Jump to content
Not connected, Your IP: 18.225.95.229
pr1v

Security and live cds

Recommended Posts

I would like to know your opinion about security when using some linux live cd + airvpn VPN + browser without javascript to avoid malware.

 

When I am browsing the web with AirVPN I am not showing my real ip, and so I am avoiding many attacks. Using a linux live cd (knoppix or porteus for example) I suppose I can't receive malware, and if I receive it in ram memory then it will be all deleted when I finish, because nothing can be writen in a cd. It would be a very bad luck to receive malware just the minutes I am using it and be compromised in what I am doing (passwords, etc).

 

So, my question is: if these linux live-cds use an outdated browser and they have some vulnerabilities,  but I am using the browser without javascript, and if they are not offering an opened port outside, what are the possibilities to be hacked with malware?. Is it a safe solution to enter, for example, in our bank accounts?. I thought about network sniffing, but using AirVPN is an extra...

 

Opinions?

 

Thanks

Share this post


Link to post

The only attack surface you are mitigating using a live-cd is persistence of malware.

So that even after you are infected, a reboot will be enough to make your system clean again.

 

As for malware as a concept, a live-cd system and an installed image have no differences.

Both can be attacked by malware if you are not cautious enough, and if you have sensitive data

in your browser or memory, an elevated process (such as malware) can read that data.

 

Generally Linux live-cd's are safer because the variety of distributions and browser versions makes

exploitation a huge moving target. So in real life only highly targeted attacks can be successful,

or attacks on very common platforms with the same predictable setup, such as the Tor Browser

on Tails OS. Then a generic exploit can be successful impacting all users of the same OS image.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Thank you zhang888.

But if I only use it to browse websites with AirVPN and without javascript, can I receive malware too?

Share this post


Link to post

The question should rather be not if you can, but what are the chances that you will.

To answer that question you have to be aware of all the risk factors.

 

While surfing without Javascript can be very effective against browser exploits, there

are plenty more low hanging fruits for attackers, such as the Flash Player, various Silverlight/Java

plugins, the PDF reader, Office documents (although this is more a Windows focused issue) etc.

Some recent attack scenarios included backdoored installations of various P2P software, and even

a successful attempt to backdoor a live Linux Mint distribution.

 

No VPN service can protect you from malware, as those attacks are not something happening in the

network layer at all, but are either conducted by software exploitation and/or social engineering.

This is why it is always better to rely on multiple factors of authentications for highly sensitive services,

turn on 2FA, restrict connections with a hardware token if your bank supports it, use multisig wallets

in case you use Bitcoin, etc.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Yes, i avoid java and all the other plugins if I use the live-cd in something important. If I use flash I normally boot only to watch videos and nothing to be worried about. I load the flash plugin and the browser files from another drive, encrypted with gpg to avoid them to be changed while I don't use them (being disconnected from internet).

Thanks again!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...