U.S. Dept. of Defense offers up tiny, secure Linux distro...

For discussions about security.
Message
Author
mechmike
Posts: 100
Joined: Tue 29 Nov 2005, 16:43
Location: Pelham, AL
Contact:

U.S. Dept. of Defense offers up tiny, secure Linux distro...

#1 Post by mechmike »


amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#2 Post by amigo »

"They could have just used Puppy" -surely you jest. Puppy is absolutely the furthest you can get from being 'secure'! Anybody who says otherwise is hiding their head in the sand and has no idea at all about what is secure.

User avatar
puppyluvr
Posts: 3470
Joined: Sun 06 Jan 2008, 23:14
Location: Chickasha Oklahoma
Contact:

#3 Post by puppyluvr »

:D Hello,
Puppy is absolutely the furthest you can get from being 'secure'!
Their OS is considered "secure" because it loads from CD and runs in Ram...
By those standards, Puppy is equally secure...
I mean, it aint BSD...
But it is a lot more secure than M$...
Security fears hamper the Linux market, and are mostly unfounded..
Yet M$ touts its products as the "safest".. LOL...
Close the Windows, and open your eyes, to a whole new world
I am Lead Dog of the
Puppy Linux Users Group on Facebook
Join us!

Puppy since 2.15CE...

mechmike
Posts: 100
Joined: Tue 29 Nov 2005, 16:43
Location: Pelham, AL
Contact:

Ahh, I wasn't paying close enough attention...

#4 Post by mechmike »

There's already a thread about this - mea culpa...

http://murga-linux.com/puppy/viewtopic.php?t=69551

User avatar
8-bit
Posts: 3406
Joined: Wed 04 Apr 2007, 03:37
Location: Oregon

#5 Post by 8-bit »

How about running Puppy from a virtual drive in VirtualBox installed on Puppy.
Would you then have an isolated version of Puppy?

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#6 Post by cthisbear »

" Puppy is absolutely the furthest you can get from being 'secure'!

Anybody who says otherwise is hiding their head in the sand and
has no idea at all about what is secure. "

""""""""

Nothing is totally secure.

Read about the Mac.

http://murga-linux.com/puppy/viewtopic. ... 336#546336

But your assertion is BS.

To me Puppy is way ahead of most.

Of course I can be hacked.
Banks are hacked...Nato.

LulzSec hits Blackberg Security's "hacking challenge" page;
declines $10k reward. Done strictly for lulz.

http://i.imgur.com/Vf7PK.png

But for the majority Puppy is absolutely safe.

But setup your router properly.
Many old routers still run only WEP.
An occasional wipe of the router logs doesn't hurt either.

Best security is to stay off the web entirely.

"""""""

Here is a thought from CLAM01 .

" The perennial problem with doing banking, or anything else you
want sure security for, from anywhere out and about
is router insecurity. "

http://murga-linux.com/puppy/viewtopic. ... 1&start=45

Chris.

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#7 Post by Flash »

...Probably the best news is that this Linux distribution isn’t limited to the Department of Defense or Air Force staff. It is free to download from the Software Protection Initiative which was put in charge of the distros’ development under the guidance of DoF and AFRL. The download comes in at just 135MB meaning you can stick it on one of those old 256MB USB stick we all have in a drawer somewhere.

Three versions of LPS exist. The 135MB version discussed above is called LPS-Public. Then there’s LPS-Public Deluxe which adds OpenOffice and Adobe Reader for further functionality at the cost of size on disk. Finally there’s the LPS-Remote Access version that is only available upon request. It adds VPN and any custom Thin Client software that an organization requires. For every day users wanting a secure portable distribution LPS-Public is probably all you need, especially if you use something like Google Apps instead of MS Office or OpenOffice.

Read more at Unixmen and the Software Protection Initiative
I wonder how easy it is to connect to the internet, compared to Puppy's wizard.

User avatar
James C
Posts: 6618
Joined: Thu 26 Mar 2009, 05:12
Location: Kentucky

#8 Post by James C »

Flash wrote: I wonder how easy it is to connect to the internet, compared to Puppy's wizard.
In my extremely limited testing........5 machines and wired dsl .........it connected automatically on boot every time.YMMV.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#9 Post by nooby »

Flash wrote:
....
I wonder how easy it is to connect to the internet, compared to Puppy's wizard.
It did it all totally automatic within some two seconds something.
Nothing had to be done it just worked
I use Google Search on Puppy Forum
not an ideal solution though

dawg
Posts: 116
Joined: Sun 09 Aug 2009, 14:36
Location: still here
Contact:

#10 Post by dawg »

LPS is bound to have a backdoor installed for the control-freak spooks somewhere.
I used to only like Puppy as a friend, but now I think our relationship is starting to develop into something more... :D

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#11 Post by cthisbear »

dawg:

I wouldn't doubt that.

"""""""

Where any OS is vulnerable is in wifi however.

Do we have a >> tunnel pet l>> ike Hotspot Shield?

Or would this help ....OpenVPN ?

http://www.ventanazul.com/webzine/artic ... u-and-hulu

"""""

Also

http://alternativeto.net/software/hotsp ... form=linux

http://miriup.de/index.php?option=com_c ... 25&lang=en

http://murga-linux.com/puppy/viewtopic. ... b6ea0e4a32

http://www.techsupportalert.com/best-fr ... ervice.htm

Chris.

User avatar
puppyluvr
Posts: 3470
Joined: Sun 06 Jan 2008, 23:14
Location: Chickasha Oklahoma
Contact:

#12 Post by puppyluvr »

:D Hello,
Built by the DOD..
Backdoor? Hell, I`d bet more like a Trap Door..
Lots of interesting bookmarks..
You`d think it would have more wireless drivers..
Fairly new kernel, 2.6.35.x if I remember right..
Forgot to look in about:config in FF..

Looks very official Gman ...
Wanna bet we see it in a movie scene???
Close the Windows, and open your eyes, to a whole new world
I am Lead Dog of the
Puppy Linux Users Group on Facebook
Join us!

Puppy since 2.15CE...

amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#13 Post by amigo »

"more like a Trap Door" -no wonder that only the binary ISO is available. All other links to the homepage do not work, and no mention is made anywhere about the sources... I'd be afraid to run that even once on my computers -it could be doing *any* conceivable evil without letting you know...

User avatar
Mechanic_Kharkov
Posts: 9
Joined: Sun 24 Jul 2011, 08:08
Location: Kharkov, Ukraine

#14 Post by Mechanic_Kharkov »

The Big Bro made some tool for its own security.. So people that know themselves as free ones may run such distro without sources with hdd physically detached and with any nv-ram chips in the system with /WE pins pulled up. ;-) As for me, I'll never use such "a black-boxed gift" from BB for any reason.
But the good thing is for state IT staff to share sensitive information loss / leakage responsibility directly with DoD if they use this distro. )
And it can improve general security level of some state depts if they would use it of course instead of M$'s.
Last edited by Mechanic_Kharkov on Sun 24 Jul 2011, 16:08, edited 1 time in total.

User avatar
puppyluvr
Posts: 3470
Joined: Sun 06 Jan 2008, 23:14
Location: Chickasha Oklahoma
Contact:

#15 Post by puppyluvr »

:D Hello,
Well, it doesnt, and in fact wont, mount a native drive..
But I`d be afraid to connect it to the net....
Gonna pick at it some more later, and see whats REALLY there..LOL
Remarkably similar to Puppy, in "run as root" and package selection...
I`ll bet the initrd has some interesting stuff in it..
The dir structure is a cross linked mess, to me at least...
But at 135mb, its hiding something... :wink:
Basically, its Icewm, Firefox and Leafpad..
And I wonder what else??
Close the Windows, and open your eyes, to a whole new world
I am Lead Dog of the
Puppy Linux Users Group on Facebook
Join us!

Puppy since 2.15CE...

Bruce B

#16 Post by Bruce B »

Some of you guys! You probably don't trust pirates either.

I trust the Department of Defense Linux a lot. I'm posting from it now and I've not seen one Drone, not even an AH-64 Apache.

~

User avatar
Moose On The Loose
Posts: 965
Joined: Thu 24 Feb 2011, 14:54

#17 Post by Moose On The Loose »

amigo wrote:"They could have just used Puppy" -surely you jest. Puppy is absolutely the furthest you can get from being 'secure'! Anybody who says otherwise is hiding their head in the sand and has no idea at all about what is secure.
I won't point out that the copy of 4.31 I use is still exactly as it was when I burned the ISO onto the CD. That is really cheating on the question of security.

In many ways, puppy does things in a manner that improves security. By keeping things very simple, the odds of a flaw are reduced. By not mounting every drive at startup, the drives are less likely to get written. When you first boot puppy it doesn't connect to the network. If you stay off the network you are a lot safer.

Microsofts NT was supposed to be reasonably secure. It turned out to have holes big enough you could drive a truck through. If you truly want security, the best option is to keep things very simple and only let a machine do those things it is needed for.

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#18 Post by DPUP5520 »

puppyluvr wrote::D Hello,
Well, it doesnt, and in fact wont, mount a native drive..
But I`d be afraid to connect it to the net....
Gonna pick at it some more later, and see whats REALLY there..LOL
Remarkably similar to Puppy, in "run as root" and package selection...
I`ll bet the initrd has some interesting stuff in it..
The dir structure is a cross linked mess, to me at least...
But at 135mb, its hiding something... :wink:
Basically, its Icewm, Firefox and Leafpad..
And I wonder what else??
A big part of the distro is the smartcard drivers and programs which is why i assume it is so big in that sense. Btw has anyone tried to get smartcards working on puppy i mentioned before i tried and failed horribly. I for one trust that there are no hidden backdoors intentionally put in as if this was made to access secure dod sites and transfer sensitive dod information why would they risk a backdoor which would eventually be found and compromised.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#19 Post by amigo »

"still exactly as it was when I burned the ISO" -that's of course correct. But you are ignoring what your computer may do while you are on-line. This is why I always argue with the 'puppy is secure' statements. Even though your OS, as loaded, may be clean, attacks can occur while you are running. This is also no help against lack of anonymity. Of course most users don't have any *visible* problems -maybe not any at all. But it simply madness to assume that you are safe because you run Puppy or run from RAM, etc. All the discussions here about 'security' are too one-sided and don't touch on the full gamut of problems which can occur. Viruses, trojan, root-kits, lack of anonymity, bot-nets -they are all diferent things and each should be addressed in its' own way.

amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#20 Post by amigo »

@puppylvr, just because the command 'mount' is missing or apparently won't mount a drive does not mean that the distro doesn't or can't mount a drive. The code in the mount program uses the kernel system call mount() which can be integrated into any program you like. So, the thing could be actually mounting everything available on the machine, without showing any evidence of it....

Post Reply