The National Cybersecurity Agency of France, also known as ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), has open-sourced CLIP OS, an in-house operating system its engineers had developed to address the needs of the French government administration.
In a press release, ANSSI described CLIP OS as a "Linux-based operating system [that] incorporates a set of security mechanisms that give it a very high level of resistance to malicious code and allow it to protect sensitive information."
The agency says CLIP OS uses a "partitioning mechanisms" that allows the OS to separate public and sensitive data into two "totally isolated" software environments.
Also: Windows 10 Enterprise customers will now get Linux-like support | Linux adds a code of conduct for programmers | Linus Torvalds takes a break from Linux | Even Linus Torvalds doesn't completely understand the Linux kernel | Google open-sources internal tool for finding font-related security bugs
ANSSI says the system can be deployed on both security gateways and workstations alike, although there is no "ready to use" version of CLIP OS for end-users and they might need to go through a build process to assemble the OS of their liking.
The agency says it's been working on CLIP OS internally for more than 10 years. ANSSI had previously revealed more details about CLIP OS' design at a security conference held in 2015, in Rennes, France.
The French cyber-security agency has released two versions of CLIP OS, version 4 and 5. Version 4 is the stable branch, but all documentation is available only in French, making it somewhat difficult to build for non-French users.
CLIP OS 5, released today, is the latest version, still at an alpha stage of development. This project's documentation is available in English, making it ideal for newcomers and external developers to jump in and contribute to the project right away.
ANSSI devs have also released 14 CLIP OS 4 modules, which they say "are interesting from a security point of view as they may be re-used outside of the CLIP OS project."
Some of these self-standing modules include a pluggable authentication module (PAM) to restrict user access based on their roles, a daemon handling user management tasks, a lighthweight TPM command-line tool, and various cryptography and encryption related libraries.
Details on accessing the CLIP OS source code, documentation, and participating in future development are available on the official CLIP OS website.
The operating system's code and documentation are hosted via GitHub. The project has been open-sourced under the GNU Lesser General Public License v2.1.
Previous and related coverage:
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
This simple advice will help to protect you against hackers and government surveillance.
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.
If you can't answer these basic questions, your security could be at risk.
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.