Tor-ramdisk 20120622 released

Friday, June 22nd, 2012 at 3:57 pm.

Want to run Tor on simple hardware without leaving a trace? Tor-ramdisk is a simple software package which allows you to do it. Put it on a CD or USB-stick, boot it and now you’re running Tor in a rather secure way.

Official release story as leaked on the Tor mailing list:

Hi everyone

I want to announce to the list that a new release of tor-ramdisk is out. Tor-ramdisk is an i686, x86_64 or MIPS uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Security is enhanced by hardening the kernel and binaries, and privacy is enhanced by forcing logging to be off at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key, which may be exported/imported by FTP or SCP.


Tor was updated to, BusyBox to 1.20.1 and the kernel to 3.4.2 plus Gentoo’s hardened-patches-3.4.2-2.extras. The MIPS port also incorporated these changes, but for this architecture the kernel was kept at vanilla 3.2.5.

Homepage: http://opensource.dyc.edu/tor-ramdisk
Download: http://opensource.dyc.edu/tor-ramdisk-downloads

Homepage: http://opensource.dyc.edu/tor-x86_64-ramdisk
Download: http://opensource.dyc.edu/tor-x86_64-ramdisk-downloads

Homepage: http://opensource.dyc.edu/tor-mips-ramdisk
Download: http://opensource.dyc.edu/tor-mips-ramdisk-downloads


15 Responses to Tor-ramdisk 20120622 released

  1. holmes says:

    “It sound like some people I know who “Keep getting all thses virus things no matter what I do!””

    Remember the Sony BMG root kit?
    Remember how no Antivirus detected it? Not even Anti root kit scanners?
    Remember how only one tool initially detected it?

    Now consider for a moment how many other government software/firmware moles/rootkits may be lingering within millions of people’s proprietary systems (hardware/software-OS).

    Wikileaks published a lot of information on companies willingly selling rootkits to governments and organizations. And do I really need to bring up HBGary?

    So many fools using multiple proprietary scanners on their systems, the makers of which could all be in bed with big bro, the programs and/or updates could contain rootkits, and seriously, what the fsck is up with Microsoft and Flash both having so many remote exploits being patched all of the time?

    The very products you trust, imo, could be the very e-poison from which you e-drink from.

    To this day I laugh inside when twits tell me their system is “clean” because they scanned it with several proprietary tools.

    Face it, even on Linux the quality of the root kit scanners are piss poor. You have to boot into a separate environment (like Remnux) to evaluate the malware, but most people won’t do it, they’ll wipe and reinstall and rely only on signatures which can be compromised. And when they find out they have an APT which continues to reinfect their computer(s)? Would they be intelligent enough to consider a firmware (PCI/BIOS) infection which survives hard drive wipes? Do they also have infected thumb drives laying around they plug into other computers around home and/or friends/family/work?

    Chkrootkit has a function to list the strings of binaries, but it’s up to you to determine whether or not the content of the strings are malicious. I’ve tried several root kit scanners on Linux and all of them are, imo, crippled pieces of trash. The crowd will yell back at you, “But most of these require root to exploit!” No, not at all, there are hundreds of ways to exploit a Linux box, many not requiring root, but a particular program/version. I won’t even bite down on the subject of ways to subvert package managers. Heck, how many Linux repositories use SSL? SSH? Torrents with established “good” check sums for thousands of packages?

    And I’ve not mentioned Flash and Adobe Reader for Linux and the past problems with those… and the NVidia driver for Linux, had in the past, one or two severe security issues whereby a remote exploit could take over the system! (Google it. The news of one exploit was in 2006.)

    Our proprietary hardware and software are both at risk, and likely subverted world wide on millions of computers by governments and select organizations. The fact it takes years until a researcher trips over a particular piece of malware which none of the antivirus companies are detecting is inexcusable.

    Were I head of a commercially developed antimalware company, I’d develop a website similar to Virus Total, but instead of the users uploading single files one by one, I’d give them a FOSS program which checked every part of their hardware, embedded and manually inserted, checksum the firmware (of all media drives, graphics cards, anything with firmware) and BIOS and tear apart the results, funneling them into separate result pages, each result for each component going to its own page for comparative results, rather than building a profile on one user’s system. I would offer the users the option of publishing a one page result for their unique computer, but it would be opt-in only. Yes, checksum the firmware, including the router, and demand companies publish checksums and use GPG to sign their firmware, all of this information would go to the site as described. A massive database of important, but anonymously pulled and published information.

    It’s just going to get worse.

    On the side, I’ve been saying to myself for years, IMO, “When Microsoft finally starts to show signs of weakness and loss of power over the OEMs, it will try and reinvent itself through crippled hardware and force others to beg at its door for access. They will, imo, follow the same route as Apple, tying software to hardware. I’m shocked it hasn’t happened sooner.” Then the reverse engineering can begin, just like the WINE project which was abandoned by Corel following Microsoft’s involvement with Corel, despite the good word from some former people at Corel who said they would continue to develop WINE. It wasn’t much longer until Corel Linux was shit canned, and the support for WINE dried up like a neglected grapevine.

    People like to poke and laugh at people like RMS who are sane and their visions a philosophy to stand by and build upon. Sadly, it’s mostly about ‘image’ in today’s society. This is why, in part, you’ll never see a true world leader elected who benefits the people and country as a whole, because it’s just like high school, you only have a few choices between the approved popular cliques, the rest are shunned and ridiculed. So we have two, I would argue, controlled choices, the Republicans and Democrats, and we have two, I would maintain, jocks, Apple and Microsoft.

    Bring on the 3-D printers and eventually the Star Trek like replicators, so we can put an end to the sweatshops in China and elsewhere, and to the two jocks in school.

    Soon our future will be collaboration of FOSS and FOSH(ardware) and we won’t sit idly by as the two jocks push their creations onto us, we will forge our own.

    Oh, and you can kiss my ass Republicans and Democrats, whose power is only illuminated by controlled corporate media and further shaped by humor from The Daily Show, Colbert Report (they didn’t have much to say during the last writer’s strike, did they, yet people think they’re so witty — wrong! more corporate shit!) and SNL (why the fork wasn’t stuck in SNL years ago is beyond me, it’s like watching The Simpsons, someone left the building and forgot to turn off the light – I won’t even dig into the, imo, illuminati Family Guy show).

    The future is up to us, the power is in our hands, we only have to turn off the TV and stop swallowing the shit they feed us and join together to mature technology.

    “Beware of dogs, beware of evil workers, beware of the mutilators.”
    – Philippians 3:2

    Do not remain ‘motionless in light’. Kneel before Almighty God, rebuke the beast within the light and the strange sounding ‘invaders’ through Yahweh, Christ Jesus, Holy Spirit, Our One True God. Rejoice in Him!

  2. Harold says:

    Possible to Identify Tor User Via Hardware DRM?


Leave a Reply

Your email address will not be published. Fields marked * are required.

To prove you're a person (not a spam script), type the security text shown in the picture. Click here to regenerate some new text.
Anti-spam image

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

livelyblog.com | Random blog | Login | Get your own blog | ^^^