[Novalug] Security Distros

circuit hijacker circuithijacker@yahoo.com
Tue Oct 16 03:28:22 EDT 2007


Interestingly, many people who have posted or directly emailed me have "security toolkit" in mind as a Security Linux distro.  There are quite a few of them out there with many exploit finding, password cracking, network monitoring packages installed.  But the presentation I wish to give and the Linux Distro I have put together, is NOT that kind of security distro.

Guardian Angel Linux is about Personal Security, Privacy, Anonymity, Perfect Forward Secrecy, Non-repudiation, encryption, etc.  SPECIFICALLY, it is to counter and prevent sniffing, spying on, cracking, ease dropping, etc.  GAL is specifically engineered to enhance and protect your digital lifestyle. Of course, it uses open source to accomplish this, since it is the only way to scrutinize and validate that it is secure and does not include spyware.
 
 While it is not an easy task to build a Linux Distro from scratch (Gentoo is a great exaple of one you can), GAL is moving towards doing just that.  Essentially, build your Linux distro (linux.org), apply linux-live scripts (linux-live.org) to it and make it into a Live Distro, apply GAL build packages (silicon-safari.com soon!) to add applications on top of it.  

 The package is aimed at supplying a person all the tools needed to do all their work and have secure communication ability all on a portable device (USB stick, etc).  All the standard productivity tools (office suite, web browser, email, drawing/diagraming), Communication (IM, VoIP/SIP, Teleconferencing/Collaboration), Anonymous networks, Encryption tools, etc... are supplied using secure cross-platform (when possible) applications to maximize a person's productivity and compatibility.
 
To do this, many different technologies have been brought together:
1) Anonymity- tor and i2p are 2 of them
2) Encrypted files systems/containers with plausible deniability - truecrypt, EncFS
3) Encryption- asymmetric/PKI/PublicPrivate Key encryption: ssl, gpg, etc and symmetric: blowfish, aes, etc...
4) encrypted tunneling- stunnel, openvpn, etc.
5) secure VoIP encryption zrtp srtp etc
 6) secure IM with encryption with perfect forward secrecy OR encryption with non-repudiation.
 7) anti-phishing, anti-virus tools, anti-tracking
 8) data integrity tools.
9) firewall tools
 10) and more...
 
The GAL road map includes additional technologies and designs to further increase its security capability such as: smart card/security token hardware, completely encrypted file system support (boot, OS, data, etc.), additional secure anonymous networks.  I am open to considering additional technology for protecting to user.
 
       
---------------------------------
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20071016/ae6cd153/attachment.htm>


More information about the Novalug mailing list