An evil Penguin grabs the persistence partition’s key of a friend’s Kali live operating system

(How to get a Kali LUKS master key) I have recenty set up a Kali live operating system with a LUKS-encrypted data persistence partition, and used it for a while. Unlike Tails, fortunately Kali Linux makes use of a ISO9660-formatted partition for system files (it does not feature the kernel update facility however). Anyway, my question is the same as for Tails: if I lend my USB key running Kali to an evil Penguin, am I sure to use it again afterwards? And anoter more important one: if there are... Read more

An evil Penguin grabs the persistence partition’s key of a friend’s Tails operating system

(How to get a Tails LUKS master key) I have recenty set up a Tails live operating system with a LUKS-encrypted data persistence partition, and used it for a while, noticing that Tails insists on a FAT filesytem for all its system files, kernel, initrd and filesystem.squashfs. Actually, I was thus very curious about how developers managed to protect their security-focused operating system from system files’ modifications – FAT means “easily writeable” to me. The partitioning structure of my USB key follows: Disk /dev/sdc: 59.8 GiB, 64160400896 bytes, 125313283 sectors... Read more

Open Secure-K OS is amongst us (a Penguin tries out it)

As a debianized Penguin, some time ago I reviewed Secure-K OS, a commercial Linux-based live operating system meant to be run from a USB key and “developed with security in mind”, according to its developers. In the review I praised its innovative overall system architecture: At the end of the day, Secure-K OS is a live operating system which saves my data encrypted on the key and it is capable of system and kernel update. I also appreciate how a kernel update improves the overall security of a live system... Read more

A Penguin tries out Secure-K OS

A Penguin tries out Secure-K OS on his macbook pro hardware for a (rainy) weekend as his only operating system. As the name suggests (Secure Key), Secure-K OS is a live operating system, based on Debian 9 Stretch, meant to be run from any USB key and “developed with security in mind”, according to its developers, Mon-K Data Protection. A couple of “hardware versions” of the operating system are being sold on the project website, which means that one can buy Secure-K OS already deployed into a hardware-encrypted USB key... Read more

A Penguin tries out TrueOS, part II

In the first part of this article I’ve covered system installation, first login and GNOME/XFCE desktop environments usage and I’ve had a brief look at the init system of TrueOS. In this second part I’m reviewing TrueOS’ most exclusive and distinctive feature, the updates’ management. System and packages’ updates TrueOS is a rolling-release operating system, it means that developers work with one code branch (versus discrete versions as you can find in Ubuntu Linux for example) and update it with frequent (and scheduled) updates so that it is always “fresh”... Read more

Obscure operating systems you can really use today: OpenIndiana

And here we are with this Obscure operating systems you can really use today series of articles; in the first one I’m taking a quick look at OpenIndiana. Isn’t its name so obscure and fascinating? No. Of course 😉 OpenIndiana is a free and open source operating system derived from OpenSolaris and based on Illumos. Developers forked OpenSolaris after Oracle Corporation discontinued it. At the end of the day, the project intends to deliver a System V family operating system which is binary-compatible with the Oracle products Solaris 11 and... Read more