Seting up a Secure and Easy to Use Linux Box for my Mother-In-Law
July 6th, 2006 by 
jay
A few weeks back my Mother-In-Law (MIL) became the owner of an eMachine Desktop (AMD 1Ghz / 512 RAM) with Windows XP Home Edition that was very virus laden, spy-ware riddled, porn infested and unstable system. Of course she wants to use the computer “to find a man” as she put it and wants me to help her. As Ray Romano’s farther put it “What contest in hell did I win?!”
The first thing I noticed was the PC was connected directly to the Cable Modem with out a Switch or Firewall. Once all of the spy-ware infested download managers, PC gadgets and chat programs finished loading I was able to start accessing the system. That when I found that the System was running Norton Anti-Virus 2004 with Auto-Update turned off and the last virus definition date being early 2005. Along with that Windows Auto Update was turned off as well!
One thing I needed to do was to look for some personal files on the system. Once I found them I plugged in my 128MB Flash drive. Nothing happened. I opened file explorer and my usb drive wasn’t listed. I then checked the device manager to see if there was an issue and let me tell you there was a big issue. Lots of them. Almost every device in the machine (sound, printers, video) had an error icon next to it including all 6 USB ports.
After some tweaking I got the USB working and recovered the files but now what? The system was clearly in a state of dis-repair. “F-Disk and Format C:\” seemed like the only answer but then what? Do I re-install Windows XP? My MIL said she hasn’t used a computer in 16 years and that tells me a few things. A) She is technically challenged (but I knew this already) and B) She wouldn’t know the difference between Windows, MAC or Linux even if I explained it to her.
That’s when the idea hit me. Why don’t I set up the computer like they do at the internet cafe’s in Europe, just a web browser and the ability to print using Linux. The advantages are no Viruses (as of yet) and no spy-ware, no IE or Outlook security issues and no way for her to download and execute applications. All she really needs is Firefox and a free Yahoo email account.
I would like to set up the system so that I can configure a specific login to work in a kiosk mode but still allow me to login either directly or remotely to administer the machine in a regular mode. I would like the kiosk mode to keep Firefox open (or reopen if closed), have access to a printer and maybe play CD/DVD’s.
I started researching how to set up an internet kiosk and found that there are a few project addressing this very issue. Two of the solutions are a straight-up Linux LiveCD that only have Firefox running. Unfortunately neither of these LiveCD worked correctly on the target machine. I found another solution in the “Knoppix Hacks Book” that explains how to create a Kiosk LiveCD but again this did not work for me. I think it’s an issue between Knoppix and the hard-ware.
The closest solution I have found is the KDE Kiosk Tool which is a good solution but it still gives the kiosk user too much access to other applications on the system.
It’s been a week and my MIL really wants the computer back so here is what I am going to do.
I am going to set up the box with Xubuntu and then lock down as much as possible. Next I am going to go in and remove as any of the extra apps I don’t think she’ll need. And finally I am going to use parts of the hack I from the “Hacking Knoppix” book that launches Firefox at start-up and will re-launch it if it is closed as well as locking down other parts of Firefox from the user.
- Obtain and Install Xubuntu 6.06
- Update the System
- Configure the Hardware
-Sound
-Video
-Printers - Get Software using the Synaptic Package Manager
-TightVNC Server
-Firewall (Firestarter) (or buy a hard-ware switch/router/firewall)
-VLC - Remove any Extra Apps
-Instant Messenger
-Thunderbird - Add a new kiosk user group (KUG)
- Add MIL to KUG
- Configure TightVNC Server
- Configure Firestarter
- Configure Firefox Hacks/Lockdown and Google Toolbar
- Configure KUG Desktop to as user friendly as possible
March 25th, 2008 at 9:11 pm
I love your site and intend to visit often. Thanks