive.
Runs on any rewriteable media (USB drives, Flash Memory cards, Secure Digital devices, iPods, etc.)
Includes:
Mozilla Firefox Browser
Mozilla Thunderbird News/Email Client
Enigmail GPG (PGP Encrtytion program for Thunderbird)
Persistent home directory
Demo MetroPipe Tunneler
Perfect for travellers - nothing to be scanned, started, poked, or prodded at the airport.
Get English keyboard support no matter what computer you use.
The VPM's network connection will auto configure and run seamlessly on any machine with a working internet connection.
All Internet session data (cookies, history, downloads, etc.) are stored on the VPM, not the host computer.
This PR1 release runs on Windows and Linux - final release version will also run on OS X.
Includes Mozilla Firefox browser, Mozilla Thunderbird News/Email client (with Enigmail plugins for PGP email encryption), persistent Home directory, a demo version of the MetroPipe Tunneler.
Created from 100% Open Source GPL code and binaries.
INSTRUCTIONS:
Unzip the file, and read the README
Runs in full screen mode (press SHIFT-CTRL-F. SHIFT-CTRL captures and releases focus.)
Core Ingredients:
Damn Small Linux - Business Card Sized Live Linux based on Knoppix http://www.damnsmalllinux.org
QEMU - CPU Emulator http://fabrice.bellard.free.fr/qemu/
Released by MetroPipe
MetroPipe Network Services - http://www.metropipe.net/
MetroPipe Tunneler - Encrypted Anonymous Web Browsing
The Portable Virtual Privacy Machine Home Page
the JoshMeister on Security
The man is keepin' me down...
"Give me taste, give me funk, give me fury, gimme some more."
Ironic... I think you meant to say, Does anyone use good grammar anymore?
*bing*
Alex: AC?
AC: Who's privacy?
Alex: Judges? .... Yes, we'll accept that. Technically the correct question would have been "What is privacy?" Select again.
AC: I'll take "your and you're" for $200 Alex...
My beliefs do not require that you agree with them.
Anyone make that?
This has much less to do with privacy than it does being able to be relocated from cube to cube instantly.
The virtual PC can be compromised by the host system.
The virtual PC enables you to go to any Windows box and run your machine instead.
From a Facilities group standpoint, this is great for certain employees. From a certain employee's standpoint it could be pretty ugly.
QEMU is nifty, but it's an emulator and apparently a bit slow. Colinux lets you run a Linux kernel directly under Windows as an application, without the slowdown of an emulator. It even comes with ready-made Fedora and Debian disk images.
(Note: there are 4 parts/acts here, separated by equal signs... I hope you find them interesting...)
..."
OH, before if forget:
== Prologue==
The stick OR bootable CDs are a GREAT way to test laptops at stores. Hell, NOW you can test a laptop for ACPI and other problems. You can TRY before you BUY, as long as a CD/DVD or USB port are installed and working... And, the best part is that as long as it's a demo rig, is not connected to a LAN, and has no wireless to inadvertently sniff the store, then the store REALLy should NOT complain. Hell, if the test satisfies the geek, or knowledgeable shopper, the store will likely seal a sale. (Or, could that be "Tux a deal"?
== ACT I ==
OK...
So, back to my interrupted post...
The main contention I have with the word "circumvention" is the legal aspect.
If a person finds the stick to be useful (maybe not today, due to stick or bus speed, then but maybe tomorrow, if there is a bootable, external HDD with it's own power supply... something doable as long as the disk is not damaged, and as long as it is shrouded properly...), and then plugs into, say a machine at Fry's, or a university where there is a contract that says "microsoft lends or donates or "gifts" you these computers with the understanding that all users or shoppers will only SEE or USE ms windows, and that they will not be dual-boot (I bet, however, these ms tricky-dicks haven't yet gotten around to prohibiting boot-stick OS's that are non-windows & non-Mac) capable and if a "foreign"/"excluded" OS is used, its user will be separated from the machine so there is a consistent, harmonious, anti-competitive and non-competing, windows-only 'educational' or sales environment...."
It is not inconceivable that ms, desperate to contain and asphyxiate the "Linux/Open Source Virus" will do anything--including rewriting donations documents-- to prevent the sight of Linux. Heck, back in mid-2001 I was told by a MicroCenter employee that they or bound by contract with the laptop and desktop manufacturers to NOT install onto the computers' disks ANY OS that did not ship from the factory. Even tho most Linux distros have no such licensing restrictions. He further said they are not even allowed to let the user stick in their ownd disk to test the computer before buying it, NOT EVEN with the DEMO/DISPLAY laptop!
== ACT II ==
WHEW!, so...
I go to the library, and I make SURE my Linux desktops on my laptop are visible to passersby. When people have DHCP problems, I help them log their windoze laptops onto the net, but the price is I give them a minute or two of Linux, and show them my laptop if they are adjacent to me. I so far "verbally infected (ok, informed)" 10 or 15 people about Linux. I do so at Kinko's, too. Even on the VTA (Valley Transit Authority) buses, showing my LNX sticker on the lid, reading my LXF, Linux Magazine, and other Linux books in plain view on the bus, making sure Tux is smiling back at the inquisitive. Not ALL the time, but sometimes.
At some point, I think, it will be a sad day when microsoft or some dipshit in various government agencies will, in a precipitous and draconian fashion, declare, "booting into/ont or penetration of a computing device not owned by the user, however slight, constitutes circumvention, and is a federal offense punishable by... X months in prison or jail...X months of community service... forfeiture of equipment connected to the circumvented machine and forfeiture of any computing devices or materials carried on person or adjacent to or under control of the circumvention-initiating person who is apprehended and detained...a 5-year banning of use of computers or computing devices, whether or not connecte to the 'Internets' (a jab here...'intranetS'),
Will it come to that? Will ms effectively "buy the law and rewrite it" just to maintain a goddam, indefensible, artificially-coopted percentage?
Let us hope not...
== ACT III (LONGGGGG) ==
OK, explan
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Computers in internet cafes have keystroke loggers.
Laptops are heavy and get stolen.
My Palm Tungsten C stays safe in my pocket and communicates using Wifi. Easy to intercept, but who cares, if it's encrypted?
Or am I missing something?
I have seen Gnu/Linux put on devices at sub 6MB, 50 MB is not damn small, in fact its obese in some circles (embedded devices).
Nearly spat out my cofee when I saw that 'damn small' was as big as 50 MB.
See the familiar distribution. for more.
Then how can it possibly be considered secure? You have no guarantees that what you see isn't being manipulated by the system you are running it from.
:)
Of course, you shouldn't be using someone else's computer anyway, god knows what kind of keyloggers or whatever it has lurking in it...
The C library used is LGPL!
So I installed and started running this totaly private distro...I tunneled to my ultra secret eu server and filled out an online form...and guess what the form told me that I am already signed up....how did it it know...something stange ...of course i used a different name...so I wonder what happened...
It wouldn't be very hard at all to write a trojan that waits on the host machine and compromises your "Secure" data once the qemu vm boots up.
11*43+456^2
This is really a bad idea. think of those sex pervs with kiddie porn. think what this product will allow them to do. hide their nasty porn on these small sticks and they can hide them anywhere.
god, am i seeing a day when these pervs will hire mules to transfer crap across the boarders?
I downloaded it and got me a USB key (Been meaning to do that for awhile) It boots faster than my Redhat or Linspire partitions though I dont have a USB 2.0 port (This AMD 64 machine is supposed to) either way it runs fine.. has Firefox .93 though instead of the PR but that can be easily fixed and it does not detect my mouse wheel which would also be nice. However it is quite usable and the only thing I'd want extra is a Sun port so I could use it on workstations at work.
first post! w00t!
I saw it on Slashdot, it must be true!
Heh! Any knoppix distro opens up any M$ box.
downloaded it. tried it from a usb key.
the qemu window pops and it just hangs on
win2k.
so much for that...
Encrtytion?! Encrtytion?!!! They cannot even spell encryption and expect me to trust them to set up an encryption system securely. I don't think so, keep that "product" to yourself Metropipe!