Linux, Phones, Disposible Systems

I was looking at an old cell phone yesterday. Has a keyboard. Display. Networking.

The question came up: Could you run Linux on it? Could it be turned into a ‘disposable system’ of some kind? It already has an SD slot as well. Besides, even though it was a several $Hundred LG phone a few years ago, it is now considered “a brick” due to the size and weight. Old cell phones are available at ‘near zero’ cost. So as a ‘place to play’ are pretty cheap.

Some even have a USB port, so the lack of things like networking to traditional IP based ethernet networks could be just one USB ethernet dongle away.

I knew that long ago some folks who were “In The Valley” here in Silicon Valley had played with phones and the OS on them. (Heck, I was Director of I.T. at a company that made a little communications device that was planned to integrate into cellular services. Folks had cell phone guts on their desktops from time to time.) Unix started as an operating system for telco equipment at AT&T, so has the facilities built in. Linux as a ‘work alike’ has picked up much of those features too. I’d also heard a few years back about various folks putting Linux on a cell phone.

Lately Google had been pushing Android, that is Linux based, but I’d not paid much attention to “How much of a Linux?” nor to “How much success?”.

Time Passes

But it had “been a while” and I’d been only looking at non-phone platforms recently.
On a ‘first look’, the amount of “Linux Cellphone” stuff going on is surprisingly large:

One site is dedicated to listing various “Linux Devices” and has a long list of them with photos and descriptions:

Broader searches find a whole lot more:

Has about 94 Million hits (per Google, that tracks you…)

And more show up under the alternate spelling / word break:

Even restricting it to DIY finds a bundle. About 12 Million links:

Clearly this topic as “moved on” from where it was a decade or so ago ;-)

There’s a lot there to dig through. So this posting is more just a “Topic Opener” and place to put some interesting links as I figure out how best to wade through this pile.

The “topic” spreads out in a couple of directions.

One is “roll your own phone”
Another is “Linux as the telco provided Cell Phone OS”
Then there is “Linux added to the cell phone with the OS”

So any of those have the potential to turn the hardware / OS into a more general Linux box and secure it against prying.

The Linux Platform Driven Cell Phones

There are vendors of commercial cell phones that already use Linux as their operating system. Biggest name out there is Android.

Android is a Linux-based operating system for mobile devices such as smartphones and tablet computers. It is developed by the Open Handset Alliance, led by Google, and other companies.

Google purchased the initial developer of the software, Android Inc., in 2005. The unveiling of the Android distribution in 2007 was announced with the founding of the Open Handset Alliance, a consortium of 86 hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices. Google releases the Android code as open-source, under the Apache License. The Android Open Source Project (AOSP) is tasked with the maintenance and further development of Android.

Android has a large community of developers writing applications (“apps”) that extend the functionality of the devices. Developers write primarily in a customized version of Java. Apps can be downloaded from third-party sites or through online stores such as Google Play (formerly Android Market), the app store run by Google. In October 2011, there were more than 500,000 apps available for Android, and the estimated number of applications downloaded from the Android Market as of December 2011 exceeded 10 billion.

Android became the world’s leading smartphone platform at the end of 2010. For the first quarter of 2012, Android had a 59% smartphone market share worldwide, with a 331 million devices installed base and 85 million activations or 934,000 per day. Analysts point to the advantage to Android of being a multi-channel, multi-carrier OS.

The software can be downloaded and there is even an “Open Handset Alliance”. All good stuff.

And while Android had dramatically strayed from Linux on some key issues (like power management and how “locks” were managed), as of March 2012 it looks like they have re-merged to more common code / methods.

But it isn’t just Android any more:

Roll Your Own Phone

This approach glues a cell phone module onto a linux computer board. While this lets you have a more general purpose computer like platform, with telephone communications built in, it is less of a ‘fits in your pocket’ phone. Still, for a ‘portable workstation’ that could link via cell phone services to the internet, or that could tunnel a VPN through the cell service, it has potential. More for the DIY hacker wanting to build a known ‘ground up’ system with known control of all parts. This one uses the commonly available BeagleBoard computer as the base system hardware:

This site explores the ability of cell phones to use Bluetooth (so why plug in parts that can just be near each other?):

If a little less hard core about it, there’s a ‘middleware’ oriented site that lets you put your Apps on a phone, without necessarily doing the whole thing. The link is down at the bottom of this page that lists various Linux based phones and has some links to docs.

Then there is a “project” that has code to let you use your Linux phone as a ‘terminal’. I haven’t dug down into it yet, but the top page looks like it lets you have a “text based” terminal interface to generic Linux features (though perhaps a limited set) but including the text based browser Lynx and email. Enough for building a secure communications layer, if desired. (Just add an encryption and VPN layer).

Ubuntu And More

It also looks like others are getting on the Linux Cell Phone bandwagon, with an article that says Ubuntu is available:,2817,2400487,00.asp

And the process of having a full fledged Linux might be as simple as plugging in a keyboard and monitor:

For years, tech pundits have speculated about the merging of phones and desktop computers, with Motorola’s line of Webtop accessories only the latest in a series of products. Now Canonical has stepped in with what could be the most comprehensive attempt yet: Ubuntu for Android, which the company says launches a full desktop OS experience whenever you connect your phone to a computer screen and keyboard.

In this mode, Ubuntu works exactly as it does on a regular PC, with the same Unity UI and access to certified applications including Chrome and Firefox—except that your phone is now standing in for a bulky CPU tower. Otherwise, Ubuntu for Android stays invisible; when you’re out and about, your phone works just like a normal Android phone. Canonical says that all data and services stay consistent between the Ubuntu and Android environments, including contacts, SMS, and voice calls.

The desktop mode also works with Windows applications in virtual environments,
and with its various enterprise hooks, could eliminate the need for IT departments to manage separate phones and PCs for each employee. Ubuntu for Android will supports HDMI, USB, Google Docs, and 4G LTE data, among other things, and Canonical says wireless carriers can load up branded applications and services as part of the Ubuntu desktop.

Still left open would be the question of how secure is the platform. That is, if taken by a Police Agency, is it a “Chatty Cathy” with a lot of log file and contact information held for them to view; or can it be made a system where what I’d call “disruptive collapse” happens. Disturb some key factor (like power, or a blown login password, or a chip eject) and it becomes bare hardware that has nothing to say about you, or what you do.

Still, more promising as a path to security than a “start with silicon and make some chips” approach ;-)

Then there are more showing up:

1. Boot to Gecko

Perhaps most notably, Mozilla–maker of the popular Firefox browser–announced this week the new Open Web Devices platform for smartphones based on its Boot to Gecko (B2G) project. With Boot to Gecko, Mozilla aims to build a complete, standalone operating system for the open Web, and it has put Linux at the heart of that. While B2G uses some of the same low-level building blocks that Android does–including the Linux kernel–it is not based on Android, and deliberately so. With support from Telefónica, Adobe, Deutsche Telekom, and Qualcomm, the Open Web Devices effort promises to bring a new kind of Linux to the mobile world.

2. Tizen

Also coming out of Mobile World Congress 2012 have been not just one but two advances for the competing Tizen platform. Tizen, you may recall, is the Intel-backed open source project launched by the Linux Foundation in September. Since then we’ve seen a preview of Tizen’s source code and we’ve seen some considerable interest from Samsung; this week, up-and-coming device maker Huawei has jumped on board, and a beta release of the Tizen platform source code and SDK have made their debut. The beta release features an updated UI framework and Web APIs for easier development of rich Web applications, the Tizen Association says, while the SDK features support for Windows as well as Ubuntu Linux. Huawei, meanwhile, says it plans to create and commercialize Tizen handsets for a range of markets. What that will ultimately mean, of course, is mobile Linux in yet another form.

3. Ubuntu for Android

Speaking of Ubuntu Linux, let’s not forget its debut running alongside Android on upcoming smartphones. Offering a full desktop experience when the mobile device is docked, Ubuntu for Android will come preloaded along with Google’s platform on participating smartphones. That’s nothing short of a double dose of Linux on a single device.

Then, of course, there’s also Linux-based webOS, which appears to be marching along nicely, with a brand-new browser being added earlier this month.
I haven’t heard any webOS news coming out of Mobile World Congress–it won’t be fully open sourced until September, after all–but it’s another one that’s definitely worth watching.

Either way, I think it’s really interesting to see how Linux is spreading throughout the mobile world.

Apple’s iOS currently accounts for 54 percent of the mobile/tablet operating system market, according to Net Applications’ January data, while Android claims 18 percent. I can’t wait to see how things look in another year or two.

Which Way?

So while my first thought was just to find out “how hard to get something usable?” that is instead an embarrassment of riches and the (in some ways harder) decision of which path is the better one through so many choices.

The “goal” is to make a ‘disposable computer / communicator’ that is reasonably provably secure and that has volatile memory contents and with any private data held encrypted (and with the decrypted state – i.e. opened files – lost on any simple disruption like chip eject / power loss / shutdown / time out.) To have it also able to make VPNs to other cooperating IP addresses and tunnel a “dark net” through that VPN for the sharing of data in a secure manner ( such as to your desk machine at home when on the road).

Frankly, it looks to me like there are dozens of options and finding the best and easiest path will be as hard as actually making the system. (But the more effort put into the selection, the less that will likely be needed in the assembly…)

At this point, I intend to continue with the idea of a RaspberriPi (or BeagleBoard depending on availability) based “home” system that is in the sub $100 range, has the OS on an SD card (so a new one can be flashed from DVD / CD / whatever; and loaded any time you want to assure no “tools” or malware have crawled into your OS). Private data on a USB dongle or thumbdrive and encrypted with TrueCrypt (such that a device eject or powerfail has a fall back to encrypted data only).

That effort can go forward fast, and at low cost both in money and in “mindshare” and digging through code and feature sets (for both hardware and software).

In parallel, wandering through a LOAD of pages on various Linux Cell Phones (Android and not) while figuring out what platform makes an equivalently secure platform, but perhaps a bit more mobile (and looking less like a PC Card plus plastic spaghetti and a bit more like a common pocket device…) Eventually there ought to be a “better way” down that path. It might be as simple as just reading up on the security level on Ubuntu and assuring that a removable data chip and encryption can be supported.

We’ll see.

Anyone else who wants to “Dig Here!” and make suggestions, feel free to start “hitting the links”!

Subscribe to feed


About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in Tech Bits and tagged , , , , . Bookmark the permalink.

64 Responses to Linux, Phones, Disposible Systems

  1. Pascvaks says:

    Sounds pretty interesting. From the ‘little’ I’ve picked up when you go into this type of subject, and what you’ve said here, it sounds like in the next 10 years, or so, everything is going to be ‘connected’ and ‘sharing’ ‘everything’ (unless it’s some spook outfit, then, I guess, they’ll ‘share’ and ‘suck’ whatever they want from the WorldWideBloob. (Web may still apply, but Bloob seems closer to the mark;-)

  2. Kevinm says:

    As of 2010, and things change fast I understand, most of the smart phones were using custom ASICs, not what most people would consider a processor chip… Like Xilinx, not like Intel. Higher development cost and cheaper unit cost, spread over millions of handsets.

  3. E.M.Smith says:


    Many phones use the ARM chip or a Texas Instrument processor that are decent CPUs. The custom ASICs tend to be for the more custom functions. There is a surprisingly familiar set of “stuff” under the skin of a lot of the phones. See the link on a DIY phone where the “phone” part comes in one package and all the human interface part comes from a general purpose processor. That tends to be common. Especially in ‘smart phones’ where styles and software change with the web…

    Only need a couple of them to be that way, but there are lots…


    My concern is just that the rate at which both governmental and non-governmental spies and hackers are making “progress”, the one party with no protections is the Home User. I’m just looking to how to lock down “my stuff” against anyone uninvited. It’s just taking more radical solutions than before…


    Nice find! Like the added USB and mini-SD support built in.

  4. p.g.sharrow says:

    @EMSmith; Glad to see you found something to do today. This may turn into something very useful, But may take me some time to digest all the links. pg

  5. p.g.sharrow says:

    Might be useful to use smartphone for IO to “box” connected by RF or USB that does the encode/decode. RF would work near by, USB would need some kind direct connection. Most any smartphone would work. RF would pose some security risk.
    Somehow, I feel that some where out there this wheel has already been invented. pg

  6. E.M.Smith says:


    I suspect, too, that in the Linux Community someone is doing or has done the same thing. That’s why I stated that the search time would result in lower implementation time… Every long time Sysadmin out there will be thinking the same security things, so parts of it at least will be already done…

    Per “wireless” on idea that already occurred to me was to use one cell phone as a ‘Router / Firewall” to do all the connectivity and security stuff, then have it use Bluetooth to talk to a second one that is the personal workstation / communications station. That lets you isolate the security wall from what is being secured and lets you have the device that is ID’d as on the network being NOT the one you are using… (and lets one be in the bag at the next table over ;-)

    I don’t know enough about the cell communications protocols, but they are based on packet radio, and hams were doing “relay” for a very long time. In theory one could code up some trick cell communications such that one phone could ‘call’ another nearby (skipping the tower) and then use the second one to connect on out (either via the cell tower or via a USB / ethernet dongle.) The wireless link gets the contents encrypted, so yes, folks can capture it (if they are very close or have a VERY large antenna … but it doesn’t do much good for them.

    Interesting little ideas just rattling around ;-)

  7. p.g.sharrow says:

    Idea “rattling” is a good step, generally costs little and can save a great deal later.
    Cellphones and towers hand shake to establish the link with the closest and strongest available signal. Very close equals strong signal. Therefore the “box” needs to appear to be the tower that captures the cellphones’ attention. This might let any smart cell phone to be used as IO to the “box” and the “box” not be in sight. pg

  8. Petrossa says:

    It seems a bit of a time consuming hobby. To make android work they had to adapt linux’s memory management quite a lot, the Dalvik. So in order to make standard linux work you’d have to rewrite that again.

    I’d just go for modifying android. The worst is done, it’s open source, there are already countless modified roms avaliable for all kinds of phones and tablets. And as you say, it still is linux. Anyone who knows linux can handle android.

  9. Chuckles says:

    Social commentary

  10. tckev says:

    A site that has often been ahead of the game of what is new in the mobile/cellphone industry is at

    I often have a browse through it to ‘catch-up’.

  11. gallopingcamel says:

    Back in the mid sixties I was chief engineer of a company producing telephones. Many of the British phones produced around that time were designed by my team. Most of my patents date from that job. If someone, back then, had suggested that phones should take pictures and run computer “Apps” I would have considered them deranged.

    My kids all have iPhones but the next time an “upgrade” becomes available I plan to get a comparable phone if only to try running Ubuntu (my favorite operating system) on it.

  12. p.g.sharrow says:

    I appears to me that modern “smart” phones are real computers that can “call home” as well as do many other things, if they can be freed from their built in inhibitions. ;-) pg

  13. E.M.Smith says:

    Well, the RaspberryPi is still saying “Shipping in quantity soon” with one vendor saying “sold out” and the other saying July 5th for sure….

    The BeagleBoard is more available, but less capable for the one that was available from Amazon. Still may get one next week if the RaspberryPi continues to unobtanium…

    The ACP George pointed to is also unobtanium with a Real Soon Now this month ship date… maybe…

    And the Arduino is a great low power controller that is not enough for a general purpose box.


    I did run into a canonical listing of “embedded Linux boards” that look marginally usable, but also long on wired communication via solder and lots of pins and short on network / wireless and support for standard PC peripherals. Dozen and dozens…

    looking at only ONE of the links-by-type it listed was great fun, but so many of them…

    The “gumstick” form factor could be fun ;-)

    But along the way, I ran into a site that looks to be aimed at the rugged / mil type market. Lots of interesting gadgets.

    Including a Linux based radio repeater / router with encryption built in. Haven’t had time to look up the licensing needed ( or if it’s a more wide open chunk of spectrum… looks like the old TV bands being reused for telecom). But for someone living in a hole with not quite line of site to a friend with higher speed, it would provide a nice solution ( assuming licensing was not a problem and the friend is agreeable):

    November 3, 2011 – RACOM releases RipEX radio modem. This Software Defined Radio with Linux OS allows data transmission speeds of up to 83 kbps in the 25 kHz channel in the 140 – 960 MHz bands. Software-configurable are also 12.5 or 6.25 kHz channels with maximum data rates of 42 and 21 kbps respectively. The user ports available include 2 COMs, Ethernet, USB for service access as well as an integrated GPS option. Industrial strength rugged die-cast aluminium casing and military to industrial grade components, as well an operating temperature range from -40 to +70 °C (-40 to 158 °F) .

    Thanks to its exceptional sensitivity (-98 dBm / 83 kbps / 25 kHz / BER 10e-6) and output power up to 10W, connections can be maintained over distances in excess of 50 km without line-of-sight visibility. Any unit can work simultaneously as a repeater and in addition any IP network (WLAN, Internet, etc.) can interconnect RipEX units.

    RipEX is a native IP device with 2 interfaces (Radio and Ethernet) and a 2 COM port devices, capable of either Router or Bridge operating modes. A sophisticated anti-collision protocol is implemented on the Radio channel, so that simultaneous multi-master polling and report by exception is available.

    RipEX comes complete with implementation of SCADA serial protocols (Modbus, IEC-101, DF1, Profibus etc.) where each packet is transferred as an acknowledged unicast with CRC32 data integrity control. For IP and serial communications, up to 5 terminal servers are available as well as a Modbus RTU / Modbus TCP convertor. User data can be encrypted using AES256.

    RipEX comes with a web interface and multi-level documentation (balloon tips, on-line help, user manual, application notes), so anybody with basic IP knowledge can start up RipEX in just a few minutes. Other features include embedded diagnostics (statistic, historical graphs etc.), network management, HW alarm input and output, SNMP including generation of TRAP alarms when preset, all of which make network maintenance quite easy.

    SW authorization keys allow a user to add advance features (Router mode, 83 kbps, COM2, 10W) as needed.

    RipEX is suited to all SCADA and telemetric application such as the generation and distribution of Electricity, Water, Oil & Gas, for Smart grid, Windmills etc

    If it can be used for windmill communications and water meters, the communications licensing can’t be that bad… And 50 km without line of site is a decent enough range to get out of a hole and over a hill.

    Look like things have improved from back when some folks I knew up on a hill had to canibalize 802.11 PCM-CIA cards to put them in old tin cans and make line of site links to get higher speed connections “up the hill” from neighbor to neighbor.

    Yes, it’s only 83 kbps but that’s about 1.5 x the standard 56 kbs modem over a long phone line… or the long latency of a satellite jump. Don’t know the price, either, but with a Linux router in front of it you could likely strap a couple of them in parallel for more throughput.

    Neat toy, anyway…

    Back to pondering hardware specs and delivery schedules and just what “Linux Supported” really means on any given device…

    Oh, a long list of interesting hardware from that industrial strength vendor:

    for anyone with a hardware fixation ;-)


    There are many folks who publish “unlock hacks” for various phones. It depends a lot on the phone. Most have displays too limited for general usability, but the newer ones are aimed at the “Data Package” users so have decent visual hardware.

    They typically do not support the home standard networks ( such as ethernet via cable) nor things like plug in keyboards / displays; but usually have very good cell phone / bluetooth support and hardware. (Unfortunately, unless you set up your own cell phone base station that isn’t all that useful…. Hmmm…. wonder how hard it is to set up a cell base station … ;-)

    The newer Android Tablet phones cure most of that with the ability to hope on a local WiFi hot spot and decent displays. (Not that one in the article that snuggles up to a monitor and keyboard and becomes a computer…) For them, the issue becomes “How well did THEY lock down the various security holes and how paranoid were they about NOT keeping things like cookies and scratch files laying about…” Usually not very well.


    For Ubuntu, get an Android (like the one in the article that comes with it already ;-)

    The iPhone will be locked up tight and hard to get into, but it looks like you can:

    @Chuckles: Chuckle ;-)


    Part of why I’m more interested in a strait “intended to be a PC” generic card for “step on”. Much less software hacking than Android and specialized hardware… But as a “round two”, they look interesting. Especially in about 9 months when this batch of hardware is being obsoleted by the next fad and available near free ;-)


    Thanks, I’ll take a look.

  14. p.g.sharrow says:

    A generic based design is best, as will be the most versatile for proof of concept as well as changes in design. That idea of faking a cell repeater looks interesting. In the long run getting familiar with a work horse generic SBC will be a good thing, so look in that direction. An extra few dollars may be well spent. pg

  15. E.M.Smith says:

    Looks like some folks have been busy making “secure Linux telephony” over IP. “Gizmo” looked like a widely used alternative to Skype with built in encryption but see below. Twinkle (that I’ve not looked into very much yet) lists a feature of direct site to site without any ‘exchange’ in the middle and looks like the better survivor.

    Google decided to snarf up Gizmo and kill it. Details in the wiki:

    That’s the problem with semiproprietary solutions… Linux is best with truly open software solutions where they can not be bought and killed by proprietary interests….

    Also looks like Zimmerman (who gave us PGP encryption and P.O.’d the government) has an application that does way over the top (a good thing) encryption on IP phone calls. In an early release evaluation it looks like it worked pretty well, but with a couple of start up glitches that are likely gone by now (several years later).

    So as a ‘first look’, putting up Twinkle as built-in on the “disposable system” chip perhaps enhanced with Zfone for extra secure calls, would let folks make encrypted calls in a secure way over IP. Encryption keys could be stored on the also encrypted “user file system” so if the plug is pulled, the encryption keys are unavailable (so recorded bit streams can’t be decrypted later by capturing the users encryption key off of the system).

    An interesting article, if a bit old, about encryption and phone calls:

    It also looks like Zfone has been accepted and turned into a new name:

    So “Twinkle and ZRTP”… Though I need to do a bit more to make sure there isn’t something better. This solution will be far better than Skype (that uses an unpublished encryption method, so could have hidden ‘back doors’ in it for ‘agencies’ and means that the errors and holes in it have not been worked over either. The method has reportedly been cracked per one article.)

    So my “base case” so far is a Single Board Computer, Linux on an SD card, user space on a USB “dongle” or via network (that might be wireless) and as an encrypted bag of bits (only decrypted on-board the system). Twinkle as the probable phone system and ZRTP encryption.

    At that point you ought to be able to have a very well encrypted phone call via IP, site to site (so no central place to ‘tap’ it) and with “man in the middle” protection against spoofing. Someone knocks on the door, pull the power plug or pop the USB dongle, and it all becomes useless bags of bits. Individual documents can be encrypted (several methods) and shipped between cooperating users by several means (from email to ftp to …) over a private VPN (also an encrypted tunnel) if desired. So under a couple of levels of encryption when in transit.

    So that’s the base feature set.

    I’ll be doing a bit more looking at alternative phone systems ( “look aside check on decision”) and picking some particular VPN and file encryption choices; but the basic structure is as above until a better alternative pops up.


    That ‘repeater’ is a generic data repeater. Looks like it is being sold to data collection users like operators of distributed equipment. Making a “Home User Cell Tower” looks like a fun project, but likely a bit more work than desired… Or maybe not. Haven’t looked. (Might be as easy as taking an Android phone and turning on an ‘accept call from anyone and relay’ hack…)

    I expect that in about 6 months to a year a load of “old” Android phones will start being available cheap, and that’s likely a good time to look at phone hacking ;-)

    For now, it’s an SBC of some sort…

  16. E.M.Smith says:

    A bit pricey, but looks like an open software kit Cellular Base Station can be had for a bit under $5k as a package. Less if you port the open software to your own software defined radio SDR…

    The second link is the open software link. says they used it at Burning Man in 2008 and it worked…

    Has a much smaller SDR (but you would need to supply the software port).

    Still in the $4500 range. Someone is raking in the dough…

    And there are commercial ‘femto cell’ base stations:

    Some of the commercial products not vetted enough for security, though… They need to make development samples available for free to the Hacker Community to find these things ;-)

    Looks like the Vodafone product is 50 Pounds Sterling, so pretty cheap. Could be fun to get a couple of them, hack ’em, and set up your own local cell phone system ;-) If it’s just you and a few friends in the neighborhood, you get a nice private system for cheap. Backhaul out the IP line and you encrypt the backhaul to a fellow group somewhere else. Nice.

    Just don’t use a regular Android Smart Phone on any normal network:

    A bit long and wandering, but it pretty much says: ‘Use a Smart Phone, run naked through the Google Lobby and you would have more privacy…’

    But it looks like there’s an App for that ;-)

    Where the reviewer above found their Red Phone product was secure.

    Free download too…

    So it looks like if an Android base were used, a fair amount of “locking down” would be needed to get it to stop being so chatty and leaking information…. I would expect the same will be found about any other “Smart Phone” since they all want to share a lot of information to generate ad revenue and such.


    Looks like starting with a bare board and stripped / secured Linux is the only way to get known security “out of the box”.

  17. p.g.sharrow says:

    Spent the evening reading all the above links. I agree. pg

  18. adolfogiurfa says:

    What about a VLF net?…just wondering

  19. E.M.Smith says:

    God I love the Linux Community….

    So I’m thinking I need to “lock down” a nice Linux release and make sure it will run from read-only media while leaving nothing on storage (disk, USB) unless requested…. AND teach it to be an anonymiser by default that that would be a bit of work…. and while tryting to decide between TOR (The Onion Network – that has a few vulnurabilities but is very well tested) and I2P that is a bit better at hiding traffic patterns (it uses Garlic Routing: ) but is also younger and less well vetted…. I stumble on: or Tails

    The Amnesic Incognito Live System or Tails is a Linux distribution aimed at preserving privacy and anonymity. It is the next iteration of development on the Incognito Linux distribution. It is based on Debian, with all outgoing connections forced to go through Tor. The system is designed to be booted as a live CD or USB and no trace is left on local storage unless explicitly told to.

    Still at ‘fractional release levels’ so likely not finished yet; but based on Debian and likely has all the basic function working OK.

    So a simple BeagleBoard or RaspberryPi, with Tails on the SD card (and it locked), private data on a USB drive in an encrypted bucket (only decrypted inside the system board) behind a simple NAT router. Any loss of power or unplug of the USB dongle and it just doesn’t have much to say about you at all…. Anyone doing traffic analysis on the in / out traffic doesn’t get much, and the traffic is largely encrypted anyway. Eventually a similar thing with I2P would likely be a bit better, but this would be “good enough” for most things “out of the box”.

    Along the way, ran into some tools folks are building to make their Cell Phones a bit less “leaky”…

    From the bottom of the Tor wiki:

    * The main implementation of Tor is written in the C programming language and consists of roughly 146,000 lines of source code.
    * Vuze (formerly Azureus), a BitTorrent client written in Java, includes built-in Tor support.
    * Routers with built-in hardware support for Tor are currently under development through the Torouter project. The code is currently in the alpha phase of development, and runs on top of the OpenWrt platform.
    * The Guardian Project is actively developing a free and open-source suite of application programs and firmware for the Android platform to help make mobile communications more secure. The applications include: Gibberbot — a secure, no-logging, instant messaging client that uses OTR encryption; Orbot — a Tor implementation for Android; Orweb — a privacy-enhanced mobile browser; ProxyMob — a Firefox add-on that helps manage the HTTP, SOCKS, and SSL proxy settings for integration with Orbot; and Secure Smart Cam — a set of privacy enhancing tools that offers encryption of stored images, face detection and blurring, and secure remote sync of media over slow networks.

    Looks like I’m not the only old SysAdmin who thinks the current crop of Smart Phones are indistinguishable from an ankle GPS tracking device that spies on you and sends your “private” information all over hell and gone. ( Name, location, preferences, contacts, and so much more are widely sent… You are tagged, bagged, and tracked in every thing you go. Google does it more than most, but only just…. Do NOT use Chrome or Google if you care at all about privacy.)


    ELF ( 3 Hz – 300 Hz) / VLF ( 3 kHz- 30 kHz) is very good for getting over mountains, into valleys, and even underwater. But… the data rate is very low. Data rate is inverse with frequency. The VLF range is also pretty saturated already (and by folks like navigation and time standards and military / submarine users… the kind of folks who get cranky if a new user comes along and starts causing unlicensed interference…. not a good idea if you want to be secure and anonymous… and not in jail…)

    Easier to get decent bandwidth in one of the higher frequency open chunks of bandwidth. Some are expected to be a ‘free for all’ and using a spread spectrum / frequency hopper with encrypted content would be very hard to “listen in” while not getting a lot of attention…

    Only downside is “over the hill” doesn’t work so well. Need a “friend” on the hilltop… (but can be a fairly small package with long lived batteries and / or solar panel tied to the top of a tree ;-)

    All this latest step has me sprouting a ‘side project’. Setting up an ‘anonymizer SBC box’.

    Since I like having a NAT (Network Address Translation) firewall / router between me and the internet anyway; having one that also is an client to the various Anonymizer Nets has the “feature” of providing traffic that messes up attempts at contact tracing and traffic analysis (while ‘being a good neighbor’ and supporting the Anonymity Movement…) As this would likely be just the same SBC and similar Linux software ‘on a chip’ (likely a strait download / install w/o need to customize much) it would be a very simple thing to do (if not already done… more DuckDuckGo time ;-)

    Even if you are on the end of a very slow link (so would not want the added traffic) you can set one up at a friends place and make it your first “stopping off place” on outgoing links. That way all traffic analysis ever shows is “you talk to them”. Pretty useless. Especially if “them” happens to be a rented slot in a cage at an ISP / Colocation site… Need to price a 1 U rack rental and T1 bandwidth at a cheap Colo Vendor ;-)

    You know, I really like the Security Biz… I think I would have enjoyed being a spook ( other than that whole getting killed or spending life in prison if caught part ;-)

    At any rate, looking like many of the parts already exist, even if they are a bit “new” ( like RaspberryPi and fractional release operating systems…. )

    At this point, it looks like “Order one of each as soon as possible” and if one turns out to be a bit unsatisfactory for the System card, it can become the Router project….

    Looked A BeagleBoard Linux install. Talk about “old school”… you start with making an RS-232 connector cable to hook up a terminal server / monitor…. The boot only understands FAT file systems, so you make 2 partitions on the SD card, one FAT for the boot partition and the other for the rest of the OS ( EXT2 or whatever). A bit “clunky” IMHO but workable.

    Probably a couple of more days of looking in more depth at the ports already running on various SBCs and pondering before tossing money at it. But I’m getting that “close enough to an answer to start hacking on it” feeling ;-)

  20. p.g.sharrow says:

    I see “tails” has requirements: “Tails requires an x86 compatible processor: IBM PC compatible and others but not PowerPC nor ARM.” pg

  21. adolfogiurfa says:

    @E.M.: Data rate is inverse with frequency.
    Perhaps you meant the opposite: The lower the frequency the lower the data (information) rate per time unit. This applies also to every data acquisition in the universe: If we want data, information, knowledge, we need higher frequencies. But not only frequencies but amount of energy. Thus low frequencies can be compensated by using higher energy levels.

  22. E.M.Smith says:


    Sorry, I used bad English…. What I meant to be saying is “Data rate decreases with lower frequencies”

  23. E.M.Smith says:

    @P.G. Sharrow:

    Yes, either port it to ARM (likely not very hard. Get an ARM Kernal and recompile it… I doubt they had to do any kernel hacks, so it ought to all just be applications recompiles… but likely need to port / integrate the device drivers) or diff their source code vs mainline of an ARM release and retrofit their security enhancements into the other release.

    Standard “merge” of code base kind of stuff. Likely a lot more work than I’d want right now; but you don’t know until you look closely if it will be a peace of cake, or a long unending nightmare…

    Unfortunately, writing / porting code is non-deterministic in complexity. (Rather like weather and climate modeling ;-) and you just don’t know until you get into it just what will be found.

    I once had 3 data base systems ported to a new (alien to them) environment. Each completed the port in about a day. I’ve also had working code blow up in final test and take a week+ to patch around the problem…

    Right now I’m still looking at some ARM goodies (like a cute little media box: that is a new acronym for me HTPC Home Theatre PC) as potential interesting toys to have, but probably not the Gen One disposable system…

    Is an interesting gizmo that looks to let you share your home files over the internet via a URL at their website. Some reviews at Amazon were “less than stellar” and I’m not fond of having me registered at places, but still, it’s an interesting device.

    So at some point I’ll likely get something like that (or a RaspberryPi / Beagleboard / Pandaboard /) as a toy for future stuff. (The very low power and no fan of the ARM means you could stick one of these in a socket in the garage behind a box and the odds of anyone finding it approach nil. Heck, put a fake power cord from it to a drill laying on the workbench and folks would just figure it for a wall wart power adapter… Some of them have wireless built in, so no wire needed into the house to get data access.)

    At any rate, as a “personal server” hidden in the woodwork somewhere, one of these is interesting. But software is a bit “young” and the ones that are not yet shipping tend to be sold out… So it is an area that will eventually stabilize, but a bit “rough” right now.

    Also, while I did find a port of Open Office 1.1 listed as done to the ARM, I didn’t find a current port. Don’t know if I didn’t look hard enough, or if it just got done once, then died. But for a general purpose box, it really wants an Office App… So for now it looks like x86 is it. (Despite there being something like 15 Billion ARM chips shipped… and them being in things from iPhones and iPads to Android phones to …

    At any rate, I’ve gone back to drudging my way through all the x86 variations looking for something as attractive as the ARM boards. ( Most of them are “embedded system” boards bristling with pins and wire pads, cards with edge connectors, or worse. Few are “real world connector” rich and lacking a fan… then you get to check Linux device driver compatibility… and does it have an SD slot and USB connector boot support and…)

    But it is better to spend time “shopping” and imagining the assembly / boot process prior to buying than to buy and then read the specs / limitations…

  24. p.g.sharrow says:

    @EMSmith You have lots of time. The end of the world isn’t until late December. ;-)
    Getting the needed “real world connectors” on the board might be tough, depends on the pinouts available and support built in. Hard to believe someone has not solved this problem in a smart controller.
    When I started speculating on mass/inertia control, I examined many different ways to do the job and discussed it with an old friend. After several years my friend suggested that I start building a device to test my theories. After several months construction I tested the device. It blew up and I had to start over with creating a new design and then the present construction. It is now 15 years later and soon I will be able to test the new designs. The old design was premature and not done as well as needed for the energies involved. A good education but a waste of time and money. Sometimes thinking is cheaper then doing but doing is the way to results. Wisdom is in the choosing. pg

  25. p.g.sharrow says:

    @EMSmith: Rereading your comment it flashed in my mind that I have seen a wall plug mounted computer with other connectors for IO. Kind of looked like a large wall wart. IIRC my son brought it to my attention a few months ago. I must go hunting! pg

  26. E.M.Smith says:

    There are several “wall wart” computers (one in the link above). But as you noted, the art is in the choosing… (along with the wisdom)…

    I’m usually pretty good about trying / studying balance. We’ll see…

    BTW, posting this form the TorBrowser. Just did a download and install. Seems to work OK (though a bit more latency… not surprising as supposedly my packets get routed over The Onion Network all over before popping out again… Seems you don’t have to do the whole “Tails” thing to get some of the anonymity bits. (Though I have to sign on to my site to post…)

  27. p.g.sharrow says:

    AH! found it;
    “Globalscale’s DreamPlug: your hard earned $150 will get you a 1.2GHz Marvell Sheeva ARM processor, 512MB of DDR 2 (800MHz) RAM, 1GB storage, not one but two gigabit ethernet ports, two USB 2.0 ports, an eSATA 2.0 port, SD card slot, Wi-Fi b/g, Bluetooth, and a headphone jack. And it all sits in the plug itself! And it draws a scant five watts of power”
    Only took 4 hours to find where I put this. pg

  28. E.M.Smith says:


    There are many like it. Some down in the below $99 range with similar specs ( usually less ethernet stuff).

    FWIW, today was sucked down trying an interesting alternative. VirtualBox (was Sun, now Oracle) for a virtual machine, but with the image in a Truecrypt canister for the “disk”. Seems to work fairly well, though a tiny bit slow with small releases.

    I was going to post this comment here, from Ubuntu inside a Virtual Machine inside a crypt file… but it was a bit too slow and then Ubuntu lost it’s network connection and couldn’t get it back. ( Knoppix had neither problem, but the browser was a pain…. only Chrome available.)

    I’ve had that problem with various Linux releases before. Configured just fine, then they blow their network config for unknown reasons. ( I think it is an interaction between the various “auto configuration” bits and the basically static manual config base layer… I’ve usually fixed it by a manual “just nail the network down”; but don’t know what to set it to for a virtual machine…)

    At any rate, as I think Ubuntu is a bit of a pig anyway, and the V.M. wants a small fast Linux, I’m going to just toss Ubuntu and move on. ( I had told it NOT to download anything during the install, but it insists on being very talkative on the internet and downloaded a bunch of stuff anyway… I rather like my CD ISO image installs to NOT tell the world about me and what I’m installing, even in a virtual machine…)

    I’ve also got a small Linux installed that’s to be a Firewall, but it isn’t configured yet. The idea is a firewall on one V.M. talking to a client on another V.M. neither of which can see “the real machine” where their config sits (and both inside an encrypted bucket).

    IF anything gets in, it can only break a disposable environment. (And it would be fairly hard to get in) and then you have the inner layer running TOR or similar anonymizing layers…

    Ought to make for an easy “Sandbox” to play in. Once things are shown reasonable in terms of software, then parts can be migrated out to real hardware. Like one of those ARM plugs as a firewall / NAT / TOR-Ports-Only enforcer and a different “box” or board as the client server (doing TOR apps or similar and with a disposable image load).

    For now, though, I’m a bit burnt on Linux for the day…

  29. p.g.sharrow says:

    @EMSmth: Interesting opinion on Ubuntu. I tried It a couple of years ago as a Linux GUI, was disappointed, That cowboy seemed to be all hat and boots and little else. But then I know little about working with Linux.
    I agree that in this case, minimum is the best. I suppose I need to set up a unit to learn on. I will have to get a “box/board” to learn on as I don’t want to risk this Dell XP until I know what I’m doing. Fighting “confusers” for long periods is wearing It always seemed to me that after days of little progress the damn thing would realize what I wanted to accomplish and everything would come together and work! F.M.. pg

  30. Petrossa says:

    Me too have Vbox installed with just about every version of Linux (even Android) and OSX i could lay my hands on for years now. Even tried Lindows, even paid for it.

    The sad conclusion is that it is still after all these years a specialist system to maintain. More often then not you have to adapt/write the drivers for your hardware yourself, the system API isn’t exactly rich and lacks the 30 years of R&D put into Windows.

    Android is however extremely adequate for phones and tablets, the latest versions can read/write even USB NFTS Harddrives. Also developing for it is much easier then for bare Linux due tot the Android SDK.

    I wouldn’t want Android on a pc however. There it has the same shortcomings as any other Linux version.

  31. E.M.Smith says:

    Well, this comment is being posted from a DSLinux (Damn Small Linux ) BBC (Bootable Business Card) iso image that is being run inside a virtual machine ( VirtualBox) on a PC laptop. The iso image and the associated file system both reside in a 1 GB “disk” image on a USB micro-SD card. Other than needing to tell the DSLinux to use DHCP on the network card (to get DNS to work) it is basically ‘vanilla’.

    I didn’t leave enough room on the card for enough ‘snapshots’ of the v-machine, so I’m likely going to toss and re-do; but it generally is working fine. Fast enough and reasonable browser.

    Other than needing to get comfortable with just which window is “real” and which is virtual (for things like resizing or in this case, scrolling down to the comment box that was ‘off page’ but in which domain is it off page?…) it’s decent enough. The ‘magic sauce’ to get the window to scroll was making the Virtual Box window large enough to show the scroll bar on the right…so I could get to the scroll bar grab-button on the DSLinux window… so ‘expand the outer window scroll bar to scroll it down to where I could get the controlls of the inner DSL window scroll bars’… Sometimes it is a strange virtual world….

    At any rate, next stop is a 2 GB NTFS (as opposed to 1 GB FAT) trial. Then an encrypted one. Basically, finding out where the penalty load is too high. Virtualization isn’t it at this point (at least for this Linux release). Nor is the “stick” file system speed.

    I think the limits will turn out to be how the individual Linux release was built (what mem-size options were set to be, for example; piggy or frugal?) and what layers of encryption and non-disk disk options do to IO (as, then, amplified by paging to virtual disk on an encrypted File based File System on a USB stick on a (FAT vs NTFS) pc file system…

    My instinct is that the #1 thing is to avoid paging ( i.e. small memory foot print important in the Linux build) and #2 is the encryption load. We’ll see….


    I’m fairly impressed with VirtualBox. It is an Oracle product now. Free download from their Asite and doesn’t look to do anything risky to your base Windows machine.

    It is a lot easier way to play with Linux than doing an actual install on the hardware and does a very nice job of fixing little things like “no driver support for my screen”… as the screen Linux sees is a virtual driver and the one your MS Windows sees is the real one.

    Once I have a reasonable “script” laid out for doing a “Good enough to play with” Linux on V.M. I’ll post details. Not seeing a need to buy hardware just yet. (Though a “crap” PC can usually be picked up off Craigslist for $40 or so; so if you are really worried, that’s what I’d do. Linux is able to run in anything from 128 MB for recent “small” releases (old ones down to 8 MB text or 32 MB X-Windows) up to 1 GB for recent “fat bloated” releases. A 700 MHz / 1 GB box with a 20 GB hard disk is “overkill” for most Linux releases unless you want to be a hard core multimedia box or do gaming development… My “Standard Linux” used for GIStemp was a 400 MHz AMD chip with 128 MB of memory, for example…

    At any rate, the general direction I’m going is this:

    1) The “base” hardware / software platform must be secure or you are just wasting your time as the higher levels will still be subject to key loggers et. al. in the base system. So it will eventually be a “system on a board” with the “OS on a locked chip”. Every boot up is pristine by definition. Any weakness must be exploited anew and no ‘wares’ can be left behind.

    2) Harden the OS on that chip over time. (Ongoing as new exploits or weaknesses are found).

    3) Bring up a virutal machine on top of that OS. This image from an encrypted storage medium. User data space also encrypted. (Probably two bits of media so individual ‘write lock’ tabs can be set). This OS only works through the base layer. (In that way, it never sees things like local Wi-Fi hotspots, so can’t tattle on you about things like location via what WiFi it sees…) As the virtual machine can have the MAC address mutated at will, you can mask all of: MAC address, IP Address, WiFi beacons, OS type, Hardware identifiers. All that is visible to the outside is a Generic OS on a Generic Hardware (and you can change the OS at will). ONLY when you wish to save some information ( like save a set of bookmarks or save some “cookie” or downloaded files) do you unlock your data store write protect and / or open the encrypted container. Put stuff in, and then umount .

    This does still let the actual MAC address and actual IP of the base hardware be visible to the world (as it is your “router) to them) but by using a USB “Dongle” the MAC address can be “disposable” without needing to trust software. If you are using a WiFi hotspot AND the base layer is hacked, then your location via WiFi beacons can be found. (Eventually I’d add a VPN to a “trusted site” as the only thing the base layer does, so even that is fuzzed. Someone sees your address as somewhere else entirely… I was thinking of using TOR for this, but that that IP I got was tagged as SPAM makes that “usable but limited”. It can still be an option, for things like vanilla anonymous browsing, just not as useful for things like postings… )

    A Sidebar Project that looks interesting is to make a “system on a wall wart” that has a cheap (i.e. RaspberryPi $25 cheap) system in it, and a WiFi dongle. One that could be plugged into the power outlet at, say, a Starbucks and left. It connects to their WiFi and you connect to it via VPN. Now you appear to be the wall wart at Starbucks when really you are God Only Knows where… Worst case, someone steals it or trashes it and you are out $40 or so… But that’s for the Hard Core Armageddon Release ;-) Basically, your own “TOR” exit node that only you and friends get to use…

    At any rate, once the base level is secured and the “firewall router” is secured (be it at your own site or via clandestine wall wart) then your “identity system” being disposable / resetable and either Virtual or a wall wart of its own becomes just frosting…

    I can’t guarantee that such a layered system is not crackable, but it does make it very hard to do and more importantly, each launch starts fresh and requires a new attack sequence. So if you ‘click on a link’ that puts a root kit in your OS or a key logger on your Virtual Machine or just tries to infest your files with a virus; it’s all gone on one reboot. The only persistent exposure I can see is if you have an encrypted file system left open, then things in it can get virus software inserted. It would be a “good idea” to periodically run antivirus software over any such ‘often open’ file storage media (but that can be done on another system that is never connected to the internet or any network for that matter…)


    Well, I’m a Unix Guy from way back; so I guess I AM a “specialist” and do know how to do the ‘maintenance’ it wants.

    At any rate, the usabilty for non-specialists has gone up a lot. Open Office and decent browsers have pretty much taken care of that. So if a “specialist” builds a distribution with the right kit in it, then you have what you want.

    That is, basically, what I’m doing here. Trying to make a “provably secure” average user system that is robust to attack (even if it fails to keep them out, the next reboot and they are gone) and relatively robust to information leakage. ( Where things like Android on a tablet are DESIGNED by Google to ship out every scrap of information about you that Google can suck up…) For that kind of thing, Linux is better than Windows. Windows makes ‘reinstall’ a royal PITA, doesn’t want to run from a “live file system CD image” and is a great Tattle Tale aways running off to Microsoft for all sorts of things.

    At any rate, time for me to get back to work on the next step.

  32. E.M.Smith says:

    Well. This is interesting…

    SLAX Linux is much more the “theme” I like, but the browser is just way slow. I’m typing about a sentence ahead of what is displaying.
    The MS network monitoring shows not much happening.

    CPU use is much higher. Two CPUs show significant action most of the time, and two others have sporadic activity. The “top” command inside Slax shows 80% to 90% CPU used just to have the browser open and “top” running.

    Much as I like the look of it (retro – clean look; not a lot of glitz) it is clearly compiled to run a lot of something by default. Doing a “ps -aux” shows that FireFox is sucking down a steady 75% or so of the CPU (virtual CPU) Looks to me like a loop / bug in this FireFox…

    Al well, maybe I’ll try installing a different one… “someday”…

  33. adolfogiurfa says:

    @E.M.: Are you simulating a micro-chip OS for the “New World Order Inc.”? :-)

  34. p.g.sharrow says:

    @Adolfo; SHhhhhh……… pg

  35. E.M.Smith says:


    I’ve basically come to the conclusion that:

    1) Windows can not be made secure (and China is exploiting that, among others).
    2) Cell phones are BY DESIGN information leakers.
    3) It is up to me to make a secure platform from which I can post and such.
    4) I’m certainly not comfortable putting passwords into the same machine I use for random browsing.

    5) Multiple machine images are needed.
    6) They need to be demonstrably secure.
    7) They can not be based on Android or Microsoft.
    8) Security by “reset” and “read only system image” is demonstrably secure.


    I’m exploring what combination of virtualization and / or System On A Card give me a low cost “disposable” system that is relatively secure, isolates random web browsing from logging into my accounts (i.e. “money stuff”) and still has resonable performance at lowest cost.

    Oh, and letting the rest of the world know what I find so anyone worried about a “Tallbloke and the Constable” moment can just pull the plug and not care (then fire up the duplicate after they leave with a useless encrypted disposable system…)

    This posting from “Puppy” Linux running entirely in a Virtual Machine from an SD Card (but not from an encrypted filesystem).

    Still dog slow with 3 of 4 computer cores showing activity… I think FireFox is not the most efficient browser… It’s fine and fast until I fire up FireFox…

  36. j ferguson says:


  37. Petrossa says:

    EM, i am from that age too. I was talking about the masses. Lindows was a good effort to get linux to the desktop, i was a betatester for it i was that pleased by it. Windows is a bloated piece of crap, but it is nowadays very easy to install. At least, if my 83 yr old computer geek father can with the help of a Windows for dummies book, it must be.
    I’d hesitate hand him any kind of linux and expect the same result.

    AS shitty as it is, finally with w7 MS came up with something that actually works most of the time and is userfriendly. Could have had it already 30 years ago if they had continued with OS/2 but better late then never.

    I have a usb stick with a W7 install image on it, ploink it in, boot from USB and you are in business (some time later ;) ) with each and every common peripheral working out of the box no matter which pc.

    No linux i tried did that. But send me a copy of your version, always willing to change my mind

  38. adolfogiurfa says:

    @E.M. That would be a BIG success. As soon as you have one you could sell those virtual machines by the millions, for working with MS and Apple hardware, replacing the original system and booting immediately when pushing such SD card in the machine. Could it be possible?

  39. E.M.Smith says:


    From DSLinux (Damn Small Linux) FireFox is well behaved… Hmmm….

    For now, it’s going to be my “test system of choice”. Being only 50 MB and having fast performance with decent “look” to the browser, all while running in a virtual machine from an SD card.

    The page does “run off the bottom” so I need to adjust the default “screen” size (the Virtual Machine makes a window of about 1024 x 600 while the DSLinux thinks it has more like 1024 x 740 or some such. Scrolling an outer window to scroll an inner window gets old…

    As some of these that are not well behaved are also based on Debian, it looks like some kind of compile time options are likely the “issue”. Eventually I’ll try a straight Debian, now that I have an idea which build settings to model…

    Next will be a “comparative speed test” with the same install as this one, but from an encrypted block of bits on the SD card. ( I expect the card speed to be limiting in both cases and that the encryption will just take my CPU usage up a bit on the 2 cores that are not being involved in the emulation or running of the virtual machine… in other words, I’ll not notice anything… BUT, it will tell me the total CPU power needed from a single core so I can size the hardware for a dedicated “box” accordingly.

    Target architecture right now is a RaspberryPi class “firewall” box / anonymizer then a similar RaspberryPi class “User Space” where a locked SD card holds the OS (minmal) that boots and launches an encrypted virtual environment where “my stuff” happens. Three levels to break through on each boot up (so ought to give decent time to do things before it can be cracked) and opportunities to “instrument” each level with burglar alarms… Whole things “goes poof!” on a power fail and “my stuff” reverts to an encrypted “bag of bits”. As the Virtual space has configurable “MAC” address and the IP is a random ‘non-routing’ number it is functionally anonymous. The firewall / anonymizer can have a ‘dongle’ for a disposible ethernet identity ( if worried about some non-configurable MAC or related ‘fingerprints’) or can use the built in port. The hardware level of the “User Space” can also use a “dongle” if desired (though it is likely easier to just change any identity in software… but it can be easier and more certain to just “toss a dongle” than worry about having bits of configuration laying around…

    At any rate, the test I’m running now is only quasi-representative as the laptop is a quad-core Intel and the target hardware isn’t… but it does let me see where the walls are… (Oh! My Nose!!)

    FWIW, it does look like a ‘less paranoid’ and generally usable (if not provably secure) option of just running a Virtual Machine on a laptop with encrypted filesystem is “pretty good”. Yes, a key logger and screen scraper can see what you see (and can sneek in at the Windows level); but they can’t get the whole “hard disk” without getting inside the VMachine (well, they can get it, but only as encrypted bits… so if you don’t turn on the networking until after the encryption keys are loaded…. hmmm…. )

    At any rate, I’m taking a break from the “tech wonk” stuff for the rest of the day and going back to other topics. (On decent answer is worth a break ;-) Having loaded a half dozen variations of Linux to measure and observe what works well and what doesn’t, I’m ready to take a break….

    At some point I’ll have a Virtual Machine / Linux config on the laptop under Windows that’s pretty well configured as I like it. At that point, it’s a “better than nothing” for general use (so, for example, clicking on a web link that tries to shove tools onto your OS will ID you as Linux, not Windows, and shove the wrong stuff, then also find they are in “linux Jail” anyway… and on the next boot, it all goes “Poof!” anyway…

    So it would dramatically increase security over bare Windows, even if it isn’t completely secure. (i.e. if you EVER used the Windows layer on random web links, you could easily have a root kit and key logger on the box already… and then they can watch you type and “see what you see”. Pretty quick they would figure out you had a Virtual Machine running; and the expectation is that it would take them more than an hour or so to figure all this out and try to crack in. If the VM image is locked, then a simple reboot and even if they DID crack into it, the next boot and it’s fresh again. They ought to be tired of that pretty quick ;-) and it is unlikely to be an “issue” if you take a 1/2 hour to browse stuff at a StarBucks…

    At any rate, I’m off to the movies in a while and taking a “humanity break” from geek space ;-)

  40. E.M.Smith says:

    @J Ferguson:

    Anything from Google is going to be an information sponge. Yes, they advertize that they are better at protecting you from ‘malicious’ web sites… but leave out their ‘benign’ snooping.

    The top couple of a quick web search:

    Google Chrome gathering information on you | The Running …
    Preston Gralla wrote this article in Computerworld blogs talking about the every growing Google and the way it gathers information using the new Google Chrome browser. Lost in all … More results
    Privacy: How To Lock Down Google’s Chrome Browser – Tech …
    For those who are interested, here’s a link on customizing chrome. Final thoughts are that Google’s Chrome browser may be a good fit for many users, but given the subtle and sometimes aggressive data gathering tools built into the browser, there is a lot to be worried about in the area of user …

    Paying for Chrome with Personal Data | ACLU of Northern …
    Unfortunately, Chrome’s improvements, while alluring, come at a considerable cost in private information. Two data collection mechanisms, “Google Suggest” and usage statistics gathering, will collect massive amounts of data whenever we use the browser
    . Chrome does provide some options that give ……
    What will Google’s Chrome OS watch you do?
    | Webware – CNET
    With a system-level log-in, it could theoretically do this no matter what browser you’re using, giving Google a far richer set of data. Chrome browser–When Chrome was first released, Google got in some hot water over its terms of service, which stated that Google had the rights to …

    So Chrome? No thanks…. I’d rather have one where I can lock down the snooping, not open up more of it.

    Microsoft Internet Exploder leaks like a sieve and they want to be in the data snooping business too.

    Google has their whole business model based around violation of the idea of privacy and selling the information they gather.

    I’ll take the browser from the paranoid geeks who don’t make any money off of selling access to you and your habits…

    Published source code is best…

  41. p.g.sharrow says:

    @EMSmith; I see you are starting to get some of those loose ends tied together. It will be interesting to see just how minimal the internet access device you come up with that is also secure.
    I have been trying to convince my wife that she needs to use one box for the business only with no connection to the net and a separate box for internet work. Always “it is too inconvenient” is the main argument. Security is a pain in the rear, the results of no security can be much worse.
    More and more people are not pleased with the Goggle model and MS is pushing to lock up it’s OS to create a cash flow tollgate. It appears to me that governments wish to be accomplices to that end.
    I think that a small secure network that can work inside the communication system but not part of that system might be useful and wise. pg

  42. adolfogiurfa says:

    Why to fear of somebody or something to identify us or take our information if “they” indeed are much more identifiable :-) …even very easy to smell. That game is childish though it has had, in the past, very bad consequences : 50 million deaths in IIWW. plus all deaths in all those democratizing wars, all over the world. It´s the silly eagerness for power, but what for?, is anyone of them immortal?.

  43. E.M.Smith says:


    Well, there are criminal gangs doing exploits to empty bank accounts and make fraudulent charges.

    There are military gangs looking for ways to break things (like the Iranian centrifuges and the often described ‘open the valves’ on our dams… Were it up to me, no sensitive computer would have ANY internet connection. They just are not needed….)

    There are folks looking to run blackmail operations and all sorts of other criminal acts. (Some by governments).

    So, you see, it isn’t about “later” and living forever. It is about “living well” now on other peoples money or about power and control now.

    So lets say, for example, you invented a device to make more rain from an ‘electric tree’. Some governments might want to “keep you busy” and not promoting it, so you find you “have problems” with your on line transactions. Some criminals see you making money, so want to take it (electronically if possible). And some other “agency” doesn’t want you doing this at all, and also wants to find all the folks you have told (to stop them, too), so starts tracking all your communications.

    ALL of that kind of thing is going on right now in major quantity. Russia and China are very big in “the business” as is organized crime. Likely the USA government as well, though harder to spot. Then there are all the local police agencies…. Add in Google (who want to suck down every scrap of identity and personal information possible to profile and manage you) and all the “Google Wannabees”, and don’t forget the SPAMmers…

    So, you see, it’s a wild and hostile place “out there”.

    It is for those reasons that I’m building a “Belt and Suspenders” way to quietly and with relative peace and safety do web browsing, message passing, and basically live my electronic life without them in the way.

    BTW, I defy you to “identify” the thousands of nameless Chinese doing their data mining sweep of the internet. Or the Russian Mafia teams running money sucking scams. Or the members of the various TLAs (Three Letter Agencies) out there. We won’t even get into the question of the Mossade members and the Iranians… At most the variouis “teams” can be figured out from their styles, but beyond that it’s pretty opaque.

  44. j ferguson says:

    xxxterm? browser sans rodent.

  45. E.M.Smith says:

    Well…. Looks like I’m ploughing some already explored ground… There’s an already hardened small router box for Tor:

    Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM. For those not familiar with Tor, it is a system which allows the user to construct encrypted virtual tunnels which are randomly relayed between Tor servers (nodes) until the connection finally exits to its destination on the internet. The encryption and random relaying resist traffic analysis in that a malicious sniffer cannot easily discover where the traffic is coming from or what data it contains. While not perfect in its efforts to provide users with anonymity, Tor does help protect against unscrupulous companies, individuals or agencies from “watching us”. For more information, see the Tor official site.

    The usefulness of a RAM only environment for Tor became apparent to me when Janssen was arrested by the German police towards the end of July, 2007. (You can read the full story in a CNET article.) While the police did not seize the computer for whatever reasons, they certainly could have. More typically, it would have been taken for forensic analysis of the data on the drives. Of course, if the computer housing the Tor server has no drives, there can be no question that it is purely a network relaying device and that one should look elsewhere for the “goods”.

    Other advantages became clear:

    It is useful to operators that want all traces of the server to disappear on powerdown. This includes the private SSL keys which can be housed externally.
    The environment can be hardened in a manner specific to the limited needs of Tor.

    @J. Ferguson:

    Looks like xxxterm is being renamed xombrero:


    xombrero is a minimalists web browser. It strives to be vi-like for heavy keyboard users while maintaining traditional web browser behavior.

    Looks like it would be worth a look…

    Has the right “attitude” about security and privacy.

    From Wikipedia, the free encyclopedia
    (Redirected from Xxxterm)
    Jump to: navigation, search
    xombrero (formerly known as xxxterm) is an open-source web browser developed with a goal to be a lightweight yet secure replacement for full featured browsers like Firefox.[1] The browser has found a niche among minimalist browsers for heavy keyboard users by balancing minimalism with usability.

    Xombrero is based on Webkit engine[2] and provides an ability to control the cookies, plug-ins and JavaScript policies on per-website basis. The user can define the whitelists of trusted websites for each of those security risks.[3]

    xombrero was designed for experienced command-line interface users, so it includes the features typically requested by such an audience: mouseless browsing, no URL prefetch, vi-like user interface and navigation (including command mode), plain text file configuration, and link hinting.[4][5]

    An advertisement blocking feature is intentionally absent from xombrero. The authors recommend using the ad-filtering proxy AdSuck for such purpose.[1]

    So “doing the right things” generally…

  46. adolfogiurfa says:

    Better we wait for E.M.´s version.

  47. E.M.Smith says:

    Well…. And a company that specializes in making small boards that have all the interface bits you want for making various routers… Some with built in wireless as access points, some as ethernet hubs. Some as low as $40. (Scroll down toward the middle of the page…)

    One of their products is licensed as a point to point relay / router (and AP and end user node) and has a 22 ish dB transmit a -93 dB receive sensitivity at 6 Mbit and you can get a 32 dB parabolic antenna mount…. Things are much better now than back when folks were putting 802.11 pci board guts inside tin cans to get signals “down the hill” ;-)

    Click to access groove-a-5hn.pdf

    So looks like if you live on a hillside and can’t get service, you can point one of these at a friend who does have service and get a pretty decent link. Probably get your own wireless Access Point on the whole farm while at it… (If down in a hole, you would need one on the local hill top with line of site to a connection point, and then relay down to the hole…)

    But still, already outdoor weather rated, and with decent specs. Nice. (No idea on cost, though.)

    This article:

    shows one of their bare boards being set up to run a full Debian via a net boot.

    Which makes another interesting point. Setting up a “wall wart” read only file server would let the box actually doing the work have “not much” on it at all. Not even the OS. It would load from “out there” somewhere, and that could be a very long ways away (potentially even over the internet from a public file archive). Just have a boot loader and a decrypt key entry (if needed or desired). Unplug the box, you get really nothing. Capture the file server, you get an encrypted box of bits. In between, you have an encrypted tunnel… Going out, traffic hits the Tor network and entry / exit happens all over the globe…


  48. E.M.Smith says:


    I’d encourage folks to try things on their own too and not wait for me. As there is a ‘learning curve’ doing something is faster than just waiting as you build skill and experience. As “many hands make light work” having other ideas and eyes on the problem helps…

    On major open issue: Is “Tor” the best way to make traffic obscure, or are their other better anonimizer networks? For example, I’ve not done anything at all to look at Garlic Routing

    that mostly looks like Onion Routing but with “mixed streams”. (So your traffic stream doesn’t just hop from node to node, but at times gets blended into a river of other traffic and then sorted out at the other end…) The project for it ( I2P) looks very interesting, but it is noted as “Beta” status at present so “needs some work”:

    2P is beta software. Developers emphasize that there are likely to be bugs in the software and that there has been insufficient peer review to date. However, they believe the code is now reasonably stable and well-developed, and more exposure can help development of I2P.

    The network itself is strictly message-based (like IP), but there is a library available to allow reliable streaming communication on top of it (similar to TCP, although from version 0.6 there is a new UDP-based SSU transport). All communication is end-to-end encrypted (in total there are four layers of encryption used when sending a message), and even the end points (“destinations”) are cryptographic identifiers (essentially a pair of public keys), so that neither sender nor recipient of a message need to reveal their IP address to the other side or to third-party observers.

    Although many of the developers had been a part of the Invisible IRC Project (IIP) and Freenet communities, there are significant differences between their designs and concepts. IIP was an anonymous centralized IRC server. Freenet is a censorship-resistant distributed data store. I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, E-mail, IRC, file sharing, Web hosting and HTTP, Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).

    So on my “someday” list is to wander around I2P and IIP and just figure out “Is it working?” and “Is it better?” and then “How hard to make it ‘go’?”

    I just decided to do Tor first as it was more developed and likely more stable. (And likely “good enough” for anything I do.)

    So waiting is “OK” but some looking around and investigation makes things go faster ;-)

    As I see it, there are a couple of “levels” to the security process I’m envisioning. Any and all of them could “use some work”.

    1) Hardware level. To some extent this depends on what software is chosen as best. ARM boards are dirt cheap, but not shipping in quantity yet (for the low ends ones) and with limited versions of Linux available. The number of x86 boards is so large as to make searching them a job in itself… Targets are a “Firewall anonymizing router” and a “Base User core server” (on which a Virtual Machine can then be run if desired). Also a “wall wart” server that can be the repository of read only images. (I will likely make it first, as it is simplest. Just a wall wart that can do wireless networking and an SD card that it can ftp or nfs serve out. Oh, and a robust encryption suppored – TrueCrypt would be nice but others are OK too.)

    2) Software. Again the various services may be different OS distributions. Wall Wart can be one thing, stripped down to just file serving and encrypting. Firewall / anonymizer clearly a locked down dedicated minimal distribution (perhaps loaded from the Wall Wart). Then the workstation base is a locked down minimal services distribution that helps prevent things like key loggers getting installed. On that, the Virtual Machine is entirely disposable and reloaded from ROM / SD locked / Wall Wart each time anyway.

    3) Network Services: This is things like Tor or related. Encrypted file archives (perhaps in the “cloud” of public servers as an encrypted canister…) and boot servers. Which browser to use. What email server / client.

    At present I’m bouncing around a bit between all the layers, but anyone can take a bit of it and “jump in”. Tor Browser is supposedly locked down, but by definition uses the Tor network. Probably not going to work for things like postings on sites that toss users in the SPAM queue based on IP as some Tor users have been doing unsavory things (like SPAM) with some of those IPs… Is there a “better browser” that is also locked down for security but not tied to Tor? One with source code to inspect (and recompile) to assure no “Agency” back doors are in it?

    Is there a freely available public server that would have enough quality of service (QOS) to support net-boot over the internet?

    Can a netboot like that be secured so as to be both encrypted on the server and over the network and only being decrypted at the point of boot on the particular card in question? In ways that even a capture of the board and new power on at The Station would not work or open the bag of bits? (i.e. the need for a person to enter a key that isn’t stored on the box…)

    Is there already a ‘tiny linux’ that runs a virtual machine from a CD image or other ‘read only’ image type? One that is already looked down to tight security?

    There’s a lot of places to just start digging and seeing what’s out there…

    Then there is that whole question of just looking at the proposed system and saying: “How could I attack this?” Is there some exploit that can do a ‘man in the middle’ on a net boot and capture the box? Is there some exploit that can just hope on the open end of the pipe and, say, via a key click on a link in the browser, capture that system enough to gather data like actual location and actual IP (say, sending a Judas Goat signal to a target machine and doing the equivalent of a netstat -r that shows all the nodes along the way…) Then, for any found, how to prevent it? (Like, oh, removing netstat and other diagnostic / displaying tools; or pre-loading phoney ‘information’ – like a router table that claims to route out the CIA IP address ;-)

    So my “first cut” will undoubtedly be weak and subject to various exploits. It will just be a lot more secure than the “Microsoft out of the box with Internet Explorer or Chrome browser and Google or Bing! search engines” alternative…

    So waiting is OK, but some independent investigation doesn’t hurt…

    In a few days I’ll likely put up a new posting with a pointer to here and with “things I’ve found out” in summary. ( Like where to get a Tor browser and virtual machine downloads.)

  49. j ferguson says:

    xxxterm, 338 kB on disk. I wonder how many of us have seen anything that has a “k” in it in recent years. i tried it and it seems to work. maybe it won’t be as CPU consumptive as mozilla.

  50. j ferguson says:

    somehow i get the feeling that the Tor project is a letter agency honey pot. The hints that this might be the case abound.

  51. j ferguson says:

    I once had some exposure to a project directed to detection of specific types of signal in massive (MASSIVE) volumes of material in quasi real time, where the volume alone was overwhelming the proposed methods. Some of the problem was refining understanding of what a “signal” might look like, develop a family of signals, set up the monitoring system and then try to get the detections both useful and down to a number suitable for human inspection. The useful part was where the thing hung.

    Given and interest like this, what would be more obvious that hosting a system for the folks who think they need cover? Or maybe anonymity, to put a nicer name on it.

  52. Jason Calley says:

    @ j ferguson “Given and interest like this, what would be more obvious that hosting a system for the folks who think they need cover?”

    I think it was Lenin who said “The best way to control the opposition is to BE the opposition.” The first real-world example of this I ever saw was in the business world, but there are examples going back to at least the ancient Roman times. Always good to remember when listening to the news!

  53. j ferguson says:

    Jason Calley,
    I always liked the story that the guys in the US Communist Party always knew who the fed members were. They were the only ones who paid their dues.

    There’s a larger issue here which seems to be apprehension about some sort of inquisition showing up that will take actions of some sort against some of us. I worry, too, but not so much. I’ve found in the several times I’ve been discovered doing something that seemed sideways to some authority that there was collegiality among the highly intelligent. I make no such claim for myself other than having some skill at emulating intelligence.

    In both cases, what I had been caught doing was viewed as requiring punitive action by the lesser lights but on review and after discussion with a sharper associate were dismissed for the misguided pranks they actually were.

    It’s very difficult for me to imagine E.M., or any of the rest of us who’ve revealed some minimum of our activities here to cross the bow of the authorities, at least in terms of generating signals warranting attention that might actually be detected by some sort of monitoring.

    What is worrisome is the possibility that a really good internet monitoring system will be developed by the kind of guys we would like and turned over to the kind of guys we wouldn’t like. I always think of the Department of Homeland Security when I ponder the paradigms and protocols needed to support a vast surveillance system to be staffed and operated by the less intelligent. So equipped, that is exactly the type of organization which might sweep up some of us in the course of its services to the nation.

  54. j ferguson – That’s is a devious mind you have. Thanks for the heads-up. It makes sense for the “anonymiser” software to be supplied covertly by (or taken over by) the government so that it can really keep tracks on who wishes to be anonymous and who they are talking to. I have instead taken the option of not encrypting anything so as to be lost in the massive numbers of emails being sent every day, and hoping I don’t hit the trigger-words too often. I may have to re-think this option later on, but for now it seems to work – hide a tree in the forest.

  55. adolfogiurfa says:

    @J ferguson: As a principle any electronic, or, by extension, any electrical circuit can be detected. However you are right as we, adult and matured men and women, being the progeny of normal, healthy and working parents, do not need to participate in such a childish game of power/money grabbing, playing that “hide and find game”. Rome fell down without the help of anyone but by itself: It is the natural process of decaying and death. (Of course a bit helped by the stubborn quality of some barbaric tribes- mostly germans-who BTW will help to Euro to fall down-) :-)

  56. E.M.Smith says:

    I’ve taken down the “Flags” widget that gave the flags of the world for visitors. It was the cause of the very slow FireFox performance in some Virtual Machines. Seems that it has a ‘beacon’ in it from technorati that caused a script to not load right and hang on a DNS call to
    And I’d get to sit of a couple of minutes waiting for the failed script load to time out…

    First off, the widget at no time tells me the blog owner that it is going to run an advertizing beacon. But beyond that, it’s a bit of ‘eye candy’ that has outlived it’s usefulness.

    These folks had a similar experience:

    At any rate, it was useful, I suppose, to have the limited performance V.Machine kick this up…

    Now, back to testing…

  57. E.M.Smith says:

    Oh, one other thing this points up is the advantage of running your own caching DNS server. Then sites like those folks can just have their IP lookup fail and / or point at your own Web Server with a bland “connection blocked” display… I had one of these running at one time. I think I need to resurrect it…

  58. Petrossa says:

    EM, Vbox does have several switches for screen resolution. You can also just make it using HOST key + L, or full screen by HOST + F at which it takes your screen’s original resolution as reported by your monitor.

  59. E.M.Smith says:


    Thanks! I’ve been doing Virtual Machines since VM/ CMS… but learning each new one still takes time to find the good bits… So you’ve probably saved me many hours…

  60. Pingback: Prebuilt VirtualBox Images | Musings from the Chiefio

  61. SnaK3 says:

    hey man i would love to test some of your toys. i got a few gps handheldevs navigators but ya noe most of them have wince which sux. yet agan im yet to get my hands on a navi with wifi:-( most of them have bt
    anyway i recently found yerblog which is awesome. so lemme know if i can test some dsl embed for an sdcard obviously gonna encrypt after

Comments are closed.