Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 01 Oct 2014, 10:29
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Banking through Live CD Vs. HDD Install
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
snayak

Joined: 14 Sep 2011
Posts: 231

PostPosted: Sat 03 Nov 2012, 04:22    Post_subject:  Banking through Live CD Vs. HDD Install  

Dear All,

Quote:
Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. Puppy Linux is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'.


Why "Live CD" way for Puppy is better than "HDD Install" ?

I didn't understand, why a bootup disk is better?
In both cases we are using the browser...


Sincerely,
Srinivas Nayak

_________________
Machine: Wary 530, AMD Athlon 2000+, ASUS A7N266-VM board, 512MB DDR RAM, 40GB HDD, 52xCDRW, PS/2 Mouse/Keyboard, USB 2.0.
Home: http://www.mathmeth.com/sn/
Blog: http://srinivas-nayak.blogspot.com/
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11081
Location: Arizona USA

PostPosted: Sat 03 Nov 2012, 10:30    Post_subject:  

Modifications to the operating system, including programs that run secretly in the background to monitor your keystrokes and report back to the mother ship, are automatically saved on the hard disk when you run an operating system from a hard disk. This is what installing a program does: modify the operating system files on the hard disk. Therefore if you pick up some malware from the interweb, it will "install" itself into the operating system and be saved on the hard disk drive. It will be there every time you boot, running in the background, doing its hidden evil. Twisted Evil

However, if you boot from a pristine Puppy CD and then pick up some malware while cruising the tubes, the bad program has nowhere to store itself. It can only run until you shut off the power, at which point it disappears from your computer. If you are running Puppy with a Save file on a hard disk or USB stick, then the malware may be automatically saved in the Save file without your knowing it and come back to haunt you the next time you boot. So the trick is not to have a save file at all, or to configure Puppy so it only saves if you tell it to, as a multisession DVD does.
Back to top
View user's profile Send_private_message 
snayak

Joined: 14 Sep 2011
Posts: 231

PostPosted: Sat 03 Nov 2012, 13:15    Post_subject:  

Dear Flash,

Many thanks for your explanation.

I understood the fact.

Two doubts arose.

1.

Quote:
... if you boot from a pristine Puppy CD and then pick up some malware while cruising the tubes, the bad program has nowhere to store itself. It can only run until you shut off the power...


If this is the case, we still face the problem caused by the malware, because it runs in ram; it will be able to send the keystrokes for password. How bootup CD then helped doing bank transactions safer?

2.

Quote:
...or to configure Puppy so it only saves if you tell it to...


How can we configure puppy to save only when we say?
How shsll we be able to know if we are really saving good things and not saving any malware?

Sincerely,
Srinivas Nayak

_________________
Machine: Wary 530, AMD Athlon 2000+, ASUS A7N266-VM board, 512MB DDR RAM, 40GB HDD, 52xCDRW, PS/2 Mouse/Keyboard, USB 2.0.
Home: http://www.mathmeth.com/sn/
Blog: http://srinivas-nayak.blogspot.com/
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11081
Location: Arizona USA

PostPosted: Sat 03 Nov 2012, 16:26    Post_subject:  

snayak wrote:
Two doubts arose:
1.
Quote:
... if you boot from a pristine Puppy CD and then pick up some malware while cruising the tubes, the bad program has nowhere to store itself. It can only run until you shut off the power...

If this is the case, we still face the problem caused by the malware, because it runs in ram; it will be able to send the keystrokes for password. How bootup CD then helped doing bank transactions safer?
You boot from the CD or multisession DVD and do your banking transactions first, before you go to any other website. This applies also to installing programs and saving them on the multisession DVD. Go straight to the Puppy repository and do it before you go anywhere else online.

Quote:
2.
Quote:
...or to configure Puppy so it only saves if you tell it to...

How can we configure puppy to save only when we say?
The simplest way, and the only way I've personally used, is to run Puppy from a multisession DVD. Read the threads here if you want to know how.
It is also possible to configure Puppy not to save unless you tell it to if your Save file is on a USB flash stick. I've never done it, so you'll have to do some research in this forum to find out how. I think later versions of Puppy offer that option somewhere in the Menu.

Quote:
How shsll we be able to know if we are really saving good things and not saving any malware?
Good question. Laughing
Back to top
View user's profile Send_private_message 
Wognath

Joined: 19 Apr 2009
Posts: 179

PostPosted: Sat 03 Nov 2012, 17:18    Post_subject: spot  

Flash,
Forgive me for bringing this up again...lots of discussions, but I get confused. Confused How effective is running the browser as spot to inhibit installation of malware? (frugal hard disk install) Thanks.
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11081
Location: Arizona USA

PostPosted: Sat 03 Nov 2012, 20:39    Post_subject:  

Beats me. All I can say is, I've never done it and as far as I know I've never picked up anything. Smile

By the way, here's how to stop a frugal install from saving until you tell it to.
Back to top
View user's profile Send_private_message 
snayak

Joined: 14 Sep 2011
Posts: 231

PostPosted: Sun 04 Nov 2012, 08:23    Post_subject:  

Many thanks Flash,

I am grateful for your help and suggestions. I am too convinced. Non-root mode is truly not more secure. Irrespective of the mode in which we are running, a virus may come through browser and simply sit in home and send the keystrokes. Is non-root mode going to deny the virus from sitting inside /home/xyz folder? What can be more worse than stealing all our bank balance? In which other cases we need security?

I too came across great posting of 666Philb, here is my post appreciating his posting.
http://www.murga-linux.com/puppy/viewtopic.php?p=662373#662373
he has put some idea over there. I have some ideas and suggestions.

Quote:
Quote:
Puppy booted live with a cd and pfix=ram is more secure than any installed operating system.

This is also true. To know how to play safe, http://murga-linux.com/puppy/viewtopic.php?p=662292#662292.

Quote:
Even booting a frugal that is on the harddrive or on a usb, all it takes is to check the md5 of the puppy.sfs to be as certain of a pristine OS as with the live CD.

This is what I am missing and may be everybody missing. I mean, we need to have this automatically done.


Booting with pfix=ram and checking the md5 of the puppy.sfs to be certain of a pristine OS is a great idea and replaces the tension of having a CD.

I think, it shall be great, if there can be a icon on puppy desktop, clicking on which, will automatically reboot the system and boot the system with pfix=ram and check the md5 of puppy.sfs and if found to be good, take us to a safe banking environment/desktop and open the browser, where we can immediately do the transaction. Once we are done, we can close the browser and click on another similar icon on new desktop which can reboot the system back to original desktop from where we have come(i.e. boot with pfix=sda and savefile).

Looks like a dream, but I think, it wont be impossible since we are in root mode. I have also seen, one pfix=ram comes by default in grub4dos menu when we do frugal install. The biggest question is how can we do this arrangement? Any idea/help?

I feel, this can remove the headache of dealing with CD, yet getting the blessings of safe environment, where root shall not be hated so much!

Any loophole here?

Won't it be good? I think this would be lot easier to operate for novices (like me?).


Sincerely,
Srinivas Nayak

_________________
Machine: Wary 530, AMD Athlon 2000+, ASUS A7N266-VM board, 512MB DDR RAM, 40GB HDD, 52xCDRW, PS/2 Mouse/Keyboard, USB 2.0.
Home: http://www.mathmeth.com/sn/
Blog: http://srinivas-nayak.blogspot.com/
Back to top
View user's profile Send_private_message 
greengeek

Joined: 20 Jul 2010
Posts: 2559
Location: New Zealand

PostPosted: Sun 04 Nov 2012, 12:19    Post_subject:  

Quote:
Puppy booted live with a cd and pfix=ram is more secure than any installed operating system.

This is not necessarily true. If you compare a live CD which has been configured to contain an insecure browser, and an installed operating system that has all necessary security updates fitted, then the live CD can definitely be the least secure of the two.

As you have suggested it is possible for an insecure browser to act as a portal for someone to grab your password information. Even in live session.

And of course, there is no mechanism to prevent a live CD from containing a script that runs after startup and opens up a port and/or hidden program that sends data from your current session without you knowing anything about it.

It comes down to who you trust and how much you trust them. I have used many puppy live CDs and realised afterwards that I had absolutely no idea about the motivations/abilities of the person who assembled that particular version of puppy.

Puppy has a significant advantage in the sense that it tries to be small and lean - so that increases the likelihood of suspect code being detected during the testing phase. But it does not guarantee it. Live sessions are a very good protection, but not foolproof.
Back to top
View user's profile Send_private_message 
amigo

Joined: 02 Apr 2007
Posts: 2252

PostPosted: Sun 04 Nov 2012, 13:28    Post_subject:  

Horrah, greengeek! As you point out, bad things can happen at any time. The folks around here tend to think they are 'safe' because they can simply reboot and have a sane system again. This entirely ignores what happens just after you are infected -before shutting down.

And being root is certainly less safe that ruuning as an unprivileged user. It is true that any malware can easily have power over your files in $HOME and may also install and run some malicious code from there -even browser cookies can execute some dirty tricks. But, when running as root, then malware potentially can do much more -like installing a rootkit -which can begin running right away.

Running as root means your machine can easily become part of a botnet which spreads spam or child-porn or any other unscrupulous activity. If you don't mind any of that, well just keep on browsing as root...
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11081
Location: Arizona USA

PostPosted: Sun 04 Nov 2012, 22:37    Post_subject:  

Amigo, if you'll re-read the first few posts you'll probably find that this thread started out to be about how running from a live CD without a save file greatly reduces the chances that a rootkit could be installed in the operating system. It is possible that a rootkit could have snuck into the Puppy iso, but that is far less likely than that someone would pick one up on a website somewhere. Rebooting Puppy from a CD without a Save file would get rid of any malware that might have been picked up from the internet during a session.
Back to top
View user's profile Send_private_message 
amigo

Joined: 02 Apr 2007
Posts: 2252

PostPosted: Mon 05 Nov 2012, 04:50    Post_subject:  

What I'm saying is that while you are browsing or whatever as root, a rootkit can be 'installed' and start working from the moment of infection. The fact that it doesn't really get *installed* to a writable drive means that you won't still have it when you *restart* your system, but for the moment you are already infected.

rootkits usually involve a kernel module which must be insmod'ed to be used. insmod is one of the many tools which a normal user should not, and usually cannot run.

Other malware can write to the BIOS memory and that change would certainly be present when you reboot. Again, a normal user (or malware running with a normal users permissions) should not be able to do that.
Back to top
View user's profile Send_private_message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Mon 05 Nov 2012, 12:34    Post_subject:  

From what I've read, writing to BIOS requires correctly targeting the specific model/version, so while possible is probably unlikely.

For frugal installs, these are good arguments to turn off automatic saves. Personally, I don't run my browser in root, but to each his/her own.
Back to top
View user's profile Send_private_message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sat 17 Nov 2012, 23:56    Post_subject:  

Iptables = an opportunity sometimes to close some door for different users of one Operating System.

Iptables = an opportunity sometimes to close some door for different programs of one Operating System.

Also this thing(or something like this) is important
environment: all other users are protected by good passwords(if a function to login/logout exists for user), some users were deleted
Code:
history -c >/root/.history ; printf '\ec'


Code:
history -c >/root/spot/.bash_history ; printf '\ec'

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send_private_message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sun 06 Jan 2013, 14:11    Post_subject: Re: Banking through Live CD Vs. HDD Install  

snayak wrote:
...

Why "Live CD" way for Puppy is better than "HDD Install" ?
...


Some user can have one version of Operating System onto different types of Compact Disks which were created by different manufacturers, what is cheaper at comparing with HDD system. Scheme of checking the integrity of Compact Disk is not complicated.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0971s ][ Queries: 11 (0.0032s) ][ GZIP on ]