Recent blog posts
- Western Digital is unSMART
- Interesting Outcomes of Assumption-Laden Perception: 2001 A Save Theodicy
- A Review of Dwolla
- What First (or Any) Time Home Buyers Need to Know About Drywood Termites
- Simple Fix for Bootcamp Partition Error: "Files cannot be moved"
- Paypal charged my credit card, without my permission, and didn't tell me about it
- 2010 iMac Target Display Mode (Mini Display Port) with 2011 Macbook Pro (Thunderbolt)
- approx 502 Bad Gateway, Connection failed errors
- A More Equitable Way to Trade Stocks? An Arbitrage-Free Exchange
- Religious Leaders Feel Threatened, Enjoy Attention
You can't reason someone out of something they weren't reasoned into.
If Christ were here there is one thing he would not be - a Christian.
Religion is regarded by the foolish as true, by the wise as false, and by the rulers as useful.
It only takes 20 years for a liberal to become a conservative without changing a single idea.
-Robert Anton Wilson
He who would do good to another must do it in minute particulars. General good is the plea of the scoundrel, hypocrite, and flatterer.
Progress, far from consisting in change, depends on retentiveness. Those who cannot remember the past are condemned to repeat it.
...Faith: that is to say, to shut one's eyes once and for all, in order not to suffer at the sight of incurable falsity.
- Nietzsche, the Antichrist
They say, 'We do not know how this is, but we know that God can do it.' You poor fools! God can make a cow out of a tree, but has he ever done so? Therefore show some reason why a thing is so, or cease to hold that it is so.
-William of Conches
I do not feel obliged to believe that the same God who has endowed us with sense, reason, and intellect has intended us to forego their use.
[Christianity has made the world] a prey to the wicked, who have found men readier, for the sake of going to paradise, to submit to blows rather than to resent them.
And don't tell me God works in mysterious ways. There's nothing so mysterious about it. He's not working at all. He's playing. Or else He's forgotten all about us. That's the kind of God you people talk about - a country bumpkin, a clumsy, bungling, brainless, conceited, uncouth hayseed. Good God, how much reverence can you have for a Supreme Being who finds it necessary to include such phenomena as phlegm and tooth decay in His divine system of creation? What in the world was running through that warped, evil, scatological mind of His when He robbed old people of the power to control their bowel movements?
-Yossarian, in Catch-22 by Joseph Heller
Life is both entirely and only what you make of it.
-attributed to many, modified by dimmer
South Park 712 - All About Mormons (79.3MB avi) (true story)
- Bad Religion - Let Them Eat War
- Bad Religion - Epiphany
- Bad Religion - Kyoto Now
- Bad Religion - Faith Alone
- Bad Religion - Come Join Us
- Bad Religion - 21st Century Digital Boy
- Bad Religion - All Good Soldiers
- Filter - Dose
- Modest Mouse - Bukowski
- XTC - Dear God
- Sarah McLachlan - Dear God (XTC Cover)
I help run a medium-sized scientific conference annually. We have an internet cafe / registration room where our attendees may pay for the conference or just surf the web. We used to run WinXP with the hive cleanup tool and a lockdown utility probably created by a Microsoft intern. It worked fairly well. Then Windows released SteadyState, which we tried last year. SteadyState worked as advertised on my test machine, but failed spectacularly at the conference on 80% of the kiosk machines - I'm still not sure why. So on the spot we developed a Kubuntu alternative, which turned out to be better.
You probably want to read my new article on this topic. I will leave this article online for legacy reasons.
The following is how to create a relatively secure internet kiosk using Kubuntu. We assume we are able to relatively trust our users with the computers and the network. If you have to deal with malicious users you may want to add more precautions.
Update 2009-09-21: I can confirm this works in KDE3 and KDE4.
The methodology for this should be to perfect the kiosk as much as possible on one machine (or a VM) first, then clone that machine to all your other computers, changing hostnames where appropriate.
Step 1: PartitionsThe crux of this design is ensuring that any changes to the kiosk user home directory are wiped out after the user logs out. For this we union mount a writable tmpfs on top of a read-only template. This is pretty convenient because anytime you want to change the user template, you simply mount the read-only partition as writable, make your changes, and revert the filesystem scheme. Here is my partition scheme:
Figure 1: Kiosk Partitions
/dev/sda1 is mounted at /, and contains only system files.
/dev/sda2 is swap. Along with RAM, this is the user writable space - increase this for more user space.
/dev/sda3 is the read-only user template. This only needs to be large enough to contain your template files.
The hard drive is small because this is a VM, but you can expand your partitions to any size you like. The good thing about internet kiosks is that they typically need hardly any space. A 6GB drive would suffice for many kiosks. You don't need to use jfs, you can use your fs of choice.
Step 2: Boot from new Kiosk, install required packagesTo create a machine which be compatible with media technologies users are familiar with (certain codecs, flash), edit sources.list and make sure universe, multiverse, and restricted sources are being read. Then do a:
sudo apt-get install firefox unionfs-tools timeoutd openssh-server kubuntu-restricted-extras flashplugin-nonfree
Step 3: Create the Kiosk user
sudo useradd kiosk
Set the password to something long and random, eg: Q5w?47yK&=Asa&mB4g&658tE=BZWZ$KUV2_6c+R#_J9kb462m7v7zNKvNWpe5LWj
Keep this password hidden from the users. This way they don't have access to change their password or remotely log in.
Give kiosk user access to the cdrom, audio, and hot pluggable devices (eg thumbdrives):
sudo usermod -G plugdev,cdrom,audio kiosk
Step 4: Setup your filesystem
sudo mkdir /kiosk-ro sudo mkdir /kiosk-rwSetup your fstab, here is mine:
# /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 # /dev/sda1 UUID=d49413fa-a1cb-4677-8ddc-1418a385102d / jfs defaults,errors=remount-ro 0 1 # /dev/sda3 UUID=b50fed0f-15c8-4b02-9faf-21105e2d7acd /kiosk-ro jfs defaults,ro 0 2 # /dev/sda2 UUID=f63af8ab-f085-4a61-b2dc-195366e60e68 none swap sw 0 0 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec 0 0When you are creating your template filesystem, do
sudo mount /dev/sda3 /home/kiosk
Make the changes you want (e.g. log into kde as 'kiosk' and set the firefox homepage, install firefox plugins, make desktop shortcuts, etc). When you are done:
sudo umount /home/kiosk
Step 5: Configure KDE to behave as a kioskMake KDE auto-login as user kiosk - when the machine reboots it will already log in as kiosk. Edit /etc/kde4/kdm/kdmrc (/etc/kde3/kdm/kdmrc for kde3) and modify these values:
AutoLoginEnable=true AutoLoginAgain=true AutoLoginUser=kioskNext, edit /etc/kde4/kdm/Xstartup (/etc/kde3/kdm/Xstartup for kde3) and put these lines near the top:
logger "mounting tmpfs at /kiosk-rw" mount -t tmpfs -o mode=777 tmpfs /kiosk-rw logger "mounting unionfs at /home/kiosk" mount -t unionfs -o dirs=/kiosk-rw=rw:/kiosk-ro=ro unionfs /home/kioskAnd /etc/kde4/kdm/Xreset (/etc/kde3/kdm/Xreset for kde3):
logger "unmounting /home/kiosk" umount -t unionfs -fl /home/kiosk logger "unmounting /kiosk-rw" umount -t tmpfs -fl /kiosk-rw
Step 6:Disable crontab for kiosk usercrontab access will allow a maclious kiosk user to exploit accounts of those who use the machine after her. So disable crontab for the kiosk user:
echo 'kiosk' | sudo tee -a /etc/cron.deny
Step 7: Configure an automatic timeout for user kioskBecause of the limitations of timeoutd (installed in step 1), this is the least ideal portion of the kiosk machine. If anyone has a better suggestion, I'd love to hear it.
Put this line in /etc/timeouts:
This line logs the kiosk user out after being idle for 5 minutes. The problem with this package is that, as far as I can tell, there's no way to give a person the warning they will be logged out if they continue to be idle. You can specify a X minute warning, but after X minutes the user is logged out, even if they are no longer idle. Also, there is no way to customize the warning message.
Step 8: Tie the kiosk machine into your infrastructureInstall your ssh-keys into the admin account on the kiosk machine so you have instant ssh access. You could setup syslog-ng for centralized logging, cfengine/puppet for management, or all the plethora of possibilities which are possible with debian/ubuntu packages.
Step 9: Cloning your kiosk machineThis is a full block-by-block copy so it works best if you have a gigabit switch. All you have to do is boot both your master copy and target from a linux boot CD (ubuntu works fine). Turn on the ssh daemon on the target machine. From the master copy type:
sudo dd if=/dev/sda | ssh -t ip.target.machine sudo dd of=/dev/sdaGo read a few chapters of a book or surf the web, after several hours it will be done. You can open up "top" on the target machine to make sure progress is being made.
Step 10: Further Security Considerations
I'm pretty comfortable with how locked down this system is for largely trustable users - but malicious users will be able to find some ways around the safeguards. Perhaps more importantly, you still need to watch out for users physically installing keyloggers to capture information of later users. Keeping the workstation and its connections inside a locked cage/box is a good way to deter keylogging.
Many thanks go to Chris Adams who gave me the initial idea for this project and implementation advice. If anybody has any further suggestions, recommendations, or questions please leave a comment.