Forgot your password?
typodupeerror
Security The Military United States Linux

A Linux Distro From the US Department of Defense 210

Posted by timothy
from the buggy-whip-for-the-bandwagon dept.
donadony writes "The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the U.S. Department Of Defense. The idea behind it is that government workers can use a CD-ROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker's own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user's activities behind."
This discussion has been archived. No new comments can be posted.

A Linux Distro From the US Department of Defense

Comments Filter:
  • Review (Score:5, Informative)

    by Anonymous Coward on Thursday July 21, 2011 @07:50PM (#36840958)

    There is a review of LPS over at DistroWatch:
    http://distrowatch.com/weekly.php?issue=20110704#feature

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Thanks for the link. I think the reviewer nailed it though - the fact that it includes Flash which has new vulnerabilities about every 7 minutes and runs as root is just bizarre. Sure it resets when you reboot but if someone can easily exploit your machine and get to data you may have available on it by virtue of your existing session then all bets are off. Disappointing to me.

      • by icebike (68054)

        But your "current machine" is just a host, where you use memory, and nic, and that'ts about it.

        The chances that someone can "get to your machine" are extremely small, because it presumably has its own firewall, and Flash, while present, gets to write in temporary memory which gets purged when the browser shuts down.

        The developers can't be totally ignorant of the fact about flash, and several modern
        browsers sandbox flash already. With read only storage flash becomes pretty well contained.

        You have to assum

        • You have to assume a massive amount of juvenile thinking on the part of the Air Force to believe
          they would be totally unaware of that possibility.

          Have you seen how much they pay for toilet seats? I wouldn't be so confident.

          • Re:Review (Score:4, Informative)

            by LoRdTAW (99712) on Friday July 22, 2011 @08:27AM (#36844296)

            Eh its already known that things like expensive toilet seats, step ladders, hammers and other run of the mill items are mostly a myth. Certain items like the step ladder turned out to be custom built ladders for the F-14 fighter jet and not something you buy at home depot to paint your ceiling. Other explanations are the adding of overhead costs to line items in the financial breakdown of the finished piece of military hardware.

            Military hardware is mostly low production and highly custom. Computer monitors on battle ships might cost upward of $100,000 but they may have only made 10 of them at a time and specked to resist EMP (from a nuke) constant rocking and other severe environmental operating conditions.

            There are even military specs for chip (IC) packaging. So the circuit boards inside some of the military hardware might be completely different from consumer electronics even though they may perform the same or similar function.

            • I'll just add that the coffee pot on a 747 costs (IIRC) $4000 - airplane equipment is just expensive, due to (as the parent noted) low volumes, expensive development and expensive parts. Just about everything electrical on an aircraft has to pass both FAA and FCC, and every time you change a resistor the whole thing has to go through certification again, at cost exceeding $1 million - each. So, amortize that cost over perhaps 500 planes, plus spares, parts, etc. and you are talking about perhaps $1000 per

              • Too bad not everybody can easily get around it.

                Think crop dusters. They have an airplane, and to put a power takeoff from the engine to the spray pump would mean FAA recertification of the entire powertrain. Answer: Use a ram air turbine, a windmill that sticks out into the airstream to power the pump. No modification to the airplane itself, no recertification necessary.

  • by Baseclass (785652)
    If the computer is left on the RAM can still leave traces behind.
    I don't see how this is any different than any other live CD though.
    • I don't see how this is any different than any other live CD though.

      I don't think it really is any different. It's just now an approved solution for DOD personnel.

      • Re:RAM (Score:4, Informative)

        by fluffy99 (870997) on Friday July 22, 2011 @12:13AM (#36842596)

        This isn't intended to be just another Live CD. The disks or thumb drives are corporate specific, and are setup to boot and provide a secure VPN into the company. Not for general use. In fact they are usually setup so they can only reach out to the company or agency's VPN server. This is a far more secure solution that letting users install VPN software on their personal computers, and a lot cheaper than buying them govt owned computers that they might try to connect to the general internet.

      • by vegiVamp (518171)

        Not exactly "just now" - I've seen this over two years ago already, and I'm not even in the US, let alone the military.

    • Re:RAM (Score:5, Informative)

      by Pharmboy (216950) on Thursday July 21, 2011 @08:03PM (#36841072) Journal

      I don't see how this is any different than any other live CD though.

      As someone else pointed out, this is an "approved" method, meaning they have vetted the distro and believe it to be secure. This actually makes sense, and is much better than telling your soldiers "go download some live linux cd and make sure it is secure".

      One of the major benefits of Linux is the ability to make your own distro for special applications like this. And since it is available freely for download (not required but they did it anyway) and the source is available, that makes it even better.

      • Re:RAM (Score:5, Insightful)

        by Jah-Wren Ryel (80510) on Thursday July 21, 2011 @09:35PM (#36841740)

        As someone else pointed out, this is an "approved" method, meaning they have vetted the distro and believe it to be secure. This actually makes sense, and is much better than telling your soldiers "go download some live linux cd and make sure it is secure".

        More likely it is about CYA. Government security runs on CYA. Having an approved distribution means that everyone else in the organisation can use it, recommend it, even mandate it without having to worry about taking the blame if there is something wrong with it. Without an approved distro, no distro would be permitted at all.

        More generally government security is totally top down - you have groups of "experts" (who may or may not actually be experts) who come up with procedures and requirements. Those are then made into official policy and distributed downline to security officers and regular users who are expected to follow those procedures to the letter without trying to think through the actual goals. When the official policy is fuzzy, you get different sites making different interpretations, sometimes with head-shakingly comedic effect - like mandatory windows virus-scans on non-windows comptuers or forbidding the installation of ssh (because its not officially approved) while leaving rlogin in place. But even those, often ridiculous, interpretations still have full CYA as long as they don't violate the official documented policies.

        • by fermion (181285)
          America runs on CYA. If a drug company puts out a vaccine that kills children, as long as they have followed the proper protocol they will not be liable for the murder of the children. As long as a financial company follows the rules, they can pillage and drive families out of their homes. Note that banks are not in trouble for encouraging consumers to accept loans that would most likely result in the consumer losing their homes and the banks reaping a huge profit while the families live on the street, b
          • by Nutria (679911)

            America runs on CYA. If a drug company puts out a vaccine that kills children, as long as they have followed the proper protocol they will not be liable for the murder of the children.

            You're mistaking CYA with "we can't know everything, but we did our best by following agreed-upon standards and practices". This country (and Europe for that matter) is already too nannyish and afraid of lawyers (refer to the "Can a Playground Be Too Safe?" article. Any more and progress will grind to a *complete* halt.

        • I can confirm from inside the federal gov't that you're precisely right. One agency was running IE6 in 2008 when I visited. They all hated it but for 'security reasons' they weren't allowed to upgrade. The reason? Not b/c IE7 was less secure but b/c they hadn't done a security 'analysis' of it, so it wasn't cleared for use (never mind that the rest of the world has done so, and it was possible to determine with a high degree of confidence that IE7 was more secure by googling the topic for half an hour or le

      • Sounds like a good distro to use for on-line banking - assuming your bank doesn't require flash running in IE6, which in the US, is a 50-50 proposition.
    • Re:RAM (Score:5, Informative)

      by LordLimecat (1103839) on Thursday July 21, 2011 @09:21PM (#36841604)

      Its different because not only is it approved for clearanced work, it also has a version of Firefox with CAC-reader support. My understanding has always been that CAC support was limited to windows; no longer.

    • by icebike (68054)

      If the computer is left on the RAM can still leave traces behind.

      I don't see how this is any different than any other live CD though.

      There are standard system calls available to over right memory in any platform this would run on.
      Since it doesn't use the hard drive, there launcher just needs to be able to make one pass thru
      the virtual drive and over write everything.

      But it would be far simpler to use encryption on the virtual hard drive. That way, no clean up
      is necessary.

  • Yeah, this was a good idea... I actually have Ubuntu installed on a portable USB drive -- It's faster than installing off a CD and it remembers saved data, bookmarks & installed progs (instead of a clean boot image).

    However, I don't think for a moment that this prevents an infected system BIOS/CMOS from infecting the MBR of the flash drive, or that even booting off of a CD-R will be able to keep me safe if the hardware can't be trusted... I mean, If you want security, why not give them a personal mo

    • by rbollinger (1922546) on Thursday July 21, 2011 @08:00PM (#36841040)
      It's like using a condom... it won't protect you 100% but that's still safer than doing nothing!
      • by physicsphairy (720718) on Thursday July 21, 2011 @09:16PM (#36841584) Homepage

        Actually, doing nothing is the tried and true Slashdot defense against STDs.

        • by sorak (246725)

          Actually, doing nothing is the tried and true Slashdot defense against STDs.

          That's the abstinence paradox. Those who strive for abstinence tend to fail, while those who try, desperately for sex, often fail as well. If they were to switch goals, would they be successful?

      • by thegarbz (1787294)

        I think it's more like using the pill. Not as effective as a condom.

        The reason is that a lot of intrusion these days happens on the hardware level. This OS would do nothing to protect from the hardware keyloggers attached inline with the keyboard that have been seen at some internet cafes.

        The summary got it right for once. It only protects against largely against the kind of internet borne threats that infect computers.

    • I have Ubuntu running on a portable USB drive too, but even after messing with the casperfs stuff, I can't figure how to get a persistent drive storage (granted I'm a linux idiot). Any links or helpful tips? (realizing this is way OT). Thanks!

  • Except with some useful proprietary applications with GUIs for encryption and making it difficult to have persistent data.

    I guess the kernel has all proprietary divers in it so its more likely just work and support hardware but that also comes with the slightest chance that its just an excuse to get a back-door in there (thought if there is one; the other end does not care what you are doing).

    • Well if that's really what it is then the official Puppy Linux distro would do well to adopt some of those encryption GUIs. I've yet to find one I like that is easy to get installed and configured in the Puppy.
    • by nurb432 (527695)

      If every PC you hit has network access, does it matter? Store your data ( and config too ) back at your office. If the PC doesn't have network access, its going to be sort of a moot point anyway in most cases.

      • by nzac (1822298)

        I’m guessing you are meaning the lack of persistent data. I mean that as a good thing for this distro; it appears to be designed to login to encrypted sites and access and send encrypted data from potentially compromised computers. You cant accidentally save or install a virus that could compromise all further communications for the sake convenience on a live USB disk.

  • But can it run America's Army?

  • call it Dod-ian

  • by Anonymous Coward

    I've been working in the kiosk industry for about 8 years now. The current company I work for has around 1000 kiosks in hotels, airports, business centers, etc as well as having around 20,000 customers.

    I can tell you that 99% of hotel's are setup to NOT allow USB or CDRom booting for the very obvious reasons. Most are setup as well to only read CDROM and read/write from USB and also have a Bios password set to disable the ability to execute from a different device.

    I suspect this project will die off prett

    • Re: (Score:3, Interesting)

      by lostfayth (1184371)

      I used to work in the hospitality industry as well - the company installed, maintained and supported guest internet access for hotels and transit companies (we had several bus and rail contracts). For the locations with a lot of government or corporate guests, standing orders from the hotel management was to do whatever was necessary to get these guests online. Lockheed-Martin employees were one of our biggest sources of calls, their vpn would not let them reach the captive portals and they had to be passe

  • It would really save some annons a lot of trouble if this distro would just upload all of the confidential files to pirate bay.

    Think how much time we would save waiting for the right person with the right access, or the right system to be vulnerable and get exploited. Its all going up there eventually anyway, so why not skip the middle man? I suppose thats too much efficiency to hope for.

  • by NicknamesAreStupid (1040118) on Friday July 22, 2011 @12:45AM (#36842742)
    (1) device support. For example. LiveCD does not support certain wireless adapters. (2) virtualization. Can you be sure you are not booting into a VM?
    • by txoof (553270)

      Issue (3) Can you be sure that the hardware is secure? Though unlikely, a key logger is a real threat to even this type of security.

      When I don my tin-foil hat, I often wonder how secure any hardware is in this regard. Given the number of USB devices that have shipped with mal-ware factory installed, I wonder if there are not more deliberate and high-level attempts to manufacture hardware with key-loggers or similar nastiness built in. When Lonovo bought IBM the idea crossed my mind that it would be fairl

      • by tlhIngan (30335)

        Though unlikely, a key logger is a real threat to even this type of security.

        hardware keyloggers exist. They're small enough to be embedded inside the keyboard itself, though you may also find somethat look like the EMI ferrite lumps they put on cables and have it embedded that way. Or the lamest ones are dongles that stick in-between the keyboard cable and the computer. (And yes, they do USB).

        They also don't require software - just hit a few keys, enter a password, and it'll type out the contents of the bu

  • classic sand-boxing is good, pretty efficient, but of course the user can leak information as he "surfs" on the CDROM, but at least old information is restricted.

  • The idea that they would, in the time of 3g and WLAN, somebody like a employee of the DOD would try to use any hotel computer and make it magically safe by booting some OS.

    Using an hotel computer or any internet cafe computer is like putting a malicous roommaid onto steroids.

    There is an infinite number of people which had infinite time to place keyloggers, bug the monitor cable etc.

  • though we lambaste TSA-type security theater with good reason, I get the impression that the feds are at least more serious about security for their own systems/installations

  • WikiLeaks News 2014 In a stunning revelation Anonymous found information indicating the Dept. of Defense gathered information from its employees. Last year the DOD was outed by WikiLeaks News as having included a key logger on the Lightweight Portable Security Linux distribution, a live-cd mandated for all DOD employees for use on non-DOD PCs. Now our sources discovered keystroke records from over a million sessions on DOD computers. Another piece of software on the live CD transferred these sessions to DO

Luck, that's when preparation and opportunity meet. -- P.E. Trudeau

Working...