Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Writing on laptop without trojans being able to read along


  • Please log in to reply
10 replies to this topic

#1 ITicSoWhat

ITicSoWhat

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 26 November 2015 - 03:28 PM

Is it possible to write stuff in a text/word document without people/trojans being able to gather the data?
Like if I write on a USB stick?



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:41 PM

Posted 26 November 2015 - 04:37 PM

I would use a text editor on a live Linux CD, then save it to the cloud or another connected media.

#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:07:41 PM

Posted 27 November 2015 - 03:44 PM

Is it possible to write stuff in a text/word document without people/trojans being able to gather the data?
Like if I write on a USB stick?

No, you can not trust your machine if malware is running on it.


Edited by Didier Stevens, 27 November 2015 - 03:45 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 ITicSoWhat

ITicSoWhat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 28 November 2015 - 02:52 AM

I would use a text editor on a live Linux CD, then save it to the cloud or another connected media.

Doesn't that make it more readily available for the trojan to gather it?

 

And how can I then make sure there is no malware running on my PC? Is there a sure way?



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:41 PM

Posted 28 November 2015 - 04:30 AM

Booting from a live Linux CD means that you are working on a separate environment from your Windows installation, and Windows malware do not run on Linux. I know some people doing online banking with live Linux CDs on machines without a hard drive.

#6 ITicSoWhat

ITicSoWhat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 28 November 2015 - 06:27 AM

Booting from a live Linux CD means that you are working on a separate environment from your Windows installation, and Windows malware do not run on Linux. I know some people doing online banking with live Linux CDs on machines without a hard drive.

Is that easy to do? Is there a tutorial somewhere? And can I still use the same laptop to run on windows for other things and connect to the internet?

Also, would it be possible to boot from a live Linux CD and then using a seperate external hard drive to save the text documents on without trojans being able to access it? As long as I only use that external hard drive solely when booting from live linux cd?



#7 Al1000

Al1000

  • Global Moderator
  • 7,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:06:41 PM

Posted 28 November 2015 - 06:44 AM

Is there a tutorial somewhere?


There's one in the link in my signature.
 

And can I still use the same laptop to run on windows for other things and connect to the internet?


Yes. The live Linux CD doesn't make any changes to your computer, so it will work just the same when not running from the Linux CD.
 

Also, would it be possible to boot from a live Linux CD and then using a seperate external hard drive to save the text documents on without trojans being able to access it? As long as I only use that external hard drive solely when booting from live linux cd?


Yes. You could also format the external drive with a Linux file system, so that Windows would not be able to read or otherwise access it. (It doesn't need to be an external hard drive, for example you could also use a USB flash drive.)

Edited by Al1000, 28 November 2015 - 06:46 AM.


#8 rp88

rp88

  • Members
  • 3,059 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:41 PM

Posted 28 November 2015 - 01:36 PM

Post #1, in short the way to do this is to make sure there are no trojans on the machine. Run scans with your antivirus, an antimalware and a second and perhaps third opinion scanner, look for anything strnage sounding in your lists of startup programs and scheduled tasks, check for anything unusual running as an exe file process in task manager (processes tab in windows xp/7, details tab in windows 8/8.1). And if you still think there is malware present open a thread in the virus removal section of this forum.


For future use make sure to have a system image made as soon as you know the machine is clean, then in future you can restore to that image if you ever get a virus later. If possible try and get as many of the programs you use (browsers/antivirus/anything you use a lot (for me that's some 3d modelling programs, for you it might be ms office, or equivalents, or photoshop, or GIMP, or VLC, or CCleaner...))installed before you make that image, that way you won't have to reinstall all your programs after every time you return to the image. But only do this if you have the installer exe files of the programs saved and to hand (so you don't have to go online to get them before making the image) and if you can be UTTERLY sure those exe files are clean, you don't want the computer to be infected before you make an image. You coud make a first image as soon as the system is clean, then a second once all your programs are installed. This also applies to brand new computers, first thing (do this before connecting to the internet at all) to do upon turning on is make an image, then change settings and install programs to get the system how you like it, then make another image.

Edited by rp88, 28 November 2015 - 01:37 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,991 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:06:41 PM

Posted 28 November 2015 - 06:24 PM

@rp88 #8

 

 

first thing (do this before connecting to the internet at all) . . . then change settings and install programs to get the system how you like it                        (my bold)

 

I fully agree with the sense of your post but isn't this particular point a little impractical ?  It must be about 50% or more of software and applications you might wish to install come as downloads only. Security products, utilities, office suites, games - the list is almost endless today.

 

Chris Cosgrove


I am going to be away until about the 22nd October. Time on-line will be reduced and my internet access may be limited. PMs may not be replied to as quickly as normal !


#10 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:41 AM

Posted 01 December 2015 - 12:31 AM

You have dedicated software to reduce the risk of being spied, they are called antiloggers , example are:

 

- Hitman Pro Alert (will notify you if something is recording , will encrypt your keystroke , protect your notepad/word apps from exploits)

- Keyscrambler (encrypt your keystroke at driver level)

- Spyshelter (multi-antilogger)

- Zemana anti-logger 

 

the use of a live CD is good but inconvenient. 



Emsisoft Community Manager


#11 rp88

rp88

  • Members
  • 3,059 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:41 PM

Posted 03 December 2015 - 06:45 PM

Post #9"It must be about 50% or more of software and applications you might wish to install come as downloads only."

Personally I keep hold of offline installer exe files for most of the programs I use, so one has to update them after installing them but you can do the installaton of most of them (a couple of them have installer exe files that simply act to connect to their websites and download the rest of the necesssary stuff) before going online. Also you can make a first system image before going online then another once the things which you have to go online to install have been installed.

Ofcourse if you do choose to keep copies of installer exe files on USB/cd-rw then you need to make ABSOLUTELY SURE that those copies you're keeping are not in any way infected, but with that done you have a good known way of quickly installing programs (atleast those with offline installers) onto computers before connecting at all, and if you also keep the installer exe files which themselves go online to fetch the rest of the program you still get the advantage that though you might have to be CONNECTED to use those sort you don't have to have done any BROWSING at that point.

Edited by rp88, 03 December 2015 - 06:46 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users