I have used Puppy Linux for a while now and just want to know how save it is to surf the internet with.
At the moment I am using version 5.2.8 with Firefox 6, the firewall is also activated, is this system secure enough even for online banking?
Internet Security: how safe is Puppy Linux?
If you use common sense when surfing, and do not disable security addons for your browser on unknown sites, you should be safe.
If some site wants you to download and install some software it says you need, decline in a hurry.
I recently was running windows vista and downloaded an addin that was supposed to let me see my linux partitions and files from windows.
I downloaded and installed the utility and found it contained a virus.
It took me a while and a few complete scans to get rid of the darn thing.
It was my own fault and I should have known better.
Also, at present, I cannot even remember the name of the file or what site offered it.
But it supposedly installed a system file that would allow you to view linux files and partitions with your windows file manager.
So be careful out there.
If some site wants you to download and install some software it says you need, decline in a hurry.
I recently was running windows vista and downloaded an addin that was supposed to let me see my linux partitions and files from windows.
I downloaded and installed the utility and found it contained a virus.
It took me a while and a few complete scans to get rid of the darn thing.
It was my own fault and I should have known better.
Also, at present, I cannot even remember the name of the file or what site offered it.
But it supposedly installed a system file that would allow you to view linux files and partitions with your windows file manager.
So be careful out there.
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Yesis this system secure enough even for online banking?
http://www.itnews.com.au/News/157767,ns ... nking.aspx
I wish one could do such security for USB or Frugal install too for usFlash wrote:For maximum security, do your online banking with a multisession DVD that you use for nothing else. Actually you could use it for everything else as long as you never save to the DVD except for banking stuff.
who have computers that have no internal nor any external DVD.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Personally I don't think it makes sense to talk about security so long as Flash is installed. The only thing that poses a quicker threat to an otherwise secure system would be a poorly configured server.
Sure, you can secure a system as much as you want and install Flash on it, but as much as Outlook and Word used to be the biggest holes in Windows (other than Windows,) the biggest hole in GNU/Linux is probably Flash (the product, not the guy here...) You have no control over it, almost everyone uses the same version, and the old versions are always full of dangerous bugs. If you use a bank that requires Flash on their site, don't do online banking with them at all.
Other than that it would be interesting to see Puppy get a security audit. You could make a contest out of it to save on fees, but you might not find anyone willing to play.
The other thing is that it's tough to get people to take your security seriously when everything is root. A user-level account helps, the firewall probably helps, but privilege escalation seems to be what attacks are all about and you're escalated by default.
The last hurdle is live-CD vs. persist. If you're using a live-CD at least you lose harmful changes on reboot, but most people probably use persist. I'd still trust almost any distro over Windows, but I wouldn't hasten to call anything "secure" based on faith. At least you guys don't complain about viruses, that's very good.
Sure, you can secure a system as much as you want and install Flash on it, but as much as Outlook and Word used to be the biggest holes in Windows (other than Windows,) the biggest hole in GNU/Linux is probably Flash (the product, not the guy here...) You have no control over it, almost everyone uses the same version, and the old versions are always full of dangerous bugs. If you use a bank that requires Flash on their site, don't do online banking with them at all.
Other than that it would be interesting to see Puppy get a security audit. You could make a contest out of it to save on fees, but you might not find anyone willing to play.
The other thing is that it's tough to get people to take your security seriously when everything is root. A user-level account helps, the firewall probably helps, but privilege escalation seems to be what attacks are all about and you're escalated by default.
The last hurdle is live-CD vs. persist. If you're using a live-CD at least you lose harmful changes on reboot, but most people probably use persist. I'd still trust almost any distro over Windows, but I wouldn't hasten to call anything "secure" based on faith. At least you guys don't complain about viruses, that's very good.
[url=http://murga-linux.com/puppy/viewtopic.php?p=566477#566477][b]Strawberry is dead[/b][/url][b]![/b]
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Yes.Thanks, so that start it up without the addons?
That is more than sufficient Most banks expect their users
to be using Windows and IE or perhaps a Smartphone.
You are already much more secure than these options
by using Linux and FireFox.
You don't need to use programs such as GROWL or hardened Puppy 'Wardog'
. . . however the precautions section may be of interest . . .
http://puppylinux.org/wikka/security
1. How I do it these days:
(a) Using Lupu [526 right now]...
(b) Have it set up so that:
b1. A pupsave on an internal HDD is treated as though a pupsave on a Flash Drive.
b2. The auto-save during the session is set to zero.
b3. To be given the choice at shutdown/reboot "to save or not to save".
b4. To prevent a spurious warning at startup that the previous shut-down was improper.
(c) With the above done...
I can do normal work within the Puppy...
And manually save the session back to the pupsave at a chosen point in time.
e.g. So that Firefox will save the arrangement of windows open at that point.
And then...
(d) After (c) is done, toward the end of the session...
I can do my banking...
But NOT save the [changes recorded during that part of the] session...
During that part, or at shut-down.
(a) Using Lupu [526 right now]...
(b) Have it set up so that:
b1. A pupsave on an internal HDD is treated as though a pupsave on a Flash Drive.
b2. The auto-save during the session is set to zero.
b3. To be given the choice at shutdown/reboot "to save or not to save".
b4. To prevent a spurious warning at startup that the previous shut-down was improper.
(c) With the above done...
I can do normal work within the Puppy...
And manually save the session back to the pupsave at a chosen point in time.
e.g. So that Firefox will save the arrangement of windows open at that point.
And then...
(d) After (c) is done, toward the end of the session...
I can do my banking...
But NOT save the [changes recorded during that part of the] session...
During that part, or at shut-down.
-
postfs1
Here is a totally wild and confused thinking idea. I know too little but ...
suppose one try to mimic how a CD install works but on USB or HDD instead.
Now what to do with pupsave? One make a .pet instead.
So take the idea that Master_Wrong has and combined it with Seasides suggestion and my barely grasp of their exchange.
http://www.murga-linux.com/puppy/viewto ... 024#567024
Sure a virus can go to /mnt/home/ and place itself there.
So one would need to not be there then. Which makes it hard for us who love to boot frugally on the hdd.
But this is for security like Bank and such financial things like buying from Amazon or something? So one start up from a USB to get max security if one have no CD?
suppose one try to mimic how a CD install works but on USB or HDD instead.
Now what to do with pupsave? One make a .pet instead.
So take the idea that Master_Wrong has and combined it with Seasides suggestion and my barely grasp of their exchange.
http://www.murga-linux.com/puppy/viewto ... 024#567024
That way there is no way for the virus to hide because there is no pupsave file to be saved in so when one shut down the pupsave file is not there one boot and instead click on the pet and that pet is the save file that have the needed personal takes on what is supposed to be installed?seaside wrote:"yes, you can make a .pet out of a savefile".
Simply setup your pup and then shutdown with a small save file as usual
for a frugal install. Boot with "pfix=ram" and then click on the pupsavefile to mount it.
Once mounted, you can go to the / directory and in a terminal type "dir2pet Nameofpupsavedir".
Rename the newly generated pet file to whatever is meaningful,
move it to a permanent location and delete the pupsave.2fs file.
Sure a virus can go to /mnt/home/ and place itself there.
So one would need to not be there then. Which makes it hard for us who love to boot frugally on the hdd.
But this is for security like Bank and such financial things like buying from Amazon or something? So one start up from a USB to get max security if one have no CD?
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though