Puppy Linux Discussion Forum

Wac · Joined: 20 May 2009 Posts: 7

I have used Puppy Linux for a while now and just want to know how save it is to surf the internet with.

At the moment I am using version 5.2.8 with Firefox 6, the firewall is also activated, is this system secure enough even for online banking?

8-bit · Joined: 03 Apr 2007 Posts: 3016 Location: Oregon

If you use common sense when surfing, and do not disable security addons for your browser on unknown sites, you should be safe.
If some site wants you to download and install some software it says you need, decline in a hurry.
I recently was running windows vista and downloaded an addin that was supposed to let me see my linux partitions and files from windows.
I downloaded and installed the utility and found it contained a virus.
It took me a while and a few complete scans to get rid of the darn thing.
It was my own fault and I should have known better.
Also, at present, I cannot even remember the name of the file or what site offered it.
But it supposedly installed a system file that would allow you to view linux files and partitions with your windows file manager.
So be careful out there.

Lobster · Posted: Thu 22 Sep 2011, 11:18 Post subject:

Flash · Posted: Thu 22 Sep 2011, 15:27 Post subject:

For maximum security, do your online banking with a multisession DVD that you use for nothing else. Actually you could use it for everything else as long as you never save to the DVD except for banking stuff.

nooby · Joined: 29 Jun 2008 Posts: 9389 Location: SwedenEurope

faifpuhp · Joined: 22 Sep 2011 Posts: 97

Personally I don't think it makes sense to talk about security so long as Flash is installed. The only thing that poses a quicker threat to an otherwise secure system would be a poorly configured server.

Sure, you can secure a system as much as you want and install Flash on it, but as much as Outlook and Word used to be the biggest holes in Windows (other than Windows,) the biggest hole in GNU/Linux is probably Flash (the product, not the guy here...) You have no control over it, almost everyone uses the same version, and the old versions are always full of dangerous bugs. If you use a bank that requires Flash on their site, don't do online banking with them at all.

Other than that it would be interesting to see Puppy get a security audit. You could make a contest out of it to save on fees, but you might not find anyone willing to play.

The other thing is that it's tough to get people to take your security seriously when everything is root. A user-level account helps, the firewall probably helps, but privilege escalation seems to be what attacks are all about and you're escalated by default.

The last hurdle is live-CD vs. persist. If you're using a live-CD at least you lose harmful changes on reboot, but most people probably use persist. I'd still trust almost any distro over Windows, but I wouldn't hasten to call anything "secure" based on faith. At least you guys don't complain about viruses, that's very good.

cthisbear · Joined: 29 Jan 2006 Posts: 2943 Location: Sydney Australia

" For maximum security, do your online banking with a multisession DVD "

Used a cd for over 6 years.

My advice...do banking first.
Close the browser after.

Then browse other sites as you wish.

Chris.

Lobster · Posted: Thu 22 Sep 2011, 23:38 Post subject:

nooby · Joined: 29 Jun 2008 Posts: 9389 Location: SwedenEurope

Thanks, so that start it up without the addons?

But one have addons like Noscript to make it safer Smile

faifpuhp · Joined: 22 Sep 2011 Posts: 97

Lobster · Posted: Fri 23 Sep 2011, 05:44 Post subject:

Sylvander · Posted: Fri 23 Sep 2011, 05:54 Post subject:

1. How I do it these days:

(a) Using Lupu [526 right now]...

(b) Have it set up so that:
b1. A pupsave on an internal HDD is treated as though a pupsave on a Flash Drive.
b2. The auto-save during the session is set to zero.
b3. To be given the choice at shutdown/reboot "to save or not to save".
b4. To prevent a spurious warning at startup that the previous shut-down was improper.

(c) With the above done...
I can do normal work within the Puppy...
And manually save the session back to the pupsave at a chosen point in time.
e.g. So that Firefox will save the arrangement of windows open at that point.
And then...

(d) After (c) is done, toward the end of the session...
I can do my banking...
But NOT save the [changes recorded during that part of the] session...
During that part, or at shut-down.

faifpuhp · Joined: 22 Sep 2011 Posts: 97

postfs1 · Joined: 27 Mar 2010 Posts: 831

nooby · Joined: 29 Jun 2008 Posts: 9389 Location: SwedenEurope

Here is a totally wild and confused thinking idea. I know too little but ...

suppose one try to mimic how a CD install works but on USB or HDD instead.

Now what to do with pupsave? One make a .pet instead.

So take the idea that Master_Wrong has and combined it with Seasides suggestion and my barely grasp of their exchange.
http://www.murga-linux.com/puppy/viewtopic.php?p=567024#567024