CLIP OS

Developer(s)	Agence nationale de la sécurité des systèmes d'information
Stable release	5.0
Written in	C
Operating system	Linux
Type	Security,
License	GNU LGPL v2.1+
Website	clip-os.org

Last updated July 06, 2024

CLIP OS is a Linux-based operating system created by ANSSI, the National Cybersecurity Agency of France.^[1]^[2] The aim is to produce a hardened operating system to secure sensitive information which meets^[3] the needs of the French Administration.^[1]

History

CLIP OS has been in development since before 2008.^[1]^[2] In September 2018, ANSSI released two version of CLIP OS to the public: a stable version 4, and an in-development version 5.^[2]^[1]

System overview

CLIP OS is based on the Hardened Gentoo variant of Gentoo Linux.^[4] The developers have noted that whilst it has similar aims to Qubes OS, the environment isolation mechanism is different.^[3] Further, administrators on a CLIP OS system will not be able to access user data, unlike a Qubes-based system.

Related Research Articles

A Linux distribution is an operating system made from a software collection that includes the Linux kernel and often a package management system. They are often obtained from the website of each distribution, which are available for a wide variety of systems ranging from embedded devices and personal computers to servers and powerful supercomputers.

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).

Gentoo Linux is a Linux distribution built using the Portage package management system. Unlike a binary software distribution, the source code is compiled locally according to the user's preferences and is often optimized for the specific type of computer. Precompiled binaries are available for some packages. Gentoo runs on a wide variety of processor architectures. For the full list see table on the right.

Kylin is an operating system developed by academics at the National University of Defense Technology in the People's Republic of China since 2001. It is named after the mythical beast qilin. The first versions were based on FreeBSD and were intended for use by the Chinese military and other government organizations. With version 3.0, Kylin became Linux-based, and there is a version called NeoKylin which was announced in 2010.

Xen is a free and open-source type-1 hypervisor, providing services that allow multiple computer operating systems to execute on the same computer hardware concurrently. It was originally developed by the University of Cambridge Computer Laboratory and is now being developed by the Linux Foundation with support from Intel, Citrix, Arm Ltd, Huawei, AWS, Alibaba Cloud, AMD, Bitdefender and epam.

This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

Technical variations of Linux distributions include support for different hardware devices and systems or software package configurations. Organizational differences may be motivated by historical reasons. Other criteria include security, including how quickly security upgrades are available; ease of package management; and number of packages available.

<span class="mw-page-title-main">ChromiumOS</span> Free open-source operating system designed by Google

ChromiumOS is a free and open-source Linux distribution designed for running web applications and browsing the World Wide Web. It is the open-source version of ChromeOS, a Linux distribution made by Google.

Alpine Linux is a Linux distribution designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd. This makes Alpine one of few Linux distributions not to be based on the GNU Core Utilities.

Nova is a Cuban state-sponsored Linux distribution launched in February 2009. It was developed in Havana at the University of Information Science (UCI) by students and professors to provide free and open-source software (FOSS) to inexperienced users and Cuban institutions. While the initial version was Gentoo-based, the developers switched to Ubuntu beginning with Version 2.1.

Sailfish OS is a paid Linux-based operating system based on free software, and open source projects such as Mer as well as including a closed source UI. The project is being developed by the Finnish company Jolla.

Qubes OS is a security-focused desktop operating system that aims to provide security through isolation. Isolation is provided through the use of virtualization technology. This allows the segmentation of applications into secure virtual machines called qubes. Virtualization services in Qubes OS are provided by the Xen hypervisor.

Whonix is a Linux distribution, based on Kicksecure OS, claimed to be security hardened by its developers. Its main goals are to provide strong privacy and anonymity on the Internet. The operating system consists of two virtual machines, a workstation and a Tor gateway running Debian. All communications are forced through Tor.

Besides the Linux distributions designed for general-purpose use on desktops and servers, distributions may be specialized for different purposes including computer architecture support, embedded systems, stability, security, localization to a specific region or language, targeting of specific user groups, support for real-time applications, or commitment to a given desktop environment. Furthermore, some distributions deliberately include only free software. As of 2015, over four hundred Linux distributions are actively developed, with about a dozen distributions being most popular for general-purpose use.

LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0. The OpenBSD project forked LibreSSL from OpenSSL 1.0.1g in April 2014 as a response to the Heartbleed security vulnerability, with the goals of modernizing the codebase, improving security, and applying development best practices.

CopperheadOS is a mobile operating system for smartphones, based on the Android mobile platform. It adds privacy and security features to the official releases of the Android Open Source Project by Google. CopperheadOS is developed by Copperhead, a Canadian information security company. It is licensed under Creative Commons BY-NC-SA 4.0, although its source code is not available for public download.

Container Linux is a discontinued open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure for clustered deployments. One of its focuses was scalability. As an operating system, Container Linux provided only the minimal functionality required for deploying applications inside software containers, together with built-in mechanisms for service discovery and configuration sharing.

References

1 2 3 4 5 "CLIP OS – Open Source secured operating system (Press release)". ANSSI (in French). ANSSI. 19 September 2018. Retrieved 21 September 2018.
1 2 3 4 Cimpanu, Catalin (20 September 2018). "French cyber-security agency open-sources CLIP OS, a security hardened OS". ZDNet. ZDNet. Retrieved 21 September 2018.
1 2 CLIP OS development team. "The CLIP OS Project". CLIP OS. Retrieved 21 September 2018.
↑ "Architecture — CLIP OS 5.0.0_alpha1 documentation". docs.clip-os.org. Retrieved 21 September 2018.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[2018-09-19-ANSSI-clip-pr-1] 1 2 3 4 5 "CLIP OS – Open Source secured operating system (Press release)". ANSSI (in French). ANSSI. 19 September 2018. Retrieved 21 September 2018.

[2018-09-20-zdnet-2] 1 2 3 4 Cimpanu, Catalin (20 September 2018). "French cyber-security agency open-sources CLIP OS, a security hardened OS". ZDNet. ZDNet. Retrieved 21 September 2018.

[2018-09-clip-os-faq-3] 1 2 CLIP OS development team. "The CLIP OS Project". CLIP OS. Retrieved 21 September 2018.

[2018-09-21-clip-architecture-4] "Architecture — CLIP OS 5.0.0_alpha1 documentation". docs.clip-os.org. Retrieved 21 September 2018.

[1]

[2]

[3]

[4]

v t e Linux
Linux kernel	History Linus's law Linux-libre Booting process Kernel oops Tux more…
Controversies	Criticism of Linux Criticism of desktop Linux GNU/Linux naming controversy Tanenbaum–Torvalds debate SCO and Linux
Distributions	General comparison Distributions list Netbook-specific comparison Distributions that run from RAM Lightweight Security-focused operating system Package manager Package format List of software package managers
Organizations	LinuxChix Linux Counter Linux Documentation Project Linux Foundation Linux Mark Institute Linux User Group (LUG)
Adoption	Adopters Desktop Embedded Gaming Mobile Range of use Linux malware
Media	DistroWatch Free Software Magazine Full Circle Linux.com Linux Format Linux Gazette Linux Journal Linux Magazine LinuxUser Ubuntu User Linux Outlaws Linux Voice LugRadio LWN.net Phoronix Revolution OS The Code
Professional related certifications	CompTIA Linux+ Linux Foundation Red Hat Ubuntu
Linuxportal Free and open-source softwareportal Category

CLIP OS

Contents

History

System overview

See also

Related Research Articles

References