Linux Distribution: Lightweight Portable Security
Lightweight Portable Security is a LiveCD distro designed by the US Department of Defense to function as a secure end node, in other words, a safe environment from which to access the web or a remote desktop host. The focus is on security, and for this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and a few other small tools.
The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the US Department Of Defense. The idea behind it is that government workers can use a CDROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker’s own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user’s activities behind.
If it all sounds a bit cloak and dagger, consider that anyone who wants to quickly establish a secure setup on a PC of unknown security status could have a use for a distribution such as LPS. For example, you may understand computer security, but does the staff of your local library or a hotel?
The first thing that greets you when you first launch the CD is the boot screen, the bottom area of which is dominated by the respective seals of The Department Of Defense, The Air Force Research Research Laboratory and the Anti-Tamper Software Protection Initiative. Helpfully, there is also a note telling you that hitting F2 brings up the startup messages, which mostly consist of a list of loaded Linux kernel modules. LPS supports WiFi interfaces but doesn't current have support for printers or sound hardware.
Following this, you are dumped into a very simple desktop that makes use of IceWM. The layout is the familiar combination of application launcher and task switcher bar along the bottom the screen. Perusing the installed applications reveals that this is a very minimalist desktop indeed. You are given the Firefox web browser, a text editor and a file manager that can manipulate files in the RAMdisk or a flash drive. There is also a remote desktop client that works with RDP or Citrix hosts and a tool to deal with files that have been AES encrypted.
There doesn’t seem to be any obvious scope for adding applications to the distribution. In fact, the website advises the user to contact the development team with feature requests, reasoning that if one person wants the feature, other people might also.
Loading up Firefox, I was a little surprised to find that it was a fairly up to date, stable build and it included the Flash plugin, but I suppose, most web workers need Flash at some point, these days. It also comes with plugins to change the browser agent string, send encrypted messages via Gmail, work with encrypted files and to synchronise bookmarks with an online server.
LPS is obviously a niche distro. If your needs are specific, and you just just need a basic web browser and a remote desktop client on a disc or to hand out to someone who might get lost with a more complex live CD, this might be the distro for you. It also offers an interesting insight into how organisations are creating custom Linux builds to meet niche requirements. The website itself goes into quite a lot of detail about the rationale behind LPS.
The LPS website.
UK based freelance writer Michael Reed writes about technology, retro computing, geek culture and gender politics.
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
- Using tshark to Watch and Inspect Network Traffic
- September 2015 Issue of Linux Journal: HOW-TOs
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Build a “Virtual SuperComputer” with Process Virtualization
- A Project to Guarantee Better Security for Open-Source Projects
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- Doing Astronomy with Python
- My Network Go-Bag