Linux and Open Source

Steven J. Vaughan-Nichols & Paula Rooney
Home / News & Blogs / Linux and Open Source

The Air Force's secure Linux distribution

By | September 26, 2011, 10:07am PDT

Summary: Linux has long had a close, working relationship with governments, but Lightweight Portable Security (LPS) is the first official U.S. Linux distribution.

Outside of the U.S., there are several “national” Linux distributions. These include China’s Red Flag Linux; Turkey’s Pardus, and the Philippines’ Bayahnian. Other countries, like Russia, are on their way to moving their entire IT infrastructure to Linux and open-source software. In the U.S., the government, especially the military, makes use of Linux all the time. Indeed, Security-Enhanced Linux (SELinux), the most popular software set for hardening Linux against Linux is sponsored by the National Security Agency. But, there hasn’t been a national American Linux desktop distribution… until now.

The Software Protection Initiative (SPI) under the direction of the Air Force Research Laboratory and the US Department Of Defense recently created Lightweight Portable Security (LPS). Like the name indicates, this is a small Linux desktop distribution that’s designed for secure use.

LPS is designed to boot from a CD or USB pen-drive on any Intel-based computer. It doesn’t install anything. It’s designed solely to run solely in memory and to leave no traces behind when you’re doing running it.

According to the SPI, LPS “allows general Web browsing and connecting to remote networks. It includes a smart card-enabled Firefox browser supporting Common Access Card (CAC) and Personal Identity Verification (PIV) cards, a PDF and text viewer, Java, and Encryption Wizard - Public.” With it you can turn your untrusted Windows or Mac home or public system into a trusted network client. “No trace of work activity (or malware) can be written to the local computer.”

It’s not your usual operating system in other ways as well. “LPS isn’t meant to be patched. When it’s updated, you need to download a new virgin copy of the operating system. LPS is updated at least every quarter. To get the best possible protection the SPI recommends you simply download a fresh copy of the distribution with every update.

LPS has a very simple interface based on the IceWM desktop. More than anything else LPS looks like Windows XP. As you’d expect from a “safety first” distribution, it comes with a minimum of applications. These include the older, but still essentially secure, Firefox 3.6.22 Web browser, the Leafpad text editor, and the OpenSSH secure shell client and Citrix XenApp client for running remote desktop sessions.

For some reason, the distribution also includes Adobe Flash. Considering Flash’s recent checkered security record, I wouldn’t have included it had this been my distribution.

The encryption wizard is simple for anyone over the age of eight to use. When you launch it, you get a small window where you can drag-n-drop files to work on. Once there, you have three large buttons at to choose from: “Encrypt,” “Archive,” and “Decrypt.” I think anyone can handle that! There’s also a Deluxe version of the distribution that comes with OpenOffice and Adobe Acrobat.

Is this distribution for everyone? Heck no. But, if you want a secure desktop operating system you can carry in your pocket and use on almost any computer you’re likely to find, it’s well worth burning to a CD or USB drive.

Related Stories:

The Linux desktop is dead. Long live the Linux desktop.

The Five Best Desktop Linux Distributions

What’s coming in Ubuntu’s new Unity Linux desktop

Ubuntu Linux makes musical friends with the Apple iPhone

The top five Linux desktop vendors

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Linux and Open Source”

Topics

Linux Desktop, Air Force, Lightweight Portable Security, Linux, UNIX, Open Source, Operating Systems, Desktops, Software, Hardware, Steven J. Vaughan-Nichols

Steven J. Vaughan-Nichols, aka sjvn, has been writing about technology and the business of technology since CP/M-80 was the cutting edge, PC operating system

Disclosure

Steven J. Vaughan-Nichols

Steven J. Vaughan-Nichols is a freelance writer. He does not own stocks or other investments in any technology company.

Biography

Steven J. Vaughan-Nichols

Steven J. Vaughan-Nichols, aka sjvn, has been writing about technology and the business of technology since CP/M-80 was the cutting edge, PC operating system; 300bps was a fast Internet connection; WordStar was the state of the art word processor; and we liked it!

His work has been published in everything from highly technical publications (IEEE Computer, ACM NetWorker, Byte) to business publications (eWEEK, InformationWeek, ZDNet) to popular technology (Computer Shopper, PC Magazine, PC World) to the mainstream press (Washington Post, San Francisco Chronicle, BusinessWeek).

Talkback Most Recent of 43 Talkback(s)

  • RE: The Air Force's secure Linux distribution
    Three of the biggest attack vectors for all operation systems (java, flash, pdfs) and an old browser that's not going to be up to date against new attacks.

    Thanks, guys.
    ~taxpayers
    ZDNet Gravatar
    dzdrazil
    26th Sep
  • obviously, you missed the part that said...
    @dzdrazil

    ???LPS isn???t meant to be patched. When it???s updated, you need to download a new virgin copy of the operating system. LPS is updated at least every quarter. To get the best possible protection the SPI recommends you simply download a fresh copy of the distribution with every update."

    And the big 3 attack vectors (java, flash, pdf) for Linux is a lot different than the same for Windows.
    ZDNet Gravatar
    UrNotPayingAttention
    26th Sep
  • Flash and Java vulnerabilities have not been exploited on the Linux desktop
    From the article:
    "For some reason, the distribution also includes Adobe Flash. Considering Flashs recent checkered security record, I wouldnt have included it had this been my distribution.

    An advantage to running a desktop OS with less than 2% market share. And if you're worried, just reload the IceWM or, better yet, reboot. Rebooting is probably not a bad idea anyway if you are going to initiate an online banking or securities trading session.

    The Debian Live Project is another good option that provides periodic iso and img updates:

    http://live.debian.net/

    And Debian won't include the Adobe Flash Player or Reader as they're proprietary.
    ZDNet Gravatar
    Rabid Howler Monkey
    26th Sep
  • SELinux
    @Rabid Howler Monkey
    The Apps in this Distro are sandboxed (Linux Security Module: SELinux), so if there's a bug, it goes nowhere as SELinux simply will deny privilege escalation.
    ZDNet Gravatar
    Dietrich T. Schmitz * Your Linux Advocate
    26th Sep
  • SELinux
    @Dietrich T. Schmitz * Your Linux Advocate wrote:
    "The Apps in this Distro are sandboxed (Linux Security Module: SELinux), so if there's a bug, it goes nowhere as SELinux simply will deny privilege escalation.

    See this blog article from August, 2010, "Skeletons Hidden in the Linux Closet: r00ting your Linux Desktop for Fun and Profit", at The Invisible Things Lab's blog. Yes, a Linux kernel privilege escalation from *inside* SELinux (it has since been fixed). A malicious PDF document is even used as the example.

    But, not to worry as I'm sure that this was the last privilege escalation flaw remaining in Linux.

    Rebooting live media prior to initiating sensitive transactions is good security practice.
    ZDNet Gravatar
    Rabid Howler Monkey
    26th Sep
  • Not ordinarily an issue
    @Rabid Howler Monkey

    The nature of open source Distros is such that the repository maintainers ensure that an update reaches your PC if/as/when a patch becomes available--that goes for the underlying O/S as well as Apps. Always been that way.

    Peace. Out.
    ZDNet Gravatar
    Dietrich T. Schmitz * Your Linux Advocate
    26th Sep
  • Not ordinarily an issue
    @Dietrich T. Schmitz * Your Linux Advocate

    Agreed, 'ordinarily'. However, this particular bug was likely present in the 2.6 kernel when it was released in late 2003. And it was discovered in 2010 (by the good 'guys') and fixed shortly thereafter by the kernel devs on the 2nd try. The 1st try was botched (see the first comment on the ITL blog article referenced in my above post).

    The bad 'guys', however, will not notify the good people at kernel.org or elsewhere, exploits will be crafted for discovered bugs/vulnerabilities and Linux systems will get hacked. And while sandboxing does indeed enhance security on any OS, it is nowhere near 'bullet-proof'. It's just another layer in defense-in-depth.

    Live media, whether the USAF's secure distro or Debian Live, provides considerable security, especially when rebooted prior to initiating sensitive transactions. The advantage of these two live distros is their more frequent updates (e.g., relative to Ubuntu's 6-month release cycle).

    P.S. Where do you get that the LPS Public edition has SELinux enabled? It's not mentioned in the Public Edition's User Guide. And these reviews indicate that SELinux has not been enabled:

    http://www.techrepublic.com/blog/opensource/a-new-linux-distribution-for-the-security-minded/2765

    http://lwn.net/Articles/419849/
    ZDNet Gravatar
    Rabid Howler Monkey
    26th Sep
  • RE: The Air Force's secure Linux distribution
    @Rabid Howler Monkey

    "OS with less than 2% market share."

    This has nothing to do with market share. It's the architecture.
    ZDNet Gravatar
    Aaln
    26th Sep
  • RE: The Air Force's secure Linux distribution
    @Aaln wrote:
    "This has nothing to do with market share. It's the architecture.

    Yeah, right ...

    kernel.org
    linux.com
    mysql.com
    ...

    Linux servers play in the major league and they get hacked. Linux desktop users are safe because their market share is so low, not because Linux and the various distros built around it are secure. The malware miscreants simply don't care about the Linux desktop.

    Like any OS: configuration + patching + monitoring. And one can still get pwned via 0-day exploits. Thus, monitoring.

    For your reading pleasure:

    http://www.amazon.com/Hardening-Linux-James-Turnbull/dp/1590594444

    And for the Linux desktop, peruse some of the posts at The Invisible Things Lab's blog. Expand your mind.
    ZDNet Gravatar
    Rabid Howler Monkey
    27th Sep
  • RE: The Air Force's secure Linux distribution
    @RBH: And in how many of these case were it exploits in the OS that let the attackers in, not things like leaked passwords (spyware, weak passwords or shoulder-surfing) or bad PHP code/SQL query handling?
    ZDNet Gravatar
    Natanael_L
    27th Sep
  • RE: The Air Force's secure Linux distribution
    @Aaln Try 1%.
    ZDNet Gravatar
    jhammackHTH
    4th Oct
  • Any memory encryption?
    ...because if RAM contents aren't encrypted, you can still recover data from dynamic RAM by freezing the RAM chips and accessing it later. Not great when you consider military bases in the Arctic.
    ZDNet Gravatar
    Joe_Raby
    26th Sep
  • Re: freezing RAM
    @Joe_Raby

    Ok, well, let's go ahead throw the "Military bases in the Arctic" out the window, because I'm sure those bases have walls, doors, heating units, etc... unless you're suggesting they just have rows and rows of terminals sitting on tables outside?

    As far freezing the RAM, yep, you're right. All a would be hacker has to do is get the military tech to fire up a session of SEL, do their work...and when the military tech is done, the hacker can ask them to hold the screwdriver while the hacker freezes the RAM chips, takes them out, loads them up... then he's off to perform forensics.

    ...I'm sure the military tech won't mind.
    ZDNet Gravatar
    UrNotPayingAttention
    26th Sep
  • RE: The Air Force's secure Linux distribution
    @chmod 777

    Well, the nature of the military is that their bases do get attacked from time to time, whether they mind it or not.
    ZDNet Gravatar
    Michael Kelly
    27th Sep
  • RE: The Air Force's secure Linux distribution
    There is no reason to settle for a cheap imitation of Microsoft Windows XP when the Air Force has been using a secure version all along.

    http://www.engadget.com/2009/05/01/air-force-now-using-super-secure-version-of-windows-xp/

    Also with anyone being able to throw code into linux there is no way to tell if its secure or not which is why we are always hearing about trojans on it. Its a big no-nix to linux for me.
    ZDNet Gravatar
    LoverockDavidson_-24231404894599612871915491754222
    26th Sep
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources