Puppy as a portable secure operating system that protects against surveillance and censorship

[koulaxizis]

Hello friends!

I'd like to know how could someone customize Puppy to act as a secure and anonymity-oriented OS.

Something like "Tails" but with the ability to store encrypted files after shutting down.

I'm interested in keeping a local bitcoin wallet and browse anonymously the web - along with the standard daily works: writing texts, draw, chat etc.

Would you use Tor? Would you install a VPN? Would you encrypt your save file? Would you tweak the firewall? What else?

Thanks in advance for your time! Your help is deeply appreciated!

[s243a]

You can use iptables to direct everything through tor see:
https://gitlab.torproject.org/legacy/tr ... arentProxy

However, I recommend only sending encrypted traffic through tor. In other words don't send plain http traffic over tor. Only send https and other protocols with strong enough encryption. Otherwise, someone at an exit node could man in the middle your traffic.

[ally]

http://archive.org/details/Puppy_Linux_Puli

[mikeslr]

I don’t have time now to detail the process but this is what I would do, and why:

1. Use the latest version of Puli, http://murga-linux.com/puppy/viewtopic. ... 43#1061143. gjuhasz has built in a mechanism for sensing attempted hacker intrusions and dealing with it. Read the various Puli threads.
2. The latest version of Puli is, IIRC, based on Bionicpup64. It can use most (perhaps all) the applications Bionicpup64 can use.
3. Watchdog and Mike Walsh developed a technique for running applications in a chroot environment. The most recent publication using that technique is Chrooted Iron88-portable. viewtopic.php?p=4748#p4748. It can be used in Bionicpup64 and almost certainly Puli 7.3. Any hacker somehow circumventing Puli’s defenses can not access your actual operating system, nor learn information stored there. [You, however, can 'cut & paste' since Puli, itself, runs as /root and has complete access to the files and folders in the chrooted environment. Puli also has builtin a virtual keyboard to foil key-logging attempts. And consider the link below regarding encryption].
Iron, itself, is a very secure and privacy oriented web-browser. But you can 'harden' it even more by applying the suggestions about 'hardening firefox': link to that discussion below.
4. If you deconstruct Chrooted Iron88-portable you’ll discover it consists of two parts: almost everything is located in a top level folder, /cont.
4.a. Hanging from that folder is /cont/opt, and within that /opt is the portable Iron88. You can rebuild the SFS so that that folder will include a portable Tor browser. You’ll find instructions for building a portable version of firefox using any version of firefox published by mozilla. viewtopic.php?p=8330#p8330. Tor is just a specialized version of firefox. REMEMBER, HOWEVER, that while Puli 7.3 is a 64-bit operating system, the CHROOTED ENVIRONMENT is Xenialpup-32 bit. So you’ll need to use the most recent publication of 32-bit Tor.
4. b. The other part of Chrooted Iron88 resides in the /usr folder. Use the files there as a template for linking your Chrooted Tor to your ‘Main’ operating system.
A chrooted Tor will provide a secure and private method for accessing and downloading information.
[4.c. As an alternative to Tor, you could also use a Hardened version of firefox, perhaps firefox-esr. viewtopic.php?f=90&t=2335. Or just use the Chrooted Iron, or harden and use it].
5. Puli can almost certainly use the VPN system developed by OscarTalks, http://www.murga-linux.com/puppy/viewto ... 455#986455 with the enhancements developed by d4rkn1ght, http://www.murga-linux.com/puppy/viewto ... 76#1049476.
6. You can obtain a free Protonmail account, and with it use those of ProtonVPN servers which are free. http://murga-linux.com/puppy/viewtopic. ... 72#1018172. Of course, you could also purchase an account and make use of all Proton’s servers. Proton operates out of Switzerland. ProtonVPN gives you a secure and private means to transmit information over the internet.

About encrypting files after shutdown, see viewtopic.php?p=16325#p16325

[koulaxizis]

Wow!! Thank you very much for your responses, I got a lot to try! Thank you. What a great community!