Security Issues with APT

Two recently discovered security issues in APT would allow it to inject manipulated packages, despite active signature verification. We have therefore done a manual verification of the mirror which we use to build the downloadable ISOs on this site, and found no manipulated packages. ISOs built with the build script should be rebuilt on a system with up-to-date APT packages.

TrueCrypt insecure?

On May 28th, 2014, a message was published on the TrueCrypt website claiming that TrueCrypt was "insecure", without giving any further reason. A new version 7.2 is offered for download. Based on our own analysis, which can be read here, and the analysis done by the Open Crypto Audit Project, we came to the conclusion that the versions of TrueCrypt used within UPR are still safe. Nevertheless, we are working on porting our concept of "extended Containers" to LUKS-based storage. We plan to release future Versions of UPR without TrueCrypt.

UPR 12.04r1 released

05/07/14: The UPR Team has published the first stable release of Ubuntu Privacy Remix 12.04r1 (Codename Protected Pangolin). UPR is a live system to protect from spying and data theft. UPR 12.04r1 is designed to boot on newer machines with UEFI + SecureBoot and supports lots of new hardware; but keeps running even on old machines by using the traditional and lightweight GNOME Classic desktop environment. The new release will be presented at LinuxTag 2014 in Berlin (Talk at Thu, May 8th, 9:30pm).

Getting your own UPR CD

Ubuntu Privacy Remix is a free project. Anyone finding it useful can use UPR free of charge and is encouraged to send suggestions, bug reports and criticism to us.

The image of the CD can be downloaded here. The UPR developers can neither guarantee that the download servers never get compromised, nor can we guarantee that downloads are not being redirected to other servers by DNS spoofing or similar. The authenticity of the image can be verified using our GPG-Signature.

For additional control, people wanting to build their own CD from scratch can find the Tutorials for this here.

What is Ubuntu Privacy Remix? PDF Print E-mail

The goal of Ubuntu Privacy Remix is to provide an isolated working environment where sensitive data can be dealt with safely. The system installed on the computer running UPR remains untouched, UPR is not intended for permanent installation on hard disk. Instead of that Ubuntu Privacy Remix runs from a modified Live-CD based on Ubuntu Linux. All user data reside exclusively on encrypted removable media.
Ubuntu Privacy Remix is a tool to protect your data against unsolicited access. The risk of theft of such private data arises not only from "conventional" criminals, trojans. rootkits, keyloggers etc. At least since Edward Snowden it's a matter of common knowledge, that also measures are taken by governments and intelligence agencies aiming at spying and monitoring its citizens.

But I am already encrypting my data...
Good encryption is of course one of the most important measures to protect your data. Ubuntu Privacy Remix contains the well-known cryptographis software TrueCrypt and GnuPG. But the security of encryption relies not only on the security of the used software.
Trojans, Rootkits, Keyloggers can lower or even circumvent the security of cryptographic software.

"The base idea is to relocate working with private data into a secure working environment, strictly apart from everything else you do with your computer (surf the web, chat, games, ...)."

For example software like Microsoft Office or Google Desktop, which can create an unencrypted copy of the data on hard disk when opening files from an encrypted TrueCrypt-Volume.
Or a trojan horse waits for you to open a TrueCrypt-Container, mailing your sensitive files to someone else at the next opportuinity.
Or malicious software logs your keystrokes, including the passphrase for your secret GPG-Key, and mails it along with the key to some unknown attacker. He could then read all your past and future Mails he gets his hands on.

Security is a system
These few examples show that security means the security of the whole working environment, and that security can never be provided by one program alone. Editing, de- and encryption of sensitive data should therefore be done with a system that

  • never has or had contact to untrustworthy networks like the internet
  •  cannot leave data unencrypted on the hard drive, not even unnoticed or by accident
  • offers no opportunity to spyware to permanently install onto the system

Ubuntu Privacy Remix creates such a working environment on any PC with the following measures:

  • the system resides on a non-writable CD, i.e. it is in the original state after every reboot and cannot be modified afterwards. Spyware and other mailicious software cannot be installed permanently.  All alterable user data reside on encrypted removable media like USB flash drives.
  • The system kernel is modified so that it ignores any network hardware. UPR therefore is an isolated system which can not be attacked via LAN/WLAN/Bleutooth/Infrared etc.
  • UPR mounts removable media and TrueCrypt volumes with the 'noexec' option. This prevents executing malicious programs that were imported accidentally into the UPR-System via removable media. Therewith it is secured, that the running UPR-System can not be infected this way.
  • The system is based on free software which can be verified in source code.
  • The system completely ignores any local hard disks. Neither can they be used by malicious software to save sensitive data outside the encrypted removable media - unencrypted and unnoticed for later attacks - , nor could this happen accidentally by the users inattention. Malicious software can also not be loaded from already compromised hard disks into UPR.
  • To ease working with a non-modifiable system, UPR introduces "extended TrueCrypt-Volumes", which can store program configuration like GnuPG settings, OpenOffice dictionaries etc. permanently and securely within an encrypted volume. These settings are automatically made available after opening such an "extended TrueCrypt-Volume". This method is only an optional alternative to using standard TrueCrypt volumes. (more information)

Ubuntu Privacy Remix therefore has two levels of security:

1By being non-modifiable, it is impossible to permanently install malicious software, neither by network nor by local hard disks.

2Even if it were possible for malicious software to load into memory, there is no possibility to save or send captured data anywhere outside.


Features of UPR

More information about the security-features of UPR here.

more ... 

How to use?

Here you can find tutorials and videos regarding UPR.

more ...  

How to help?

There are many ways to contribute to UPR.