[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r13376: Removed some redundant locales. (in incognito/trunk: . root_overlay/etc root_overlay/usr/share/incognito)
Author: anonym
Date: 2008-02-05 11:21:34 -0500 (Tue, 05 Feb 2008)
New Revision: 13376
Modified:
incognito/trunk/hacking.html
incognito/trunk/root_overlay/etc/locale.gen
incognito/trunk/root_overlay/usr/share/incognito/readme.html
Log:
Removed some redundant locales.
Modified: incognito/trunk/hacking.html
===================================================================
--- incognito/trunk/hacking.html 2008-02-05 04:49:43 UTC (rev 13375)
+++ incognito/trunk/hacking.html 2008-02-05 16:21:34 UTC (rev 13376)
@@ -7,10 +7,10 @@
<body>
<p>
-Help is always appreciated. Most help will probably be in the way of patches sent to anonym at lavabit dot com. Please do send patches, not entire files. That way I can see your changes and if the file(s) are you changing have changed since you updated, there is a better chance the change can be applied. Checkout <a href="https://tor-svn.freehaven.net/svn/incognito/trunk">https://tor-svn.freehaven.net/svn/incognito/trunk</a>, make your changes, and run "svn diff > whatever.patch" to create the patch. If you are very active and seem to know what you are doing you may get an SVN account.
+Help is always appreciated. Most help will probably be in the way of patches sent to anonym (at) lavabit (dot) com. Please do send patches, not entire files. Patches present your changes better and if the file(s) are you changing have changed since you updated, there is a better chance the changes can be applied. Checkout <a href="https://tor-svn.freehaven.net/svn/incognito/trunk">https://tor-svn.freehaven.net/svn/incognito/trunk</a>, make your changes, and run "svn diff > whatever.patch" to create the patch. If you are very active and seem to know what you are doing you'll probably get an SVN account if you want to.
</p>
-<h1>Pre-reqs</h1>
+<h2>Pre-reqs</h2>
<p>You must know something about the following technologies:</p>
<ul>
@@ -23,8 +23,11 @@
Before submitting patches make sure you can build and test the CD. See building.html for build instructions. You can use an emulator/virtualizer such as QEMU or Virtual PC to test it.
</p>
-<h1>Updating Packages</h1>
+<h2>TODO list</h2>
+If you want to help out, check if there's anything interesting in the <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/TODO">TODO list</a> to design or implement. It might be a good idea to send the developers an email first, checking if there already has been some unannounced progress made etc.
+<h2>Updating Packages</h2>
+
<p>Updating packages happens in portage.overlay. The following steps with bump the version number. Anything more indepth you'll need to learn how ebuilds work.</p>
<ol>
<li>cd to portage.overlay/category/package</li>
@@ -37,7 +40,7 @@
<strong>NOTICE</strong>: No alpha or beta packages unless absolutely necessary! First, people are recording this to a CD or USB, they cannot easily update to the next alpha if something goes wrong. Second, people are counting on anonymity, the packages should be well tested.
</p>
-<h1>Important Files</h1>
+<h2>Important Files</h2>
<dl>
@@ -68,7 +71,7 @@
</dl>
-<h1>Gentoo Linux chroot environment</h1>
+<h2>Gentoo Linux chroot environment</h2>
<p>If you run another Linux distribution than Gentoo Linux (or if you run Gentoo Linux on another arch than x86) but want to build Incognito with catalyst, simply fetch a x86 stage-3 tarball from (preferably) <a href="http://files1.cjb.net/incognito/">the official Incognito download site</a> or a <a href="http://www.gentoo.org/main/en/mirrors.xml">Gentoo Mirror</a> (preferably the latest release), extract and chroot into it. When inside the chroot, sync portage, update and install relevant applications:</p>
<p><code># get a stage3 tarball<br>
wget http://files1.cjb.net/incognito/stage3-i686-*.tar.bz2
@@ -85,12 +88,11 @@
emerge -auvDN world<br>
emerge -av catalyst # some more might be needed</code></p>
<p>Then use this chroot enivonment as you would use a regular Gentoo Linux installation for building Incognito.</p>
-<p>When using menuconfig for kernel configurations on a different arch than x86, use <code>linux32 make menuconfig</code> (linux32 can be found in the sys-apps/setarch package) to make sure to get a sane kernel config.
+<p>When using menuconfig for kernel configurations on a different arch than x86, use <code>linux32 make menuconfig</code> (linux32 can be found in the sys-apps/util-linux portage package) to make sure to get a sane kernel config.
-<h1>Misc</h1>
+<h2>Misc</h2>
<p>The arch/*.pyo files are generated by catalyst, I don't know why. Ignore them.</p>
</body>
</html>
-
Modified: incognito/trunk/root_overlay/etc/locale.gen
===================================================================
--- incognito/trunk/root_overlay/etc/locale.gen 2008-02-05 04:49:43 UTC (rev 13375)
+++ incognito/trunk/root_overlay/etc/locale.gen 2008-02-05 16:21:34 UTC (rev 13376)
@@ -15,11 +15,11 @@
# rebuilt for you. After updating this file, you can simply run `locale-gen`
# yourself instead of re-emerging glibc.
-en_AU.UTF-8 UTF-8
-en_AU ISO-8859-1
+#en_AU.UTF-8 UTF-8
+#en_AU ISO-8859-1
-en_CA.UTF-8 UTF-8
-en_CA ISO-8859-1
+#en_CA.UTF-8 UTF-8
+#en_CA ISO-8859-1
en_GB.UTF-8 UTF-8
en_GB ISO-8859-1
@@ -27,14 +27,14 @@
en_US.UTF-8 UTF-8
en_US ISO-8859-1
-en_HK.UTF-8 UTF-8
-en_HK ISO-8859-1
+#en_HK.UTF-8 UTF-8
+#en_HK ISO-8859-1
-en_PH.UTF-8 UTF-8
-en_PH ISO-8859-1
+#en_PH.UTF-8 UTF-8
+#en_PH ISO-8859-1
-en_SG.UTF-8 UTF-8
-en_SG ISO-8859-1
+#en_SG.UTF-8 UTF-8
+#en_SG ISO-8859-1
ja_JP.EUC-JP EUC-JP
ja_JP.UTF-8 UTF-8
@@ -47,13 +47,13 @@
es_ES ISO-8859-1
es_ES@euro ISO-8859-15
-es_MX.UTF-8 UTF-8
-es_MX ISO-8859-1
+#es_MX.UTF-8 UTF-8
+#es_MX ISO-8859-1
fa_IR UTF-8
-fr_CA.UTF-8 UTF-8
-fr_CA ISO-8859-1
+#fr_CA.UTF-8 UTF-8
+#fr_CA ISO-8859-1
fr_FR.UTF-8 UTF-8
fr_FR ISO-8859-1
@@ -72,13 +72,13 @@
zh_CN.UTF-8 UTF-8
zh_CN GB2312
-zh_HK.UTF-8 UTF-8
-zh_HK BIG5-HKSCS
+#zh_HK.UTF-8 UTF-8
+#zh_HK BIG5-HKSCS
-zh_SG.UTF-8 UTF-8
-zh_SG.GBK GBK
-zh_SG GB2312
+#zh_SG.UTF-8 UTF-8
+#zh_SG.GBK GBK
+#zh_SG GB2312
-zh_TW.EUC-TW EUC-TW
-zh_TW.UTF-8 UTF-8
-zh_TW BIG5
+#zh_TW.EUC-TW EUC-TW
+#zh_TW.UTF-8 UTF-8
+#zh_TW BIG5
Modified: incognito/trunk/root_overlay/usr/share/incognito/readme.html
===================================================================
--- incognito/trunk/root_overlay/usr/share/incognito/readme.html 2008-02-05 04:49:43 UTC (rev 13375)
+++ incognito/trunk/root_overlay/usr/share/incognito/readme.html 2008-02-05 16:21:34 UTC (rev 13376)
@@ -5,7 +5,7 @@
<body>
-<h1>Contents</h1>
+<h2>Contents</h2>
<ul>
<li><a href="#intent">Intent</a></li>
<li><a href="#download">Download</a></li>
@@ -23,7 +23,7 @@
</p>
<a name="intent">
-<h1>Intent / Goals</h1>
+<h2>Intent / Goals</h2>
<blockquote>What are we trying to do?</blockquote>
<p>
@@ -81,14 +81,14 @@
<a name="download">
-<h1>Download</h1>
+<h2>Download</h2>
<p>
See the <a href="http://www.browseanonymouslyanywhere.com/incognito/index.php?option=com_content&task=view&id=26&Itemid=39">download section</a> on <a href="http://www.browseanonymouslyanywhere.com/incognito">__INCOGNITO__'s main site</a> for download information. Various development files (portage snapshot and stage3 tarball) as well as the current version of __INCOGNITO__ can be found at <a href="http://files1.cjb.net/incognito/">http://files1.cjb.net/incognito/</a>.
</p>
<p>
-The latest version of this document for the current relesase can be found <a href="http://www.anonymityanywhere.com/incognito/index.php?option=com_content&task=view&id=26&Itemid=39">here</a>. The development version of this document can be found at Incognito's subversion repository (specifically <a href="here">https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/usr/share/incognito/readme.html</a>), although it should be noted that some information which is added dynamically at build will not be present (has mostly to do with information about which software packages that are installed).
+The latest version of this document for the current relesase can be found <a href="http://www.anonymityanywhere.com/incognito/index.php?option=com_content&task=view&id=26&Itemid=39">here</a>. The development version of this document can be found at Incognito's subversion repository <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/usr/share/incognito/readme.html">here</a>, although it should be noted that some information which is added dynamically at build will not be present (has mostly to do with information about which software packages that are installed).
</p>
<p>
@@ -96,28 +96,28 @@
</p>
<a name="contact">
-<h1>Contact</h1>
+<h2>Contact</h2>
<p>
-As of november 2007, the maintainace of this distribution has passed from the founder, Pat Double, to anonym, who can be contacted through anonym (at) lavabit (dot) com. Please do not contact Pat for anything relating to the current development of __INCOGNITO__. Feature requests and (especially) bug reports are welcome and should be sent to anonym, but please include "__INCOGNITO__" in the subject line to easy mail sorting. Also, please be considerate of any major technology choices, such as <a href="http://www.gentoo.org/proj/en/releng/catalyst">Catalyst</a> and <a href="http://www.gentoo.org">Gentoo Linux</a>, <a href="http://www.kde.org">KDE</a>, etc. These have been chosen because of the developers' familiarity with them and will likely not change ever. If someone would like to maintain a parallell version with, say, Gnome instead of KDE or similar that would probably work just fine. However, since the whole development process is centered around Gentoo Linux' Catalyst, neither of them are negotiable.
+As of november 2007, the maintainace of this distribution has passed from the founder, Pat Double, to anonym, who can be contacted through anonym (at) lavabit (dot) com. Please do not contact Pat for anything relating to the current development of __INCOGNITO__. Feature requests and (especially) bug reports are welcome and should be sent to anonym, and please include "__INCOGNITO__" in the subject line to ease mail sorting. Also, please be considerate of any major technology choices, such as <a href="http://www.gentoo.org/proj/en/releng/catalyst">Catalyst</a> and <a href="http://www.gentoo.org">Gentoo Linux</a>, <a href="http://www.kde.org">KDE</a>, etc. These have been chosen because of the developers' familiarity with them and will likely not change ever. If someone would like to maintain a parallell version with, say, Gnome instead of KDE or similar that would probably work just fine. However, since the whole development process is centered around Gentoo Linux' Catalyst, neither of them are negotiable.
</p>
<a name="approach">
-<h1>Approach</h1>
+<h2>Approach</h2>
<blockquote>What is needed to reach our goals?</blockquote>
<p>
</p>
<a name="impl">
-<h1>Implementation</h1>
+<h2>Implementation</h2>
<blockquote>How did we implement our approach in order to reach our goals.</blockquote>
<p>
There are full and tiny versions of the CD. The tiny version is intended to fit on small media (such as a 'business card' CD) and basically provides an anonymous web browser. The full version supports a variety of Internet applications.
</p>
-<h2>Software</h2>
+<h3>Software</h3>
<p>
The following software is present on both the full and tiny versions. The version of the packages used is included on the CD at /usr/share/packages.txt.
@@ -266,7 +266,7 @@
</dl>
</p>
-<h2>Internationalization</h2>
+<h3>Internationalization</h3>
<p>
The full version has the following locales. The tiny CD is English only, sorry but I could not fit the CD under 50MB without removing natural language support. If you'd like to see another locale for the full CD please let me know.
@@ -274,31 +274,22 @@
<ul>
<li>de_DE (German)</li>
-<li>en_AU (Australian English)</li>
-<li>en_CA (Canadian English)</li>
<li>en_GB (British English)</li>
-<li>en_HK (Hong Kong English)</li>
-<li>en_PH (Philippine English)</li>
-<li>en_SG (Singapore English)</li>
<li>en_US (American English)</li>
<li>es_ES (Spanish)</li>
-<li>es_MX (Mexican Spanish)</li>
<li>fa_IR (Persian)</li>
<li>fr_FR (French)</li>
<li>it_IT (Italian)</li>
<li>ja_JP (Japanese)</li>
<li>pt_PT (Portugese)</li>
<li>zh_CN (Chinese)</li>
-<li>zh_HK (Hong Kong Chinese)</li>
-<li>zh_SG (Singapore Chinese)</li>
-<li>zh_TW (Taiwan Chinese)</li>
</ul>
See <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/locale.gen">/etc/locale.gen</a> for the selected languages. See <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/fsscript.sh">fsscript.sh</a> for how this configuration is applied.
-<h2>Configuration</h2>
+<h3>Configuration</h3>
-<h3>Tor</h3>
+<h4>Tor</h4>
<p>
Tor is currently configured as a client only. The client listens on SOCKS port 9050, as a transparent proxy on port 9040 and control port 9051 (with cookie authentication). Only connections from localhost are accepted. It can be argued that running a server would increase your anonymity for a number for reasons but we still feel that most users probably would not want this.
</p>
@@ -307,7 +298,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/tor/torrc">/etc/tor/torrc</a></li>
</ul>
-<h3>Mixminion</h3>
+<h4>Mixminion</h4>
<p>
Mixminion cannot be configured as a server as these servers need to be very reliable. As a client the default configuration seems to be acceptable. Note that TorK has built-in support for Mixminion. KMail also has been configured to use Mixminion via a sendmail compatible shell script. In this way the signature and encryption features of KMail can be used. Thunderbird is configured to use the Mixminion SMTP server to send email.
</p>
@@ -319,7 +310,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/var/lib/thunderbird-config">/var/lib/thunderbird-config</a> (copied to /home/gentoo/.thunderbird during build)</li>
</ul>
-<h3>DNS</h3>
+<h4>DNS</h4>
<p>
DNS leaks are controlled by using a local caching server. Two software packages are used to effect this. dns-proxy-tor listens for DNS requests and forwards to Tor for the resolution. pdnsd is used to provide caching. pdnsd is the server configured in /etc/resolv.conf, listening on localhost. It is configured to forward to dns-proxy-tor for the actual resoluton. There is a security concerns that some application could attempt to do its own DNS resolution without consulting /etc/resolv.conf. UDP packets are blocked to prevent leaks. Another solution may be to use the Linux network filter to forward to the local DNS server.
</p>
@@ -331,7 +322,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/conf.d/net">/etc/conf.d/net</a></li>
</ul>
-<h3>HTTP Proxy</h3>
+<h4>HTTP Proxy</h4>
<p>
Polipo is used as the HTTP proxy. It contacts Tor via SOCKS5 to make the real connections.
</p>
@@ -342,7 +333,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/var/lib/kdesession/kioslaverc">/var/lib/kdesession/kioslaverc</a> (copied to /home/gentoo/.kde3.5/... during build)</li>
</ul>
-<h3>SOCKS libraries</h3>
+<h4>SOCKS libraries</h4>
<p>
tsocks and dante are installed. Note that it is unnecessary with the Linux network filter (see below) and the local DNS server to socksify or torify apps. This is done at a lower level. These libraries are here due to dependencies and configured for completeness.
</p>
@@ -352,7 +343,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/env.d/99proxy">/etc/env.d/99proxy</a></li>
</ul>
-<h3>Random MAC Address</h3>
+<h4>Random MAC Address</h4>
<p>
The macchanger program can be used to change the network card MAC addresses to a random value. Gentoo has direct support for macchanger so all we need to do is configure it. The configuration is set to "random-ending" which is equivalent to "macchanger -e", meaning the vendor and media type are not changed. This is done to not draw attention to the changed MAC address in case someone is watching. Using a random MAC address may improve anonymity with respect to the LAN and prevent mapping the user to a specific physical location.
</p>
@@ -366,7 +357,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/init.d/macchanger">/etc/init.d/macchanger</a> (used by full)</li>
</ul>
-<h3>Mozilla Firefox</h3>
+<h4>Mozilla Firefox</h4>
<p>
HTTP and SOCKS proxies are configured. SOCKS is configured to perform name resolution through the proxy. I started Firefox without a config, exited, and then copied the configuration directory to the CD build root. The NoScript extension has been installed.
</p>
@@ -375,7 +366,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/var/lib/firefox-config/">/var/lib/firefox-config/</a> (copied to /home/gentoo/.mozilla during build)</li>
</ul>
-<h3>Bookmarks</h3>
+<h4>Bookmarks</h4>
<p>
Firefox and Konqueror have preset bookmarks related to anonymity.
</p>
@@ -385,7 +376,7 @@
<li>Konqueror: <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/var/lib/kdesession/bookmarks.xml">bookmarks.xml</a></li>
</ul>
-<h3>Kopete</h3>
+<h4>Kopete</h4>
<p>
Kopete is configured with contacts to Freenode and OFTC IRC networks accessed via Tor hidden services. The Kopete ircnetworks.xml file is patched with these networks.
</p>
@@ -395,7 +386,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/fsscript.sh">fsscript.sh</a></li>
</ul>
-<h3>XChat</h3>
+<h4>XChat</h4>
<p>
XChat is configured to use Tor as a SOCKS5 proxy. It will pass the hostname through SOCKS5 so that the exit node does the DNS resolution.
</p>
@@ -405,7 +396,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/fsscript.sh">fsscript.sh</a></li>
</ul>
-<h3>Network Filter</h3>
+<h4>Network Filter</h4>
<p>
One of the security issues is we don't know what software will attempt to contact the network without consideration for proxies. This is solved by forwarding all TCP connections that are not targetted to Tor (or localhost) through Tor. Linux has a kernel level network filter that accomplishes this. The CD is configured to pass all TCP traffic through Tor in case an application does not recognize or support HTTP/SOCKS proxies.
</p>
@@ -415,7 +406,7 @@
</ul>
-<h3>Host system RAM</h3>
+<h4>Host system RAM</h4>
<p>
When shutting down the system RAM is securely wiped. RAM can actually be read after the machine shuts off with the right equipment. The software doing this is smem, part of the <a href="http://www.thc.org/">secure-delete</a> package. This process can take a while. If you are booting from a CD it should eject, and if you are booting from a USB drive you can remove the drive once prompted. In either case you can leave the computer and let it finish on its own.
</p>
@@ -425,7 +416,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/fsscript.sh">fsscript.sh</a></li>
</ul>
-<h3>Passwords</h3>
+<h4>Passwords</h4>
<p>
There are two user's that are intended to be used for logins, 'gentoo' and 'root'. Since this is a CD/USB the passwords are empty. This should not be a security concern because the user will remove the CD/USB when done and there should be no services allowing logins from the network.
</p>
@@ -434,17 +425,17 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/fsscript.sh">fsscript.sh</a></li>
</ul>
-<h3>Running the CD from RAM</h3>
+<h4>Running the CD from RAM</h4>
<p>
The tiny version gives you the menu option of running the CD/USB from RAM. During the boot process the entire CD is copied into RAM and run from there. The CD will eject at this time or you may remove the USB drive when the boot progress screen is displayed. The full CD is too large for most computers to run from RAM but if you'd like to then hit [Tab] on the boot option and add " docache" after the boot line.
</p>
-<h3>Running the CD from a Windows session</h3>
+<h4>Running the CD from a Windows session</h4>
<p>
__INCOGNITO__ full may be run inside a Windows session in case the computer cannot boot media. <a href="http://fabrice.bellard.free.fr/qemu/">QEMU</a> is used to run the CD in a virtual PC. CTRL-ALT-F can be used to make the virtual machine full screen. Note that this will work for Windows 2000/XP or greater. A security concern that is not covered in this case is a keystroke logger. Keystrokes still run through the host operating system and can be logged, so beware.
</p>
-<h2>Configuration copied from USB drive</h2>
+<h3>Configuration copied from USB drive</h3>
<p>
Certain configurations are copied from the USB drive on boot. The following table lists the configuration, where it should exist on the USB drive and where it is copied into.
@@ -464,7 +455,7 @@
<a name="persistent">
-<h2>Persistent User Settings for a USB drive</h2>
+<h3>Persistent User Settings for a USB drive</h3>
<p>
When the CD is copied to a USB drive (see <a href="#createusb">here</a>) the user settings may be persisted across sessions. The home volume can be stored as a <a href="http://www.truecrypt.org">TrueCrypt</a> volume or unencrypted. For the Un*x savvy, the unencrypted volume is stored as an ext3 file on the USB drive. The file home.tc (TrueCrypt) or home.ext3.img (unencrypted) on the USB drive stores these settings and can be removed to reset to the CD defaults or copied elsewhere for a backup. You will need to do a clean shutdown (described above) to make sure your settings are saved. When booting from a writable media and there is no home volume you will be prompted to create one, you may choose not to do so.
@@ -475,7 +466,7 @@
<li><a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/usr/sbin/create-homevol">/usr/sbin/create-homevol</a></li>
</ul>
-<h2>Hidden Services</h2>
+<h3>Hidden Services</h3>
<p>
Hidden HTML content may be served if running from an USB drive. Content is limited to static HTML pages. The content is stored in the home directory and so takes advantage of TrueCrypt encryption. The directory structure follows.
@@ -512,7 +503,7 @@
</ul>
<a name="maintenance">
-<h1>Maintenance</h1>
+<h2>Maintenance</h2>
<blockquote>(How to keep the implementation current for anonymity, security and usefulness.)</blockquote>
<p>
@@ -536,7 +527,7 @@
</p>
<a name="caveats">
-<h1>Caveats</h1>
+<h2>Caveats</h2>
<blockquote>Side effects of the implementation that may be undesirable.</blockquote>
<p>
@@ -548,7 +539,7 @@
</p>
<a name="security">
-<h1>Security</h1>
+<h2>Security</h2>
<blockquote>Agreements and disagreements with our approach or implementation.</blockquote>
<p>
@@ -556,7 +547,7 @@
</p>
<a name="createusb">
-<h1>Copying to a USB Drive</h1>
+<h2>Copying to a USB Drive</h2>
<p>
The CD may be copied to a USB drive. Why do that? USB drives are easier to carry, harder to break, offer file storage and persistent user settings between sessions. There is a script provided that will copy the CD to a USB drive and make the drive bootable. When booting the user is presented with the option to create a persistent home directory with optional encryption (see <a href="#persistent">here</a> for details). On the desktop after booting the CD there will be an icon for copying to a USB drive (on tiny right click on the desktop and choose "Create USB" from the menu.) See the <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/usr/sbin/create-usb">/usr/sbin/create-usb</a> script for technical details. Note the script depends on the Gentoo LiveCD structure, it probably won't work when run on another LiveCD setup.