Lightweight Portable Security Is A Portable Linux Distro From The US Department Of Defense

Linux: The public version of Lightweight Portable Security (LPS-Public) was designed so that government employees can access data from a public computer without worrying about security violations.

Booting from a CD-ROM and executing from system RAM, the lightweight Linux distro should be safe from spyware or viruses, and since the LPS-Public does not mount to the hard drive of the host computer no trace of work activity is logged.

LPS-Public includes features designed to allow productive use of the Internet and CAC- or PIV-restricted Government websites from home or while travelling. LPS-Public comes preconfigured with a smart card-enabled Firefox web browser with Java and Flash support, Encryption Wizard-Public, a PDF viewer, a file browser, remote desktop software (Citrix, Microsoft or VMware View), SSH client, and the ability to use USB flash drives. This build does not contain any FOUO material or any customised software.

LPS-Public Deluxe adds OpenOffice software, which is a Microsoft Office-compatible suite of office applications, and Adobe Reader, which allows PDF files to be digitally signed.

LPS-Public and LPS-Public Deluxe are free downloads from the US Department of Defense.

Lightweight Portable Security [US Department of Defense Software Protection Initiative via Unixmen


Comments

    Doesn't help against aphyiscal keyboard logger or network sniffer. The version of software on a CD-ROM is almost certainly going to be out of date and missing security patches.

    Plus most kiosks would prevent booting from a CD-ROM or USB precisely because that bypasses any security on the machine.

    The point of this software is to protect the computer (or hard drive) from infection by the user's activity, not to hide/protect the user's activity from a potentially infected computer.

      While you're correct about the software always being behind on patches, the read-only media means that even if your OS is compromised it'll only last until your next reboot.

      Secondly: They mention a few different tools for assisting encryption. Any data sent over the internet in plaintext will of course be sniffable, but that's business as usual - you can't force every site to use https.

      Thirdly: you're correct about hardware keyloggers, but it also doesn't block people looking over your shoulder. There's limits to what an OS can do. It protects you perfectly against software keyloggers which are orders of magnitude more common.

      They've put together a simple distro that helps solve a key problem - they only trust software they've built themselves.

    So... they've let it out into the public domain eh? And people who are likely to use it are ones who either think they have something to hide or do have something to hide. What are the chances of this having some sort of hidden spyware of its own tucked away somewhere?

    Hang on... what's that whirring sound. Wha?! It's a black helicopter. What? No!!!!!!

    [.............]

Join the discussion!

Trending Stories Right Now