Slashdot Mirror
A Linux Distro From the US Department of Defense
donadony writes "The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the U.S. Department Of Defense. The idea behind it is that government workers can use a CD-ROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker's own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user's activities behind."
There is a review of LPS over at DistroWatch:
http://distrowatch.com/weekly.php?issue=20110704#feature
I don't see how this is any different than any other live CD though.
As someone else pointed out, this is an "approved" method, meaning they have vetted the distro and believe it to be secure. This actually makes sense, and is much better than telling your soldiers "go download some live linux cd and make sure it is secure".
One of the major benefits of Linux is the ability to make your own distro for special applications like this. And since it is available freely for download (not required but they did it anyway) and the source is available, that makes it even better.
Tequila: It's not just for breakfast anymore!
Actually, doing nothing is the tried and true Slashdot defense against STDs.
When things get complex, multiply by the complex conjugate.
Its different because not only is it approved for clearanced work, it also has a version of Firefox with CAC-reader support. My understanding has always been that CAC support was limited to windows; no longer.
As someone else pointed out, this is an "approved" method, meaning they have vetted the distro and believe it to be secure. This actually makes sense, and is much better than telling your soldiers "go download some live linux cd and make sure it is secure".
More likely it is about CYA. Government security runs on CYA. Having an approved distribution means that everyone else in the organisation can use it, recommend it, even mandate it without having to worry about taking the blame if there is something wrong with it. Without an approved distro, no distro would be permitted at all.
More generally government security is totally top down - you have groups of "experts" (who may or may not actually be experts) who come up with procedures and requirements. Those are then made into official policy and distributed downline to security officers and regular users who are expected to follow those procedures to the letter without trying to think through the actual goals. When the official policy is fuzzy, you get different sites making different interpretations, sometimes with head-shakingly comedic effect - like mandatory windows virus-scans on non-windows comptuers or forbidding the installation of ssh (because its not officially approved) while leaving rlogin in place. But even those, often ridiculous, interpretations still have full CYA as long as they don't violate the official documented policies.
When information is power, privacy is freedom.
You know what child pornographers and "other people" are interested in? Air. They like breathing. Is that a knock on oxygen?
Do you really believe that a seriously secure OS is something bad just because "child pornographers...among other people" might be interested in it?
That sounds a lot like an argument you'd hear from people who believe that there should be a back door in everything so "the authorities" can take a peek.
Here's a news flash: I don't give a fuck if child pornographers are interesting in something. I'm not prepared to give up every last bit of my own privacy just because there happen to be perverts in the world.
Among other people.
You are welcome on my lawn.