Distributions
Lightweight Portable Security
There are any number of organizations that have a need for a security-oriented OS that can be freely used on computers at coffee shops, hotels, and the like. The US Department of Defense (DoD) is one such organization and it has put together Lightweight Portable Security (LPS), a live CD (or USB stick) Linux distribution, for use by its employees to access the web—or their desktop remotely. While the technology behind LPS is not particularly noteworthy, though it does have some interesting features, it is noteworthy that DoD chose Linux to deliver this kind of solution. Perhaps that shouldn't be surprising either, though, as the proprietary OS vendors don't really offer any way to customize their systems to anywhere near the extent that Linux does.
![[LPS desktop]](https://static.lwn.net/images/2010/lps-desktop-sm.png)
LPS was developed as part of the DoD's Software Protection Initiative (SPI),
which is run by the Air Force Research Laboratory (AFRL). SPI's mission is to
"marginalize a nation-state class threat's ability to steal and
exploit critical DoD intellectual property found in application software
(executables, source, and associated data).
" While LPS will
certainly help with that mission, it doesn't seem anywhere near hardened
enough to fend off nation-state class threats.
The distribution is available as ISO files in either of two "public" editions: standard or deluxe. The deluxe edition simply adds OpenOffice.org and roughly doubles the size of the release. The existence of a public version would seem to imply that there are less-public versions of LPS—one of those may be the LPS Remote Access Edition, which doesn't come with download links and instead has a way to request custom versions.
Version 1.1.1 of LPS was released on November 15 and can be burned onto a CD directly. In addition, bootable USB sticks can be created, but only (easily) under Windows.
![[LPS user agreement]](https://static.lwn.net/images/2010/lps-useragree-sm.png)
When booting into LPS, one is greeted by a screen with badges for the three organizations responsible and a progress bar. After that, a window pops up that gives three choices: read the user agreement, agree to it and continue, or reject it and reboot. The agreement itself notes that the software is governed by the GPL and disclaims any warranty. While it is not unheard of for Linux distributions to have a click-through license, it is a bit strange.
Once the agreement has been accepted, LPS loads an IceWM desktop, which prominently features those three badges again, along with icons for a number of applications (e.g. Firefox, OpenOffice.org, Documentation, Xterm). The layout is fairly Windows-like, presumably so that it doesn't scare off the target users. There are also menu entries for things like SSH, Citrix, and Microsoft remote desktop clients.
Once you start poking around in LPS, though, some questionable things jump out. Starting the Xterm gives a root BusyBox shell for example, and a simple ps shows that everything runs as root. That includes Firefox, IceWM, the wicd network manager, and so on. One of the features of LPS is that it doesn't mount the local disks of the system, but that is trivial to work around with mount.
If LPS is started from CD, making persistent changes to it is not possible, but part of the idea is to isolate the data on the local disks from internet-based attacks. For public computers in hotels or elsewhere, there may not be anything of interest on the local disks, but if users are booting LPS on their home systems or laptops, that assumption may not have much merit. Given that everything runs as root, and the local disks are accessible, whatever OS is installed locally could be subverted.
For USB-based LPS systems, the situation is even worse. Though the USB stick isn't mounted by default after LPS boots, it certainly can be. The LPS user's guide [PDF] notes that removing and re-inserting the USB stick will mount it, though malware could also mount it directly. That would allow LPS itself to be persistently modified.
There are some warnings that might alleviate some of these problems. It is
recommended that a separate USB stick be used for data, for example. In
addition, there are suggestions that LPS be rebooted before making any
"sensitive
" transactions—and after after visiting dodgy web
sites. It seems a little unlikely that users will actually follow those
instructions, either because they forget or due to the annoyance of a
fairly lengthy boot time.
It is a fairly old kernel that LPS uses (2.6.27), but it has been updated to one of the more recent—but not the most recent as of November 15—stable versions (2.6.27.53) based on the uname string. Whether there have been any patches applied on top of that kernel is difficult to determine as there is no source code provided—at least in any obvious location.
A query about the source location was answered by Rich Kutter of the AFRL who said that LPS is based on Thinstation 2.2.2 with only minimal modifications. A change to the OpenSC smart card libraries/utilities to better support the DoD Common Access Card (CAC) is the only substantive change. He said that the code for that change will be placed in the ISO image for the next release due later in December. But that doesn't satisfy the GPL requirements, as the full source needs to be made available, which is something they are planning to do, he said.
It would seem that SELinux has not been enabled for LPS, which may not be a huge surprise for a, supposedly, read-only system. It is, however, another US government security solution for Linux, and could have been used to sandbox Firefox and its Flash plugin for example (though just running them as non-root would be a good start). Overall, one gets the feeling that the folks behind LPS may be working in something of a vacuum, and not fully considering all of the threats that LPS might face. Perhaps part of the reason there is a public version is to get that kind of feedback.
There are some specific additions to LPS for DoD users, including support for CAC and Personal Identity Verification smart cards. Evidently, there are some web sites that are only available to folks that have those cards and an available USB smart card reader, so Firefox has been configured to do that kind of verification.
There is also an Encryption Wizard that allows for Advanced Encryption Standard (AES) encryption and decryption of files. The Java-based wizard has also been turned into a Firefox plugin so that web-based email (e.g. Yahoo, Gmail, Outlook Web Access) can be encrypted.
Overall, LPS is perfectly usable—if painfully slow for unknown reasons on a not underpowered laptop—for web surfing and document creation. It has a very limited set of applications, presumably by design, and no way to add any new ones. If you need GIMP or Thunderbird, it would seem that you are simply out of luck. Once the source code for building the distribution is available, one could presumably build their own derivative with additional applications, but that is difficult to do at the moment.
While it seems dubious that LPS would thwart a targeted attack from a nation-state-sized attacker, that is probably also true of most or all Linux distributions. But there is clearly more that could be done to harden LPS against less targeted, or less deep-pocketed, attackers. LPS may give the impression of being more secure than it actually is because of where it comes from, and that is a bit worrisome. Given that there are entities actively trying to access classified information—either for espionage or posting on Wikileaks—LPS only provides a partial solution to those problems.
Brief items
Distribution quotes of the week
How to name MeeGo packages for Debian:
DebXO 0.6 release
DebXO 0.6 has been released. "DebXO is a version of Debian (testing) that is customized for the XO-1 hardware. The 0.6 release adds initial support for the XO-1.5 hardware; however, XO-1.5 is not officially supported. I'll update the wiki with instructions for XO-1.5, for the early adopters."
New Owl ISOs
New Owl-current ISOs, OpenVZ container templates, and freshly rebuilt package sets have been released. "This might be the last Owl-current snapshot before we make our 3.0 release, so please test extensively and report both successes and failures (in some detail). ;-)"
Distribution News
Debian GNU/Linux
Debian Release Update
Neil McGovern has a report from the Debian release team. Topics include squeeze in deep freeze, remaining bugs, schedule, themes and Wheezy.Debian 6.0 "Squeeze" to be released with completely free Linux Kernel
A long time goal of the Debian project has been to remove non-free firmware from the Linux kernel shipped with Debian. "We are proud to announce that, to the best of our knowledge, all issues are solved and that we will be able to deliver a Linux kernel which is completely Free, according to the Debian Free Software Guidelines (DFSG), with Debian Squeeze."
Fedora
Fedora Board Recap 2010-12-13
Click below for the minutes from the December 13 meeting of the Fedora Board. Topics include schedule, longer term goals and vision statement.
SUSE Linux and openSUSE
Alan Clark new openSUSE Board Chairman
The openSUSE Board has announced that Alan Clark has been appointed by Novell to be the chairperson for the board. "As you may be aware, we have focused a significant amount of our time on the creation of an openSUSE Foundation to be independent and to be able to collect and spread funds. And Novell has been very supportive with our desire to see this come to fruition. Markus told us that one of the reasons he selected Alan is that he has a lot of expertise in setting up foundations. Alan helped to form the Open Source Development Labs (OSDL) and the Linux Foundation, as well as several other open source projects and organisations. We, along with Markus, believe that Alan's experience and expertise will be an asset of immense value to the Board, and we welcome that as we, and Novell, partner together in forging ahead on an exciting and promising future for the openSUSE Project."
Ubuntu family
PS3 CD builds stopped for Natty
The daily PlayStation 3 CD builds are no longer available for Ubuntu Natty Narwhal (11.04). "Changes made by Sony to the "Other OS" facilities of the PS3 have made it increasingly difficult for people with new systems to run Ubuntu on them, and there seem to be hardly any developers with the interest and ability to keep the CD images working. Building separate CD images for PS3 takes a substantial amount of resources (disk space, time required to run the powerpc and powerpc+ps3 live filesystem builds sequentially, developer time to fix problems, and so on), and right now it doesn't seem to be worth it."
Newsletters and articles of interest
Distribution newsletters
- DistroWatch Weekly, Issue 384 (December 13)
- Fedora Weekly News Issue 255 (December 8)
- openSUSE Weekly News, Issue 153 (December 11)
Linux Mint 10: A Perfect 10? (Linux Magazine)
Joe "Zonker" Brockmeier reviews Linux Mint 10 for Linux Magazine. "So Linux Mint may continue using the traditional GNOME desktop with [Linux Mint] 11. I'm curious how that decision will sit with Mint users today, whether they've been hoping for a Mintized GNOME Shell or are excited by Unity. My experiences with Unity so far — as a desktop interface — have been less than satisfying. I'm very happy with Mint's GNOME implementation, and their decision to stick with a traditional GNOME interface would make Mint a great refuge for Ubuntu users who do't care for the newfangled Unity interface. Yes, Ubuntu will probably ship with a vanilla(ish) GNOME and GNOME Shell, but it's not going to have the same level of polish it has now."
Zimmerman: Ubuntu Brainstorm Top 10 for December 2010
The Ubuntu technical board has been reviewing the most popular topics in Ubuntu Brainstorm—which allows people to vote on bugs and new features in the distribution—as Ubuntu CTO Matt Zimmerman reports on his blog. The ten most popular topics have received "expert answers", that Zimmerman describes. "
To tell us about it, Amit Kucheria, Ubuntu kernel developer and leader of the Linaro working group on Power Management, contributed a great writeup on this topic, with technical analysis, tips and recommendations, and a look at whats coming next. [Kucheria says:] I am going to attempt to summarize the various use profiles and what Ubuntu does (or can do) to prolong battery life in those profiles. Power management, when done right, should not require the user to make several (difficult) choices. It should just work — providing a good balance of performance and battery life."
Spotlight on Linux: ZevenOS-Neptune 1.9.1 (Linux Journal)
Susan Linton takes a quick look at the recent release of ZevenOS-Neptune. "ZevenOS isn't just another Debian or Ubuntu clone. Its developers attempt to provide a different, easy, and high performing alternative to more well known distributions. ZevenOS is the main offering and Neptune is technically a community driven branch. Another branch with GNOME 2.3.0 and Epiphany is also available. The ZevenOS project is an interesting participant in the Linux landscape and Neptune is definitely one to test. If you commonly travel off the beaten path, put this one on your list."
Page editor: Rebecca Sobol
Next page:
Development>>