hard-drive partition safety

For discussions about security.
Post Reply
Message
Author
puppydolph
Posts: 3
Joined: Thu 10 Jun 2010, 01:23

hard-drive partition safety

#1 Post by puppydolph »

If I boot Puppy from a Live-USB or Live-CD, and I never save the session, can my hard-drive partitions be compromised either by viruses or hackers.

Specfically:

1. Can a hacker get in to a Word or Excel doc on my NTFS windows partition when I'm running live-Puppy. I see all my partitions listed near the bottom left part of my screen, but whether or not they are mounted (is 'mounted' the correct term???) and accessible is a mystery to me.

2. Could my ntfs windows partition get infected with a virus while using live-Puppy, so the next time I run Windows I'd have a virus on it?

3. Is it really true that running a live-usb or live-CD makes no changes whatsoever to your computer -- I've always been a little weary of that claim.

Thanks.

User avatar
smokey01
Posts: 2813
Joined: Sat 30 Dec 2006, 23:15
Location: South Australia :-(
Contact:

#2 Post by smokey01 »

Running puppy live from a CD is a very secure method of browsing. It does not touch any of your files on your HDD therefore cannot damage them.

If you do not mount your HDD (click on the drive icon) then it's very difficult for you to get a virus on your HDD/NTFS partition. I won't say it's impossible to get a virus but highly improbable. Because your HDD is not mounted any viruses that are currently on the NTFS partition cannot transfer to the Puppy OS. It's also a good idea to install the firewall when it asks you to as well.

Puppy runs in memory when running live from a CD. If you were to get a virus it would die when you turned your computer off.

noryb009
Posts: 634
Joined: Sat 20 Mar 2010, 22:28

#3 Post by noryb009 »

1. Can a hacker get in to a Word or Excel doc on my NTFS windows partition when I'm running live-Puppy. I see all my partitions listed near the bottom left part of my screen, but whether or not they are mounted (is 'mounted' the correct term???) and accessible is a mystery to me.
When you look at all the drives, some will have little circles in the corner. That means they are MOUNTED (if you want to see any, click one to mount it, and you will see the circle). Right-click them and select Unmount to unmount them. When they are mounted, you can use the files in them, when they are unmounted, you (and hackers) can't.
2. Could my ntfs windows partition get infected with a virus while using live-Puppy, so the next time I run Windows I'd have a virus on it?
Only if:
-you have it mounted AND
-click on every single ad you see when browsing AND
-there was a virus (I highly doubt there is one for puppy that tries to infect a windows partition, it would be easier to make a virus for windows).
3. Is it really true that running a live-usb or live-CD makes no changes whatsoever to your computer -- I've always been a little weary of that claim.
The only change I can think of is logs, made by the BIOS, but it won't change anything else if you don't mount any partitions.

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#4 Post by Flash »

noryb009 wrote:
3. Is it really true that running a live-usb or live-CD makes no changes whatsoever to your computer -- I've always been a little weary of that claim.
The only change I can think of is logs, made by the BIOS, but it won't change anything else if you don't mount any partitions.
A technical quibble: I don't think any BIOS writes its log files to a hdd. I'm fairly sure that BIOS logs, which are created in RAM during bootup, would have to be written to the hdd by the OS, after it is booted up and running.

A Puppy live CD will not automatically save BIOS log files to hdd. You'd have to do it manually, by mounting the hdd then copying or moving the file(s) to it.

A Puppy live CD will use a swap partition on a hdd if it finds one when it boots. In some cases, and I'm not at all sure of this, a Puppy live CD might even create a swap partition if none exists. That's never happened to me, and I've been running Puppy from a multisession DVD for years. For swap purposes, that's the equivalent of running from a live CD. For a long time there was a NTFS hdd in the computer, but it crapped out about a year ago and I just took it out and never replaced it. I don't think I've had a hard disk drive that lasted longer than about 2 years. :(

puppydolph
Posts: 3
Joined: Thu 10 Jun 2010, 01:23

#5 Post by puppydolph »

Thank you for all the input. I have a a follow-up question:

nory....
When you look at all the drives, some will have little circles in the corner. That means they are MOUNTED (if you want to see any, click one to mount it, and you will see the circle). Right-click them and select Unmount to unmount them. When they are mounted, you can use the files in them, when they are unmounted, you (and hackers) can't.
Is this correct??

With the exception of my puppy live-usb drive, by default all my partition drives have a little red circle on them (on the bottom left-side of the drive icon). When I right-click to unmount drive, the little red circles do not disappear. When I double-click on the drive, a larger green circle super-imposes on the drive icon, and I always assumed this larger green circle represented the drive being mounted.

Flash...
this is off-topic, bit any particular reason you use a multi-session DVD rather than multi-session USB?

jj

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#6 Post by Flash »

puppydolph wrote:Flash...
this is off-topic, bit any particular reason you use a multi-session DVD rather than multi-session USB?
Mostly because I started out using Puppy with an older computer that couldn't boot from USB, so I'm comfortable with a multisession DVD. It does just what I want from a computer. I feel like I know how it works, so it won't surprise me. Multisession Puppy never saves anything to the DVD unless I specifically tell it to, so I can try things knowing that they can't screw up my operating system. One advantage multisession Puppy on a DVD has over running Puppy any other way is that nothing that has been saved on the multisession disk is ever erased or overwritten. This could be a very useful way to run an operating system for forensic purposes. I haven't used that unique capability of multisession Puppy on a DVD, but it's there if anyone needs it. :)

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#7 Post by rcrsn51 »

puppydolph wrote:With the exception of my puppy live-usb drive, by default all my partition drives have a little red circle on them (on the bottom left-side of the drive icon). When I right-click to unmount drive, the little red circles do not disappear. When I double-click on the drive, a larger green circle super-imposes on the drive icon, and I always assumed this larger green circle represented the drive being mounted.
What Puppy version are you using? I've never seen a red circle on a drive icon.

User avatar
bigpup
Posts: 13886
Joined: Sun 11 Oct 2009, 18:15
Location: S.C. USA

#8 Post by bigpup »

puppydolph wrote:With the exception of my puppy live-usb drive, by default all my partition drives have a little red circle on them (on the bottom left-side of the drive icon). When I right-click to unmount drive, the little red circles do not disappear. When I double-click on the drive, a larger green circle super-imposes on the drive icon, and I always assumed this larger green circle represented the drive being mounted.
Old version of drive icons:

red dot unmounted
green dot mounted

New version of drive icons:

No dot unmounted
green dot mounted

PaulBx1
Posts: 2312
Joined: Sat 17 Jun 2006, 03:11
Location: Wyoming, USA

#9 Post by PaulBx1 »

A Puppy live CD will use a swap partition on a hdd if it finds one when it boots. In some cases, and I'm not at all sure of this, a Puppy live CD might even create a swap partition if none exists.
I think this is old Puppy behavior. Barry took a lot of that stuff out after we security fetishists complained that it negated the whole point of an encrypted pupsave. I believe the swap behavior is now more reasonable. One can always do a swapoff in rc.local or something, too.

Only problem with booting puppy from a CD "pfix=ram" all the time is that you have to set up networking every time, and the boot is slow. Maybe if you leave your computer on all the time that is no problem, but that in itself is a security risk.'

I wonder if keeping a small encrypted pupsave wouldn't work, then after boot do an md5sum of the pupsave every time to see it hasn't been messed with. I'm guessing too much stuff gets messed with at the system level for that to consistently give the same checksum, though.

Bruce B

#10 Post by Bruce B »

smokey01 wrote:Running puppy live from a CD is a very secure method of browsing.
What does secure mean in this context?

I don't think it is safe. One time I broke a fingernail. Another
time I sprained an eyelash. Worse, my little finger on my left
hand hurts and I don't know why.

Then there was the time a lady served me coffee and spilled
it on the keyboard. This happened in full view of both of us
and yet she still lied about doing it.

I don't even think Barry K in all his wisdom can protect us from
things like this.

If secure means protected from a malicious remote hacker
who gained access to your default user: root, I think she can
do anything the software allows. Including but not limited to
wiping the hard disks.
smokey01 wrote:It does not touch any of your files on your HDD therefore cannot damage them.
I think it potentially touches thousands of files in its search of
your media for Puppy files. If none were found, then it uses
files on the CD.

~~~~~~~~~~~~~~~~

I just want to say: I fibbed about the sprained eyelash.

~~~~~~~~~~~~~~~

postfs1

#11 Post by postfs1 »

To reedit up to date.
Last edited by postfs1 on Sun 27 Mar 2016, 21:52, edited 1 time in total.

User avatar
8-bit
Posts: 3406
Joined: Wed 04 Apr 2007, 03:37
Location: Oregon

#12 Post by 8-bit »

That one line "Searching for files on computer drives" always bothered me to an extent.
If you are booting from a live cd, with pfix=ram, why the search?
Also, if you are booting from a frugal install using grub with menu.lst,
you have already specified where the files are located.
So why is the search done?

User avatar
pemasu
Posts: 5474
Joined: Wed 08 Jul 2009, 12:26
Location: Finland

#13 Post by pemasu »

I believe you know this already, but.. The searching of main.sfs is done so that bootprocess is faster using copied hdd preinstalled main.sfs than main.sfs in cd. Sometimes the search process is so slow that actual timesparing is questionable.

User avatar
Luluc
Posts: 200
Joined: Wed 16 Mar 2011, 07:10

#14 Post by Luluc »

Holy cow. What a topic.

Here is a good suggestion for a term paper: "How the Linux community went from 'security-minded' to 'scare-mongering' in less than ten years."

Parent poster is just frighteneed out of their bejeezus because of them sly and magic hax0rz and their awesome hax0rin sk1llz.

Hackers are the haunting ghosts of the 21st century. Modern version of the Canterbury Tales.

Post Reply