Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 21:58
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
Internet Security: how safe is Puppy Linux?
Moderators: Flash, Ian, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Wac

Joined: 20 May 2009
Posts: 14

PostPosted: Thu 22 Sep 2011, 09:54    Post_subject:  Internet Security: how safe is Puppy Linux?  

I have used Puppy Linux for a while now and just want to know how save it is to surf the internet with.

At the moment I am using version 5.2.8 with Firefox 6, the firewall is also activated, is this system secure enough even for online banking?
Back to top
View user's profile Send_private_message 
8-bit


Joined: 03 Apr 2007
Posts: 3382
Location: Oregon

PostPosted: Thu 22 Sep 2011, 10:19    Post_subject:  

If you use common sense when surfing, and do not disable security addons for your browser on unknown sites, you should be safe.
If some site wants you to download and install some software it says you need, decline in a hurry.
I recently was running windows vista and downloaded an addin that was supposed to let me see my linux partitions and files from windows.
I downloaded and installed the utility and found it contained a virus.
It took me a while and a few complete scans to get rid of the darn thing.
It was my own fault and I should have known better.
Also, at present, I cannot even remember the name of the file or what site offered it.
But it supposedly installed a system file that would allow you to view linux files and partitions with your windows file manager.
So be careful out there.
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 22 Sep 2011, 11:18    Post_subject:  

Quote:
is this system secure enough even for online banking?


Yes Cool
http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11122
Location: Arizona USA

PostPosted: Thu 22 Sep 2011, 15:27    Post_subject:  

For maximum security, do your online banking with a multisession DVD that you use for nothing else. Actually you could use it for everything else as long as you never save to the DVD except for banking stuff.
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 22 Sep 2011, 15:50    Post_subject:  

Flash wrote:
For maximum security, do your online banking with a multisession DVD that you use for nothing else. Actually you could use it for everything else as long as you never save to the DVD except for banking stuff.


I wish one could do such security for USB or Frugal install too for us
who have computers that have no internal nor any external DVD.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
faifpuhp


Joined: 22 Sep 2011
Posts: 97

PostPosted: Thu 22 Sep 2011, 16:26    Post_subject:  

Personally I don't think it makes sense to talk about security so long as Flash is installed. The only thing that poses a quicker threat to an otherwise secure system would be a poorly configured server.

Sure, you can secure a system as much as you want and install Flash on it, but as much as Outlook and Word used to be the biggest holes in Windows (other than Windows,) the biggest hole in GNU/Linux is probably Flash (the product, not the guy here...) You have no control over it, almost everyone uses the same version, and the old versions are always full of dangerous bugs. If you use a bank that requires Flash on their site, don't do online banking with them at all.

Other than that it would be interesting to see Puppy get a security audit. You could make a contest out of it to save on fees, but you might not find anyone willing to play.

The other thing is that it's tough to get people to take your security seriously when everything is root. A user-level account helps, the firewall probably helps, but privilege escalation seems to be what attacks are all about and you're escalated by default.

The last hurdle is live-CD vs. persist. If you're using a live-CD at least you lose harmful changes on reboot, but most people probably use persist. I'd still trust almost any distro over Windows, but I wouldn't hasten to call anything "secure" based on faith. At least you guys don't complain about viruses, that's very good.

_________________
Strawberry is dead!
Back to top
View user's profile Send_private_message 
cthisbear

Joined: 29 Jan 2006
Posts: 3437
Location: Sydney Australia

PostPosted: Thu 22 Sep 2011, 19:02    Post_subject:  

" For maximum security, do your online banking with a multisession DVD "

Used a cd for over 6 years.

My advice...do banking first.
Close the browser after.

Then browse other sites as you wish.

Chris.
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 22 Sep 2011, 23:38    Post_subject:  

Quote:
At the moment I am using version 5.2.8 with Firefox 6, the firewall is also activated, is this system secure enough even for online banking?

Yes!
    1. Close browser
    2. Click on desktop icon console
    3. Type firefox -safe-mode
    This disables add-ons including Flash
    4. Bank
    5. Close console

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 23 Sep 2011, 01:39    Post_subject:  

Thanks, so that start it up without the addons?

But one have addons like Noscript to make it safer Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
faifpuhp


Joined: 22 Sep 2011
Posts: 97

PostPosted: Fri 23 Sep 2011, 02:51    Post_subject:  

nooby wrote:
But one have addons like Noscript to make it safer Smile


Tough call. Noscript would make phishing more difficult, but then, that's why you go to your banking site before any others Wink

_________________
Strawberry is dead!
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Fri 23 Sep 2011, 05:44    Post_subject:  

Quote:
Thanks, so that start it up without the addons?

Yes.
That is more than sufficient Most banks expect their users
to be using Windows and IE or perhaps a Smartphone.
You are already much more secure than these options
by using Linux and FireFox.

You don't need to use programs such as GROWL or hardened Puppy 'Wardog'
. . . however the precautions section may be of interest . . . Smile
http://puppylinux.org/wikka/security

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
Sylvander

Joined: 15 Dec 2008
Posts: 3463
Location: West Lothian, Scotland, UK

PostPosted: Fri 23 Sep 2011, 05:54    Post_subject:  

1. How I do it these days:

(a) Using Lupu [526 right now]...

(b) Have it set up so that:
b1. A pupsave on an internal HDD is treated as though a pupsave on a Flash Drive.
b2. The auto-save during the session is set to zero.
b3. To be given the choice at shutdown/reboot "to save or not to save".
b4. To prevent a spurious warning at startup that the previous shut-down was improper.

(c) With the above done...
I can do normal work within the Puppy...
And manually save the session back to the pupsave at a chosen point in time.
e.g. So that Firefox will save the arrangement of windows open at that point.
And then...

(d) After (c) is done, toward the end of the session...
I can do my banking...
But NOT save the [changes recorded during that part of the] session...
During that part, or at shut-down.
Back to top
View user's profile Send_private_message 
faifpuhp


Joined: 22 Sep 2011
Posts: 97

PostPosted: Fri 23 Sep 2011, 11:57    Post_subject:  

Lobster wrote:
Quote:
Thanks, so that start it up without the addons?

Yes.
That is more than sufficient


It's actually some of the best advice I've seen on this forum.

_________________
Strawberry is dead!
Back to top
View user's profile Send_private_message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sat 24 Sep 2011, 03:54    Post_subject: Re: Internet Security: how safe is Puppy Linux?  

Wac wrote:
Internet Security: how safe is Puppy Linux?


My guess: the best project is the "pUPnGO" after editing by literate user.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 24 Sep 2011, 07:57    Post_subject:  

Here is a totally wild and confused thinking idea. I know too little but ...

suppose one try to mimic how a CD install works but on USB or HDD instead.

Now what to do with pupsave? One make a .pet instead.

So take the idea that Master_Wrong has and combined it with Seasides suggestion and my barely grasp of their exchange.
http://www.murga-linux.com/puppy/viewtopic.php?p=567024#567024

seaside wrote:
"yes, you can make a .pet out of a savefile".
Simply setup your pup and then shutdown with a small save file as usual
for a frugal install. Boot with "pfix=ram" and then click on the pupsavefile to mount it.
Once mounted, you can go to the / directory and in a terminal type "dir2pet Nameofpupsavedir".
Rename the newly generated pet file to whatever is meaningful,
move it to a permanent location and delete the pupsave.2fs file.


That way there is no way for the virus to hide because there is no pupsave file to be saved in so when one shut down the pupsave file is not there one boot and instead click on the pet and that pet is the save file that have the needed personal takes on what is supposed to be installed?

Sure a virus can go to /mnt/home/ and place itself there.

So one would need to not be there then. Which makes it hard for us who love to boot frugally on the hdd.

But this is for security like Bank and such financial things like buying from Amazon or something? So one start up from a USB to get max security if one have no CD?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0850s ][ Queries: 12 (0.0035s) ][ GZIP on ]