Login
Login

Lightweight Portable Security

{{Infobox OS

| name = Lightweight Portable Security (rebranded as
Trusted End Node Security){{cite web |title=Trusted End Node Security - Downloads |url=https://spi.dod.mil/download.htm |website=Software Protection Initiative |publisher=Department of Defense |access-date=19 July 2021 |archive-url=https://web.archive.org/web/20210306154456/https://spi.dod.mil/download.htm |archive-date=6 March 2021}}

| logo = 90px100px

| screenshot = File:LPS 1.6.0-Public Deluxe.png

| caption = Lightweight Portable Security Desktop

| developer = US Department of Defense

| family = Linux (Unix-like)

| released = 2011

| userland = GNU

| ui = XFCE

| license = Free software licenses
(mainly GPL)

| website = [https://web.archive.org/web/20180714022205/https://www.tens.af.mil/index.htm Trusted End Node Security program office]

| source_model = Open source

| latest_release_version = 3.0.4.1{{cite web | url = https://www.spi.dod.mil/CHANGES.html | archive-url = https://web.archive.org/web/20201101121731/https://www.spi.dod.mil/CHANGES.html | url-status = dead | archive-date = November 1, 2020 | title = LPS Release Notes | date = 2019-05-17 | website = Trusted End Node Security - Software Protection Initiative | publisher = Department of Defense TENS Program Office | access-date = 2019-12-10 }}

| latest_release_date = {{Start date and age|2021|04|30|df=yes}}

| latest_test_version =

| latest_test_date =

| kernel_type = Monolithic (Linux)

| working_state = Discontinued

}}

Lightweight Portable Security (LPS) or Trusted End Node Security (TENS) was a Linux LiveCD (or LiveUSB) distribution. The application Encryption Wizard, originally bundled with TENS is still actively maintained. LPS and its successor TENS was developed and publicly distributed by the United States Department of Defense’s Air Force Research Laboratory{{Cite web|last=TENS Program Office|title=Trusted End Node Security|url=https://www.tens.af.mil/index.htm|url-status=dead|archive-url=https://web.archive.org/web/20180714022205/https://www.tens.af.mil/index.htm|archive-date=14 July 2018|access-date=10 December 2019|website=}} The live CD is designed to serve as a secure end node. The Air Force Research Laboratory actively maintained LPS and TENS from 2007 to 2021.{{Cite web|date=16 April 2021|title=TENS Release Notes|url=https://spi.dod.mil/CHANGES.html|url-status=dead|archive-url=https://web.archive.org/web/20210719053055/https://spi.dod.mil/CHANGES.html|archive-date=July 19, 2021|website=Trusted End Node Security|publisher=Air Force Research Laboratory}} It can run on almost any x86_64 computer (PC or Mac).{{Cite book|url=https://www.tens.af.mil/docs/tensmanual.pdf|title=Trusted End Node Security (TENS) Public Edition (TENS-Public) User's Guide|publisher=Air Force Research Laboratory|year=2020|location=|archive-url=https://web.archive.org/web/20210321055021/https://www.tens.af.mil/docs/tensmanual.pdf|archive-date=21 March 2021|url-status=dead}} LPS boots only in RAM, creating a pristine, non-persistent end node. It supports DoD-approved Common Access Card (CAC) readers, as required for authenticating users into PKI-authenticated gateways to access internal DoD networks.{{Cite web|last=Galloway|first=David|date=24 July 2011|title=Lightweight Portable Security Is a Portable Linux Distro from the Department of Defense|url=https://lifehacker.com/lightweight-portable-security-is-a-portable-linux-distr-5824183|url-status=live|archive-url=https://web.archive.org/web/20110913063838/http://lifehacker.com/5824183/lightweight-portable-security-is-a-portable-linux-distro-from-the-department-of-defense/|archive-date=2011-09-13|access-date=2021-08-20|website=Lifehacker|language=en-us}}{{Cite web|last=Reed|first=Michael|date=30 Nov 2010|title=Linux Distribution: Lightweight Portable Security {{!}} Linux Journal|url=https://www.linuxjournal.com/content/linux-distribution-lightweight-portable-security|url-status=live|archive-url=https://web.archive.org/web/20101203094111/https://www.linuxjournal.com/content/linux-distribution-lightweight-portable-security|archive-date=2010-12-03|access-date=2021-08-20|website=www.linuxjournal.com}}{{Cite web|last=Montalbano|first=Elizabeth|date=22 July 2011|title=Not Your Average Linux Distribution: DOD's Flavor|url=http://www.informationweek.com/news/government/security/231002431|url-status=dead|archive-url=https://web.archive.org/web/20110723201024/http://www.informationweek.com:80/news/government/security/231002431|archive-date=2011-07-23|access-date=|website=Information Week Government}}

LPS turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer's hard drive. As of September 2011 (version 1.2.5), the LPS public distribution includes a smart card-enabled Firefox browser supporting DoD's CAC and Personal Identity Verification (PIV) cards, a PDF and text viewer, Java, a file browser, remote desktop software (Citrix, Microsoft or VMware View), an SSH client, the public edition of Encryption Wizard and the ability to use USB flash drives. A Public Deluxe version is also available that adds LibreOffice and Adobe Reader software.

History

LPS and Encryption Wizard were initiated by the Air Force Research Laboratory's Anti-Tamper Software Protection Initiative program, started in 2001. In 2016, that program was ending, so LPS and Encryption Wizard were moved to the Trusted End Node Security program office. LPS, as of version 1.7 was rebranded Trusted End Node Security, or TENS.{{Cite web|last=Software Protection Initiative|title=Lightweight Portable Security|url=https://www.spi.dod.mil/lipose.htm|url-status=dead|archive-url=https://web.archive.org/web/20160925222355/https://www.spi.dod.mil/lipose.htm|archive-date=2016-09-25}} Encryption Wizard retained its name, but received the TENS logo as of version 3.4.11.{{Cite web|last=Software Protection Initiative|title=Encryption Wizard Release History|url=https://spi.dod.mil/ewizard_history.htm|url-status=dead|archive-url=https://web.archive.org/web/20210719053056/https://spi.dod.mil/ewizard_history.htm|archive-date=2021-07-19|access-date=26 February 2019|website=Trusted End Node Security}}

In 2020, the COVID-19 pandemic led to an increase in remote work. The National Security Agency recommended that U.S. government employees working remotely use government furnished computers. However, when it was necessary for an employee to use their home computer, the National Security Agency recommended TENS as one measure an individual employee could use to make that computer more secure.{{Cite book |url=https://media.defense.gov/2020/Jun/03/2002310067/-1/-1/0/CSI-SELECTING-AND-USING-COLLABORATION-SERVICES-SECURELY-LONG-20200602.PDF |title=Selecting and Safely Using Collaboration Services for Telework - UPDATE |publisher=National Security Agency |year=2020 |pages=3 |archive-url=https://web.archive.org/web/20200805160341/https://media.defense.gov/2020/Jun/03/2002310067/-1/-1/0/CSI-SELECTING-AND-USING-COLLABORATION-SERVICES-SECURELY-LONG-20200602.PDF |archive-date=August 5, 2020 |url-status=dead}}

In 2021, TENS became compatible with UEFI Secure Boot.{{Cite web|last=TENS Program Office|title=Downloads|url=https://www.tens.af.mil/download.htm|url-status=dead|archive-url=https://web.archive.org/web/20210818100531/https://www.tens.af.mil/download.htm|archive-date=18 August 2021|access-date=18 August 2021|website=Trusted End Node Security}} UEFI Secure Boot is used to protect the operating system installed on the computer's hard drive. As of June 2020, UEFI Secure Boot was available on many newer PCs. UEFI Secure Boot would prevent older versions of TENS from booting.{{Cite book|url=https://media.defense.gov/2020/Jun/03/2002310252/-1/-1/0/CSR-TENS-VIRTUAL-MACHINE-GUIDE-20200603.PDF|title=TENS Virtual Machine Guide|publisher=National Security Agency|year=2020|archive-url=https://web.archive.org/web/20200630193530/https://media.defense.gov/2020/Jun/03/2002310252/-1/-1/0/CSR-TENS-VIRTUAL-MACHINE-GUIDE-20200603.PDF|archive-date=June 30, 2020|url-status=live}}

In August 2021, the TENS web site announced the TENS program office had been decommissioned. The Defense Information Systems Agency was no longer willing to fund the program. No other agency had agreed to champion the program. "Potentially final" editions of TENS and Encryption Wizard had been released in April and May 2021.

The Mission Planning group of the Air Force Life Cycle Management Center took over management of Encryption Wizard. However, as of early 2023, the TENS program had not been restarted.{{Cite web |title=Encryption Wizard |url=http://www.gettens.online/ |url-status=live |archive-url=https://web.archive.org/web/20230129144318/http://www.gettens.online/ |archive-date=2023-01-29 |access-date=2023-04-27 |website= |publisher=Airspace Mission Planning Division, Air Force Life Cycle Management Center}}

Encryption Wizard

LPS came with Encryption Wizard (EW), a simple, strong file and folder encryptor for protection of sensitive but unclassified information (FOUO, Privacy Act, CUI, etc.). Written in Java, EW encrypted all file types for data at rest and data in transit protection. Without installation or elevated privileges, EW ran on Windows, Mac, Linux, Solaris, and other computers that support the Java software platform. With a simple drag and drop interface, EW offered 128-bit and 256-bit AES encryption, SHA-256 hashing, RSA signatures, searchable metadata, archives, compression, secure deleting, and PKI/CAC/PIV support. Encryption could be keyed from a passphrase or a PKI certificate. EW was GOTS—U.S. Government invented, owned, and supported software—and came in three versions, a public version that uses the standard Java cryptographic library, a unified version that uses a FIP-140-2 certified crypto licensed by The Legion of the Bouncy Castle, and a government-only version that uses a FIPS-140-2 certified crypto stack licensed from RSA Security{{citation needed|date=April 2022}}. The three versions interoperate.

Public HTTPS access

The official web site, offering the public versions of TENS, was hosted on Department of Defense servers. The program office also had a commercially hosted "gettens" web site. The official web site was shut down circa 2022. As of early 2023, Encryption Wizard is still available on the "gettens" web site.

The "gettens" commercially hosted web site was established because the general public had some difficulty accessing web sites on Department of Defense servers. Originally, the gettens web site merely provided instructions how to configure a web browser to work with the official web site. However, in 2023 the gettens web site was repurposed to actually host Encryption Wizard.

This article incorporates text from the US Department of Defense SPI web site.

See also

References

References to the Trusted End Node Security Program office refer to the Trusted End Node Security Program Office, Information Directorate, Air Force Research Laboratories, United States Air Force.

References to the Software Protection Initiative refer to the DoD Anti-Tamper Program, Sensors Directorate, Air Force Research Laboratories, United States Air Force.

{{reflist}}

External links

  • http://www.gettens.online/ Home page for Encryption Wizard
  • {{Webarchive|url=https://web.archive.org/web/20210818234357/https://tens.af.mil/|date=August 18, 2021|title=Trusted End Node Security}}. Home page for the TENS Program office.

Category:Operating system security

Category:Operating system distributions bootable from read-only media

Category:Live USB

Category:State-sponsored Linux distributions

Category:Linux distributions