Circlean/README.md

CIRCLean
========
![CIRCLean logo](https://www.circl.lu/assets/images/logos/circlean.png)
![Cleaner in action](http://www.circl.lu/assets/images/CIRCLean/CIRCLean.png)

How To
======

[Graphical how-to and pre-built image](http://circl.lu/projects/CIRCLean/).

To prepare the SD card on Windows, you can use [Win32DiskImager](http://sourceforge.net/projects/win32diskimager/).

And the linux way is in the command line, via dd (see in copy_to_final.sh)

If you'd like to contribute to the project or build the image yourself, see
[contributing](CONTRIBUTING.md) and the [setup readme](README_setup.md).

Why/What
========

This project aims to be useful when you get/find a USB key that you can't trust,
and you want to have a look at its contents without taking the risk of plugging it into your
main computer directly.

This is a work in progress - contributions are welcome:

The content of the first key will be copied or/and converted to the second key
following these rules (based on the mime type, as determined by libmagic):
- Direct copy of:
  - Plain text files (mime type: text/*)
  - Audio files (mime type: audio/*)
  - Video files (mime type: video/*)
  - Example files (mime type: example/*)
  - Multipart files (mime type: multipart/*)
  - *xml* files, after being converted to text files
  - Octet-stream files
- Copied after verification:
  - Image files after verifying that they are not compression bombs (mime type: image/*)
  - PDF files, after marking as dangerous if they contain malicious content
  - msword|vnd.openxmlformats-officedocument.*|vnd.ms-*|vnd.oasis.opendocument*, after
    parsing with oletools/olefile and marking as dangerous if the parsing fails.
- Copied but marked as dangerous (DANGEROUS_filename_DANGEROUS)
  - Message files (mime type: message/*)
  - Model files (mime type: model/*)
  - x-dosexec (executable)
- Compressed files (zip|x-rar|x-bzip2|x-lzip|x-lzma|x-lzop|x-xz|x-compress|x-gzip|x-tar|*compressed):
  - Archives are unpacked, with the unpacking process stopped after 2 levels of archives
    to prevent archive bombs.
  - The above rules are applied recursively to the unpacked files.

Usage
=====

0. Power off the device and unplug all connections.
1. Plug the untrusted key in the top USB slot of the Raspberry Pi.
2. Plug your own key in the bottom USB slot (or use any of the other slots if
there are more than 2).

    *Note*: This key should be bigger than the original one because any archives
          present on the source key will be expanded and copied.

3. Optional: connect the HDMI cable to a screen to monitor the process.
4. Connect the power to the micro USB port.

    *Note*: Use a 5V, 700mA+ regulated power supply

5. Wait until you do not see any blinking green light on the board, or if you
   connected the HDMI cable, check the screen. The process is slow and can take
   30-60 minutes depending on how many document conversions take place.
6. Power off the device and disconnect the drives.

Helper scripts
==============

You should use them as examples when you are creating a new image and probably not
run them blindly as you will most probably have to change parameters accordingly to
your configuration.

IN ALL CASES, PLEASE READ THE COMMENTS IN THE SCRIPTS AT LEAST ONCE.

* proper_chroot.sh: uses qemu to chroot into a raspbian instance (.img or SD Card)
* prepare_rPI.sh: update the system, some configuration
* create_user.sh: create the user who will run the scripts, assign the proper sudo rights.
* copy_to_final.sh: populate the content of the directory fs/ in the image,
    contains a sample of dd command to write the image on the SD card.
    NOTE: TAKE CARE NOT TO USE THE WRONG DESTINATION
Update README.md Add image 2013-07-26 16:03:34 +02:00			`CIRCLean`
			`========`
Update README.md Logo added 2015-03-10 15:15:56 +01:00			`![CIRCLean logo](https://www.circl.lu/assets/images/logos/circlean.png)`
Update README.md Fix default image 2014-06-25 08:16:24 +02:00			`![Cleaner in action](http://www.circl.lu/assets/images/CIRCLean/CIRCLean.png)`
Update README.md Add image 2013-07-26 16:03:34 +02:00
Update README.md add link to prebuild image 2013-09-29 14:11:52 +02:00			`How To`
			`======`

Reorganizing structure of project Deleted /fs because it is the old version of the project and no longer used Moved various notes and todos to /doc Moved non-essential shell scripts from / to /shell_utils Deleted /gpio_tests because they aren't used in the project 2016-12-23 23:01:28 +01:00			`[Graphical how-to and pre-built image](http://circl.lu/projects/CIRCLean/).`
Update README.md add link to prebuild image 2013-09-29 14:11:52 +02:00
Reorganizing structure of project Deleted /fs because it is the old version of the project and no longer used Moved various notes and todos to /doc Moved non-essential shell scripts from / to /shell_utils Deleted /gpio_tests because they aren't used in the project 2016-12-23 23:01:28 +01:00			`To prepare the SD card on Windows, you can use [Win32DiskImager](http://sourceforge.net/projects/win32diskimager/).`
Add details on how to flash the SD on Win and linux 2013-11-01 21:53:29 +01:00
			`And the linux way is in the command line, via dd (see in copy_to_final.sh)`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`If you'd like to contribute to the project or build the image yourself, see`
			`[contributing](CONTRIBUTING.md) and the [setup readme](README_setup.md).`

doc update 2013-05-25 00:33:58 +02:00			`Why/What`
			`========`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`This project aims to be useful when you get/find a USB key that you can't trust,`
			`and you want to have a look at its contents without taking the risk of plugging it into your`
			`main computer directly.`

			`This is a work in progress - contributions are welcome:`

			`The content of the first key will be copied or/and converted to the second key`
			`following these rules (based on the mime type, as determined by libmagic):`
			`- Direct copy of:`
			`- Plain text files (mime type: text/*)`
			`- Audio files (mime type: audio/*)`
			`- Video files (mime type: video/*)`
			`- Example files (mime type: example/*)`
			`- Multipart files (mime type: multipart/*)`
			`- xml files, after being converted to text files`
			`- Octet-stream files`
			`- Copied after verification:`
			`- Image files after verifying that they are not compression bombs (mime type: image/*)`
			`- PDF files, after marking as dangerous if they contain malicious content`
			`- msword\|vnd.openxmlformats-officedocument.\|vnd.ms-\|vnd.oasis.opendocument*, after`
			`parsing with oletools/olefile and marking as dangerous if the parsing fails.`
			`- Copied but marked as dangerous (DANGEROUS_filename_DANGEROUS)`
			`- Message files (mime type: message/*)`
			`- Model files (mime type: model/*)`
			`- x-dosexec (executable)`
			`- Compressed files (zip\|x-rar\|x-bzip2\|x-lzip\|x-lzma\|x-lzop\|x-xz\|x-compress\|x-gzip\|x-tar\|*compressed):`
			`- Archives are unpacked, with the unpacking process stopped after 2 levels of archives`
			`to prevent archive bombs.`
			`- The above rules are applied recursively to the unpacked files.`
doc update 2013-05-25 00:33:58 +02:00
			`Usage`
			`=====`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`0. Power off the device and unplug all connections.`
			`1. Plug the untrusted key in the top USB slot of the Raspberry Pi.`
			`2. Plug your own key in the bottom USB slot (or use any of the other slots if`
			`there are more than 2).`
Add details on how to flash the SD on Win and linux 2013-11-01 21:53:29 +01:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`Note: This key should be bigger than the original one because any archives`
			`present on the source key will be expanded and copied.`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`3. Optional: connect the HDMI cable to a screen to monitor the process.`
			`4. Connect the power to the micro USB port.`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`Note: Use a 5V, 700mA+ regulated power supply`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
doc update 2013-05-25 00:33:58 +02:00			`5. Wait until you do not see any blinking green light on the board, or if you`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`connected the HDMI cable, check the screen. The process is slow and can take`
			`30-60 minutes depending on how many document conversions take place.`
			`6. Power off the device and disconnect the drives.`
doc update 2013-05-25 00:33:58 +02:00
			`Helper scripts`
			`==============`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`You should use them as examples when you are creating a new image and probably not`
			`run them blindly as you will most probably have to change parameters accordingly to`
doc update 2013-05-25 00:33:58 +02:00			`your configuration.`

			`IN ALL CASES, PLEASE READ THE COMMENTS IN THE SCRIPTS AT LEAST ONCE.`

			`* proper_chroot.sh: uses qemu to chroot into a raspbian instance (.img or SD Card)`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`* prepare_rPI.sh: update the system, some configuration`
doc update 2013-05-25 00:33:58 +02:00			`* create_user.sh: create the user who will run the scripts, assign the proper sudo rights.`
			`* copy_to_final.sh: populate the content of the directory fs/ in the image,`
			`contains a sample of dd command to write the image on the SD card.`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`NOTE: TAKE CARE NOT TO USE THE WRONG DESTINATION`