- 1 Developer Page
- 1.1 Project Schedule
- 1.2 Things To Do
- 1.3 Documentation
- 1.4 Other Projects
- Set up process for taking apart stock XUbuntu image, making our changes, and rebuilding iso
- Set up security auditing proceedure which includes penetration testing with Nessus and checking file permissions.
Milestone 1: to be completed by January 1, 2009
- BASIC PLATFORM & TOR
- Functioning Base level Platform of ISXubuntu
- Tor is functional when booting ISXubuntu
- working with firewalls...
- Ad blocker
- Currently using Privoxy but Ad Block Plus may be better
- Privoxy doesn't block all ads - beyond the actual ad blocking it's necessary to block tracking of a users web activity through DNS requests.
- Customize Google to evade privacy-intrusive features of Google services
- Gmail S/MIME for encrypted Gmail
- Bugmenot to get around compulsory registration of websites
- On-screen keyboard to block keystroke loggers. Is this enough - what else can be done'?
Milestone 2: to be completed by March 1, 2009
- Set up process for building from scratch (something like what Incognito does with Catalyst)
- Currently OpenDNS is used to prevent DNS spoofing. When you attempt to go to a URL that doesn't exist you are redirected to a page of theirs. Disabling this requires setting up a free account with OpenDNS and having a static IP - or a domain name and registering with DynDNS. We need to discuss this further.
- OpenOffice word processor set to redact all revision history when saving files
- Encrypted persistent home directory using TrueCrypt*
- Encrypted swap space*
- Secure deletion of memory on shutdown*
- Enigmail for encrypted email with Thunderbird
- Spam and phishing protection
- Resolve flash drive issues (can we make the user's home directory read/write while leaving everthing else read only?)
- Pidgin IM client with OTR for encryption
Things To Do
We need to decide what secuirty issues we want to address, and what changes we will make to ISXUbuntu to address them
Presentation and Usability issues
What other changes do we want to make? Should we worry about boot time? Hardware compatibility? Ease of use for Windows users? What would we want to include on the CD in terms of artwork, video clips, etc. ? Do we want to include persistent user directories? What happens if we run this from a USB stick? Are all user settings now persistent?
We need to come up with processes for
- including software packages in the distro
- modifying the default user and system wide setting to our liking
- including our own content (do we make packages out of them?)
The documentation needs to be filled out
Other projects we can learn and borrow from:
- AnonymOS andOlive OpenBSD- live CD versions of OpenBSD - not active
- ParanoidLinux - a project that's still in the discussion stage
- Rubberhose - a steganographic filesystem, not an OS but some interesting concepts we could consider
- Incognito - very similar but based on KDE - farther along but a new developer took over at the beginning of the year then seems to have dropped the ball
- Mozilla Weave - active but in a very early stage of development. Additional privacy and security for Web 2.0
- Knoppix-3.2 MiB-11b Privacy Edition- if this were an active project ISXubuntu wouldn't be necessary - but it's not