What's this CD that was just handed to me?
Finnix 88.0 has been released to coincide with DEFCON 14. Finnix 88.0 includes a bunch of new stuff, such as Linux kernel 2.6.17, faster bootup, more accurate PCI autodetection, improved UML and Xen support, and yes, even a DOS boot profile. I (Ryan Finnie) am on hand to wear the Finnix tshirt, give out the CDs, pimp Finnix, oh, and do the usual DEFCON stuff. (Actually, I'm writing this a week ahead of time, in between CD burnings. Hopefully the new Riviera digs are as good as AP from previous years.)
Finnix is a self-contained, bootable Linux CD distribution ("LiveCD") for system administrators, based on Debian testing. You can mount and manipulate hard drives and partitions, monitor networks, rebuild boot records, install other operating systems, and much more. Finnix includes the latest technology for system administrators, with Linux kernel 2.6, LVM2, encrypted partitions, etc. And above all, Finnix is small; currently the entire distribution is over 300MiB, but is dynamically compressed into a bootable image under 100MiB. Finnix is not intended for the average desktop user, and does not include any desktops, productivity tools, or sound support, in order to keep distribution size low. Finnix is freely distributable under the terms of the GNU General Public License.
There are many other LiveCDs out there. You could use something like Knoppix for system administration tasks, but when you have an emergency and no tools around you, do you want to be downloading 700MB or 100MB? (Plus, Finnix includes many utilities not found on "general-purpose LiveCDs".)
Do you expect me to boot a CD that I found on a table/some stranger handed to me? At DEFCON of all places?
No, Mr. Bond, I expect you to use common sense. The Finnix 88.0 release notes page is a read-only page that includes GPG signatures of the ISOs. Verification is as simple as copying the signature to your computer, and verifying the CD itself:
$ gpg --verify finnix.gpg /dev/hdc gpg: Signature made Mon Jul 17 19:50:57 2006 PDT using DSA key ID 203ECA25 gpg: Good signature from "Ryan Finnie <firstname.lastname@example.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B023 7C63 DF28 70AA C3AB C54A 2996 10A9 203E CA25
Be sure to disable any autorun mechanisms your OS may have first. The Finnix CDs don't include any autorun files, but you don't know that for sure until you insert the disc.
Whether you trust the Finnix project itself is another issue. I'd suggest doing some Googling.
I have a (PPC) Mac, are you giving out Finnix-PPC CDs?
I'm not bringing any pre-printed Finnix-PPC discs with me to the conference, but flag me down and I'll burn you a copy.
Does the Airport Extreme card work?
Yes, 88.0 includes Linux 2.6.17, which includes bcm43xx drivers. I have verified this as working with both G4 PowerBook and a x86 laptop with a Broadcom card. They even work with wpa_supplicant. Of course, you will have to extract your own firmware (using the included bcm43xx-fwcutter utility).
I connected my Windows laptop to the conference wireless network, and got hax0r3d. Will you fix my computer?