A Linux Distro From the US Department of Defense 210
donadony writes "The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the U.S. Department Of Defense. The idea behind it is that government workers can use a CD-ROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker's own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user's activities behind."
Re:Review (Score:2, Interesting)
Thanks for the link. I think the reviewer nailed it though - the fact that it includes Flash which has new vulnerabilities about every 7 minutes and runs as root is just bizarre. Sure it resets when you reboot but if someone can easily exploit your machine and get to data you may have available on it by virtue of your existing session then all bets are off. Disappointing to me.
Re:Oh, it get's WORSE! (Score:4, Interesting)
BRILLIANT! That means that any flaws in your OS or applications (web browser) WON'T BE PATCHED
Which isnt really an issue for several reasons:
A) most of the code out there isnt targetting some obscure form of linux
B) this is a live distro, so there is no permenant storage, so no real worry of a rootkit
C) someone booting up this distro is unlikely to be doing so for reasons that would expose him to threats
Hence the lack of caring about /etc/passwd, or running as root, or all the rest. Its generally irrelevant on a live distro because you cannot get rootkitted.
Wont work in hotels, airports, etc. (Score:2, Interesting)
I've been working in the kiosk industry for about 8 years now. The current company I work for has around 1000 kiosks in hotels, airports, business centers, etc as well as having around 20,000 customers.
I can tell you that 99% of hotel's are setup to NOT allow USB or CDRom booting for the very obvious reasons. Most are setup as well to only read CDROM and read/write from USB and also have a Bios password set to disable the ability to execute from a different device.
I suspect this project will die off pretty quickly or fail soon if the people involved with the idea didn't even do some simple research or know about this type of information. Sure it would be a great use for their home computers but outside of that the CD's will just be one more thing to fall into the hands of people who will abuse it and become yet another security hole.
Re:Wont work in hotels, airports, etc. (Score:3, Interesting)
I used to work in the hospitality industry as well - the company installed, maintained and supported guest internet access for hotels and transit companies (we had several bus and rail contracts). For the locations with a lot of government or corporate guests, standing orders from the hotel management was to do whatever was necessary to get these guests online. Lockheed-Martin employees were one of our biggest sources of calls, their vpn would not let them reach the captive portals and they had to be passed through manually. Many government employees and contractors had exactly the same problem. Anyone else would be told to contact their IT department to sort that mess out.
Don't underestimate what hotels will do to accomidate what may be one of their largest customer groups. When a company like Lockheed-Martin says fix this or our employees will no longer be staying at your hotel, you fix their complaint, you don't tell them 'but we locked down that functionality' and lose 80+% of your business.