Liberté Linux

Liberté Linux

Liberte Logo
Company / developer Maxim Kammerer, Anonymous, and others.[1]
OS family Unix-like
Working state Active
Source model Open source
Latest stable release 2011.2 / November 7, 2011; 4 months ago (2011-11-07)
Latest unstable release 2011.2
Supported platforms i386(x86), amd64(x86-64), ARM
Kernel type Monolithic
Default user interface Bash
License Various
Official website [1]

Liberté Linux is an operating system claimed to be "secure, reliable, lightweight and easy to use". It is a Hardened Gentoo-based LiveUSB/SD/CD Linux distribution intended to enable "anyone to communicate safely and covertly in hostile environments. Whether you are a privacy advocate, a dissident, or a sleeper agent, you are equally likely to find Liberté Linux useful as a mission-critical communication aid."[2]

"Liberté can also serve as a robust framework for mastering Gentoo-based LiveUSBs/CDs," claiming to be "fully automated with incremental build support" and more "reliable than most of Gentoo's own outdated LiveCD tools. Gentoo is an extremely flexible distribution for safely generating custom live media from source — for instance, Liberté does not contain Portage, GCC, Perl or Python." [3]

Liberte employs a "reproducible deployment image build process" with "rigorous verification of the complete chain of trust of all downloaded archives, packages and signature keys. All software in the image, without exception, is built from source — there is no reliance on externally compiled binary executables." Users are encouraged to master a customized image themselves once comfortable.

Contents

Basic features

Liberté installs as a regular directory on a USB/SD key, taking ≈200 MiB of disk space, and not interfering with other files. Everything is preconfigured — the only user input required during boot is the encrypted volume password. 192 MiB of RAM suffice for desktop use.

Liberté ships with the Hardened Gentoo kernel with all grsecurity/PaX security enhancements including service privileges separation.

All persistent changes are kept in a secure LUKS/OTFE volume accessible from any operating system, including application settings archived upon shutdown, and documents explicitly stored in the encrypted volume. The OTFE volume is just a file on the boot media that can be copied, backed up, or transparently resized from inside Liberté.

To securely, reliably and covertly communicate with other Liberté Linux users requires only the familiar e-mail interface, using serverless cables communication — a CMS standard-based stateless messaging protocol.

All networking activities like browsing and chatting are automatically Torified, with I2P locations transparently available. After the system receives a network address, all subsequent external traffic it emits is encrypted communication on HTTP(S) ports (used by Tor). No other traffic is sent — not even DNS requests. I2P traffic is also routed through Tor, allowing I2P use even behind firewalls. An Unsecure Browser is available for the express purpose of registration in open Wi-Fi HotSpots.

Liberté leaves no traces outside the encrypted boot volume without explicit user consent (such as manually creating files on external automounted media). Volatile memory is thoroughly erased upon shutdown in order to prevent cold boot attacks. Other privacy-enhancing features, such as wireless MAC addresses randomization and uniform HTTP headers, are automatically employed to further obscure activity.

Tools

Simple document and image processing are included, even HTML5 video support in the browser, file managers and chat plugins, audio players, multilingual fonts, full application interface and keyboard localization, and so on. It is intended as a full entry level net terminal.

Releases

See Github release history. [4] See also the FAQ. [5].

References