0

Not knowing whether the underlying operating system (Windows 7) is infected or not, is it safe to use LiveCDs to shop, bank, etc online without having to configure the firewall (e.g. iptables), antivirus, etc

PeanutsMonkey
  • 9,100

1 Answers1

3

When you boot from a LiveCD in a PC, you are stopping the operating system installed on any of the hard disks in a PC from booting. It never becomes active, and so no viruses (which are just applications that run under an operating system) can run.

If the environment is untrusted, then you are more at risk from other devices on the same network than you are the actual PC you are using.

Having said that, linux is largely immune to Windows based viruses - there are very few cross-platform examples of malware.

Having said that again, adding a quick rule to iptables dropping any incoming connections from the local network can't hurt.

Update If you want to ensure the livecd environment is secure in itself, then consider a Secure Desktop live cd.

Paul
  • 60,031
  • 19
  • 150
  • 170
  • Thanks Paul however I was keen to understand if the LiveCD itself needed to be configured in a particular way to ensure maximum security when banking, shopping online, etc – PeanutsMonkey Nov 23 '11 at 03:13
  • If the banking site is using https (which all I've ever seen are) and you inspect the certificate to ensure it's valid then you shouldn't have much to worry about from the local network. – Matthew Lock Nov 23 '11 at 03:24
  • @PeanutsMonkey Are you planning on creating a LiveCD yourself (with your own set of applications)? Or using a default one that is available for a distribution? – iglvzx Nov 23 '11 at 03:40
  • @Matthew Lock - Thanks Matthew. I am sure all banking websites use HTTPs however am trying to understand what I need to do to secure the LiveCD to ensure that it does not get infected whilst browsing a banking website for example, or say someone attempting to run a scan against the PC in an attempt to find out what services are running, etc. – PeanutsMonkey Nov 23 '11 at 03:44
  • @iglvzx - A default one for now e.g. Linux Mint Debian as an example – PeanutsMonkey Nov 23 '11 at 03:44
  • @PeanutsMonkey You should be safe using a LiveCD. If you want to be 101% secure, then I would make sure that the hard drive(s) are not being auto-mounted, or mounted at all. Each distribution may have different settings in regard to this. – iglvzx Nov 23 '11 at 03:56
  • Updated answer to link to the DoD live CD Secure Desktop – Paul Nov 23 '11 at 05:00
  • @Paul - Thanks Paul. Will have a look at it. Have you had any experience with it yourself? – PeanutsMonkey Nov 23 '11 at 05:03
  • No, none, but there are reviews to google (check lifehacker) to understand the pros and cons. – Paul Nov 23 '11 at 05:20
  • Isn't a live CD read only? There really aren't that many viruses for linux either (not to mentioned live CDs!) Also I don't know about your bank, but my bank allows me to create other logons that can only get the balance and look at recent charges for example, so I can not worry about people transferring money out of my account. – Matthew Lock Nov 28 '11 at 10:22
  • A liveCD is itself read-only, but the OP comment was concerning infection while using it - during a session. Low risk, but that was the question. – Paul Nov 28 '11 at 10:50