Slashdot Mirror
A Linux Distro From the US Department of Defense
donadony writes "The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the U.S. Department Of Defense. The idea behind it is that government workers can use a CD-ROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker's own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user's activities behind."
What about the fingerprints? Screen ghosts? Not to mention all that quantum electron crumbs...
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
I wonder if it includes a copy of CoFEE standard. They have *my* attention.
You're telling me hotel computers might be insecure? Information I could have used before now...
This would still be vulnerable to malware loaded by firmware and hardware. Not much of a vector and shouldn't have much effect on the use cases they're talking about too much.
Not so much, thet use encryption instead.
New things are always on the horizon
There is a review of LPS over at DistroWatch:
http://distrowatch.com/weekly.php?issue=20110704#feature
Surely all those Chinese assembled PC have a key logger, or other back door, built into the BIOS power on self test? If I was in charge of a country that assembled most of the world's computers, I'd make sure that such a thing was in place.
If the computer is left on the RAM can still leave traces behind.
I don't see how this is any different than any other live CD though.
^^vv<><>BA
Yeah, this was a good idea... I actually have Ubuntu installed on a portable USB drive -- It's faster than installing off a CD and it remembers saved data, bookmarks & installed progs (instead of a clean boot image).
However, I don't think for a moment that this prevents an infected system BIOS/CMOS from infecting the MBR of the flash drive, or that even booting off of a CD-R will be able to keep me safe if the hardware can't be trusted... I mean, If you want security, why not give them a personal mobile pocket computer instead? Everyone knows that physical access = game over; If an attacker's gained physical access you've just been pwned. Not to mention how easy it is to place a low-tech internal key-logger in todays machines...
Unless the "vanilla PC" you're booting from has a hardware keylogger. Then well, duh.
I want to delete my account but Slashdot doesn't allow it.
Are hardware loggers (keyloggers exist, and screenloggers do not seem too far out there -at least in my fanciful imagination) and other interposers not part of their threat model or do they actually have a way to combat that?
If the former then this does not seem to be a very useful security system. If the latter then I'm very interested in how (Trusted Computing anyone?)
hm. great idea, but doesn't look easy for the non-technical folk to get it up and running. imo, they're the ones that really need this type of product when they travel to hotels and whatnot.
This is a research account for studying online commenting so we can create tools to improve moderation.
It even includes monitoring software that send all you do to the US government for analysis, it ensures you aren't doing anything nasty! 100% secure!
Now if only their Websites were this secure...... *coughAnonymouscough*
Though really, the imprint is left on the network, even if it's encrypted. and something might be left over BIOS, mechanical keylogger... There's probably a lot of ways these guys could be found out, but it could be a good thing that they're at least using SSH and a portable OS, it shows they're TRYING.
They'll probably hand out the first batch to people like Mr. Anthony Weiner just to avoid that kind of embarrassment, if not for national security...
Except with some useful proprietary applications with GUIs for encryption and making it difficult to have persistent data.
I guess the kernel has all proprietary divers in it so its more likely just work and support hardware but that also comes with the slightest chance that its just an excuse to get a back-door in there (thought if there is one; the other end does not care what you are doing).
Have we already forgotten about using special kernels after POST get read data from air cooled memory chips that retain their contents after a power off already? Not that it matters, but saying there is "no trace" can be a tad incorrect :)
Oh shit! How did I miss this gem here?
LPS differs from traditional operating systems in that it isn't continually patched.
Poor reading comprehension? You might want to work on that. You also might want to work on that little "reading into things that which is not there" problem you got as well.
You sort of missed this part
LPS is designed to run from read-only media and without any persistent storage.
as well as the release notes that show that it has been updated several times this year.
It's asinine to claim that it is tamper proof. That right there should be raising red flags.
Considering the "threat" from China and chip suppliers to consider any machine that you have not personally inspected down to the firmware to be secure is just nuts.
Sure, they booted into a different OS and bypassed the local storage completely. Great. Any OS rootkits cannot get loaded and access the "secure" OS. Fine.
What about rootkits that can get loaded via different means? NIC cards? Storage adapters? LCD monitors that have small repeaters to record and send encrypted frames of what is displayed? Keyloggers loaded directly into the keyboard?
It's only as secure as the weakest link. Hotel computers and home systems? Yeah...... I can see the TV repair man coming in and the next thing you know we have a conduit into a tamper proof secure DoD network.
That distro is not going to be smart enough to validate all the hardware it is running on, and if it did, it would defeat the whole purpose wouldn't it?
Asinine is an understatement and we actually paid to have this developed.
Then all you would be praising it as a great idea!
Eh? You can always burn a new copy when a security fix comes out, you don't have to pick between patching a running system and having no security fixes.
In case you don't see the problem they're addressing, many distros that aren't Debian (I think RHEL fixed this a couple years ago, too) don't have any particular way to prevent MITM attacks dumping compromised software in the form of an update, and providing corresponding MD5 sums. You can do like Debian, and require updates to be signed, or you can do like LPS, and not download any updates over an untrusted network. Both are valid fixes for a real problem, you might say Debian's approach is better, but neither has earned the derision you display.
The ability to boot from removable media in the first place?
Most places I've been (hotels, cafes etc) have that ability completely locked out.
reminds one of previous failed life0cidal empires.
regards to rep. Sanders for his courage & valor in representing us, telling the truth, doing his job.
But can it run America's Army?
WARNING: Smartphones have side effects--most of them undocumented.
If you think they will allow access to sensitive networks you are nuts, they won't even be able to access their email unless the computer has a smart chip reader, all this is really doing it making the printing out of plane tickets from a hotel computer a little safer.
Knowledge = Power
P= W/t
t=Money
Money = Work/Knowledge so the less you know the more you make
Call me paranoid, but why would they make something like this and let people have it? The government would rather identify everyone online. Am I right?
Ok... so, tell me why this less secure distro is worth wasting anyone's time over considering that my writable USB gets updates as soon as they're released to my distro, sans burning / installing a new ISO... Booting from a clean USB every so often? Hmm, yeah, I can do that too.
Let's not forget -- If you put the end users in charge of their own security, they won't have any. Seriously, once I talked to a guy who figured out how to bypass the "your password has expired, choose a new password" security feature. Keep the same password by changing it 5 times in a row to exhaust the previously-used password buffer.
You seriously think they'll take the time to ensure they have the latest version of their distro burned -- Well, unless it's someone else's job (say, the PROGRAM itself) to keep the users up to date, it won't happen.
If it's not updating itself, it's not worth my time, honestly.
As others have noted, there's nothing to see here, it isn't any more secure than any other distro. If you're already mindful of security this distro isn't going to help you be any more secure.
they won't even be able to access their email unless the computer has a smart chip reader
I might be wrong, but thats probably why the distro includes CAC and PIV card support.
But what if this phones home? Has any security(tm) professional tested the network traffic this produces under a VM or through a firewall? (BTW posting anonymously my captcha is "vibrator")
What about rootkits that can get loaded via different means? NIC cards? Storage adapters? LCD monitors that have small repeaters to record and send encrypted frames of what is displayed?
Statistically and practically speaking, those are if miniscule concern especially compared with the relatively common MBR rootkits out there.
Not to mention the inherent difficulties in trying to install a generic rootkit to specific hardware via CMOS overwrite; I dont think its anywhere as easy as you seem to think it is. Hint-- not all BIOSes will work on all motherboards (and the same is true of NICs, etc).
call it Dod-ian
BRILLIANT! That means that any flaws in your OS or applications (web browser) WON'T BE PATCHED
Which isnt really an issue for several reasons:
A) most of the code out there isnt targetting some obscure form of linux
B) this is a live distro, so there is no permenant storage, so no real worry of a rootkit
C) someone booting up this distro is unlikely to be doing so for reasons that would expose him to threats
Hence the lack of caring about /etc/passwd, or running as root, or all the rest. Its generally irrelevant on a live distro because you cannot get rootkitted.
I hope you are not being serious, but if you are.. wtf is wrong with you nuts demanding everything to completely-unbreakable, 100% safe until it's any better than the previously used systems?
The point here is not to make a perfectly safe system. The point is to make a lot more secure system than the other option is. I know slashdots value and standard has been going down for a quite while, but seriously, you people need to go out and work with real projects and understand their actual requirements before just making stupid statements.. It's like Digg.. No, it's like womens forums.
Google+ vs. Facebook, and why Google+ will fail
Considering the "threat" from China and chip suppliers to consider any machine that you have not personally inspected down to the firmware to be secure is just nuts.
If by firmware you mean the firmware code, that is not sufficient. Malicious instructions could be hidden in the chip logic itself (and not just CPUs, either). This shows the feasibility:
http://www.infoworld.com/d/security-central/malicious-microprocessor-opens-new-doors-attack-411
Of course, that is with a field-reprogrammable chip. If you are manufacturing the chips, you don't need a reprogrammable chip.
Wait...so DARPA bought KNOPPIX?
It doesn't get patches because it runs from read-only media; the approved version is updated when necessary to address security concerns, but you have to use new read only media, rather than patching the existing one, that being the nature of "read-only".
Qoute:The idea behind it is that government workers can use a CD-ROM or USB stick to boot into a tamper proof, pristine desktop
Reply: And the government probably spent millions developing the OS when we just download it for free.
...Because we all know that everyone wanting anonymity -must- be doing something illegal.
Taxation is legalized theft, no more, no less.
Every time I think people on /. can't get any more clueless, I read posts like this and my faith is restored.
NIC cards? All data is encrypted at Layer 3 or 4 (SSL/TLS or IPSEC), so all a NIC is going to see is encrypted Ethernet frames.
Storage adapters? So? Feel free to read the publicly-available ISO from the CD-ROM drive. In fact, just go download your own copy. No other storage adapters are used.
Hardware Key-loggers? Stopped by multi-factor smart cards (aka CAC and PIV cards). That is, they can't snarf passwords. They might gather other keystrokes, though.
LCD monitors with whatever magic paranoid shit you can dream up? Stop getting your tech ideas from Hollywood fantasies. Can you please point me to any of these so I can see one in the wild? Are they just randomly scattered around at Holiday Inns?
The access these things get you to is non-classified networks. Not for public consumption, but non-classified. Like access to office webmail or VPN, except using smart-cards to replace RSA tokens.
You're childish assertion of essentially "if it isn't absolutely 100% secure against anything I can imagine, it is worthless" shows you don't know shit about security.
Learning HOW to think is more important than learning WHAT to think.
I've been working in the kiosk industry for about 8 years now. The current company I work for has around 1000 kiosks in hotels, airports, business centers, etc as well as having around 20,000 customers.
I can tell you that 99% of hotel's are setup to NOT allow USB or CDRom booting for the very obvious reasons. Most are setup as well to only read CDROM and read/write from USB and also have a Bios password set to disable the ability to execute from a different device.
I suspect this project will die off pretty quickly or fail soon if the people involved with the idea didn't even do some simple research or know about this type of information. Sure it would be a great use for their home computers but outside of that the CD's will just be one more thing to fall into the hands of people who will abuse it and become yet another security hole.
If this catches on, and people start using it for their normal desktop, we're in serious danger of not giving the key VDI vendors billions and billions of dollars to "revolutionize" our desktop experience!! Isn't somebody going to, like, issue a petition or organize a protest or something? (Oh wait ... i see the paid lobbyists cronies of the beltway IT hegemony circling already -- never mind).
"Ahh! I see you're in that indeterminate Schrodinger state where - oh, uh
It would really save some annons a lot of trouble if this distro would just upload all of the confidential files to pirate bay.
Think how much time we would save waiting for the right person with the right access, or the right system to be vulnerable and get exploited. Its all going up there eventually anyway, so why not skip the middle man? I suppose thats too much efficiency to hope for.
"I opened my eyes, and everything went dark again"
So what about locked BIOSs and the like, where booting off of a CD/USB Drive is either not enabled or isn't first I mean it would work in some situations but in other situations you would be forced to use whatever you have in front of you. Of course, I'm thinking the computers would have competent IT workers...
"your password has expired, choose a new password" security feature. Keep the same password by changing it 5 times in a row to exhaust the previously-used password buffer. "
easy fix for that
have a rule that the password can not be changed for 7 days after it has been changed
(and in some instances Fire somebody for trying this trick)
Any person using FTFY or editing my postings agrees to a US$50.00 charge
...Because I clearly said that only people taking part in illegal activities seek anonymity.
Dude. That's what housekeeping is for...
If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
That sounds like something a pedophile would think. Among other people. (Nancy Grace?)
ya mean how they last worked on encryption and secretly backdoored it...ya trust in bankruptcy
FWIW the NIC trojans were done by overwriting part of the NIC's firmware. When the NIC initialized it would have DMA and could inject it's self into a running OS, it really had nothing to do with snooping traffic but obviously if done right it could.
Without a trusted boot there is no way to known whether a layer lower then the operating system is not interfering. As such, if the bios, or any other firmware (e.g. network card) is malicious, you're doomed.
Anything that gives you a false sense of security when you have little or none is worse than knowing up-front that you have no security. As long as the PC itself isn't secure (keyloggers, rootkits, or any other type of snoopage), you shouldn't touch it if you actually care.
Last time I read gov't IA, 24 was the magic number for pssawrod history.
Unfortunately the vast majority of DoD sites only are approved to work in IE, which doesn't run natively in Linux..
You forgot modified video card firmware... where's your hand-wavy magic for that one?
</tin-foil>
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
It was where you went straight away. Your mind connects anonymity with illegal activities...
Too bad it does work with Navy Systems. CAC access with this has failed in the past.
So now anyone can download everything they need to access government computers in one easy step! I'm sure anonymous, and the Chinese government appreciate that!
Cheers!
You know what child pornographers and "other people" are interested in? Air. They like breathing. Is that a knock on oxygen?
Do you really believe that a seriously secure OS is something bad just because "child pornographers...among other people" might be interested in it?
That sounds a lot like an argument you'd hear from people who believe that there should be a back door in everything so "the authorities" can take a peek.
Here's a news flash: I don't give a fuck if child pornographers are interesting in something. I'm not prepared to give up every last bit of my own privacy just because there happen to be perverts in the world.
Among other people.
You are welcome on my lawn.
Yes, there is Kylin, but China's government uses GNU/Linux and Windows too.
(1) device support. For example. LiveCD does not support certain wireless adapters. (2) virtualization. Can you be sure you are not booting into a VM?
Feeling secure firing up a clean desktop?
Might want to check the back of the PC or even better bring your own keyboard.
The solution is better than nothing but I still wouldn't trust Internet cafe's --> http://www.keelog.com/
They said tamper proof. Not tamper resistant.
It's not what they are trying to do, it is what they are claiming as the level of security. That is my issue.
I never said completely unbreakable. I just said tamper proof is bullshit, and it is.
You're childish assertion of essentially "if it isn't absolutely 100% secure against anything I can imagine, it is worthless" shows you don't know shit about security.
The fact that you make that assertion indicates a reading comprehension problem.
My issue was with the tamper proof claim, not tamper resistant, tamper proof. That is asinine. I never claimed it was without value, or that it had to be 100% secure.
All I stated was that it is not 100% secure, therefore, not tamper proof.
This just in, pedophiles also tend to use candy to attract children. Possession of candy made illegal for anyone over 9. Stoners and college students inconsolable.
A bullet may have your name on it but splash damage is addressed "To whom it may concern."
classic sand-boxing is good, pretty efficient, but of course the user can leak information as he "surfs" on the CDROM, but at least old information is restricted.
I've read that LPS does not mount any hard disk on the local system. However, it seems still to be possible to mount a disk by getting root privileges and running commands such as mount, fdisk, etc... My question is: what would happen if we visit a web page with malware able to exploit the stack and get a root session?
Wait.... So you're saying Nancy Grace is a pedophile?
I hope this comment is well received... I could have moderated instead!
Persecutors will be violated!
Google "only guilty people have something to hide".
"I don't know, therefore Aliens" Wafflebox1
Builtin DoD Backdoors.
Yes, for people with secrets it would clearly be a very smart choice to use software developed by the military and guaranteed by the government to be secure.
Absolutely, this outrageous device should be banned immediately. They did it with incandescent light bulbs, after all: Used by pedophiles, terrorists and tax evaders all over the globe. So they did away with it. And the world is a safer place already.
Rudolf Hess edited Mein Kampf. He was the very first grammar nazi.
I'd like to see them try and run a secure session on a computer that I'd prepped. Even with only remote access (e.g. via a trojan.)
If the (slashdot) report is correct, then this is worrying.
The idea that they would, in the time of 3g and WLAN, somebody like a employee of the DOD would try to use any hotel computer and make it magically safe by booting some OS.
Using an hotel computer or any internet cafe computer is like putting a malicous roommaid onto steroids.
There is an infinite number of people which had infinite time to place keyloggers, bug the monitor cable etc.
doing nothing (i.e. abstinence) is safer than sex with a condom, but sex with a condom is safer than doing nothing about protection
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
So...they are building backdoors into software designed to close backdoors? And if they changed Linux, wouldn't they then have to publish the source code? Source code!! Go crazy!!
though we lambaste TSA-type security theater with good reason, I get the impression that the feds are at least more serious about security for their own systems/installations
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
Why is this an item? That distro has been around for a while (at least a year). I never actually used the software but it came in handy as a counter argument for "Linux isn't secure" trolling.
"I'm not much interested in interoperability. I want substitutability. I want to be able to throw your software out."
For instance, what about hardware keyloggers?
Sounds like a good distro to use for on-line banking - assuming your bank doesn't require flash running in IE6, which in the US, is a 50-50 proposition.
This DISTRO sounds like its made for safer porn surfing ?
If they want to carry around their entire collection on read-only material it'll make them that much easier to prosecute when they get caught.
WikiLeaks News 2014 In a stunning revelation Anonymous found information indicating the Dept. of Defense gathered information from its employees. Last year the DOD was outed by WikiLeaks News as having included a key logger on the Lightweight Portable Security Linux distribution, a live-cd mandated for all DOD employees for use on non-DOD PCs. Now our sources discovered keystroke records from over a million sessions on DOD computers. Another piece of software on the live CD transferred these sessions to DOD servers while the CD were used. DOD officials were unavailable for comment.
Here will be an old abusing of God's patience and the king's English.
Defensive much? I never said the OS is a bad thing. Please don't put words in my mouth. I simply pointed out that certain people might be interested in using it. My actual intent was that it seems like something I would want to be used for official purposes only.
I love hyperbole, don't you?
Failed solution because any kiosk like environment typically has no media ports available, and when they do, usually has them BIOS locked down to not allow booting from them.
I never said the OS is a bad thing. Please don't put words in my mouth.
I note that PopeRatzo never said *you* said the OS was a bad thing.
My actual intent was that it seems like something I would want to be used for official purposes only.
And that is what the objection is to: The idea that things ought to be restricted in their use because they can also be used by bad people. Just about anything can be used for good or ill; if you attempt to control anything that might potentially be misused or abused, there's nothing left.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
They only would have to provide source code if they provided the distro "out of house". If this is an "in house" only distro, they don't have to provide any source code, not even to their employees. The GPL allows for customization and internal use without the need for publishing source code. It also provides publishing source code only to the recipients of the binaries. It's not required to give to the general public, unless they distribute it to the general public.
*IANAL but have read a lot about the GPL.
You can download this on Alllinuxinfo.com the link is DOD Lightweight Portable Security distribution Mirror at the bottom
I'm ignorant. And old. Back in the day I remember that a BIOS could be compromised by a virus. Is that still the case with newer computers?
"Crude and slow, clansman. Your attack was no better than that of a clumsy child."
Too bad not everybody can easily get around it.
Think crop dusters. They have an airplane, and to put a power takeoff from the engine to the spray pump would mean FAA recertification of the entire powertrain. Answer: Use a ram air turbine, a windmill that sticks out into the airstream to power the pump. No modification to the airplane itself, no recertification necessary.
What did the Jewish pedophile say to the 9 year old?
Hey kid, want to buy some candy?
I better post this Anon, since I'm CmdrTaco and all.
What did the Republican pedophile say to the 9 year old?
"Give me all your candy, you lazy little moocher. "
You are welcome on my lawn.
"Tamper proof" is only claimed in the summary, not TFA. This is intended to be "a secure end node from trusted media" for "general telecommuting use."
It's not supposed to be a bullet-proof connection to super-secret networks, just a better way to check email from outside the office.
I don't think that word means what you think it means.
...have seeded a copy!
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
If the computer's keyboard records keystrokes, or the computer has hardware installed to record screenshots, it's unclear how running secure software on that hardware would help much.
And that, my friend, was my point: Who cares if "certain people might be interested in using it"?
What was your purpose in pointing out that pedophiles might be interested in using an OS that has great security and anonymity? Who cares if pedophiles "might" be interested? Why should that even enter into a discussion of such an operating system, unless you were trying to cast some uncertainty, some doubt, some fear about having such an operating system available for us to use.
I just looked at your original comment again, and the issue of pedophiles possibly being interested was the only thing you had to say. So if that's important enough for you to post, then please explain why you think it matters. What should we do or think about a secure, anonymous operating system that might be of interest to pedophiles.
You'll have to excuse my curiosity, but I find it interesting that of all the things that could be said about such an operating system, the one you choose to point out is that "pedophiles would be interested...among other people". So what?
You are welcome on my lawn.
They obviously wanted to replicate the Windows look, but went a bit too far.
Also some wooden transportation vehicle shaped like a horse comes to mind. Don't know why...
Didn't the NSA produce a Linux distribution before they got slapped down for being anti-competitive?
/* TODO: Spawn child process, interest child in technology, have child write a new sig */
If you read spi.dod.mil, you'll see two editions - LPS-Public for safer, smartcard-enabled Internet browsing and LPS-Remote Access for more secure remote enterprise network access (telework). The latter has far greater security technology AND is custom built for office (IP address) AND can only connect to only that smartcard-authenticated network.
I tried both versions, on Virtualbox. While the 'normal' one booted okay, the 'de luxe' just stays with a black screen.
Nope, the checksum is even okay. So another downlaod won't cut it.
Why??
Per spi.dod.mil, LPS has main two editions - LPS-Public for safer, smartcard-enabled browsing and LPS-Remote Access for remote enterprise access (telework) of federal networks. Public is free; LPS-Remote Access is custom built for each group per need (free to DoD, $10k others).
Reading the product sheets on spi.dod.mil, the Public edition's security is far less than the Remote Access edition - the latter has a firewall, can connect to only that enterprise IP address, and 'other security features" which would hint that they made all those 'obvious' fixes like no root, no shells, SELinux, locking stuff down, monitoring, etc.. It seems the Public is meant to be a more usable, protective device for Internet surfing (and for using smartcards) but the products true value lies telework for very sensitive enterprise (and thus have far greater security).