Mofo Linux tears down virtual walls

Crossing Frontiers

Article from Issue 190/2016
Author(s):

Mofo Linux enables secure digital communications, even in places where it is politically or ideologically unwelcome.

Mofo Linux claims to help facilitate global freedom of information. It comes with the tools needed to work around politically motivated firewalls in countries such as China, Iran, Turkey, Thailand, Syria, the United Arab Emirates, and other countries with repressive regimes. The toolset includes various VPN flavors and other tools such as I2P, Cjdns, and Lantern along with Tor, Tor Browser, and Tor Messenger. The system also offers Arab and Chinese localization in addition to English.

Mofo Linux [1] was forked from Porteus, the portable distribution based on Slax and thus ultimately on Slackware, in 2011. Meanwhile, the system has matured to a fully fledged distribution and changed its underpinnings to Ubuntu 15.10. The live image with installer is available for downloading from SourceForge [2] and weighs in at about 1.6GB. You can burn the image onto an optical disk or transfer it to a USB stick using Universal Netboot Installer (Unetbootin) and the dd console tool. Alternatively, you can try it out in live mode with virtual machines like VirtualBox. The project took over the installer virtually unchanged from Ubuntu. It offers to set up Logical Volume Manager (LVM) as well as to encrypt the entire system or just the home directory.

Tor or I2P

Mofo Linux uses the well-known Unity 7 Desktop interface (Figure 1); however, there are some fairly obscure icons on the left side of the screen. This is where the project locates applications that serve the specific purpose of the distribution. At the top, below the mandatory search box, is the Tor Browser [3]. It directs outgoing requests by the browser across multiple servers of the Tor anonymization network to conceal the identity of the user.

Figure 1: Ubuntu's default desktop Unity 7 provides the user interface for Mofo.

The anonymous overlay network Invisible Internet Project (I2P) [4] is also preinstalled. Although Tor mainly offers anonymous proxy servers for various Internet services including IRC, email, and HTTP, everything primarily occurs within the network in the case of I2P. This also removes the need for a node database of directory servers as required for Tor, and which runs the risk of de-anonymization under certain circumstances. Another benefit: The service uses end-to-end-data encryption. Tor only offers this if you use the "hidden services."

However, the Tor Browser failed to launch in the present image, delivering instead a fairly meaningless error message. Actually, the Tor Browser Launcher should start when you first start Tor to download and set up the web browser. In testing, we needed to visit the Ubuntu Software Center (Figure 2) and install the Tor Browser Launcher at the command line with the torbrowser-launcher command to get Tor working and create a working Tor Browser (Figure 3).

Figure 2: Before you can use the allegedly installed Tor Browser, you first need to download and install it.
Figure 3: The security level of the Tor Browser can be easily adapted to your own needs using the slider.

Sharing Securely

Below I2P in the bar is the button that launches OnionShare [5]. The tool is used for a secure exchange of files and requires a Tor Browser running in the background to use its anonymization services. For this purpose, a small web server is launched locally, which Tor makes available online as a hidden service. The files are assigned a random URL via which they can be downloaded. The size of the file does not matter. A document on GitHub reveals more technical details [6].

The next item in the bar is Bitmask VPN [7], one of several VPN clients available in Mofo. Bitmask (Figure 4) provides Internet connections and email encryption. You can choose between predetermined VPN providers, such as Riseup, or use your own.

Figure 4: Bitmask VPN supports easy connecting of the computer with predefined or freely selectable VPN services.

Restrictive Corners

The next tool is aimed primarily at users who travel to the countries where use of the Internet is subject to restrictions or censorship. The Lantern proxy service [8] tries to work around blocked websites with up-to-date information on the situation in the country (Figure 5). The service relies on peer-to-peer techniques where a network of users share bandwidth in countries without restrictions with users from countries where access is subject to restrictions.

Figure 5: The Lantern proxy service only needs a few settings to operate.

The U.S. State Department funded the service with $ 2.2 million. An interesting detail is that Lantern developer Adam Fisk operated the LimeWire file-sharing client up until 2010 when it was prohibited by a court ruling in the United States. In doing so, he developed the techniques that make Lantern eligible for funding today. So far, China's repeated attempts to block the service have been unsuccessful.

You need to be very careful with Popcorn Time [9] (Figure 6). It's a BitTorrent client with an integrated media player, that is, more or less Netflix with a built-in copyright infringement. Users of this convenient service are fiercely pursued by the copyright holders of the works provided and receive mass warnings. Why the developer integrated the service into a distribution trimmed for preserving privacy remains unclear.

Figure 6: Why exactly the developers chose to integrate Popcorn Time – a dangerous BitTorrent client – remains unclear.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • MOFO Linux

    Controls, surveillance, and censorship are increasing rapidly on the Internet. MOFO Linux lets you anonymize your communication on the web with an easy-to-use live system.

  • Critical Flaws Found in VeraCrypt

    Popular open source encryption tool is vulnerable to attack

  • VeraCrypt

    Protect your data and operating system from prying eyes with VeraCrypt.

  • VeraCrypt

    The VeraCrypt encryption software comes with a handy graphical interface, and the ability to hide a container in an encrypted volume adds a unique professional feature: plausibly deniable encryption.

  • TruPax 9

    The TruPax tool specializes in encrypting small datasets to safeguard your data from prying eyes.

comments powered by Disqus