LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-12-2012, 12:22 PM   #1
RobDye
LQ Newbie
 
Registered: Dec 2012
Location: Tulsa, Oklahoma
Posts: 2

Rep: Reputation: Disabled
Proposed Linux project . . . who to contact?


I am a Catholic priest in Tulsa, Oklahoma. I have played with a couple distros on the path to trying to figure out other OS's, all this while I was figuring out a Hackintosh.
.
In other words, I know just enough to be dangerous playing around with a computer.
.
Yesterday I had a discussion with one of the library workers at the Tulsa City/County jail.

They are preparing for a required transition to all-computer GED testing, and these computers will have to be internet connected.

While the computers will be locked away when not in use, there is still concern about possible security issues. It is NOT desirable for it to be even remotely possible for inmates to be able to send email in ANY way. This could be genuinely dangerous for any number of people. . . detention officers, witnesses, family members who have filed orders of protection, etc.

I suggested that they ought to look into getting help in designing a specialized Linux distro . . .call it "JailHouse Linux."

This distro would:

----ONLY permit access to selected sites needed for GED testing.

----Lock out ANY usage of USB memory sticks or any other memory devices.

---Lock out ALL possibility of email access.

(Could the bios be modified to set an alarm on ANY other distro booting, or freeze out any user who attempts such a thing? Could ALL usb ports be locked from anything but kb and mouse?)

I am sure there are other ideas that have not occurred to me.

When I heard they were considering Windows, I just shuddered.

A couple of years ago, I bet the chaplain that I could break into his "secure" office computer, and access his hard drives, which contained some very sensitive information. I came in with a disc labelled "Christmas Music," sat down at the desk computer (within easy reach of all volunteers, and unmonitored), and rebooted the machine into Ubuntu, and started reading to him from his confidential files.

They need some help in thinking about security, and I would be the situation is similer at other jails and prisons.

Thoughts? Comments? People you could refer me to?

Thanks!

Rob
 
Old 12-12-2012, 12:24 PM   #2
RobDye
LQ Newbie
 
Registered: Dec 2012
Location: Tulsa, Oklahoma
Posts: 2

Original Poster
Rep: Reputation: Disabled
Oh . . . and also . . .

. . . I am sure the distro would need a keylogger, wouldn't it?
.
Is this possible?
 
Old 12-12-2012, 02:02 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Quote:
Originally Posted by RobDye View Post
I am sure the distro would need a keylogger, wouldn't it?
I'd say absolutely not. The less a machine contains the less one has to be responsible for, harden, check, maintain, etc.


Quote:
Originally Posted by RobDye View Post
Thoughts? Comments? People you could refer me to?
My first reflex would be to check who is responsible for maintaining security and operating the library. Find out who and you find out their policies.


Quote:
Originally Posted by RobDye View Post
ONLY permit access to selected sites needed for GED testing.
That would IMHO be the easiest approach to start with: basically a dumb "thin client"-like computer in kiosk-mode (OS, no desktop: just a browser) whose 'net connection goes via a central server that just blocks and logs anything that isn't white listed. No matter what eSATA, Firewire, USB, CDROM, DVD or whatever else device they mount or boot from it wouldn't get a network connection anyway.

Last edited by unSpawn; 12-12-2012 at 02:05 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: OpenOffice proposed as Apache project LXer Syndicated Linux News 0 06-03-2011 08:00 AM
Proposed Hardware for HA-NAS Server on Slackware Linux zordrak Linux - Hardware 4 07-06-2009 11:49 AM
Proposed build. Look good Linux-wise? Shay Linux - Hardware 7 06-29-2009 06:29 PM
Open Source contact details database project hamish Linux - Software 2 02-09-2005 07:18 AM
Proposed Cross-Reference Md5sum Project lrt2003 Linux - Security 3 05-12-2004 03:18 AM


All times are GMT -5. The time now is 04:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration