Ubuntu for the security conscious
Private Island
Worried about spies and criminals? Ubuntu Privacy Remix breaks down all the bridges to the Internet and converts the computer into an island of security. If you want to head back to civilization, you'll need a USB stick and plenty of patience.
The effect of global monitoring has shocked even the most paranoid of users, but what can you do to protect particularly sensitive data? Make life as difficult as possible for the secret services says security expert Bruce Schneier [1]. This advice also helps protect you against attackers with criminal interests who are capable of demonstrating a huge amount of skill when it comes to retrieving data from other people's computers.
To help users defend themselves against both attackers and spies, Ubuntu offers its Ubuntu Privacy Remix (UPR) [2]. Just a few months ago its feature descriptions caused much hilarity among large parts of the computer-savvy universe: no access to the Internet, no install option, and no access to the hard disk!
If you take another look at the project, however, which was launched in 2008, with the benefit of hindsight, these features no longer sound so absurd. What use is hard drive encryption if spyware leverages various attack vectors, such as downloads, zero-day exploits, backdoors, or routers to infect your computer? Without write access to the hard drive, installing malware is infinitely more difficult, and the lack of Internet access takes care of the rest. To let you save files without hard drive access, Ubuntu Privacy Remix 12.04, which is currently still in beta, offers a USB flash drive solution based on TrueCrypt [3]. (Of course, no computer system is completely secure, and this includes URP – see the box titled "Caveats.")
Caveats
The makers of UPR do not claim that their system will solve all of your security problems: The risk scenarios they cite include manipulated hardware on which a hypervisor or hardware keylogger is running unnoticed. This scenario, however, would require at least physical access to the computer. If the attacker has the memory stick, he or she could also exploit weak passwords for TrueCrypt containers.
In particular, UPR cannot protect you against attacks that have nothing to do with IT, such as hidden cameras, scanning of wireless keyboards, and monitor radiation. This statement is confirmed by Bruce Schneier [1]: "What I took away from reading the Snowden documents was that if the NSA wants into your computer, it's in. Period."
Ubuntu Privacy Remix is specifically designed to avoid the most vulnerable computer activities, such as hard disk access and Internet surfing, even though these activities are at the very core of the everyday computing experience for most users. Thus, the most radical and significant part of the UPR experience is not the software on the system (a familiar blend of common Linux tools), but the task of adapting to the new security-conscious approach to personal computing.
Feature Count
Without Internet access and disk access, simple things can become complicated: UPR is burned onto a DVD by default and used in Live mode.
The basic system already comes with many useful tools. The current beta is based on Ubuntu 12.04.2 LTS with the Gnome Classic desktop and kernel 3.5. Deviating from the regular Ubuntu 12.04 portfolio, UPR 12.04rc1 has both LibreOffice 4.0 and Scribus 1.4.2 on board. I want the finished version to be based on Ubuntu 12.04.3, to update the kernel to version 3.8, and to include GIMP 2.8 and LibreOffice 4.1.
Other passengers include the Tellico collection management tool, the Vym Mind Mapper, the Planner project management tool, the Totem video player, Brasero disk-burning software, VirtualBox, and some other useful tools.
To combat attempts to read the memory, the project aims to leverage the memory erasure function from the Tails project [5]. This function uses sdmem
at shutdown time to delete the greatest part of the data in memory, thereby preventing cold boot attacks, in the course of which the RAM is frozen and then read later.
Anyone who is not satisfied with Ubuntu Privacy Remix software collection needs to build their own version. The project provides assistance by offering an appropriate template on the website [4]. Mastering your own UPR version can be a time-consuming experience.
Bootstrap
The first step is to use an HTTPS connection to download a non-compromised version of the image [6] and an associated signature file. The image is signed with the PGP key of Mark Preetorius, the project maintainer. You can verify its integrity as follows:
gpg --verify upr-12.04r1beta1.iso.sig upr-12.04r1beta1.iso
Typically, a disk-burning program like Brasero or K3b is all you need to burn the image to a DVD. If you do want to use a USB flash drive, this means compromising one of the advantages: A stick is writable and can thus be manipulated. Some drives offer at least the option to enable write protection by flipping a hardware switch (see the "UPR on a USB Stick" box); you will want to do this after installing the image. The developers advise against using SD cards, because write protection does not work reliably.
UPR on a USB Stick
In the lab, I discovered a number of minor obstacles to making a bootable USB stick. Ubuntu's boot media creator failed with an error message, which can probably be attributed to a bug in the software. Although unetbootin
created a bootable system, it installed its own boot menu. The lines
dd if=<upr-12.04r1beta1.iso> of=/dev/sd <X> bs=512K sync
finally resulted in a bootable stick.
If you want to be sure that the files on the USB stick have not been tampered with, you can verify MD5 and SHA1 checksums contained in the ISO. A list of the checksums is in the root directory of the burned DVD or USB flash drive. The simple script in Listing 1 first extracts the paths to the individual files from the checksum file in the root directory, ${md5datapath}
.
Listing 1
md5.sh
The for
loop generates the MD5 checksum for all the files in the paths of $data
and writes the results to a new file named md5sum_new.txt
. The sed
tool removes the ${datapath}
from all paths in the newly created file. The latter should now be identical to the /media/work/UPR_12.04r1/md5sum.txt
– unless the checksums do not match. To verify this, the script finally runs diff
against both files and, if successful, outputs the message shown in Figure 1. With a few adjustments, you can do the same thing with the sha1sum.txt
file.
All this is of little use if the whole image has been replaced by a manipulated version, however. To prevent this, the md5sum.txt
and sha1sum.txt
files, which list the checksums, are signed and can be verified from the root directory of UPR via the maintainer's public key:
gpg --verify sha1sum.txt.sig sha1sum.txt gpg --verify md5sum.txt.sig md5sum.txt
Using the fingerprint and an Internet search, the user can verify the maintainer's key.
Data Vault
In the Ubuntu Privacy Remix boot menu – press Esc – you can choose a language by pressing F3. By default, the user is not root, but you can change this by pressing F6 and entering godmode on the Boot Option line (Figure 2). The sudo su command then gives the user root access without a password.
If you want to save data but do not need root privileges, your next step is to set up an extended TrueCrypt container on a second USB stick. To do so, call the menu item Applications | Security | TrueCrypt Volume Wizard, check Create an extended volume and then select Create a container file.
In the next TrueCrypt window, click on Browse in the Container file line and select the USB stick that will hold the container. Its size depends on the space available on the drive, but you will want to be as generous as possible here, because all the files you attempt to save on UPR end up here.
After assigning a name and setting a password (20 characters), you need to move the mouse for one minute to generate random numbers, then press Generate and wait for the success message. The password should be very secure, because Ubuntu Privacy Remix stores an encrypted version of it on the USB stick.
To use the extended container, open the File Manager, right-click the container, and select TrueCrypt-Container | Open. After entering the password, the container appears on the desktop ready for use.
But that's not all: UPR automatically stores the configurations of various programs in the container as links from your home directory. You can thus set up LibreOffice without ever losing your settings. The prerequisite is that you open the container before launching the programs. To unmount the container before shutting down, just right-click the desktop icon and select TrueCrypt-Container | Unmount.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.