Tinfoil Hat Linux: Difference between revisions

Tinfoil Hat Linux
Developer	Shmoo Group[citation needed]
OS family	Linux
Working state	Discontinued
Source model	Open source
Latest release	1.0 / February 2002
Platforms	i386
Kernel type	Monolithic kernel
Default; user interface	CLI / Bourne shell
License	Modified BSD license[citation needed]
Official website	tinfoilhat.shmoo.com

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 14:52, 17 December 2008

Tinfoil Hat Linux (THL) was a compact Linux distribution designed for high security. Version 1.000 was released in February 2002. It appears to be no longer actively maintained as of 2006^[update], though the files are still available in gzip format. THL requires a 386DX computer or better, with at least 8 MB of RAM. The distribution fits on a single ordinary HD floppy. The small footprint provides additional benefits beyond making the system easy to understand and verify- the computer need not even have a hard drive, making it easier to "sanitize" the computer after use. Many of these concepts have been carried over into larger and more modern Live CD distributions such as Knoppix.^{[citation needed]}

The logo of Tinfoil Hat is Tux, the Linux mascot, wearing a tinfoil hat.

Security features

Tinfoil Hat uses a number of sophisticated^{[citation needed]} measures to defeat hardware and software surveillance methods like keystroke logging, video camera, and TEMPEST:

Encryption — GNU Privacy Guard (GPG) public key cryptography software is included in THL.
Data retrieval — All temporary files are created on an encrypted ramdisk that is destroyed on shutdown. Even the GPG keyfile information can be stored encrypted on the floppy.
Keystroke monitoring — THL has gpggrid, a wrapper for GPG that lets you use a video game style character entry system instead of typing in your passphrase. Keystroke loggers get a set of grid points, not your passphrase.
Power usage and other side channel attacks — Under the Paranoid options, a copy of GPG runs in the background generating keys and encrypting random documents. This makes it harder to determine when real encryption is taking place.
Even reading the screen over the user's shoulder is very hard when Tinfoil Hat is switched to paranoid mode, which sets the screen to a very low contrast.

Applications

An advantage of THL is that it can be used on virtually any modern PC using the x86 processor architecture. For example, one might install it on a computer that is kept in a locked room, not connected to any network, and used only for cryptographically signing keys. While the paranoid mode security measures may seem over the top and might be found funny, they are a good education in the types of issues that must be considered for high security. It is fairly easy to create the Tinfoil Hat booting floppy with Microsoft Windows. Verifying the checksum can be more tricky. The text of the documentation is salted with just a few jokes, which reinforces their humor by the stark contrast with the serious and paranoiac tone of the surrounding text- the very name pokes fun at itself, as Tinfoil hats are commonly ascribed to paranoiacs as a method of protecting oneself from mind-control waves.

Tinfoil Hat Linux requires one to work in a text-only environment in Linux, i.e. starting straight off with a Bourne shell and the editor vi, not a graphical user interface. It uses BusyBox instead of the normal util-linux, the GNU coreutils (formerly known as fileutils, shellutils and textutils) and other common Unix tools. While vi can be arcane, Tinfoil Hat also offers the simpler nano text editor.

External links

@@ Line 1: / Line 1: @@
+{{Unreferenced|date=November 2007}}
-Page deleted due to AfD: http://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion/Tinfoil_Hat_Linux_(2nd_nomination)
+{{Infobox_OS
+  |name = Tinfoil Hat Linux
+  |logo = [[Image:Tinfoillinux.jpg|250px|Official logo for Tinfoil Hat Linux]]
+  |screenshot =
+  |caption = Official logo for Tinfoil Hat Linux
+  |developer = [[Shmoo Group]]{{Fact|date=November 2007}}
+  |family = [[Linux]]
+  |source_model = [[Open source]]
+  |latest_release_version = 1.0
+  |latest_release_date    = [[February 2002]]
+  |latest_test_version    = 2.0pre1
+  |latest_test_date       = [[2003]]
+  |kernel_type = [[Monolithic kernel]]
+  |ui = [[Command line interface|CLI]] / [[Bourne shell]]
+  |license = Modified [[BSD license]]{{Fact|date=November 2007}}
+  |working_state = Discontinued
+  |supported_platforms = [[i386]]
+  |updatemodel =
+  |package_manager =
+  |website = [http://tinfoilhat.shmoo.com/ tinfoilhat.shmoo.com]
+}}
+'''Tinfoil Hat Linux''' (THL) was a compact [[Linux distribution]] designed for high [[security]]. Version 1.000 was released in February 2002. It appears to be no longer actively maintained {{As of|2006|lc=on}}, though the files are still available in [[gzip]] format. THL requires a [[Intel 80386|386DX]] computer or better, with at least 8 [[Megabyte|MB]] of [[Random access memory|RAM]]. The distribution fits on a single ordinary [[Floppy_disk#Reported_3.5.22_DS-HD_floppy_capacity|HD floppy]]. The small footprint provides additional benefits beyond making the system easy to understand and verify- the computer need not even have a [[hard drive]], making it easier to "sanitize" the computer after use. Many of these concepts have been carried over into larger and more modern [[Live CD]] distributions such as [[Knoppix]].{{Fact|date=November 2007}}
+The logo of Tinfoil Hat is [[Tux]], the Linux mascot, wearing a [[tinfoil hat]].
+==Security features==
+Tinfoil Hat uses a number of sophisticated{{Fact|date=November 2007}} measures to defeat hardware and software surveillance methods like [[keystroke logging]], [[video camera]], and [[TEMPEST]]:
+*Encryption — [[GNU Privacy Guard]] (GPG) [[public key cryptography]] software is included in THL.
+*Data retrieval — All temporary files are created on an encrypted [[RAM disk|ramdisk]] that is destroyed on shutdown. Even the GPG keyfile information can be stored encrypted on the floppy.
+*Keystroke monitoring — THL has gpggrid, a wrapper for GPG that lets you use a video game style character entry system instead of typing in your [[passphrase]]. [[Keystroke logging|Keystroke logger]]s get a set of grid points, not your passphrase.
+*Power usage and other [[side channel attack]]s — Under the Paranoid options, a copy of GPG runs in the background generating keys and encrypting random documents. This makes it harder to determine when real encryption is taking place.
+*Even [[Shoulder surfing (computer security)|reading the screen over the user's shoulder]] is very hard when Tinfoil Hat is switched to paranoid mode,  which sets the screen to a very low [[Contrast (vision)|contrast]].
+==Applications==
+An advantage of THL is that it can be used on virtually any modern [[Personal computer|PC]] using the [[x86]] processor architecture. For example, one might install it on a computer that is kept in a locked room, not connected to any [[Computer network|network]], and used only for [[Cryptography|cryptographically]] signing [[Cryptographic key|keys]]. While the [[Paranoia|paranoid]] mode security measures may seem over the top and might be found funny, they are a good education in the types of issues that must be considered for high security.  It is fairly easy to create the Tinfoil Hat [[booting]] floppy with [[Microsoft Windows]]. Verifying the [[checksum]] can be more tricky. The text of the documentation is salted with just a few jokes, which reinforces their humor by the stark contrast with the serious and paranoiac tone of the surrounding text- the very name pokes fun at itself, as [[Tinfoil hat]]s are commonly ascribed to paranoiacs as a method of protecting oneself from mind-control waves.
+Tinfoil Hat Linux requires one to work in a text-only environment in Linux, i.e. starting straight off with a Bourne shell and the editor [[vi]], not a [[graphical user interface]]. It uses [[BusyBox]] instead of the normal [[util-linux]], the [[GNU Core Utilities|GNU coreutils]] (formerly known as fileutils, shellutils and textutils) and other common [[Unix]] tools. While vi can be arcane, Tinfoil Hat also offers the simpler [[nano (text editor)|nano]] text editor.
+== See also ==
+{{Portal|Free software|Free Software Portal Logo.svg}}
+{{Portal|Cryptography|Crypto_key.svg}}
+*[[List of Linux distributions]]
+*[[List of LiveDistros]]
+*[[Damn Small Linux]]
+*[[Security focused operating system]]
+*[[Knoppix STD]]
+*[[OpenBSD]]
+==External links==
+* [http://tinfoilhat.shmoo.com/ Official website]
+* [http://web.archive.org/web/20021204010949/http://www.evilmutant.com/stuff/tinfoil/ www.evilmutant.com article about Tinfoil Hat Linux, with screenshots]
+* [http://web.archive.org/web/20020907012413/www.evilmutant.com/stuff/tinfoilpr0n/ Another evilmutant.com article giving links to other media which picked up the previous article]
+* [http://www.vnunet.com/vnunet/news/2117662/linux-paranoid More mainstream coverage of Tinfoil Hat Linux]
+* [http://www.vnunet.com/vnunet/news/2117852/linux-open-sorcerer-casts-spell An article from the same site making mention of Tinfoil Hat Linux]
+* [http://the.jhu.edu/upe/2004/03/23/about-van-eck-phreaking An article about Van Eck Phreaking mentioning Tinfoil Hat Linux]
+* [http://apcmag.com/3763/top_3_linux_distros_youve_never_heard_of An article from 2006 discussing Tinfoil Hat Linux]
+{{Linux-distro}}
+[[Category:Cryptographic software]]
+[[Category:FloppyOS]]
+[[Category:RPM-based Linux distributions]]
+[[nl:Tinfoil Hat Linux]]
+[[ro:Tinfoil Hat Linux]]