COMP 3000 2011 Report: Privatix: Difference between revisions
No edit summary |
No edit summary |
||
Line 69: | Line 69: | ||
==Usage Evaluation== | ==Usage Evaluation== | ||
During our use of Privatix, we found it preformed on par for what it was described as, | During our use of Privatix, we found it preformed on par for what it was described as, a secure and portable system. The tools provided to encrypt data and the secure browser with add-ons for anonymity especially supported this belief. However we also found some parts of the distribution that were a cause for concern. To begin with, there was a slight language barrier as the system was originally written in German. This was made apparent by the frequent grammar mistakes in both the existing English documentation and thee operating system itself indicate that English was not the primary language for the writers of this operating system. Most of the documentation for the operating system is also in German. Those who maintain Privatix and its project website are in the process of translating all their documentation as to be available in both English and German, though currently most of the supporting documentation and FAQ are in German. This made it hard to troubleshoot anything that went wrong with the system during installation or use. | ||
We also noticed that there was no wireless driver on neither portable versions of the OS (installed on an external device or simply using the Live CD) so wireless networks could not be connected to. This causes a problem because an operating system on a USB stick should be completely portable, however this driver requires you to have a hard line to use the internet. It was also noticed that when using Privatix in VirtualBox that even though there was no wireless drivers in Privatix, the wireless capability was provided by the host OS (Windows). | |||
Lastly, when we tried to install Privatix onto a USB it took several attempts. We discovered that to avoid many of the problems we encountered, it is better to use a larger (preferably at least 8GBs) external device for installation and to defer from filling the external device with blank decoy data during installation on an external device. | |||
However once connected to the internet, all the software seems to work as it should. The more basic applications such as OpenOffice, the instant messaging and email clients, multimedia applications etc. function with no problems encountered, working much as they do in any other Linux distribution. All the security tools also seem to work as they should. However since we do not know how to test the limits of its security measures we do not know for sure how secure these programs actually are. Overall, Privatix seems to be a very functional and portable distribution, allowing users access to standard applications for tasks such as editing and transporting data, sending/receiving email, instant messaging and multimedia applications with the added bonus of being completely secure and anonymous. | |||
==References== | ==References== | ||
<references /> | <references /> |
Revision as of 02:02, 19 October 2011
Part 1
Background
The name of our chosen distribution is the Privatix Live-System. The target audience for this system are people that are concerned about privacy, anonymity and security when web-surfing, transporting/editing sensitive data, sending email etc. Therefore, the goals of this distribution are mainly security and privacy related--being able to provide security-conscious tools and applications integrated into a portable OS for anyone to use at any time. The distribution is meant to be portable, coming in the form of a live CD which can be installed on an external device or a USB flash drive with an encrypted password to ensure that all your data remains private, even if your external device is lost or compromised. The Privatix Live-System incorporates many security-conscious tools for safe editing, carrying sensitive data, encrypted communication and anonymous web surfing such as built in software to encrypt external devices, IceWeasel and TOR.
This Privatix Live-System was developed in Germany by Markus Mandalka. It may be obtained by going to Markus Mandalka's website and navigating to the download page (Mandalka), selecting the version you wish to download (we chose the English version) and downloading it. The approximate size of the Privatix Live-System is 838MB for the full English version (there are smaller versions available which have had features such as GNOME removed).<ref name="Privatix download page">Privatix download page(Last accessed 10-11-12)</ref>. The Privatix Live-System was based off of Debian (Debian).
Installation/Startup
Currently we have Privatix installed on an 8GB USB stick in order to utilize the full power of the OS. However, Privatix can be used in a few ways other than installing it on an external device (such as a USB stick)such as on a live CD/DVD, in a virtualized environment such as VirtualBox. After downloading the .iso file it is possible to either burn the operating system to a CD/DVD, use VirtualBox, or install it to a USB stick.
CD/DVD
To install and boot Privatix with a CD/DVD, simply burn the operating system to a disk and boot from the CD/DVD created when prompted to in the BIOS. While using the Live CD, the user will have access to almost all features of the operating system. However, because no profiles were setup, if the user locks the computer, there will be no way to unlock it as no password was not setup.
VirtualBox
Using VirtualBox requires simply having VirtualBox installed, and when prompted for the installation media to select the .iso file downloaded for Privatix.
When the system starts up select the Live option. This brings up the main Desktop, while using VirtualBox the user will have access to all features available when using Privatix with the Live CD. However there is one small extra level of security, this is provided by the host operating system. this extra layer of security takes the form of the profile system of the host operating system.
USB
To install Privatix onto a USB stick, you first must be booted into Privatix Live through a CD/DVD. Then you need to click the install icon on the Desktop to begin installing to a device. It is then possible to select a device for Privatix to install itself on. The installer will ask you if you would like to fill your device with blank data, this makes accessing data/recovering what was originally on the device much harder. The installer will prompt you for a user password, as well as an admin password. The installer will then start it's time consuming process of installing Privatix to the device.
To boot into Privatix from the device, you can stop the computer booting, and then boot into the external device. During booting, Privatix will prompt you for your the password set up during the installation.
Basic Operation
On An External Device
The main way of utilizing the Privatix Live-System is done by installing the system on an external device--in our case, we used an 8 GB USB stick. Once the system is installed on the external device. When the system is installed on an external device, it is easy to use the system for its intended purpose--having portable anonymous and secure system. We tested this portable version of the system on several laptops with no trouble and no noticeable discretion in use between the different machines. We attempted to use the the system for the following use cases: anonymous web browsing, secure email, data encryption and secure data transportation.
Apart from this, Privatix also came with OpenOffice applications for editing all types of data and much of the basic GNOME functionality, including (but not limited to):
- Pidgin IM and Empathy IM Client for instant messaging
- Evolution Mail for sending and retrieving email
- gedit for text editing
Anonymous Web Browsing
The main thing we liked about this system was the secure and anonymous web browsing. The default browser in the system is IceWeasal (an older version of GNU IceCat--a re-branding of FireFox compatible with both Linux and Mac systems) which comes equipped with security features not available by default in FireFox. The main add on that I liked was that The Onion Router (TOR) is installed and enabled by default (it can be disabled if the user wishes). TOR is an open source project meant to provide absolute anonymity online--mainly preventing anyone from learning your location or browsing habits--by routing webpage requests through virtual tunnels made up of individual TOR nodes. Since no two "paths" for a request are ever the same there is no way for your traffic to be monitored.
Secure Email
The Privatix Live-System also came equipped with the security-conscious email client IceDove--a re-branding of Mozilla ThunderBird (a cross-platform email client that provides government-grade security features). The email client was easily setup and used, supporting digital signing and message encryption via certificates by default (as with TOR, this could be disabled if the user wished).
Data Encryption
The Privatix Live-System also has the ability to encrypt external devices (besides the external device that the system is installed on). This meant that we could have an unlimited amount of encrypted data, not being limited to the size of the external device that the system itself is installed on. The ability to encrypt secondary external devices is very handy as much of the space on the external device that Privatix is installed on is taken up by the system itself, especially if one fills the device with blank decoy data on installation. The encryption software was easily used and well designed and was able to be utilized by absolute beginners of the system.
Secure Data Transportation
There are two ways that Privatix fulfills its secure data transportation goal:
- When saving data on the external device with the Privatix Live-System, the data is automatically encrypted and is also password protected (since the portable version of Privatix requires a password to use it).
- As mentioned above, Privatix allows for the encryption of secondary external devices, hence meaning that data can be securely transported without even having the Privatix Live-System with you.
General Use
Even with the additional security features not available in other distributions, Privatix would still be a very desirable live system to use. It is portable, especially once installed on an external device, and easily used with little bloatware. The default applications such as OpenOffice for data editing, Pidgin for instant messaging, various graphics editors, video player, and CD burner/extractor ensured that they system was still perfectly functional for everyday use, even with security, not intense functionality, being the main focus.
Live CD and Virtual Box
We found that running Privatix using the live CD and VirtualBox was equivalent.
When booting the live CD in VirtualBox, there are certain key features of the Privatix Live-System you are missing (mainly because these features are meant for the portable version to be installed on an external device). However, just booting from the live CD still gives a lot of the functionality I would use the system for--mainly the anonymous web browsing, secure email and data encryption. The key differences were the lack of portability and the inability to save any data on the live CD or VirtualBox environment.
When using only the live CD or VirtualBox all files are deleted when the system is shut down. In addition to, any files saved to the desktop by the user will not appear. They will be hidden from view, but can be viewed by opening the terminal and navigating to the desktop and running the ls command.
Usage Evaluation
During our use of Privatix, we found it preformed on par for what it was described as, a secure and portable system. The tools provided to encrypt data and the secure browser with add-ons for anonymity especially supported this belief. However we also found some parts of the distribution that were a cause for concern. To begin with, there was a slight language barrier as the system was originally written in German. This was made apparent by the frequent grammar mistakes in both the existing English documentation and thee operating system itself indicate that English was not the primary language for the writers of this operating system. Most of the documentation for the operating system is also in German. Those who maintain Privatix and its project website are in the process of translating all their documentation as to be available in both English and German, though currently most of the supporting documentation and FAQ are in German. This made it hard to troubleshoot anything that went wrong with the system during installation or use.
We also noticed that there was no wireless driver on neither portable versions of the OS (installed on an external device or simply using the Live CD) so wireless networks could not be connected to. This causes a problem because an operating system on a USB stick should be completely portable, however this driver requires you to have a hard line to use the internet. It was also noticed that when using Privatix in VirtualBox that even though there was no wireless drivers in Privatix, the wireless capability was provided by the host OS (Windows).
Lastly, when we tried to install Privatix onto a USB it took several attempts. We discovered that to avoid many of the problems we encountered, it is better to use a larger (preferably at least 8GBs) external device for installation and to defer from filling the external device with blank decoy data during installation on an external device.
However once connected to the internet, all the software seems to work as it should. The more basic applications such as OpenOffice, the instant messaging and email clients, multimedia applications etc. function with no problems encountered, working much as they do in any other Linux distribution. All the security tools also seem to work as they should. However since we do not know how to test the limits of its security measures we do not know for sure how secure these programs actually are. Overall, Privatix seems to be a very functional and portable distribution, allowing users access to standard applications for tasks such as editing and transporting data, sending/receiving email, instant messaging and multimedia applications with the added bonus of being completely secure and anonymous.
References
<references />