COMP 3000 2011 Report: Liberté Linux

From Soma-notes

Background

In this day and age, anonymity, privacy and liberty are at the forefront of people’s minds. Whether it’s being able to surf the web anonymously and securely; access sites that have been arbitrarily blacklisted by various governments, or more importantly, the capability of communicating secretly in dire situations where anonymity is paramount for survival. If you're an activist or a spy, Liberté Linux is the distribution for you. <ref name="liberte">Kammerer, Maxim. DE(E)SU - Liberté Linux. DE(E)SU. Retrieved 17 October 2011, from http://dee.su/liberte </ref>

Liberté, which translates to freedom in French is supposed to exemplify this very concept. The notion of freedom of communication governs this particular distribution. To put it aptly, Liberté’s primary focus is to allow secure and reliable communication in hostile environment. <ref name="liberte"></ref>

It is interesting to note, the Liberté trademark (displayed on the left) is a composite of several different logos: <ref name="logo">Kammerer, Maxim. DE(E)SU - Liberté Artwork. DE(E)SU. Retrieved 17 October 2011, from http://dee.su/liberte-logo </ref>

  • The emblem of the United Nations
  • The flag of Anonymous
  • Blank globe, focus on Africa
  • The URSS aviation Kremlin Red Star
  • The Black Triforce (The creator mentions he was inspired by the triforce in Legend of Zelda) <ref>Kammerer, Maxim. DE(E)SU - Liberté Linux FAQ. DE(E)SU. Retrieved 18 October 2011, from http://dee.su/liberte-faq</ref>
  • Essays 1743 font (for the title Liberté)

Finally the motto encompassing the logo states: Anonymus / Ultima ratio libertatis / Nomen illis legio. <ref name="logo"></ref>

Liberté Linux is a Gentoo based Live CD/USB/SD distribution, created by Maxim Kammerer and can be easily obtained from sourceforge.

Installation/Startup

Live USB

(As a caveat, because Liberté Linux was installed in one of its native environments (USB) and not on a virtual machine, I was unable to provide personal screenshots. As such all screenshots in this section have been taken from the official liberte site.)


Liberté Linux takes up approximately 200mb of disk space, and requires no more than 192mb of RAM allocated, to run efficiently.<ref name="liberte"></ref> Very lightweight and an absolute breeze to install on a USB (Sandisk Cruzer 8GB) using a Windows machine. I installed the ZIP file, extracted it to the root of the USB. Located the setup.bat, and ran it as an administrator and then 10 seconds later...voila! The installation process was successfully completed.

Upon startup, I was prompted to set a LUKS passcode. Afterwards it took several minutes for an RSA key to be generated. As the distro was booting up, I was greeted with a Hammer & Sickle as my background (pictured to the right). What a glorious way to startup.

Once the desktop loaded, Liberte had issues identifying the battery charge percentage accurately. Whenever I’d unplug the laptop, I’d be greeted with a blinking popup warning me that my laptop had less than 5 mins of battery charge left, despite the fact that this was not the case. At this time, I have not been able to diagnosis the reason for this bothersome popup.

Basic Operation

It is important to note that Liberte's main design goal is security. As a result, all basic operations done on the platform have to be done securely. This includes, but is not limited to network traffic. Liberte improves on the Privacy Enhanced Live Distribution of Linux which transparently routes traffic through tor (including DNS requests), by forcing applications to create connections on the loopback interface. The ultimate goal here is to not leak IP addresses. Therefore, browsing and general network traffic is kept anonymous. <ref>Kammerer, Maxim. DE(E)SU - Security and Anonymity in Liberté Linux DE(E)SU. Retrieved 14 November 2011, from http://dee.su/liberte-security </ref>

Since I'm neither a dissident or located in a hostile environment, I'm not the typical user that Liberte is targeted to. I will attempt to use Liberte for relatively basic tasks.

I loaded up Midori, the secure web browser that comes installed with the operating system. On my first attempt, I tried to visit a popular networking site. Once the page loaded, I was informed that javascript is automatically disabled. I went sifting through the browser settings to enable javascript. After five minutes of searching I was unable to do this trivial task. I was left with no choice, but to forgo my pride and navigate to the help option. Upon close examination of the online documentation I stumbled onto somthing about enabling "userscripts". Seemed like this was my ticket to javascript galore! After enabling the userscript add-on, I restarted my browser, and was happy to see that my current tabs were restored and no longer did I receive the remainder that I needed to enable javascript. Finally after logging into the popular networking site, I was greeted with a lovely warning informing me that my account was locked, because I had accessed my account from an unrecognized device. I was prompted to answer several security questions in order to regain access. The first security question asked me to re-enter the text I saw displayed in the textbox...except for one problem. Where's the text? I frantically clicked on "try different words" and still. Nothing. This just keeps getting better and better. My preference for security began to diminish at a rapid rate. Mainly because of the roadblocks I had encountered at every step of the way. After many failed attempts, I restored my account on another operating system. Apparently, as it turns out, the networking site in question detected that someone had accessed my account from the Netherlands! Impressive, I dare say. This example perfectly illustrated the tor-encrypted traffic.

Usage Evaluation

From the tor-encrypted traffic to the logo, Liberte personifies security. However, I found the constant need to jump through hoops to configure settings to be a nuisance. There's no question that Liberte is a sophisticated operating system for the security-minded individuals.

Software Packaging

Liberte Linux does not use a packaging format or utility to distribute binaries, because security is the number one concern. You must manually download, compile and install all applications. Therefore, there is no simple way to get a list of installed packages, nor is there an easy way to obtain a list of packages you can install. As such, this drastically complicates the addition and removal of applications and tools. Installation would solely depend on the application in question. Above and beyond this, the standard make/install tools are not available on the platform by default. Every time you want to install applications you must rebuild the USB image. <ref name="response">Kammerer, Maxim. (2010, December 02). In response to: About install drivers in Liberté Monitor. SourceForge. Retrieved 14 November 2011, from http://sourceforge.net/projects/liberte/forums/forum/1137582/topic/3983226 </ref> The fact of the matter is, any sort of installation will most likely induce the growth of a neckbeard. Guaranteed.

It should also be noted that only user configuration is persisted between boots. If a user reboots, any temporary state is reverted. This includes, but is not limited to, installed applications and moved files. <ref name="response"></ref>

Major Package Versions

Initialization

References

<references />