I have written a lot of columns about computer security and the threats that many of us face when using our computers. While we might be subject to a variety of threats at home or in our offices, including hackers, crackers, viruses, worms, Trojans and other varieties of malware, the threat landscape can substantially increased when using a public WiFi or other network, or even allowing someone else to use our computers. With the U.S. military using thousands of computers and the potential security risks that could occur if the content on these computers was compromised, the Anti Tamper Software Protection Initiative (ATPSI) Technology Office at Wright Patterson Air Force Base has developed and publicly released a free utility that can be used to safely allow a computer to connect to the Internet or other network, including a VPN (Virtual Private Network), but also make it virtually impossible for hackers and malware to access anything on the computer’s hard drive when this utility is used.
This product, which is explicitly licensed for free public use, is Lightweight Portable Security (LPS). What this product does is create a bootable CD or USB flash drive that contains a form of the Linux operating system that will run on almost any Intel based computer, including almost all PC’s (even if they have AMD chipsets), and many Macs. LPS does not install anything on the computer and does not require administrative privileges. Once the computer is booted with the LPS system, the Internet can be accessed normally but the hard drive is inaccessible, making it impossible to read any data from the hard drive and impossible for any type of malware to infect the hard drive. According to the ATPSI, “LPS-Public is a safer, general-purpose solution for using Web-based applications.”
The basic LPS software, which is frequently updated, can be downloaded directly from the ATSPI as an ISO file that can be burned directly to a blank CD or installed on a bootable USB flash drive; it is also available as a compressed ZIP file, which can be uncompressed and then installed. The basic ISO file (uncompressed) is a large 137 mb file. For those who may desire some additional functionality, a 317 mb deluxe version (also free), contains a fully functional version of OpenOffice (a powerful free competitor to Microsoft Office that can read and write Microsoft Office and other file formats), and Acrobat Reader to read PDF files. If downloaded to a Windows 7 computer, it is extremely easy to create the bootable CD. Insert a blank CD into the drive, and then simply right click on the downloaded ISO file (either the basic or deluxe version), and select “Burn.” Windows 7 will then create the bootable CD. If using an older Windows computer, there are many ISO burning utilities available, many of which are free, including UltraISO, ISO Maker, K3b, CDBurnerXP, Easy CD Creator, ImgBurn, CDBurn, Nero Burning ROM, Roxio Creator and others. Any of the major free software download Web sites will have a selection of free ISO burners. Note that burning and ISO file to a CD is not the same thing as burning other files to a CD, and the ISO option must be selected in order for the bootable CD to be properly created. For those who may need precise, detailed instructions on creating an LPS CD, instructions are available online (as a PDF file) at spi.dod.mil/docs/lps_quick_start.pdf.
In order to create a bootable USB flash drive, first create the CD as instructed above, but then do not boot from the CD. Insert an empty USB flash drive into the computer (if you use a used flash drive, all data may be lost if it is reformatted), and then using Windows Explorer (or other file manager), open the CD, and locate the directory “InstallToUSB.” Run the file “USBInstall.bat,” and then follow the on-screen instructions to install LPS on the flash drive. If a computer supports booting from a flash drive, this USB drive can now be used to boot LPS (detailed instructions online at spi.dod.mil/liposeUSB.htm).
Once the PC or MAC is booted from the LPS CD or flash drive, the Web can be accessed as normal using the built in and fully functional Firefox browser. This is especially useful if the user is accessing the Internet via a public access wireless network, such as those at coffee shops, airports, hotels, restaurants or elsewhere; it is locations such as these that are a hacker’s paradise since it is easy to penetrate the open access networks and then break into a connected computer. Since the computer’s hard drive is not mounted by LPS (making it effectively non-functional), it is virtually impossible for malware from any source to burrow its way into the computer’s hard drive and contaminate or otherwise compromise the computer. Since the hard drive is inaccessible, any files that the user may want to intentionally save must be saved to another USB flash drive (not the one used to boot the computer into LPS), or other data storage device. If the deluxe version of LPS is installed, the OpenOffice can be used to create or read word processing files, spreadsheets, presentations (including PowerPoint), and other office documents, while the Acrobat Reader can display PDF files. One tip — since the hard drive is effectively isolated and inaccessible when LPS is loaded, it may be better to save any created files or documents to a free online cloud storage service such as Google Docs or Microsoft’s SkyDrive service.
I have heard of numerous cases where a computer owner’s children, grandchildren, neighbors, friends and others have accessed the their computer and proceeded to load it with unwanted software, viruses, spyware and other forms of malware. If instead of allowing others to boot the computer normally, the owner was to boot the computer into LPS, nothing could be written to the hard drive, thus sparing the computer owner from the evils and threats that other users could wreak.
Once the LPS CD or flash drive is removed and the computer rebooted, it will boot normally as it did before, as if LPS had never been used. There is even a “Start” button on the LPS menu that will exit LPS and boot the computer normally. Since LPS leaves nothing on the hard drive, there is nothing that it can do to influence or otherwise hamper subsequent normal use of the computer.
For those who may use computers in high-risk environments or who may have less than responsible users (children and grandchildren) use the computer, the free Lightweight Portable Security (LPS) might be a good alternative to a compromised or corrupted computer.
Listen to Ira Wilsker’s weekly radio show on Mondays from 6-7 p.m. on KLVI 560AM.