High-security, RAMdisk Linux rev'd

Keywords: Match:

Mar. 12, 2009

An interesting physical security-focused Linux distribution was upgraded a couple of days ago. Tin Hat Linux reportedly takes a Vista-like five minutes to boot, because its whole filesystem is decrypted and loaded from an optical drive onto a RAMdisk (tmpfs). But after that, it's likely Puppy-fast!

Tin Hat appears to be a university project out D'Youville College in Buffalo, New York. At least, the release announcement came from the chair of the IT department there, Dr. Anthony G. Basile, who also leads the project. The project website is hosted among the College's open source projects.

According to the Tin Hat project page, Tin Hat "aims towards the ideal of guaranteeing zero information loss should the attacker physically acquire the box -- either the adversary is faced with no file system to even begin cracking, or if any non-ephemeral memory is found, the adversary should not be able to tell if he is looking at encrypted data or random noise."

The same project page humbly admits that current releases represent "baby steps" toward that ideal, going on to list a half-dozen possible exploitative approaches, including both technical and social engineering varieties.

Official Tin Hat Screenshots
(Source: Tin Hat)

The "fast" factor

Notwithstanding Dvorak's recent comment that Ubuntu 8.10 runs faster from a CD than Windows runs from a hard drive, most "Live CDs" are slow, especially when it comes to launching programs (which must be loaded from the CD). Tin Hat, by comparison, instantiates programs from RAM, which is much more tightly coupled to the processor than even a hard drive. So, it ought to be pretty fast.

Reportedly, boot time can be whittled to two minutes, by using a USB key as the boot medium for the hefty 2.3GB rfs image.

It ins't clear how user data is preserved between boots, other than saving to a separate (encrypted, obviously) partition somewhere. Another hurdle is likely a different package installation method than most PC users are accustomed to. (For a look at the creative ways Puppy Linux is addressing that challenge, check out this recent look at the "puplet" proliferation phenomenon.)

Availability

Hardened Gentoo-based Tin Hat 20090309 is available via http, ftp, or bittorrent in i686 and AMD64 builds. The download page is here.

-- Henry Kingman

Do you have comments on this story?

Talkback here
NOTE: Please post your comments regarding our articles using the above link. Be sure to use this article's title as the "Subject" in your posts. Before you create a new thread, please check to see if a discussion thread is already running on the article you plan to comment on. Thanks!

Related Stories:

(Click here for further information)

Home \| News \| Articles \| Forum \| Polls \| About \| Contact

	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| Channel News
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep
Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2011 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.

Home \| News \| Articles \| Forum \| Polls \| About \| Contact

	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| Channel News
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep
Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2011 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.