This is an interview formulated by the Hakin9.live team. They create the live distribution to complement the bimonthly Hakin9 magazine. You can check out the magazine at http://en.hakin9.org/
Thanks,
Ewa and the Hakin9 team for the extensive interview.
1. Who should use your distribution?
hakin9.live team: Let me say something about it. The cover CD shipped with the hakin9 magazine includes h9l, tutorials for articles and lots of documents. Also h9l is an integral part of the hakin9 magazine. Definitively, we do not want to make h9.live CD for the script-kiddies and assume that our readers are IT security specialists or simply honest persons who require easy to deploy live environment for trying out techniques described in magazine.
2. What is one thing you would like your distribution to have or do that no
other distribution does?
h9l team: First of all, we' d like to say that h9l doesn't aim to be concerned as a separate mainstream distribution; we have neither own software management system, nor some specific architecture-related issues. The h9l was always based on a well-known distribution (formerly Gentoo, now Aurox Linux), was to be both easy to maintain and easy to use for our readers. We'd like it to be a training center and a main source for the IT security-related knowledge, thus forcing users to learn yet another distro-specific behaviors, in our opinion, is useless. Of course, we make it unique by choosing specific sort of applications, adding many tutorials and technical documentation. And in this meaning, the content is the most important, not a base on which it was built.
3. Why did you decide to make your own live security distribution?
h9l team: We noticed that both the market and the community lack comprehensive, in-depth works on this topic. Decision was pretty simple: "Let's do it and let's do it good – we cannot fail".
From scratch, "hakin9 Hard Core IT Security Magazine" – aims to be a perfect source of strictly technical, IT security-related quality information. So that we decided to give our readers a base to train the techniques presented in the h9 magazine. hakin9.live is something more than distribution, in some way, it is the magazine extension. That's the main idea. We used to say that we give our readers home training centre.
At the beginning, h9l CD was to contain only tutorials and tools needed for practice but many readers want more so that we give them what they desired – hakin9.live full of security tools.
4. How many man hours go into each release?
h9l team: It's hard to say ... the production cycle of h9l begins almost 2 months
before the magazine is published.
The first step is to take the content of current h9 magazine and see what must be included for tutorials (previous and new) to work flawlessly. Then, we look at current articles and see what apps should be added in order to distribute reliable and polished h9l. We also redesign look & feel to be more haxxor ;) and seriously, we look at GUI (formerly fluxbox, XFCE, now KDE) and consider changes that would make it even more comfortable in use. After completing the TODO list including all needed changes, it's high time to prepare the first alpha of the new h9l.
Finally, after several alphas, betas, RC-s and tests, we add finishing touches like the new wallpaper, the new htm list of things which can be found on our CD, add applications that would be labeled as HIT. Then, the CD is send to the press and comes back being attached to the new issue of magazine. As you can see, there's not that much system-related work, we prefer to make a one basis for some time (as was Gentoo, and now is Aurox) and then remaster it and work on content, not on system.
5. What is your favorite *nix distribution and why?
h9l team: It is probably the most difficult question to answer, when we talk about such a team of individuals as the hakin9 team:-).
Probably, most readers suspect that we're the OpenBSD freaks, but that's not completely true. We see the OpenBSD value for production system, but frankly speaking, it's not a standard support in everyday editorial works. We need a popular, working environment to be able to focus on the magazine production, not on a hacking system. That's why, we have chosen Linux mostly. Of course, everyone has its favorites. Some of us likes using Gentoo because of its potential, supreme possibilities of adjusting almost every aspect to needs and wonderful tool as emerge. We have also strong Aurox Linux faction as we closely cooperate with Aurox Core Team (people that develop Aurox Linux). And there is also SUSE maniac around here who worships YAST ... You can also find here FreeBSD, various Windows, Solaris and sometimes more exotic UNIX-es – mainly for testing.
We think that never ending wars between distributions are useless. The simplicity is the most important thing (and that's person-specific issue) as well as functionalities. You use what you like and what makes you feel comfortable. You need to keep in mind that other ppl can have the different point of view.
6. How do you see live security distributions evolving over the next few years? What is the biggest upgrade/addition that is planned for your distribution?
h9l team: I think that live security distributions will be developed permanently because of increasing number of their users. The IT security issue is more and more on top. The new users, mainly people who have never used computers and networks before, now, they want to learn, want to know how to do that. It is a kind of fashion now "to know how to be secure". There are more and more programmers and IT security specialists want to answer for a basic need which is "being secure". Their population is constantly growing. I think that such distribution is the best way to have the best tool to learn, check, defence against "insecurity". And if you ask about technical matters, we see 2 directions: automatization and specialization. Live security distros (just as every
other distro) will probably want to be as good at hardware recognition and configuration as possible. They can focus on more interesting issues rather than trying to figure out how to run this live on new laptop with exotic scsi/sata drives and hardly known PCMCIA controller (yes, we had problem with it some time ago). On the other hand, distros now tend to be more and more specialized. One is for WIFI analyzing/hacking, another one can be easy and fast to deploy a full featured firewall/router. There are distros intended for after-attack analysis, others can help with restoring destroyed data.
As for changes in h9.live – the most important thing is to work flawless and contain useful apps and documents. We have just (in cooperation with ACT) prepared new version of our CD and hope, that you'll like it. We don't think that suite like h9l needs fancy GUI effects like XGL, or colorful bootsplash. It has to be well prepared and tested, it should contain useful tools and materials, and it has to be as easy to use as possible.