Linked by Thom Holwerda on Fri 22nd Jul 2011 21:03 UTC, submitted by fran
Linux "Lightweight Portable Security (LPS), created by USA's Department of Defense, is a small Linux live CD focusing on privacy and security, for this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and some interesing tools. LPS-Public turns an untrusted system into a trusted network client." Complete with backdoor so they can spy on all of us I'm sure!1!!
Thread beginning with comment 482152
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: You feel it is not secure?
by Morgan on Sun 24th Jul 2011 08:53 UTC in reply to "You feel it is not secure?"
Member since:

The only issue I think it might have with security is the fact that it uses proprietary binary software. The article mentions Flash 10.3 and the Nvidia binary driver, and there may be more. Since the source code for those binary-only blobs cannot be vetted, I would suspect them of being possible vectors for intrusion before the open source parts. If I remember correctly Flash was a successful vector in at least one Pwn2Own contest. That said, I think it's highly unlikely given the overall focus on keeping the distro secure.

Reply Parent Score: 3

Bill Shooter of Bul Member since:

Those kinds of binary blobs are way too obvious. I would expect more of the NSA. The best kind of attack are those that can have their source reviewed by people and not be detected.

Reply Parent Score: 2

Clinton Member since:

I agree with your sentiment that all open source software would be better, but in some scenarios it just isn't feasible. For example, the Nouveau open source drivers don't support DisplayPort monitors or multiple video cards.

Edited 2011-07-26 06:37 UTC

Reply Parent Score: 2

Morgan Member since:

Huh? I never said "all open source software would be better", nor do I feel that way, at least in the context you provide. My point was that open source software can be fully vetted, whereas proprietary binary software cannot. Therefore, in the context of this article, I feel there are some unavoidable security weak points due to the use of closed-source software.

As far as whether open source or proprietary software is a better choice for usability, that is left up to the particular user. My own experience has been that there are some applications that just don't have a superior F/OSS counterpart yet. Until there is a better open source version, I'm stuck using the proprietary one if I want full functionality. Thankfully, that is a rare condition.

EDIT: And my sleep deprived brain just realized what you actually meant, that for this particular distro, fully open source would be better but may not be feasible due to the very limitations I just blathered about above. Sorry about that!

I'm going to bed now; no more sleepy-posting I promise.

Edited 2011-07-26 07:14 UTC

Reply Parent Score: 2