Linux Distribution: Lightweight Portable Security
Lightweight Portable Security is a LiveCD distro designed by the US Department of Defense to function as a secure end node, in other words, a safe environment from which to access the web or a remote desktop host. The focus is on security, and for this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and a few other small tools.
The Lightweight Portable Security distribution was created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the US Department Of Defense. The idea behind it is that government workers can use a CDROM or USB stick to boot into a tamper proof, pristine desktop when using insecure computers such as those available in hotels or a worker’s own home. The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so leaves no trace of the user’s activities behind.
If it all sounds a bit cloak and dagger, consider that anyone who wants to quickly establish a secure setup on a PC of unknown security status could have a use for a distribution such as LPS. For example, you may understand computer security, but does the staff of your local library or a hotel?
The first thing that greets you when you first launch the CD is the boot screen, the bottom area of which is dominated by the respective seals of The Department Of Defense, The Air Force Research Research Laboratory and the Anti-Tamper Software Protection Initiative. Helpfully, there is also a note telling you that hitting F2 brings up the startup messages, which mostly consist of a list of loaded Linux kernel modules. LPS supports WiFi interfaces but doesn't current have support for printers or sound hardware.
Following this, you are dumped into a very simple desktop that makes use of IceWM. The layout is the familiar combination of application launcher and task switcher bar along the bottom the screen. Perusing the installed applications reveals that this is a very minimalist desktop indeed. You are given the Firefox web browser, a text editor and a file manager that can manipulate files in the RAMdisk or a flash drive. There is also a remote desktop client that works with RDP or Citrix hosts and a tool to deal with files that have been AES encrypted.
There doesn’t seem to be any obvious scope for adding applications to the distribution. In fact, the website advises the user to contact the development team with feature requests, reasoning that if one person wants the feature, other people might also.
Loading up Firefox, I was a little surprised to find that it was a fairly up to date, stable build and it included the Flash plugin, but I suppose, most web workers need Flash at some point, these days. It also comes with plugins to change the browser agent string, send encrypted messages via Gmail, work with encrypted files and to synchronise bookmarks with an online server.
LPS is obviously a niche distro. If your needs are specific, and you just just need a basic web browser and a remote desktop client on a disc or to hand out to someone who might get lost with a more complex live CD, this might be the distro for you. It also offers an interesting insight into how organisations are creating custom Linux builds to meet niche requirements. The website itself goes into quite a lot of detail about the rationale behind LPS.
The LPS website.
UK based freelance writer Michael Reed writes about technology, retro computing, geek culture and gender politics.
Practical Task Scheduling Deployment
July 20, 2016 12:00 pm CDT
One of the best things about the UNIX environment (aside from being stable and efficient) is the vast array of software tools available to help you do your job. Traditionally, a UNIX tool does only one thing, but does that one thing very well. For example, grep is very easy to use and can search vast amounts of data quickly. The find tool can find a particular file or files based on all kinds of criteria. It's pretty easy to string these tools together to build even more powerful tools, such as a tool that finds all of the .log files in the /home directory and searches each one for a particular entry. This erector-set mentality allows UNIX system administrators to seem to always have the right tool for the job.
Cron traditionally has been considered another such a tool for job scheduling, but is it enough? This webinar considers that very question. The first part builds on a previous Geek Guide, Beyond Cron, and briefly describes how to know when it might be time to consider upgrading your job scheduling infrastructure. The second part presents an actual planning and implementation framework.
Join Linux Journal's Mike Diehl and Pat Cameron of Help Systems.
Free to Linux Journal readers.Register Now!
- Paranoid Penguin - Building a Secure Squid Web Proxy, Part IV
- SUSE LLC's SUSE Manager
- Google's SwiftShader Released
- Managing Linux Using Puppet
- My +1 Sword of Productivity
- Murat Yener and Onur Dundar's Expert Android Studio (Wrox)
- Non-Linux FOSS: Caffeine!
- SourceClear Open
- SuperTuxKart 0.9.2 Released
- Parsing an RSS News Feed with a Bash Script