LPS Linux – The Publicly Available Air Force Secure Linux Distro

LPS Desktop

Looking for a Secure Linux Distribution and not sure what to use? Why not try the publicly available Linux Distro created by the US Air Force?

Several nations are moving to or modifying their own Linux distributions for military use. And honestly, it just makes sense. But did you know that the SPI working with the US Air Force created the “Lightweight Portable Security” Linux (or LPS for short) and have released it for public use?

LPS is a publicly available, secure Live CD that offers security, sandboxing and encryption.

The ATSPI Technology Office produces nation-state class protection products, and according to the LPS website, “LPS-Remote Access was certified by AFNIC to connect to the GIG for general telecommuting use“. A whole lot of acronyms there, but basically what it means is that LPS is secure – secure enough to be certified by the Air Force to connect to the DoD Global Information Grid – the military’s information super highway.

And if it is good enough for military certification, you can believe that it is capable and safe for secure civilian use.

So what does it look like?

Well, a full blown Ubuntu operating system it is not. It comes with very few bells and whistles. But that is the point. The fewer the frills, the easier it is to secure it.

LPS Menu

As you can see from the user menu above, there are not a lot of pre-installed apps. Though LPS does come in a “Deluxe” version that includes OpenOffice and Adobe Reader.

LPS is meant to be used as a live CD. Simply download LPS, burn it to a CD and then boot from it when you need to use a secure OS – Like when you are traveling abroad or using public internet.

It does not write to the hard drive and does not leave anything in memory when shut down. Because it does not write anything to the hard drive, if by odd chance that LPS does get infected, there is no persistence. Just reboot and the malware will be gone.

LPS seems to be mainly be oriented to surfing, e-mail and data transfer. According to Lt. Col. Ken Edge, Air Force Research Laboratory’s Software Protection Initiative (SPI) program manager, “Imagine a pilot overseas who has to get orders but only has a very questionable Internet café computer, with LPS-Public and a smartcard reader, he can safely enter the CAC-authenticated Air Force Portal and his webmail. Likewise, sailors can securely bank online overseas, and soldiers can safely use social networking sites.”

It even comes with an easy to use Encryption Wizard that allows you to encrypt your data before transmitting it over the wire:

Encryption Wizard

Simply run the wizard, and drag the file you want to encrypt into the program box, then select how you want to encrypt it:

Encrypting File Passphrase

The wizard also decrypts files in the same easy to use manner.

There are other secure Linux distros out there with more capabilities, Tails Linux comes to mind. But if all you need is a simple, easy to use secure Live CD solution, then look no further than LPS Linux.

Advertisements

Fighting Cyber War: US Secure Operating Systems

Some would say that the only way to defend a system against a cyber-attack is to cut the cord that connects it to the internet. Sadly, in many cases, this is true. When you look at it, systems have several points of attack where they can be exploited. Though the human factor will always be the Achilles heel of network security, many businesses, and now even countries are focusing their attention on securing the Operating System.

Here is a look at what the United States is doing to secure their systems from cyber-attack:

The United States

Though the use of secure versions of Linux has increased, America is looking to design a secure OS from the ground up. Currently, the US has been depending on the Trusted Computing (TC) technology. TC relies on an onboard chip called the Trusted Platform Module to provide cryptographic keys to help secure the system. Microsoft, AMD, Dell, IBM and Intel all plan on using Trusted Computing in current and future products.

Microsoft currently uses The TPM Module in its Bitlocker drive security utility. Bitlocker allows entire volumes to be encrypted. TC is not without its detractors though. Many are concerned that the TPM is better equipped for digital rights management than securing the PC. Also, the secure chip has already been hacked.

TC has been widely adopted by the government. According to Wikipedia, “The U.S. Army requires that every new small PC it purchases must come with a Trusted Platform Module (TPM). As of July 3, 2007, so does virtually the entire United States Department of Defense.” I think it interesting to note that our military is relying on the TPM, even though the circuit board is clearly marked “Made in China” in the photo above.

America is not depending on current operating systems to be the secure platform of the future. Microsoft is working on the new Next-Generation Secure Computing Base (NGSCB). Previously called “Palladium”, this future version of Windows will rely on the TPM to provide a secure OS. This project may be stalled as according to Wikipedia, no new information has been released on NGSCB since 2004. Even if Microsoft does come out with a secure OS, one would have to wonder how they will handle compatibility issues that have always been a thorn in Microsoft’s side.

Most promising, the University of Illinois recently received a $1.15 Million Dollar grant to develop “Ethos”. This operating system is being built with security in mind from the ground up. It will run on the XEN Hypervisor virtual machine platform, driving home the importance of isolation.

Building a secure OS platform will go a long way in protecting our nation from cyber attacks.

North Korean Hacker Activity and New “Red Star” Operating System

As tensions flare on the Korean Peninsula one can only assume that the infamous N. Korean hackers are hard at work. For a long time N. Korean hackers have been very active attacking US and S. Korean sites. N. Korea has specifically trained cyber warriors and some reports say that the N. Koreans are getting very good at what they do and are increasing their attacks.

According to a recent post on strategypage.com:

Attacks on South Korean data networks were up 20 percent last year, with hundreds of serious attempts each day, to hack in and steal defense secrets. More North Korean locations are showing up as the source of these attacks. This appears to solve the growing mystery about what the mysterious North Korean Cyber War units were up to.

The North Korean hackers are very stealthy, but this may be due to the fact that they get their internet connections from China and could just be masquerading as Chinese hackers. Could some of our attacks that we blame on China actually be from N. Korea?

Also, it appears that North Korea, like China, is moving its core IT systems to a modified Unix Operating System called “Red Star”. So what is this closely guarded secure OS like? Well, according to an article on the BBC, Red Star was discovered when a Russian Blogger bought a copy for $5, well so much for super-secret. Even here they are like China, much had been made about the secrecy of the Chinese “Kylin” secure OS, but the software could be downloaded from a Chinese site (Not sure who would be crazy enough to do that) and after being analyzed appeared to be just a modified version of FreeBSD.

According to reports, Red Star has a Windows XP style interface, uses open source versions of Microsoft Office software (OpenOffice I assume),  and uses Pigeon for e-mail and Firefox for surfing. And according to the BBC,  “The Red Star operating system uses a popular Korean folk song as its start-up music and numbers years using a calendar which starts counting from the birth of state founder Kim Il-sung, making 2010 the 99th year.” When this is analyzed, I would not be surprised if it too turns out to be FreeBSD under the hood.

North Korea tends to be an extension of China. I remember watching a report where a few western journalists tried to get access into N. Korea. When they could not get the permission to enter, they heard that they might be able to get into N. Korea from China. They went to China and not only got passes to enter N. Korea but got tours and everything.

As things unfold on the peninsula, and time passes, more information will be released about the N. Korean hacker activity.