Differences between revisions 44 and 45
Revision 44 as of 2014-02-10 11:04:27
Size: 12702
Editor: ?Mempo
Comment:
Revision 45 as of 2014-02-10 11:04:59
Size: 12701
Editor: ?Mempo
Comment:
Deletions are marked like this. Additions are marked like this.
Line 111: Line 111:
 * [[get involved|#involved]] and fix some things
 * [[donate||#donate]] money to sponsor work of our developers
 * [[#involved|get involved]] and fix some things
 * [[#donate|donate]] money to sponsor work of our developers

Mempo Project - Hardened Privacy

Mempo

"⌘ Mempo project aims to provide most secure and yet comfortable out-of-the-box computer for Desktop and Server, to professionals, business, journalists, and every-day users avoiding PRISM-like spying. ⌘"

Mempo is a software project and open team of developers working with Debian and other communities and entities for above mentioned goal.

This is Work in Progress in pre-alpha. Please read source code if you run this for important purposes, until we complete code reviews.

Source code is quite small, we try to have small differences to known-trusted developers and FOSS projects that we modify/repack.

Mempo system structure

Mempo system structure

{i} Learn more about it on Mempo webpage.

See below for Download and Install instructions.

Install Mempo

This is work in progress, but is usable right now :)

  • If you are more advanced user-developer then try all steps.
  • If you want to just use the results of our work then apply only "green" points (only β=beta and R=Released are ready to use by everyone)

Steps:

  • https://wiki.debian.org/icon?action=AttachFile&do=get&target=ver8.png kernel/grsecurity install SameKernel#grsecurity - but you must do setfattr in next point (even if it's not released yet)!

  • https://wiki.debian.org/icon?action=AttachFile&do=get&target=ver7.png kernel/grsecurity/paxflags install grsecurity/setfattr - needed if you used our kernel /!\

  • https://wiki.debian.org/icon?action=AttachFile&do=get&target=ver7.png kernel/grsecurity/rbac - in ?future we will provide RBAC profiles allowing to turn RBAC on by default and protect most important applications at least.

In ?future installation will be made very easy for everyone.

Downloads

Now Mempo exists as source code in various repositories. Later we will release ready .deb (signed and verifiable) and finally own .deb-repository or in Debian repositories.

By low-security we mean that code is not so thoroughly reviewed yet, or is developed/uploaded from not super-secured computers. But we do develop only on Linux/FOSS, encryption is always used etc - but still we known it's less then perfect.

So this is same as "normal/high" security by common standards :)

Integration with Debian

Mempo team will:

  • upgrade existing software from upstream

  • publish mempo-deb software, e.g. own version of ?Mempo/mempo-deb/tar and recommend Mempo users to upgrade immediately if they need given feature (build custom .deb and install it) and ask them to help get them to Debian experimental

  • upstream will be given patches and we will help to merge them

  • Debian experimental will be helped to package new software when upstream accepts it. Or in case of rejection or delay by upstream (if they not care about privacy&security to the same level as Mempo) to provide it as debian custom patches

  • Debian stable - we hope most of Mempo work could in time reach Debian Stable to improve standard Debian security too.

Install with Debian:

  • If you are dedicated to security then install Debian Stable, and then add Mempo software on top (as of 2014-01 most software is experimental, contact as quickly for help and guidance)

  • If you are a regular Debian user who wants to improve security a bit, then use Debian Stable and try some of our packages and try to help get them to upstream, to Experimental, to Testing, to Backports etc.

Done work

  • ?mempo-deb fixed libpoco debian library

  • ?mempo-deb upgraded gnupg for higher max key length

  • ?mempo-deb extended ?tar for --sort-input

Current work

As of 2014-01:

Plan

As of 2014-01 it is intended for Mempo to:

  • support and work inside of Debian project
  • in addition release distribution (remix/selection of packages) that includes:
  • - new software that is not yet accepted into Debian
  • - versions newer then in Debian
  • - release often

Mempo aims to be always Open FOSS, and put security as primary matter (e.g. at expense of usability or performance).

Project is in planning and prototyping stage, be patient :)

Found a bug or problem? Why not help us by getting involved:

Get Involved

Micro tasks:

  • {*} please idle on our IRC channel #mempo and discuss topics that come along

  • {*} help us with current projects e.g. SameKernel by reviewing and refactoring our code

  • {*} just report on IRC and ask what to do, stating your skills. Be ready to wait up to 24 hours for a reply and free to ask again each few hours

nr

hardness

required

task

?#task1

trivial

Wheezy 64bit, 10 GB hdd, root

1) Build our SameKernel by following instructions there. 2) Contact us with the .deb files created there and sha1sum of them 3) If build instructions where not clear tell us.

?#task2

trivial

Wheezy, user

1) Build our ?Mempo/mempo-deb by following instructions there. 2) Tell us if it worked ; Extra: 3) If on amd64, check the checksums of files are they as expected 4) With root you can install the .deb with dpkg -i foo.deb and use the created programs and test if they work fully (review sources first, or use it on test computer)

Future

The project is a huge amount of work. If you want our work to progress faster, you can do any of following:

  • ?get involved and fix some things

  • ?donate money to sponsor work of our developers

  • spread the word so other people would join the effort for secure and private happy future

Security topics

  • insecure-download we consider to be any download of code that will be executed in any possibly permissible or important way (sources, libraries, binary executable, scripts - but usually not images, music, etc) if that code is not strongly verified with cryptography.

  • * PGP downloads are medium secure
  • * Checksummed downloads (+PGP best) are most secure
  • * (assuming trusted source of fingerprints/checksums)

Privacy

Privacy is strongly protected by software that is included in Mempo. You can also contact us to discuss development or report bugs in a secure and privacy-respecting way. For anonymous talk try tor (with OFTC) or i2p (irc2p) in the Contact section.

Contact

?Contact with us: variety of ways, for secure and privacy respecting communication.

Drafts

External:

Variants

There will be variants, as planned in https://github.com/mempo/deterministic-kernel/blob/master/doc/mempo-variant.txt - versions of mempo that very in security level (e.g. versions of kernel).

Variant good

Good protection. For Desktop. All grsecurity is used, except kmem/IOports.

Therefore video cards should work (on open-source drivers, binary blobs might not work).

/!\ binary gfx drivers will mostly not run (and would ruin security anyway)

Variant goodsrv

Good+ protection. For Server (or compatible desktop). All grsecurity is used, including kmem/IOports.

Therefore video cards only with best drivers will work (might require new/patched Xorg to not use IOports) - recommended for Intel gfx (as of 2013-11 probably requires patching Xorg). /!\ most gfx drivers might not work (in graphical mode) until patched /!\ binary gfx drivers are basically guaranteed to not run (and would ruin security anyway)

Wishlist

  • Convince GCC upstream to enable security hardening flags by default
  • - or write wrapper script and set gcc_secure and alike compilers to be used for building sensitive/all packages?
    • see dpkg-buildflags, but that is useless for binaries built by users, the compiler should do hardening by default
  • - anyone has any such flags that could be added to the ?Mempo/mempo-deb package gnupg application and/or libpoco library? If yes then please form the git repo and try it and notify us here+irc.

  • - Same question for kernel flags, is it secure on this front by default? Does grsecurity turn on all the needed falgs, in addition to enabling some static check plugins?

Ideas

sl1nk various ideas (evil made, IP, MitM)

#mempo @ irc.freenode.org

<sl1nk> Meanwhile download Debian, i looked your "Threats to security and
anonymity" (https://rawgithub.com/mempo/*). I saw that you don't have a
solution for Identity Spoofing, Man-in-the-middle attack, Evil Maid attack,
phishing, DNS poisoning.
<sl1nk> That makes three categories of attacks, network, web and password
<sl1nk> There are two ways to stop the “evil maid” attack: keeping your boot
partition on a flash drive you carry at all times, or using a checksum value of
the boot sector and boot partition to detect it and change you passphrase.
<sl1nk> The only totally secure defense is to copy /boot onto a flash drive,
install GRUB on that drive, and debug this until you can boot from the flash
drive with the encrypted disk as the root filesytem.
<sl1nk> IP spoofing is a technique where a host sends out packets which claim
to be from another host. Since packet filtering makes decisions based on this
source address, IP spoofing is uses to fool packet filters. It is also used to
hide the identity of attackers using SYN attacks, Teardrop, Ping of Death and
others...
<sl1nk> The best way to protect from IP spoofing is called Source Address
Verification, and it is done by the routing code, and not firewalling at all.
<sl1nk> turning on Source Address Verification at every boot is the right
solution for you
<sl1nk> To do that, insert the following lines somewhere in your init scripts,
before any network interfaces are initialized http://pastecode.ru/8312/
<iRelay> Title: Pastecode Без названия (at pastecode.ru)
<sl1nk> If you cannot do this, you can manually insert rules to protect every
interface.
<sl1nk> MitM-Attack, uses a technique called ARP spoofing, so you need to
filtre/block it.
<sl1nk> With HTTPS or VPN for example.
<sl1nk> For Phishing and DNS poisoning is other way... ;.;

CategorySystemSecurity