OmniBoot
A USB that IS the operating system. No OS. No disk. No trace.
The Problem
Forensic investigations require booting suspect machines without contaminating evidence. Current solutions like Tails OS (1.2GB) and CAINE (3GB) carry hundreds of inherited CVEs and leave potential RAM traces. Classified workstations need air-gapped environments that leave zero evidence of use.
The Solution
OmniBoot is a ~64KB binary that boots directly from BIOS/UEFI. It accesses hardware directly — no OS, no disk mounting, no swap. When removed, the machine has zero evidence anything executed. Not in RAM. Not on disk. Because there is no OS that would have swap.
Why Bare-Metal Matters
Go cannot boot without an OS. Rust needs a minimal runtime. C requires libc or a complex HAL. OmniOS already speaks directly to hardware — booting is a natural extension. A 64KB boot image vs a 1.2GB Linux distribution means orders of magnitude less code to audit and zero inherited vulnerabilities.
Technical Specifications
| Feature | Value |
|---|---|
| Binary Size | ~64KB |
| Boot Method | BIOS/UEFI direct boot |
| Persistence | Zero — RAM only |
| Dependencies | None |
| Runtime | None — IS the OS |
| Disk Access | Read-only (forensic mode) |
| Network | Optional raw socket scanning |
Comparison
| OmniBoot | Tails OS | CAINE Forensic | |
|---|---|---|---|
| Size | ~64KB | 1.2GB | 3GB |
| Boot time | <1s | 45-60s | 60-90s |
| Dependencies | None | Linux kernel + userspace | Linux kernel + userspace |
| Disk trace | Zero | Minimal | Minimal |
| RAM trace after shutdown | Zero (overwritten) | Possible | Possible |
| Supply chain CVEs | 0 | Hundreds | Hundreds |
Use Cases
Digital Forensics
Boot a suspect machine without mounting the disk. Scan the network, extract evidence from memory, generate a report. Power off. Zero contamination of the chain of custody.
Classified Workstation
A diplomat plugs in a USB on any laptop in the world. Boots an encrypted environment to read classified documents. Removes the USB. The laptop returns to normal. Not even the BIOS knows what happened.
Pre-OS Audit
Detect rootkits that hide from the operating system — because there is no operating system to hide from. Read firmware, BIOS, and disk sectors directly.