2025.11.19 Layer 01: Accela

LainOS 2025.11.19 Layer 01: Accela – Stable Release

What’s new

• Fresh sync of the last 3 days of Arch upstream packages

• PGP-signed LSMS guide now includes full Android registration instructions
(~/LainOS_Secure_Messaging_Service/messaging-guide.txt)

• Minor website polish at https://lainos.io (new domain redirect for https://lainos.dev)

• Fixed bug in LESME script that added a sudo command to .zshrc(leftover from passwordless sudo during beta and RC)

Known issues

• Still not compatible with BTRFS (ext4 recommended)

Get connected

• Secure Onion XMPP server + full setup guide at https://lain.rocks

• Website(new domain redirect) https://lainos.io

• Discord Permanent Link (if you hate privacy) at https://discord.gg/kEbwebmZuC

LALL<3

2025.11.17 Layer 01: - Accela

Stable~Release

Download here: https://gitlab.com/lainos/lainOS/-/releases/2025.11.17-Stable

A few upstream arch updates which seemed worthy of an update were included, replaced outdated LSMS(LainOS Secure Messaging Service/Integrated Secure XMPP Framework) guide with updated, clarified, and PGP signed guide(the same one now appearing at https://lain.rocks/).

LALL<3

Installation Instructions

To join our private and secure Onion XMPP chat server with clear provided instructions, visit https://lain.rocks/

If you hate privacy, here's our permanent discord link: https://discord.gg/kEbwebmZuC

2025.11.16 Layer 01: - Accela

Stable Release ~ LainOS Layer 01: - Accela

Download here: https://gitlab.com/lainos/lainOS/-/releases/2025.11.16

This release marks the long anticipated launch of 'LainOS Layer 01: - Accela' Stable. It has taken nearly 4 years to get here. Thank you to everyone involved, you all know who you are!
In this release, thunderbird email client was removed to shave the iso down to 3.6gb, and fastfetch was updated(wouldn't want to have an outdated fastfetch would you? ;) )

LALL<3

2025.10.31-v1.5.0-rc2

Installation Instructions

Download Here: https://gitlab.com/lainos/lainOS/-/releases

In this release, a crucial component not only in LainOS, but also of the LESME/LSMS framework and convenient tor usage in general; the tor ControlPort(for tor connection monitoring and management via Nyx tor monitor), was finally secured with an auth cookie(this was bothering me for 2 weeks).
This means that now, all of LainOS's security features, privacy features, and all other intended features are now fully functional. So here is RC2. I've split the RC phase into two phases; the first focused on the security and privacy focused technical parts of the system which I prioritize before all else, along with system stability.

The second phase is ,well, just waiting for any bugs to pop up, and the core of this system is almost 3 years old. The aesthetics aka 'rice', and specifically the CoplandOS-GTK theme, are working beautifully together.(not sure how many ricers have their own GTK themes but i'm not a ricer). Anyway, if you find any bugs, please let us know through our discord link on reddit at r/LainOSdevelopers. Or hit up our XMPP server in the other repo(Our VPS provider seems to be having an outage for the past 12 hours. but I will update as I know more.)
The wired_repo will be filled with hacking tools soon, downloadable through pacman. They will all be built from source when possible, and signed when I get the time. Right now the repo just has wireshark, it's my first pkgbuild from source.

Happy Halloween from the LainOS Team!

LALL<3

2025.10.30-v1.4.5-rc1

Installation Instructions

Download Here: https://gitlab.com/lainos/lainOS/-/releases/2025.10.30-v1.4.5-rc1

This release was baremetal tested and used to build a copy of itself which is the ISO in this release. (This was to test gpg signing function and means it's pretty damn stable.)

In this release, the customized ~/.gnupg directory permissions have been fixed. The system no longer caches PGP passphrases and is protected against CPU HRNG backdoors. I'm going to include the installation guide for KVM virtualization(the intended way to use LESME/LSMS) in the home folder of the next release, but for now I'll work on the wired_repo pacman repo where you can download pentesting tools built from source(if possible) and packaged by yours truly. I will eventually be signing these repo packages for security(along with all of our other remote repo packages).

Discord and Element were removed from default applications to reduce ISO size(download them yourself, they don't belong in LainOS). You also get the fastest and most reliable Snowflake bridges to use with Tor Browser or tor daemon in the home folder. You can thank my work on Qubes/Whonix for that. Enjoy LainOS! RC2 is very close if we aren't already in it.

LALL<3

2025.10.21-v1.4-rc1

Download Here: https://gitlab.com/lainos/lainOS/-/releases/2025.10.21-v1.4-rc1

In this release, calamares installer needed an immediate rebuild due to new dependency updates, this means I won't have to do it again for a while, and the system is more stable than ever. librewolf 140, built from source, was replaced by librewolf version 144, also built from source(This takes 4+ hours, you're welcome). I also added transparency to more applications(strategically so for apps like KeePass, and Signal, making shoulder surfing more difficult).

The Tor Connection Management script at /home/user/bin/tor.sh is now executable on first boot(obfs4 bridges are integrated by default). The commands are below:

tor.sh s = sudo systemctl start tor

tor.sh st = sudo systemctl stop tor

tor.sh stat = sudo systemctl status tor

tor.sh r = sudo systemctl restart tor

The CoplandOS-GTK theme is applied systemwide in both Hyprland and Openbox.

wireguard-tools works with wg-quick

Full disk encryption works fine.

v1.2.26-beta-chat

Download Here: https://gitlab.com/lainos/lainOS/-/releases

In this release, the 'LainOS Secure Messaging Service'(LSMS) on-boarding script has been perfected and is noob ready! I'm still writing the registration instructions(just needs pictures), but to be concise, to make an account, download the application 'dino' and then issue the command 'torsocks dino', then follow the directions on this page to install the LESME Secure Communication Framework: https://gitlab.com/lainos/lainos-onion-xmpp-server-guide

Yes, this is a dedicated Onion XMPP service for LainOS that I operate combined with a secure messaging framework I designed. It's pretty watertight. (I have made contributions to Qubes and Whonix and am credited in the whonix wiki with a copyright., This is the fruit of that labor)

The LainOS chatroom is end-to-end encrypted with TOR, and TLS(kinda sorta, it's my server). You can PM/DM people and encrypt those chats with either OMEMO or PGP. This is LainOS's first real useful product and I hope you all enjoy it! We sure are. It's some cyberpunk stuff for sure. It is based on an infosec project of mine.

Tag message
The more polished LainOS Secure Messaging Service is now fully functional and ready for user registration from multiple Linux and Android clients.(Dino, Gajim, Profanity on linux. Another.im on fdroid ). Also, just use dino if you can't figure out profanity, but it's oretty straightforward.

LainOS Secure Messaging Service Guide: https://gitlab.com/lainos/lainos-onion-xmpp-server-guide figure out profanity, you won't have the security and robust authentication that my framework has, but it's primarily designed for people in hostile environments, and dino is fine

ainOS XMPP Client Provisioning Utility: GPG/Pass/Tor Integration/Obfs4 Obfuscation/OMEMO Encryption/Icelandic Server

Description

Automated client provisioning utility for the LainOS XMPP service. Core functions include: secure anonymized GPG key pair generation with strict passphrase handling (via file descriptor), initialization of the Pass credential manager, and mandatory configuration of Tor with obfs4 bridges. It pre-configures the Profanity client to utilize GPG decryption via Pass for secure, automated GPG login. LainOS hosts the Onion service on a VPS in Iceland.

This utility is included with LainOS-v1.2.25-beta and later releases as a user executed shell script.

v1.2.25-beta

Download Here: https://gitlab.com/lainos/lainOS/-/releases/v1.2.25-beta

This is a special release, because I've successfully integrated one of my infosec projects, which is a cross platform anonymized encrypted communication framework into LainOS along with its own dedicated LainOS Onion chat service.

In this release, the LainOS Secure Messaging framework installation script(/home/user/LainOS_Secure_Messaging_Server.sh) was optimized to be informative and user friendly while also retaining the best security practices during installation. So LainOS Now has it's own integrated secure communication framework and Onion service that is designed to mitigate advanced persistent threats on select machines(if you use KVM and a custom bios) ;).

Next on the list of tasks is Installer rebuild/update, VPN DNS default config, and Waybar default config. I'm also going to work on the chat server guide with pictures and ways it can be easily accessed from different devices/platforms.

Installing the LainOS secure chat framework is easy, you just run the script, fill in the required information, and boom, it builds you a multi layered defense-in-depth secure messaging environment, seamlessly blending the robust authentication capabilities of PGP encryption with the flexibility and perfect forward secrecy of OMEMO encryption, and anonymity and traffic obfuscation.

You need to register an account on the server first, or i can make one for you and you can change your passphrase. But the framework works for any Onion XMPP server.

I have a guide here I'm working on:

https://github.com/The-LainOS-Project/lainos-secure-messaging-server

https://gitlab.com/lainos/lainos-onion-xmpp-server-guide

v1.2.22-beta

Release notes

Download LainOS Here: https://gitlab.com/lainos/lainOS/-/releases/v1.2.22-beta

VM INSTALLATION TEST: COMPLETED

BAREMETAL TESTING STATUS: COMPLETED(forgot a package)

Changelog: Configured the tor service to use obfs4 bridges by default with torsocks via obfs4proxy to allow you to torify any application while obfuscating tor usage.(this is a nice little feature for people in censored regions who want to hide their tor usage). I get messages about people who can't access the LainOS download links because they are blocked in their country, so I figured why not include something like what's in the sentence below...

Fixed some bugs and integrated one of my other projects into LainOS. It's communication framework consisting of a PGP protected OMEMO encrypted XMPP terminal application inspired by irrssi(This framework seamlessly implements Tor, TLS, PGP for authentication and OMEMO for message encryption), it's a script which installs and assembles a secure messaging environment(that I originally built for android Debian virtual machines) that connects over Tor to the LainOS Tor service chat server(also reachable by other clients such as ones for android[like another.im on f-droid].)

you can learn about that project here: https://gitlab.com/amnesia1337/vesme-avf/

v1.2.21-beta

BAREMETAL TESTING STATUS: COMPLETED

Changelog:
Changed the live USB labeling(when you see the USB drive in your file explorer) from ARCH_YYYYMM to LainOS_YYYYMM; this should not need baremetal testing but I'm doing it anyway.

Download here: https://gitlab.com/lainos/lainOS/-/releases/v1.2.21-beta