“Lightweight Portable Security (LPS), created by USA’s Department of Defense, is a small Linux live CD focusing on privacy and security, for this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and some interesing tools. LPS-Public turns an untrusted system into a trusted network client.” Complete with backdoor so they can spy on all of us I’m sure!1!!
A Linux Distribution from the US Department of Defense
About The Author
Follow me on Twitter @thomholwerda
2011-07-23 1:43 amAdrianoML
I don’t known if your comment was pejorative, but indeed, it has a windows 2000 vibe.
2011-07-23 2:15 amHypnos
That is on purpose, I assure you. The gov’t has PHBs, too, you know …
2011-07-23 7:33 amdusanyu
Looks like IceWM with the “Redmond” theme to me
Wow, “encryption tool” screenshot is the most funniest and hilarious thing I’ve seen by far in this US DoD context, really.
USA would *never* allow their services or citizens to encrypt files with unbreakable algorithm. Instead, they provide them with tool that they can control, with the cipher they can decrypt … what a coincident!
Also, IIRC, USA has some serious “export of cryptography” issuess, which also proves it right, eh?
USA as a whole has a very unique ability to make me laugh almost everytime I read about it or hear some rediculous news regarding USA.
2011-07-23 5:12 pmAlfman
“Also, IIRC, USA has some serious ‘export of cryptography’ issuess, which also proves it right, eh?”
This indeed was a serious problem with US government controlling encryption. It was covered under munitions laws. It resulted in the exact opposite of the intended effect. Developers were forced to do all cryptographic research and publications outside of the US.
This was obviously a stupid policy on multiple levels, but it was no doubt the result of having stupid politicians making choices without first consorting with more knowledgeable subject mater experts.
However the government has gotten the sense to relax most encryption restrictions.
(From the top of your link)
“On June 25, 2010, the Bureau of Industry and Security published amendments to the encryption provisions of the Export Administration Regulations (EAR). These amendments remove many items from control as encryption items. They also reduce or eliminate review and reporting requirements for many more items that remain controlled as encryption items.”
2011-07-24 3:29 pmCodeMonkey
Wow, “encryption tool” screenshot is the most funniest and hilarious thing I’ve seen by far in this US DoD context, really. USA would *never* allow their services or citizens to encrypt files with unbreakable algorithm. Instead, they provide them with tool that they can control, with the cipher they can decrypt … what a coincident!
The encryption tool is actually called eWizard. The free version uses 128-bit AES which is “technically” breakable but still computationally infeasible. In addition to just a passphrase or keyfile, it can also use the certificates and keys stored in a user’s smart-card for the encryption keys.
Complete with backdoor so they can spy on all of us I’m sure!
(and others) I recall similar comments when SELinux was put out by the NSA, but now it’s a standard component of the Linux kernel. Eat crow, already.
The article implies that this distribution isn’t so much for public consumption, anyway. It’s for government workers:
The idea behind it is that government workers can use a CDROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a workerâ€™s own home….no trace of work activity can be written to the local computer.
That last part looks intriguing.
(Edit: used wrong word. Then I misspelled the right word. ‘Tain’t my day today.)
Edited 2011-07-23 12:46 UTC
Then I dare you to break it! It is open source and you can view it and try to hack into it all you want. Prove it is flawed.
2011-07-24 8:53 amMorgan
The only issue I think it might have with security is the fact that it uses proprietary binary software. The article mentions Flash 10.3 and the Nvidia binary driver, and there may be more. Since the source code for those binary-only blobs cannot be vetted, I would suspect them of being possible vectors for intrusion before the open source parts. If I remember correctly Flash was a successful vector in at least one Pwn2Own contest. That said, I think it’s highly unlikely given the overall focus on keeping the distro secure.
2011-07-24 9:26 pmBill Shooter of Bul
Those kinds of binary blobs are way too obvious. I would expect more of the NSA. The best kind of attack are those that can have their source reviewed by people and not be detected.
2011-07-26 6:37 amClinton
I agree with your sentiment that all open source software would be better, but in some scenarios it just isn’t feasible. For example, the Nouveau open source drivers don’t support DisplayPort monitors or multiple video cards.
Edited 2011-07-26 06:37 UTC
2011-07-26 7:11 amMorgan
Huh? I never said “all open source software would be better”, nor do I feel that way, at least in the context you provide. My point was that open source software can be fully vetted, whereas proprietary binary software cannot. Therefore, in the context of this article, I feel there are some unavoidable security weak points due to the use of closed-source software.
As far as whether open source or proprietary software is a better choice for usability, that is left up to the particular user. My own experience has been that there are some applications that just don’t have a superior F/OSS counterpart yet. Until there is a better open source version, I’m stuck using the proprietary one if I want full functionality. Thankfully, that is a rare condition.
EDIT: And my sleep deprived brain just realized what you actually meant, that for this particular distro, fully open source would be better but may not be feasible due to the very limitations I just blathered about above. Sorry about that!
I’m going to bed now; no more sleepy-posting I promise.
Edited 2011-07-26 07:14 UTC
While cool, it still doesn’t protect against a keystroke logger or injection.
Also, it doesn’t seem like it’d be too different than using any live cd but disabling the disk drivers (disabling hard disk but not the CD might be rather tricky though).
Did the portable personal security linux distro. first and with a much cooler name
Edited 2011-07-26 15:59 UTC
It looks like Windows 95!