Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
Air Force puts trust in your home computer
Thursday - 10/14/2010, 10:30am EDT
Senior Internet Editor
When you're travelling, is the thought of using someone else's computer unsettling? The thought of having to use a public kiosk or a hotel computer can feel a lot like using someone else's toothbrush. You're never really sure where it's been.
Software Protection Initiative team leader Rich Kutter told Federal News Radio it not only makes your web surfing safe, it also saves you from having to make major changes to your home computer if you need to use a Smart Access card to log in.
The idea is that everything a computer user needs for web browsing or telework can be downloaded from DoD and put onto a CD. Then, when you want to surf or work safely, you start up the computer from the CD and not the hard drive.
LPS, said Kutter, meets two key ATSPI security tenets: it 1) focuses on what's critical (web browsing in the public version and telework in the remote access version) and 2) it works Out-of-Band of the threat. Even if there's malware on the hard drive, since the program runs out of RAM, it's running where the threat isn't. "It ignores your local hard drive and any nasties that might be hiding out there," said Kutter.
Another feature for the truly security conscious: it doesn't leave any trace on the computer you're using of which sites you've been to or what you did there.
When asked why everyone doesn't have a computer that can do all this, Kutter laughed and said "You can! You can download it from our website at spi.dod.mil if you want to play with the public version."
Another nice feature is that it's the same no matter which computer you're sitting in front of. "It would be a way of making sure that your configuration was standard every time you connect to do some sensitive transaction like telework or home banking," said Kutter.
When you're done, he said, "you could store things to the cloud, and the public version actually supports removable hard drives like USB thumb drives or USB hard drives."
And yes, it's free.
Asked about a downside to LPS, Kutter said the focus is on what's critical. So for web browsing and telework, "you don't need sound. You don't need every little Linux tool that exists. So from a usability standpoint, maybe that's a downside, but it's really a security plus. We approached this to be as secure as possible, yet still allow core mission capabilities to be accomplished."
That means no games, no solitaire, and no minesweeper.
But you'd still have those on the hard drive, in case of emergency.
This story is part of Federal News Radio's daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.