heads 0.4 released: the libre privacy distro
heads is a libre GNU/Linux distribution intended to be used as a liveCD. It respects your freedom by offering only free (libre) software.
heads uses Tor to help you be anonymous when using the Internet. In heads, all your Internet traffic is sent over Tor by default. Of course, there is an option to turn it off if you prefer. heads does not impose or force any choices to the user. It simply offers sane defaults, and it is up to the user to choose or change those defaults in the way the user prefers it…
heads’ security
heads uses a deblobbed and hardened Linux kernel. It does so by using a Linux kernel patched with grsecurity. Since grsecurity isn’t redistributing their patch gratis anymore, heads uses forward ports of the last publicly available patch. Deblobbing of the kernel is done using scripts from linux-libre.
heads’ interface
By default heads offers Openbox as its graphical window manager. It is supposed to provide a familiar desktop interface that should be pretty user-friendly.
heads also offers AwesomeWM as its graphical window manager. It’s relatively lightweight and quite usable. It might not be a perfect choice for the GNU/Linux layman, but for more experienced GNU/Linux users, or for users that prefer window managers over full-blown desktop environments, AwesomeWM might be a more preferable choice. Though, it’s not that difficult to use. Right-click on the desktop -> Awesome -> Keybindings and you’re good to go. AwesomeWM being a window manager, is keyboard-oriented, but still stays mouse friendly.
heads 0.4 released.
ChangeLog
Fix privesc bug with heads-update. The updates are now gpg verified and incoming is written in a root-only writable path. Remove the need of live-boot/live-config and build our own minimal initramfs instead. This also removes the “toram” feature. Instead, a kernel param that we call “nopermakey” is introduced to disable automatic compilation of permakey on boot. Cleaned up rootfs-overlay of obsolete files. Revise the package list and rebase on Devuan Beowulf. Update kernel to 4.9.74, Tor Browser to 7.5.2, musl to 1.1.19. Revise the kernel configuration and remove quite a few specific drivers, for example, external soundcards. Enable cgroups in kernel. Implement general improvements to the build system, along with bumping live-sdk to latest upstream. Switch init to OpenRC. Implement a welcome dialog upon startx. Delete torbirdy from git and use the package provided in the apt repositories. Bring back Pulseaudio. Also, ship with elogind and udisks2/udiskie. Include additional software. Xorg now autostarts unless “nox” is specified on the kernel cmdline. Replace the default GTK theme with Breeze. Enable AppArmor in-kernel. Do not install musl-libc anymore, as the rewritten sup can now be statically linked with glibc as well.
