[liberationtech] Security Focused Live Linux Distros
Eugen Leitl
eugen at leitl.org
Fri Sep 13 01:23:57 PDT 2013
On Thu, Sep 12, 2013 at 05:08:10PM -0400, John Love wrote:
> I'm researching security, privacy, and anonymity focused live Linux
> environments like Liberté Linux, TAILS, JonDoNYM, and Whonix. There's
JonDoNYM is backdoored, and hence not playing in the same league.
http://en.wikipedia.org/wiki/Java_Anon_Proxy
In July 2003, the German BKA[8][9] obtained a warrant to force the Dresden Mix operators to log access to a specific web address, which had been associated with child pornography. AN.ON then decided to introduce a crime detection function in the server software in order to make this possible. The feature was made transparent by publishing the changed source code on 18. August 2003 and subsequently criticized by many users, because they regarded their anonymity as compromised: Tracing activities back in the past is still technically not possible for the operators, but anonymity now extends only to the timepoint that a surveillance court order is issued.[10] It was pointed out though that the new feature was covered by the AN.ON threat model and not a security leak by itself.
As a reaction to the threat from local authorities, the system has spread internationally. If the Mixes of a cascade are spread over several countries, the law enforcement agencies of all these countries would have to work together to reveal someone's identity.[11] AN.ON publishes every year the number of successful and unsuccessful surveillance court orders.[12] Further research is being done by AN.ON to make the crime detection functionality more privacy-friendly.[3]
Since May 2005, JonDonym can also be used as a client for the Tor and since 2006 also for the Mixminion network.[13] These features are still in an early stage and only available in the beta version of the software.
> obviously a diversity of needs and preferences, and each of these distros
> has their own approach and community. Assuming all disrtos are not made
> equal, I'm curious if anyone who's familiar with all, or even a couple, of
> them could share their experiences, and/or point us to a comprehensive
> overview/comparison?
More information about the liberationtech
mailing list