Offline Linux za osobe sa vrlo specifičnim sigurnosnim potrebama......
Discreete Linux is an operating system with the special purpose of protecting data (more precisely: people) against surveillance attacks with trojan software.
Since Edward Snowden has revealed the extent of the global surveillance of the world's population by governments and intelligence agencies, this threat has continued to grow. Besides the general monitoring of the Internet traffic, these activities in many countries also include targeted Trojan attacks on systems of politically unwelcome citizens or organizations. These attacks are often used by authorities to access sensitive data that is stored locally and encrypted on the computer and is not transmitted over the Internet or only in encrypted form.
With the QUANTUMTHEORY / FOXACID project, the Snowden documents showed a worldwide system of automated trojan infections. In the slides for the TURBINE project, the NSA states that it is designed to control Trojan infections "automated in millions of computers" - and that was the state of 2009. Today numerous commercial providers of surveillance tools are also selling Trojan software to dictatorships and states that proclaim torture.
The Discreete Linux project has the goal to provide a protection against these attacks for whistleblowers, human rights defenders, journalists, trade union and political activists and other targets of surveillance. It is therefore designed for ease of use by people without deeper computer knowledge but high security requirements. It creates a secure, isolated environment for processing and encrypting/decrypting sensitive data.
Even strong end-to-end encryption becomes worthless if the attacker can control the systems that perform the encryption. Discreete Linux brings the endpoints of encrypted communication out of reach of trojan attacks.
Um..., Discreete? You have a misspelling in your projects name...
Discreete is a word crossrooted from the English terms "discreet" (confidential, inconspicuous, no traces left behind) and "discrete" (detached, separated from [here: unsafe networks and devices]) which characterize the purpose and function of Discreete Linux. Discreete Linux is the new name and the continuation of the project "Ubuntu Privacy Remix", which has existed since 2008. Meanwhile it is based on Debian Linux. The whole project is run by volunteers, is completely free software and verifiable in the sourcecode.
Config tree required for building Discreete Linux
This is the config tree required for building your own image of Discreete Linux using live-build.
Building has only been tested on Debian 8; building on other versions of Debian or Debian derivatives like Ubuntu may be possible with some tweaks; but has not been tested. If you want to build on other systems including Windows, there are plenty of pre-built Debian Appliances for various virtualization platforms out there.
The configuration pulls in a number of packages from our own apt repository which are required to achieve the functionality of Discreete Linux. If you want to look at the sources, you can either download the sources from the same repository (deb https://www.discreete-linux.org/repository jessie main) or take a look at the git repositories here.
The configuration also includes a pre-built binary of VeraCrypt. You may prefer to build your own binary from sources, see "Building VeraCrypt from Source" below.
Our repository also includes a binary image of a patched kernel which is vital for Discreete Linux. The kernel patch makes sure that Discreete Linux cannot access any internal hard drive. Since kernel images are update quite frequently, we do not include any sources or git repo for this kernel image. Instead we tell you how to build your own, see below.
The ISO image can be downloaded from here: