Secure Linux for remote access designed by US military

Secure Linux for remote access designed by US military

Lightweight Portable Security built by Department of Defense

Article comments

With all the hundreds of Linux distributions already available for practically every niche and purpose, users of the open source operating system are accustomed to having a wealth of choices. Recently however, the set of options got even bigger thanks to a brand new security-focused Linux distribution from the US Department of Defense.

Targeting telecommuters and others who need to access corporate and government networks from unsecured remote locations, Lightweight Portable Security (LPS) is a lightweight Linux distribution that creates a secure end node from just about any Intel-based PC or Mac computer.

Created by the Software Protection Initiative under the direction of the Air Force Research Laboratory and the DoD, the software works by booting a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive.

Nothing need be installed, and administrator privileges are not required. Three versions are available: LPS-Public is a general purpose solution for using web-based applications, LPS-Public Deluxe adds OpenOffice and Adobe Reader software and LPS-Remote Access is for accessing private networks.

LPS-Public and LPS-Public Deluxe are each available as a free download from the DoD's LPS site, but LPS-Remote Access is available only upon request. A quick start guide aims to help users get up and running on the distribution.

Rebooting for extra security

Designed for general web browsing and connecting to remote networks, LPS-Public includes a smart card-enabled Firefox browser supporting Common Access Card (CAC) and Personal Identity Verification (PIV) cards, a PDF and text viewer, Java and Encryption Wizard.

Essentially, the software turns an untrusted system such as a home or hotel computer into a trusted network client: "No trace of work activity (or malware) can be written to the local computer. Simply plug in your USB smart card reader to access CAC and PIV-restricted US government websites," the DoD explains.

Because it's designed to run from read-only media and without any persistent storage, LPS is not continually patched the way most operating systems are. It is updated regularly, however, at least through quarterly patch and maintenance releases. Users should update to the latest versions to have the best protection, DoD says.

The most malware can do, meanwhile, is run within a single session. For heightened security, the DoD recommends rebooting between sessions or just before particularly sensitive ones, such as when online banking is to be done. LPS should also be rebooted after visiting risky websites or when there's reason to suspect malware might have been installed.

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *