Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bootable USB for security.


  • Please log in to reply
22 replies to this topic

#1 RoscoP

RoscoP

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 05 July 2012 - 12:51 AM

Hello guys and gals.

After having some accounts compromised, I am trying to figure out a safer way to do banking online. My idea is to have a separate operating system which is used solely for sensitive computing.

I have an XPS 13 with Windows 7 Home Premium with a 128 G SSD, so space is a bit of a concern.

My idea was to make a Windows 7 bootable USB, but it is appearing very difficult and someone said it takes about 20 minutes to boot. That's too long.

So now I am thinking of maybe Linux or Ubunutu or something. Does this sound like the best course of action to accomplish my goal of having a virus free OS that is used only for logging into my online banks?

Also, could I install Linux or Ubunutu on my actual hard drive and just choose to boot from that vs. my standard Windows 7? Would I have to completely reformat and partition the HDD to accomplish this? Also, if I did it this way, and I had a virus on my Windows 7, would that leak over to the Linux or Ubunutu when running from there?

Side not, I have never used either Linux or Ubunutu, so any suggestions will be greatly appreciated.

Thank you.


PS How long does it usually take to boot Ubunutu from a UDB?

Edited by RoscoP, 05 July 2012 - 01:00 AM.


BC AdBot (Login to Remove)

 


#2 1002 Richard S

1002 Richard S

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sussex, UK.
  • Local time:03:00 PM

Posted 05 July 2012 - 08:00 AM

Hi,
Certainly a good idea from a security point of view.
Very clear guide with screenshots here: http://www.howtogeek.com/97177/how-to-put-ubuntu-linux-on-a-usb-thumb-drive-without-the-mess/
Booting from USB is very fast - from a CD is slower.

Hope this helps.
In addition to the help you're lready getting at Ubuntu Forum!
http://ubuntuforums.org/showthread.php?t=2017270

Edited by 1002 Richard S, 05 July 2012 - 08:29 AM.


#3 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:00 AM

Posted 09 July 2012 - 12:16 PM

I made a persistent Ubuntu flash drive using an 8 gb drive. It boots in under a minute.
The advantage to having a persistent install is you can keep the OS updated and install
a few programs or store documents, etc.

It is simple to do. Just follow the directions in this link: Universal USB Installer – Easy as 1 2 3 | USB Pen Drive Linux

Good read here on why to use Linux for banking: Security Fix - Avoid Windows Malware: Bank on a Live CD

An excerpt from that article......SANS Technology Institute, a security research and education organization, challenged its students with creating a white paper to determine the most effective methods for small and mid-sized businesses to mitigate the threat from these types of attacks. Their conclusion? While there are multiple layers that of protection that businesses and banks could put in place, the cheapest and most foolproof solution is to use a read-only, bootable operating system, such as Knoppix, or Ubuntu. See the SANS report here (PDF)............

EDIT: No, malware can't jump from a Linux drive or Windows drive to another Linux or Windows drive.
Yes, you can install a Linux OS in a dual boot on a drive that also has Windows. Easy to do, but first
run Linux from a Live CD or flash drive to see if your hardware and YOU are compatible before permanently
installing.

There is another type of install where Linux is actually installed inside the Windows OS partition called WUBI. I do
not recommend that.

Edited by buddy215, 09 July 2012 - 12:46 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 pane-free

pane-free

  • Members
  • 117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Between the Mtns N of the Big River
  • Local time:08:00 AM

Posted 09 July 2012 - 03:23 PM

I would simply burn a LiveCD ( Puppy Linux is good one that allows both encryption and saving configuration files on a USB stick ), boot to it ( may need to change boot order in BIOS ), login to account, do business, save config on USB stick with heavy encryption, reboot or shutdown to remove LiveCD and USB stick without causing problems.

FYI: I read a couple years ago about a European bank that was doing this on the Continent in the Washington Post. It was another distro, however.

EDIT: Just saw this at the Puppy Linux link given

Edited by pane-free, 09 July 2012 - 03:28 PM.

There comes a time in the affairs of man when he must take the bull by the tail and face the situation.
W. C. Fields

#5 S3cS3arch3r

S3cS3arch3r

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:EU
  • Local time:05:00 PM

Posted 10 July 2012 - 08:06 AM

My advice:

Visit Tails!
Debian LiveCD / USB for almost any x86 / x64 system.
Incorporated with a secured Tor-browser and a regular "insecure" browser, and..,
looks like a regular XP system in order to not stand out too much when using it in public (on holidays f.e.).

Tails website: https://tails.boum.org/

I never bank online in any other way anymore...


\0/
-Sec

#6 mrfingerz

mrfingerz

  • Members
  • 228 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK, London
  • Local time:03:00 PM

Posted 13 July 2012 - 03:35 PM

Another one here.....

http://www.cybershieldsolutions.com/

I been meaning to try it but haven't got around to it.
It's nice to be important, it's much more important to be nice.

#7 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:00 AM

Posted 13 July 2012 - 06:19 PM

Another one here.....

http://www.cybershieldsolutions.com/

I been meaning to try it but haven't got around to it.


That is just another Live Linux distro.....QUOTE: CyberShield-OS is derived from one of the most mature and stable Linux distributions available, the OpenSuse Project. As a Linux distribution it is open to examination and peer review.

350 mb in size. It is free to download and install on your on CD or a dedicated flash drive.
You can also purchase a flash drive with CyberShield-OS installed and shipped to you for $23.20 including shipping. Pay for using PayPal.
My guess is they are hoping for a lot of sales of their flash drive.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 mrfingerz

mrfingerz

  • Members
  • 228 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK, London
  • Local time:03:00 PM

Posted 13 July 2012 - 09:51 PM

Lol....I know that, I only posted it as an option. This is a linux forum after all :wink:
It's nice to be important, it's much more important to be nice.

#9 searchme2

searchme2

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:N.E. Ohio
  • Local time:10:00 AM

Posted 14 July 2012 - 12:28 AM

The one reason to using a live CD is it's not persistent, unlike a hard drive install or a persistent USB flash drive install, offering the most security and privacy because absolutely nothing remains when the CD is shut down. If a USB flash drive is used don't make it persistent to mimic a live CD. Although a persistent install of Linux is better because it's a more secure OS, using non-persistent system is the best because not even your browsing history will be saved when the system is shut down. Absolutely nothing is saved when it is shut down, not even apps you installed. Even if you have Linux installed to the hard drive using a live CD or non-persistent USB install would give you the best protection of all. Fire up the live CD, do your banking, then reboot into your normal system.

Puppy does offer a way to save what you do even with a live CD because upon shutdown you can tell it to leave a configuration file on the hard drive that it reads on the next boot. Might come in handy for saving an install like Firefox but after you do your banking don't tell it to save anything when you are finished banking. Puppy is nice because it's small and boots faster from a CD than the bigger distros like Ubuntu.

My two cents.

#10 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:10:00 AM

Posted 15 July 2012 - 01:48 AM

tsk tsk... ubuntu? puppy?
Lightweight Portable Security: created by the air force for DoD employees
http://spi.dod.mil/lipose.htm
Can not be installed, can not access the host system drive and comes
with cool security features for accessing military sites/networks
NOT that you would use it for that purpose.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#11 1002 Richard S

1002 Richard S

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sussex, UK.
  • Local time:03:00 PM

Posted 15 July 2012 - 02:14 AM

In addition to L P S don't overlook Tails - reviewed & explained here: http://maketecheasier.com/tails-a-linux-distribution-for-protecting-your-privacy/2012/03/08

#12 S3cS3arch3r

S3cS3arch3r

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:EU
  • Local time:05:00 PM

Posted 17 July 2012 - 05:26 AM

My advice:

Visit Tails!
Debian LiveCD / USB for almost any x86 / x64 system.
Incorporated with a secured Tor-browser and a regular "insecure" browser, and..,
looks like a regular XP system in order to not stand out too much when using it in public (on holidays f.e.).

Tails website: https://tails.boum.org/

I never bank online in any other way anymore...


\0/
-Sec


'Overlook' 1002 Richard S? :whistle: :thumbup2:

#13 1002 Richard S

1002 Richard S

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sussex, UK.
  • Local time:03:00 PM

Posted 17 July 2012 - 06:37 AM


My advice:

Visit Tails!
Debian LiveCD / USB for almost any x86 / x64 system.
Incorporated with a secured Tor-browser and a regular "insecure" browser, and..,
looks like a regular XP system in order to not stand out too much when using it in public (on holidays f.e.).

Tails website: https://tails.boum.org/

I never bank online in any other way anymore...


\0/
-Sec


'Overlook' 1002 Richard S? :whistle: :thumbup2:


I'll now go and type out 100 times "I must read the whole thread" ... Apologies!

Edited by 1002 Richard S, 17 July 2012 - 06:38 AM.


#14 S3cS3arch3r

S3cS3arch3r

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:EU
  • Local time:05:00 PM

Posted 17 July 2012 - 08:05 AM

I'll now go and type out 100 times "I must read the whole thread" ... Apologies!


No need, glad we're on the same T®ails!

\0/
-Sec

#15 Zen Seeker

Zen Seeker

  • Members
  • 695 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:00 AM

Posted 17 July 2012 - 10:20 AM

Keep in mind that Live CD/DVD and USB drives aren't bullet proof. A few banks offed free downloads of live images and stopped because they can't be updated or patched when security issues are found.

I've been looking for the perfect solution on and off for years without success and expect I will never find it. I've had my kids use live disks to test them out and they still get bugs when they visit the java/flash/js game sites and agree to everything just to play a game.

I've also used Tor, look it up as it's handy, but it has it's own drawbacks and is only as secure as the servers that run on it. I would surf on it but not sure if I would bank on it, pun intended.

Currently I dual boot Linux/Win7. Manually keep both updated weekly, linux usually even more, have AV and firewalls running, and avoid questionable sites.

Zen




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users