Liberté Linux is a secure, reliable, lightweight, and easy to use Gentoo-based live USB Linux distribution intended as a communication aid in hostile environments. It installs as a regular directory on a USB/SD key, and after a single-click setup, boots on any desktop computer or laptop. The Internet connection is then used to set up a Tor circuit, which handles all network communication. During first boot, a unique email ID is generated from fingerprints of user's certificate and Tor hidden service key. This persistent ID allows one to stealthily communicate with other Liberté users. The distribution includes image and document processing applications, and can function as a secure Web browsing platform. For developers, Liberté can also serve as a robust framework for mastering Gentoo-based live USBs/CDs. The build process is fully automated with incremental build support, and is more mature and reliable than most of Gentoo's own outdated live CD tools.
|Tags||privacy anonymous Tor covert communication Security|
|Operating Systems||Hardened Gentoo Linux (32 and 64 bit)|
|Implementation||Shell scripts C|
Anonymous cables communication using the familiar email interface, that has been pioneered in Liberté Linux, is now an independent project: http://dee.su/cables
Release Notes: This release implements a UEFI Secure Boot-based trusted boot chain, the first time such support has been released in a Linux distribution. Other notables features include kernel 3.4.7 with overlayfs replacing Unionfs, better Xorg Mesa drivers, support for Tor bridges, and a non-anonymous boot mode.
Release Notes: This release features better boot media support (including fixes for SD and USB 3.0), a new microhttpd-based cables communication implementation, a VIPS image manipulation toolkit, and fixed key retrieval in GNU Privacy Assistant. A touchscreen calibration utility has been added. LXPanel now has working thermal sensor support.
Release Notes: This releases features more extensive hardware and firmware support. Experimental (U)EFI booting support has been added. Most of the filesystem is now read-only. The SquashFS image is verified early in the boot process. Cables communication now realizes perfect forward secrecy and repudiability. Support for running as a virtualized guest has been improved. Epiphany is now used as the browser instead of Midori.
Release Notes: This release adds ISO images, deployment to EXT2-4 filesystems, better touchpad support in X, better VM integration (including VirtualBox share automounting), more filesystems supported on media, an applet for switching Tor identity, I2P support (experimental, including cable communication), a hardened and extended HTP time daemon, HTML5 video support in Midori, SASL authentication and OTR encryption support in XChat, and VPN support in NetworkManager. Kernel 2.6.39 with SquashFS XZ compression and NX support requires a PentiumIII+ with PAE.
Release Notes: Secure and anonymous email-like communication was implemented. XChat, Pidgin, FBReader, OpenSSH client, and H.264 video / Speex audio encoding were added. Linux kernel 2.6.37 with SquashFS LZMA is used. Startup and shutdown were made faster using custom initramfs and parallel OpenRC. Haveged serves as a reliable entropy source, and NTP is disabled in favor of exclusive HTP over Tor. Kexec-based boot wipes RAM, even when triggered by boot media removal. KMS- and VESA-dependent boots have been separated, fixing video card issues. The X server locks the screen when a laptop's lid is closed, with improved lock robustness.