Split Linux - Just give me the light!

Split Linux is a general operating system optimized for safely navigating hostile environments like the Internet and physical check points.

"musl, privacy, security, encryption, and unbeatable network setup. A++"
-- sysdfree Blog

Split Linux builds on tools that follow the UNIX philosophy and is based on the fast and independent Void Linux.

Read The Split Way to learn about its benefits and philosophy.


Hard disk interaction

Blockdevice Layout

When booting the Split Linux live CD/ISO:

  1. If present, the user is prompted ot unlock a crypto_LUKS-type partition.
  2. If a volume group named "split" is found, it is activated.
  3. If a logical volume named "horde" is found, it is mounted on /var/lib/lxc.
  4. When the user logs in with a name matching one of the available containers, they directly end up in a session within that container.
    • This will typically be an Xorg application like a window manager or desktop environment
  5. The user may launch additional containers in any other TTY and switch between them using Ctrl-Alt-Fx.

Containers can be any Linux distribution of your choice while VM's can be a wide range of operating systems, including Linux.

The decoy OS could be your current operating system resized to make space for the encrypted part, simply something small and innocent-looking or be left out altogether.


Networking in Split Linux Containers

Networking in Split Linux Containers

Split Linux launches a dockerized Tor router at boot. Containers connect through this router to the Internet in one of two fashions:

Isolated

In the recommended isolated configuration a container does not have a default gateway configured. Each application has to be told to use the Tor router as proxy. This way, the connections of various applications cannot be related to one another. Measures are in place to make sure that each application uses a completely separate Tor circuit.

Isolated should be the default as it provides the highest level of anonymity.

Transparent

The transparent setup is not recommended. The Tor router is defined as default gateway in the container and any application can access the Internet without additional configuration. The Tor circuits still differ from those of other containers, avoiding them to be related to each other, but the activity of one application may be correlated to that of another. It is still possible to configure applications to use separate circuits though.

Transparent might be used in the beginning until you know how to connect your applications.

Other modes

The user may opt to circumvent the use of Tor altogether, ditching anonymity for containers where Internet connection speed is more important than stealth. As a middle ground, traffic may still be routed through a VPN.


Download and Install

Download split-live-x86_64-musl-current.iso.

Then verify checksum and flash:

sha256sum split-live-x86_64-musl-current.iso |
  grep 1e4be74189b98570f471de21fc9c46bece6b3ca9dc298fdf502acbde95dcf624 &&
    dd status=progress oflag=direct bs=2M \
       if=split-live-x86_64-musl-current.iso \
       of=/dev/disk/by-id/<DEVICE>

Replace <DEVICE> with the path to your pendrive. For added certainty cross-check the SHA256-sum shown here with the one published on Reddit.


Release history

Expect releases once to twice a year. You'll be working from containers which you can update according to your needs.


Documentation

The Split Handbook (HTML, PDF)


Notes

Debugging: Customization Notes - Live CD

Link collection: Enter Crypto Currencies

Link collection: Live on Crypto

The Beast Desktop Environment - Changelog

The Beast Desktop Environment

The Split Way

What Users Say


Join the community


Logo