Subgraph OS – Adversary-resistant computing platform
Superior Subgraph
Kid-tested and Snowden approved – is Subgraph, the privacy-oriented OS, now ready for humans?
In early 2016, David Mirza Ahmad, president of Subgraph, announced their OS as a public alpha. The announcement took place at the Logan CIJ Symposium, which is dedicated to fighting surveillance and censorship, and was greeted warmly by Edward Snowden himself [1].
Ahmad also advised, "The Internet is more hostile than it's ever been. Subgraph is addressing that problem."
Since then, he and the rest of the four-man team in Montreal have been devoting themselves to developing Subgraph. Most recently, their efforts have culminated in Subgraph Alpha r3 with a range of news apps and security features [2] (Figure 1). The project is backed financially by the US government-sponsored Open Technology Fund, which is also behind privacy-oriented distros like Qubes OS and Tails.
The similarity doesn't end there. Subgraph protects users through a hardened kernel, a carefully selected list of apps, and anonymizing network connections.
Starting Subgraph
Subgraph r3 can be downloaded from the project's website [3]. In keeping with the strong emphasis on security, the 1.3GB ISO download is accompanied by a SHA sum and GPG signature, which you can use to check the integrity of the image before copying to DVD or USB.
The team also cautions that this is still alpha software, so it should not be relied upon for any serious project.
That said, it's clear that unlike many privacy-oriented distros, the Subgraph team has emphasized usability as well as privacy. The GUI is the familiar Gnome Desktop Environment running on a modified version of Debian 9 (Stretch). This means that the installer will pose no issues if you've ever installed a Debian-based system. The major difference is that encryption of your drive via Linux Unified Key Setup (LUKS) is mandatory.
Installs require at least 20GB of disk space and a minimum of 2GB of RAM, although 4GB is recommended. If you prefer to run Subgraph in Live mode, at least 4GB of memory is required. Although these requirements are onerous, the minimum amount of RAM required for installation is the same as for Qubes OS and Tails.
Currently only 64-bit machines are supported. On first boot, the OS superficially seems to resemble a stock install of Debian, albeit with a few new preinstalled apps. Under the surface, however, Subgraph has some marked differences.
Torifying Apps
Opening the Gnome Shell Dash reveals the stock Subgraph apps. A good starting point is the system's default Tor Browser, which helps to anonymize your connection while browsing, as well as hugely reduces the chance of browser fingerprinting.
The browser also contains a slider bar, which allows you to change the level of security used at the expense of loading certain types of web pages.
On first run, Subgraph downloads a tarball of the browser and uses signature verification to make sure that the integrity of the file has not been compromised (Figure 2). During testing, the installation failed; however, the developers' GitHub page revealed that they were aware of this and that there's a workaround [4].
Aside from the Tor Browser, the preinstalled app OnionShare can also connect directly to Tor hidden services. It is specifically designed for file sharing. The advantage of using hidden services via a .onion
address is that both the sender and receiver are hidden. Because the traffic never leaves the Tor network, there's no way to monitor entry and exit points for vulnerabilities, so obtaining metadata about files you share is virtually impossible. You can share files via OnionShare with ease from within the Nautilus File Manager, simply by right-clicking on them and choosing Share via OnionShare (Figure 3). The OS incorporates IceDove, which is an unbranded version of the Mozilla Thunderbird email client. Incoming and outgoing mail is routed through the Tor network thanks to the pre-installed TorBirdy plugin. IceDove also comes with the Enigmail plugin to allow you to send and receive gpg encrypted emails (Figure 4).
Subgraph also comes with the "torified" instant messenger Ricochet. This privacy-minded app from the invisible.im team uses Tor hidden services to allow chat users to connect directly to one another, avoiding the risk posed by a faulty or malicious central server.
For security reasons, all of these apps run inside their own sandboxes (more on this later).
Marvelous Metaproxies
As handy as privacy minded apps can be, not all useful Linux applications are specifically designed to be used over Tor. Sufficiently skilled users can sometimes manually configure applications capable of connecting via proxy to use the Tor network, but this can be tricky to set up correctly. Any application leaking data while you're using Tor can potentially be used to trace your location and access your data.
Subgraph OS resolves this issue by routing all outgoing connections that otherwise wouldn't go through Tor via a Subgraph Metaproxy. This ensures all connections are made via the Tor network. However, crucially, programs, such as the Tor Browser Bundle, that already use Tor are ignored by the Metaproxy.
Another extremely well thought-out Subgraph feature is the inclusion of the control port filter ROFLCopTor
.
By default, the Tor service is managed by a control protocol, which regulates information about Tor connection, starts hidden services, and changes your configuration. Most programs don't need access to all these settings.
ROFLCopTor
acts as a proxy server between Tor control clients the Tor control server port. It has a number of built-in policies in place to filter incoming and outgoing commands on an application-by-application basis to determine which features they can access. This substantially reduces the chance that a compromised program could de-anonymize your connection or otherwise be used to spy on you.
Your privacy is increased even further by Macouflage
, which creates random network addresses for all your interfaces, giving you better anonymity even when connecting to the same networks.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.
-
DebConf24 to be Held in South Korea
Busan will be the location of the latest DebConf running July 28 through August 4
-
Fedora Unleashes Atomic Desktops
Fedora has combined its solid distribution with rpm-ostree system to make it possible to deliver a new family of Fedora spins, called Fedora Atomic Desktops.
-
Bootloader Vulnerability Affects Nearly All Linux Distributions
The developers of shim have released a version to fix numerous security flaws, including one that could enable remote control execution of malicious code under certain circumstances.