Circlean/README.md

CIRCLean
========

[![Chatroom](https://badges.gitter.im/CIRCLean/Lobby.svg)](https://gitter.im/CIRCLean/Lobby)

![CIRCLean logo](https://www.circl.lu/assets/images/logos/circlean.png)
![Cleaner in action](http://www.circl.lu/assets/images/CIRCLean/CIRCLean.png)

How To Install
==============

[Graphical how-to and pre-built image download](http://circl.lu/projects/CIRCLean/).

To prepare the SD card on Windows, you can use [Win32DiskImager](http://sourceforge.net/projects/win32diskimager/). On linux/macOS, use dd (see the how-to link for
instructions).

The current prebuilt image is based on the 1-11-17 release of Raspbian Jessie Lite.
The smallest SD card that Circlean can fit on is currently 4GB.

If you'd like to contribute to the project or build the image yourself, see
[contributing.md](CONTRIBUTING.md) and the [setup instructions](doc/setup_with_proot.md).
This is a work in progress - contributions are welcome.

FAQ
===

**Question**: I can't login, what is the password?

**Answer**: For security reasons, it is **not possible** to login on the default image runinng CIRCLean/KittenGroomer (an attacker could exploit that functionality).

The only thing the default image does is booting, processing the content of the source key, copying over the files to the destination key, and finally shutting down.


Why/What
========

This project aims to be useful when you get/find a USB key that you can't trust,
and you want to look at its contents without taking the risk of plugging it into
your computer directly. The official project page can be found at [https://www.circl.lu/projects/CIRCLean/]

The Raspberry Pi Foundation has a [blog post](https://www.raspberrypi.org/blog/kittengroomercirclean-data-security-for-journalists-and-activists/) with more information
about an older version of the project and details of the inspiration behind it.

CIRCLean is currently tested to work with USB keys that have FAT32, NTFS, exFAT or
ext2/3/4 filesystems (ext\* filesystems can only be used as source keys, not destination
keys).
The vast majority of USB keys will be FAT32, NTFS, and exFAT.

The content of the untrusted key will be copied or/and converted to the second
(blank) key following these rules (based on the mime type as determined by libmagic):
- Direct copy of:
  - Plain text files (mime type: text/\*)
  - Audio files (mime type: audio/\*)
  - Video files (mime type: video/\*)
  - Example files (mime type: example/\*)
  - Multipart files (mime type: multipart/\*)
  - xml files, after being converted to text files
  - Octet-stream files
- Copied after verification:
  - Image files after verifying that they are not compression bombs (mime type: image/\*)
  - PDF files, after marking as dangerous if they contain malicious content
  - msword|vnd.openxmlformats-officedocument.\*|vnd.ms-\*|vnd.oasis.opendocument\*, after
    parsing with oletools/olefile and marking as dangerous if the parsing fails.
- Copied but marked as dangerous (DANGEROUS\_filename\_DANGEROUS)
  - Message files (mime type: message/\*)
  - Model files (mime type: model/\*)
  - x-dosexec (executable)
- Compressed files (zip|x-rar|x-bzip2|x-lzip|x-lzma|x-lzop|x-xz|x-compress|x-gzip|x-tar|\*compressed):
  - Archives are unpacked, with the unpacking process stopped after 2 levels of archives
    to prevent archive bombs.
  - The above rules are applied recursively to the unpacked files.

Usage
=====

0. Power off the device and unplug all connections.
1. Plug the untrusted key in the top left USB slot of the Raspberry Pi.
2. Plug your own key in the bottom USB slot (or use any of the other slots if
there are more than 2).

    *Note*: This key should be bigger than the original one because any archives
          present on the source key will be expanded and copied.

3. Optional: connect the HDMI cable to a screen to monitor the process.
4. Connect the power to the micro USB port.

    *Note*: Use a 5V, 700mA+ regulated power supply

5. Wait until you do not see any blinking green light on the board, or if you
   connected the HDMI cable, check the screen. The process is slow and can take
   30-60 minutes depending on how many document conversions take place.
6. Power off the device and disconnect the drives.
Update README.md Add image 2013-07-26 16:03:34 +02:00			`CIRCLean`
			`========`
Update README.md 2017-02-13 15:04:57 +01:00
Update README.md 2017-02-13 15:05:20 +01:00			`[![Chatroom](https://badges.gitter.im/CIRCLean/Lobby.svg)](https://gitter.im/CIRCLean/Lobby)`
Update README.md 2017-02-13 15:04:57 +01:00
Update README.md Logo added 2015-03-10 15:15:56 +01:00			`![CIRCLean logo](https://www.circl.lu/assets/images/logos/circlean.png)`
Update README.md Fix default image 2014-06-25 08:16:24 +02:00			`![Cleaner in action](http://www.circl.lu/assets/images/CIRCLean/CIRCLean.png)`
Update README.md Add image 2013-07-26 16:03:34 +02:00
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`How To Install`
			`==============`
Update README.md add link to prebuild image 2013-09-29 14:11:52 +02:00
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`[Graphical how-to and pre-built image download](http://circl.lu/projects/CIRCLean/).`
Update README.md add link to prebuild image 2013-09-29 14:11:52 +02:00
Small doc bug fixes 2017-02-08 03:18:40 +01:00			`To prepare the SD card on Windows, you can use [Win32DiskImager](http://sourceforge.net/projects/win32diskimager/). On linux/macOS, use dd (see the how-to link for`
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`instructions).`
Add details on how to flash the SD on Win and linux 2013-11-01 21:53:29 +01:00
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`The current prebuilt image is based on the 1-11-17 release of Raspbian Jessie Lite.`
			`The smallest SD card that Circlean can fit on is currently 4GB.`
Add details on how to flash the SD on Win and linux 2013-11-01 21:53:29 +01:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`If you'd like to contribute to the project or build the image yourself, see`
Small doc bug fixes 2017-02-08 03:18:40 +01:00			`[contributing.md](CONTRIBUTING.md) and the [setup instructions](doc/setup_with_proot.md).`
Readme update with filesystem info 2017-01-25 07:48:21 +01:00			`This is a work in progress - contributions are welcome.`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00
Add FAQ 2018-01-30 20:45:18 +01:00			`FAQ`
			`===`

chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`Question: I can't login, what is the password?`
Add FAQ 2018-01-30 20:45:18 +01:00
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`Answer: For security reasons, it is not possible to login on the default image runinng CIRCLean/KittenGroomer (an attacker could exploit that functionality).`
Add FAQ 2018-01-30 20:45:18 +01:00
			`The only thing the default image does is booting, processing the content of the source key, copying over the files to the destination key, and finally shutting down.`



doc update 2013-05-25 00:33:58 +02:00			`Why/What`
			`========`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`This project aims to be useful when you get/find a USB key that you can't trust,`
Readme update with filesystem info 2017-01-25 07:48:21 +01:00			`and you want to look at its contents without taking the risk of plugging it into`
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`your computer directly. The official project page can be found at [https://www.circl.lu/projects/CIRCLean/]`

Small doc bug fixes 2017-02-08 03:18:40 +01:00			`The Raspberry Pi Foundation has a [blog post](https://www.raspberrypi.org/blog/kittengroomercirclean-data-security-for-journalists-and-activists/) with more information`
Update readme, changelog, and contributing 2017-02-08 02:33:22 +01:00			`about an older version of the project and details of the inspiration behind it.`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`CIRCLean is currently tested to work with USB keys that have FAT32, NTFS, exFAT or`
			`ext2/3/4 filesystems (ext\* filesystems can only be used as source keys, not destination`
			`keys).`
			`The vast majority of USB keys will be FAT32, NTFS, and exFAT.`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00
Readme update with filesystem info 2017-01-25 07:48:21 +01:00			`The content of the untrusted key will be copied or/and converted to the second`
Small doc bug fixes 2017-02-08 03:18:40 +01:00			`(blank) key following these rules (based on the mime type as determined by libmagic):`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`- Direct copy of:`
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`- Plain text files (mime type: text/\*)`
			`- Audio files (mime type: audio/\*)`
			`- Video files (mime type: video/\*)`
			`- Example files (mime type: example/\*)`
			`- Multipart files (mime type: multipart/\*)`
Small doc bug fixes 2017-02-08 03:18:40 +01:00			`- xml files, after being converted to text files`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`- Octet-stream files`
			`- Copied after verification:`
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`- Image files after verifying that they are not compression bombs (mime type: image/\*)`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`- PDF files, after marking as dangerous if they contain malicious content`
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`- msword\|vnd.openxmlformats-officedocument.\\|vnd.ms-\\|vnd.oasis.opendocument\*, after`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`parsing with oletools/olefile and marking as dangerous if the parsing fails.`
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`- Copied but marked as dangerous (DANGEROUS\_filename\_DANGEROUS)`
			`- Message files (mime type: message/\*)`
			`- Model files (mime type: model/\*)`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`- x-dosexec (executable)`
chg: Use udisksctl to mount source keys, support more FS types 2020-01-15 18:01:38 +01:00			`- Compressed files (zip\|x-rar\|x-bzip2\|x-lzip\|x-lzma\|x-lzop\|x-xz\|x-compress\|x-gzip\|x-tar\|\*compressed):`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`- Archives are unpacked, with the unpacking process stopped after 2 levels of archives`
			`to prevent archive bombs.`
			`- The above rules are applied recursively to the unpacked files.`
doc update 2013-05-25 00:33:58 +02:00
			`Usage`
			`=====`

Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`0. Power off the device and unplug all connections.`
Small doc bug fixes 2017-02-08 03:18:40 +01:00			`1. Plug the untrusted key in the top left USB slot of the Raspberry Pi.`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`2. Plug your own key in the bottom USB slot (or use any of the other slots if`
			`there are more than 2).`
Add details on how to flash the SD on Win and linux 2013-11-01 21:53:29 +01:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`Note: This key should be bigger than the original one because any archives`
			`present on the source key will be expanded and copied.`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`3. Optional: connect the HDMI cable to a screen to monitor the process.`
			`4. Connect the power to the micro USB port.`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`Note: Use a 5V, 700mA+ regulated power supply`
Update README.md add details on the power supply 2013-06-06 11:30:10 +02:00
doc update 2013-05-25 00:33:58 +02:00			`5. Wait until you do not see any blinking green light on the board, or if you`
Improvements to README.md, wrote CONTRIBUTING.md Also deleted several scripts from /shell_utils that were no longer relevant and renamed README_filecheck.md to README_setup.md 2016-12-29 03:44:33 +01:00			`connected the HDMI cable, check the screen. The process is slow and can take`
			`30-60 minutes depending on how many document conversions take place.`
			`6. Power off the device and disconnect the drives.`