Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Monday - Friday, 6-9 a.m.
Hosts Tom Temin and Emily Kopp bring you the latest news affecting the federal community each weekday morning, featuring interviews with top government executives and contractors. Listen live from 6 to 9 a.m. or download archived interviews on our daily show blogs.
Air Force puts trust in your home computer
Thursday - 10/14/2010, 10:30am EDT
Senior Internet Editor
When you're travelling, is the thought of using someone else's computer unsettling? The thought of having to use a public kiosk or a hotel computer can feel a lot like using someone else's toothbrush. You're never really sure where it's been.
Software Protection Initiative team leader Rich Kutter told Federal News Radio it not only makes your web surfing safe, it also saves you from having to make major changes to your home computer if you need to use a Smart Access card to log in.
The idea is that everything a computer user needs for web browsing or telework can be downloaded from DoD and put onto a CD. Then, when you want to surf or work safely, you start up the computer from the CD and not the hard drive.
LPS, said Kutter, meets two key ATSPI security tenets: it 1) focuses on what's critical (web browsing in the public version and telework in the remote access version) and 2) it works Out-of-Band of the threat. Even if there's malware on the hard drive, since the program runs out of RAM, it's running where the threat isn't. "It ignores your local hard drive and any nasties that might be hiding out there," said Kutter.
Another feature for the truly security conscious: it doesn't leave any trace on the computer you're using of which sites you've been to or what you did there.
When asked why everyone doesn't have a computer that can do all this, Kutter laughed and said "You can! You can download it from our website at spi.dod.mil if you want to play with the public version."
Another nice feature is that it's the same no matter which computer you're sitting in front of. "It would be a way of making sure that your configuration was standard every time you connect to do some sensitive transaction like telework or home banking," said Kutter.
When you're done, he said, "you could store things to the cloud, and the public version actually supports removable hard drives like USB thumb drives or USB hard drives."
And yes, it's free.
Asked about a downside to LPS, Kutter said the focus is on what's critical. So for web browsing and telework, "you don't need sound. You don't need every little Linux tool that exists. So from a usability standpoint, maybe that's a downside, but it's really a security plus. We approached this to be as secure as possible, yet still allow core mission capabilities to be accomplished."
That means no games, no solitaire, and no minesweeper.
But you'd still have those on the hard drive, in case of emergency.
This story is part of Federal News Radio's daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.