Well, it may not actually change your life, but if you’re in the security field it’s going to make life more difficult.
I’m at the second annual Shmoocon, a “hacker” conference mostly devoted to white-hat efforts and general good-gut-type things. Last year the Google Hacking guy showed his research results; a week later it hit the mainstream media. So I find these things very helpful. (Additionally, the conference is half a block from TCG HQ, so I have no excuse to miss it.)
I just walked out of a session by a group of people calling themselves kaos.theory on a new instance of OpenBSD Unix, Anonym.os, that runs from a CD and provides for pretty secure web browsing, instant messaging, and email. By secure I mean it sends every single packet through Tor, an anonymous Internet communication system, it’s really careful about accidentally putting out any packets, and generally it’s a nightmare if you’re trying to keep people from doing stuff they shouldn’t on your network.
Tor has never been easy to use, but this operating system makes it trivial. The creator’s claim is that it will make it possible for your mother to work on the Internet securely and privately.
This is a good thing, on one hand. There are a lot of governments that dislike the ability of their citizens to do anything without the government’s knowing about it. This will help those citizens do their dissenting with far less fear of the heavy hand of their government.
On the other hand, of course, is our very own government, who wants to know what all of us in the US are doing. The courts will decide about the legality of that behavior, but the belief is that Tor makes it impossible even for them to track packets.
Anyway, the way this will change your life is that it works behind corporate firewalls, too. That is, you can use it to punch huge holes right through your corporate security system.
Corporate security folks have a lot to worry about already. The ability for the blackberry to be used as a modem. Road warriors who want to use their laptops both on the road and behind the corporate firewall. Teleworkers who have easy physical access to their boxes. This adds one more fear — if your user can boot from a CD, they can get around your security.
And the CD ISO will be up on SourceForge “soon.” Oh, look, there it is: SourceForce Anonym.OS Live CD.
Let the fun begin! (Again!)
Bootable Tor OS
Dan Turner’s report from Schmoocon about Anonym.os is interesting a slightly scary. Not only is it a CD-bootable Unix OS with built-in Tor network anonymity (for secure, anonymous browsing) but it also works from behind corporate firewalls.
I find it a touch ironic that in order to download the .iso you’ve got to log in to one site or another. When oh when can I download anonymously?
JohnH — not sure why you’d have to login anywhere. Sourceforge doesn’t require a login to download, nor does LinuxTracker… the only two download sites that we’ve officially linked to. Feel free to email me directly if you continue to have problems!