Mempo Project - Hardened Privacy
Mempo project aims to provide most secure and yet comfortable out-of-the-box computer for Desktop and Server, to professionals, business, journalists, and every-day users avoiding PRISM-like spying.
Mempo Project is the answer to increasing surveillance of people, and endangered freedom of speech - as well to other IT attacks, cracking by hackers, viruses.
Even professional tools are not secure if there exist way around them for an attacker.
Therefore - in Mempo, the best Privacy & Security tools are used together on all levels from kernel to Apps; preconfigured for VM+Tor+VPN, for virtualization and compartment - all available in one-click fashion as Full Installable OS, Live-CD, or separate programs (sources and .deb files + deb-repo).
Do I need Mempo?
Basically no one is really using the potential of existing security and privacy apps because of time and effort, and professional solutions are fixing given issue - but leaving other small holes.
Most people do not even know about hardware level attacks, root-kits, cold-boot, hacking NIC PCI cards, bugs in e.g. Xen, fire-wire attack, etc.
But is your computer immune (to the extent of currently available software) to known attacks?
Well. If you do use… theoretically unexploitable micro-kernel system like GNU Hurd on OpenRISC or at least GrSecurity max-settings kernel; on custom open-hardware mobo/BIOS/firmware, using PGP/post-QC where needed, with per-app files access-lists, everything is on separate VM on separate user with firewalled tunnels in between, all compiled from source after you meet all the developers on PGP signing-party - then yeah OK, in this case this Project can not offer you much
In any other case - continue below for details.
This is the official Download and Install page for Mempo Project - Hardened Privacy as Debian Repository. [trust] [sig] [pub] [i2p] [USK@all-html] [USK@all-txt]
Currently we have here the Grsecurity hardened (and deterministic-build) kernels for Debian and soon other Packages and Security tools.
Mempo Project: Hardened Privacy
Products and Philosophy (2014.04)
Mempo is a Hardened Debian, secured kernel, privacy applications, simple robust X environment
(LXDE default).
GOAL: provide most secure and yet comfortable out-of-the-box computer for Desktop and Server,
to professionals, business, journalists, and every-day users avoiding PRISM-like spying.
PRODUCTS:
we provide Mempo Project as following products:
1) MempoDeb – an addon (.deb of privacy apps and hardened kernel) added to installed Debian
2) Mempo – is a full system installable from scratch, a copy of Debian but hardened
3) MempoBox – will be providing pre-installed Mempo on custom, ideally open hardware
Provided in Desktop and Server variants, for amd64 (possibly for ARM, i386).
Full Mempo is planned for mid-end 2014, and MempoBox for 2014/2015 depending on kick-starter
startup donations.
FAQ-1: To clear any initial miss-conceptions or questions: Mempo is:
Light and fast
Easy for non-technicals
Modular addons
Learning from Tails, Qubes-OS, Hardened-Gentoo
...but providing more
Prefering GrSec+PAX over SE Linux
Usable like regular Debian
Developed inside Debian.org
Usable on all Linux
Usable on home-made PC
As Primary OS
As packets
As Live-CD
Flash/Wine/etc compatible (VM)
At stage of prototyping
To deliver custom hardware
Always BSD/GPL/0-CC licensed
Giving back to FOSS
Cooperative!
To be crowdfunded
Apolitical
User education focused</blockquote>
I have searched to little avail on information about the mempo project, and I fear it could die in this thread.
This is an excellent project, with a beautiful philosophy that I think any decentralized, anonymous, private, security (DAPS ;)) minded computer user should appreciate.
[b][[/b] link to the project: https://wiki.debian.org/Mempo [b]][/b]
Mempo brings a lot of potential for an every day, secure, and very anonymous way to virtually interact with others on the Internet, as well as perform daily computer functions; document processing, video editing, video games- …okay that last one may be a stretch right now, you got me. It’s in a semi-crude state, I get it.
-Not a jab at the dev, I give kudos to the innovative thinking and criticism to the initiative-
I believe it can be improved upon. I think it’s a fascinating piece of technology waiting patiently for someone to grab it, but that’s got to be acted on by the community now. The dev is not active, and the community suffered because of this, and the community is dwindling down toward its own death if we don’t take the intitiative.
[quote=“whonixwizard, post:6, topic:806”][quote author=nixx link=topic=330.msg11006#msg11006 date=1445599440]
… So Patrick perhaps now you must think about creating some OS based on vpn chains. That tor is becoming uselss. First they set up porn sites to spoil the dark web and now they went to their next phase i.e. technically implemented shadowbanning and blocking onion sites from running.
[/quote]
If you have the technical expertise, have you checked out mempo?[/quote]
Everything said here:
It’s a nice dream. But anyone can sketch a jack of all trades device.
Anyone can sketch superman. He must be able to fly. Oh no. He also must be able to fly through the universe. Oh, and he needs light speed. Easy to make up more stuff.
We’re not of sketches and ideas. It’s not hard to take all the great things out there and to write up a dream about putting it together.
It needs people to do the actual work. Or people pay the required money to make it work. Or who help to collect the money to make it happen. Something like this.
But writing up the dream alone won’t do anything.
If you have the technical expertise, have you checked out mempo?
[/quote]
Everything said here:
It’s a nice dream. But anyone can sketch a jack of all trades device.
Anyone can sketch superman. He must be able to fly. Oh no. He also must be able to fly through the universe. Oh, and he needs light speed. Easy to make up more stuff.
We’re not of sketches and ideas. It’s not hard to take all the great things out there and to write up a dream about putting it together.
It needs people to do the actual work. Or people pay the required money to make it work. Or who help to collect the money to make it happen. Something like this.
But writing up the dream alone won’t do anything.[/quote]
I can agree with you until that last sentence. Sure only writing it shows a lack of initiative, maybe a lack of capability, but having the creativity to write down the dream in the first place- it reminds me of sci-fi films, and how more technical people can watch the movies and get their own ideas on it.
sorry, but as far as I’ve read and understood their current documentation, I’m unable to tell which major improvements Mempo offers compared to using Whonix together with Qubes, aside from their allegedly hardened kernel. Furthermore, their comparison is very old (Qubes for example already has a LiveUSB version), doesn’t include a lot of far better configurations (like Qubes + Whonix with a type 2 hypervisor (XEN)), as well as other facts (like that TAILS includes a Bitcoin client out of the box) and said hardened kernel seems to be everything but usable. In that regard I have to say that the “dream the guys behind Mempo dreamed up” is, to a certain degree, already real, so, as long as they don’t make an active effort of realising the things unique to their concept, I have to object with your “sci-fi comparison”. Or, am I missing some special, new, never before seen feature?
sorry, but as far as I’ve read and understood their current documentation, I’m unable to tell which major improvements Mempo offers compared to using Whonix together with Qubes, aside from their allegedly hardened kernel. Furthermore, their comparison is very old (Qubes for example already has a LiveUSB version), doesn’t include a lot of far better configurations (like Qubes + Whonix with a type 2 hypervisor (XEN)), as well as other facts (like that TAILS includes a Bitcoin client out of the box) and said hardened kernel seems to be everything but usable. In that regard I have to say that the “dream the guys behind Mempo dreamed up” is, to a certain degree, already real, so, as long as they don’t make an active effort of realising the things unique to their concept, I have to object with your “sci-fi comparison”. Or, am I missing some special, new, never before seen feature?
Have a nice day,
Ego[/quote]
The sci-fi comparison was just a short about how categorically sci-fi films have technology that modern scientists and techies strive for, nothing terribly important. I’m a fan of mempo, but not for some exclusive property other than that’s the one project I came across that has a theoretical layout of the most secure out of the box experience. That experience is all I want, for everyone. Taking what you said into account, I’d like to compile a current OS bundle that achieves the same purpose.
They are on Electrum 1.9.8 which produces high S signatures about 50% of the time allowing for the recent malleability attack on the network. Bitcoin Core no longer relays these transactions with high S sigs, so Tails users are having very bad issues and no idea how to fix it. Furthermore when they try to install a newer Electrum using the instructions on Electrums site, they are successful…until reboot. They they have to reinstall every reboot. Advanced users can download to Persistent and run from source, but kids just want to hit the icon.
I’m not sure why Tails team doesn’t want to leave Debians repos to get the newer version, or if they plan to. If you want to see the drama ensuing currently head over to https://reddit.com/r/darknetmarket or https://reddit.com/r/tails. It’s rampant.
Other than that I agree with the current assessment of Mempo. Don’t mean to confuse the conversation just had to mention about Electrum as I seen it being mentioned around a lot.
