How private is Puppy from wifi?
How private is Puppy from wifi?
If using a work computer from home on own wifi, how private is puppy?
In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.
Would the computer be safe from keyloggers and other employer monitoring software?
Other issues to consider?
(Need to use it to pay bills/taxes/etc)
In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.
Would the computer be safe from keyloggers and other employer monitoring software?
Other issues to consider?
(Need to use it to pay bills/taxes/etc)
Re: how private?
Are you able to run your remoting software in a virtual machine?sfeeley wrote:If using a work computer from home on own wifi, how private is puppy?
In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.
Would the computer be safe from keyloggers and other employer monitoring software?
Other issues to consider?
(Need to use it to pay bills/taxes/etc)
Probably really depends on what you connect to.
To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.
If all you ever do is go to very specific safe locations and only those locations. It would be very hard to get some bad software.
Example:
Connecting to a bank and only a bank.
Some people do this for banking.
If you boot not using the save.
Sure you would have to setup network connection and would not have any saved settings.
Go to the bank web site.
Do whatever.
Shutdown computer when completed.
No bad software could get on the computer (hope there is none on a bank web site), because the save is not being used.
Anything that did get installed would be only in RAM memory and would be cleared out when computer is shutdown.
The core Puppy files are working in a read only mode. They always are.
The save is the only place anything is in write mode.
Booted from a live Puppy CD/DVD and not using a save.
No drives are auto mounted.
So bad code would have a hard time installing to just a drive location, because the drive has to be, first mounted, to write to it.
To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.
If all you ever do is go to very specific safe locations and only those locations. It would be very hard to get some bad software.
Example:
Connecting to a bank and only a bank.
Some people do this for banking.
If you boot not using the save.
Sure you would have to setup network connection and would not have any saved settings.
Go to the bank web site.
Do whatever.
Shutdown computer when completed.
No bad software could get on the computer (hope there is none on a bank web site), because the save is not being used.
Anything that did get installed would be only in RAM memory and would be cleared out when computer is shutdown.
The core Puppy files are working in a read only mode. They always are.
The save is the only place anything is in write mode.
Booted from a live Puppy CD/DVD and not using a save.
No drives are auto mounted.
So bad code would have a hard time installing to just a drive location, because the drive has to be, first mounted, to write to it.
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
I personally don't use any remote software. It is a laptop provided by my work that I use when I travel and at home. I do know that when it is physically at my work and connected to their network, they push updates, etc.Are you able to run your remoting software in a virtual machine?
I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.
Some people look to maintain a consistent 'clean' boot i.e. a "Save" content that is "clean". Mostly booting, using that and then shutting down without saving any changes, so the next boot also starts as clean. Periodically changing that (updates/whatever) by booting a clean session, making the changes/updates and then saving those changes, to then revert back to not saving, just using again. In which case, booting, going directly to your banks web site, nowhere else before or after, is 'clean'. Rebooting/reloading again afterwards also ensures that remnants of that 'secure' session are removed. Store your data outside of Puppy space (on a separate usb/partition/wherever) and there's no need to save Puppy changes repeatedly - only save when the Puppy is changed (configuration changes or system updates etc.).
That needn't be using a CD/DVD either. Even with a full HDD install you can validate that the mbr, grldr, menu.lst, vmlinuz, save file/folder and (for frugal/layered booting) initrd and main sfs haven't been unknowingly changed/tampered.
On a full install for instance its relatively simple to check the mbr ...etc. single files, and for the main system (tens of thousands of files) you can run a quick/simple test such as I outlined here http://murga-linux.com/puppy/viewtopic. ... 78#1027878 i.e. for my current fully-installed BionicPup, I restore a clean version using rsync and to ensure that restored rsync copy is clean I run that ls -alR ... | md5sum check. Provided the md5sum's compare to that when the rsync copy was created, then its reasonably certain that the current session is clean (safe). As soon as you start browsing casually around however the session becomes potentially unsafe, but if you only go directly to one site, nowhere else before or after, you can be relatively confident that you're safe.
A nice feature with full installs is that you can rsync your clean 'save' into the current live running session at any time, i.e. in effect roll back to a clean version at any time without having to reboot, and typically that rsync action runs through in just a few seconds. (You can also do a similar action to 'unload' any sfs's that you might have 'loaded' (i.e. in full installs, to load a sfs you simply extract the sfs content), rsync'ing back to a pre sfs being 'loaded' point undoes that sfs load action).
That needn't be using a CD/DVD either. Even with a full HDD install you can validate that the mbr, grldr, menu.lst, vmlinuz, save file/folder and (for frugal/layered booting) initrd and main sfs haven't been unknowingly changed/tampered.
On a full install for instance its relatively simple to check the mbr ...etc. single files, and for the main system (tens of thousands of files) you can run a quick/simple test such as I outlined here http://murga-linux.com/puppy/viewtopic. ... 78#1027878 i.e. for my current fully-installed BionicPup, I restore a clean version using rsync and to ensure that restored rsync copy is clean I run that ls -alR ... | md5sum check. Provided the md5sum's compare to that when the rsync copy was created, then its reasonably certain that the current session is clean (safe). As soon as you start browsing casually around however the session becomes potentially unsafe, but if you only go directly to one site, nowhere else before or after, you can be relatively confident that you're safe.
A nice feature with full installs is that you can rsync your clean 'save' into the current live running session at any time, i.e. in effect roll back to a clean version at any time without having to reboot, and typically that rsync action runs through in just a few seconds. (You can also do a similar action to 'unload' any sfs's that you might have 'loaded' (i.e. in full installs, to load a sfs you simply extract the sfs content), rsync'ing back to a pre sfs being 'loaded' point undoes that sfs load action).
[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
If you boot using a Puppy usb/dvd, run in ram, don't even open/access the HDD and use your own network/wifi, then your works IT dept. can't monitor/spy on those activities.sfeeley wrote:I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.
EDIT: s243a is more strictly correct "probably can't". Your work's IT group could be utilising sub-system/hardware layer key loggers/monitors as policy on all the laptops they issue out to their workforce. There's a very low likelihood of that however as that in itself would be a security risk.
Last edited by rufwoof on Sat 11 May 2019, 19:12, edited 1 time in total.
One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.
[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
It is possible for a hardware keylogger to be installed.
I think it is unlikely to have one installed, but it would work while running Puppy or Windows.
A plugin usb keyboard should be invisible to a hardware keylogger connected directly to the builtin keyboard.
Otherwise, while Puppy is running with a save file on a usb drive, they should not be able to spy on you.
If you do mount and use the hard drive, you need to disable Windows fast boot hibernate mode, or the hard drive's file system can be severely corrupted. If you don't disable hibernate, you can use the hard drive safely by ALWAYS ALWAYS rebooting Windows (as opposed to a shut down) just before booting Puppy. Windows does not hibernate when it reboots.
You can shut down Windows without hibernating by rebooting, then briefly pressing the power button just as it restarts. So if you reboot Windows, and boot to the CD, when you see the boot menu, if you press the power button it should shut off and the hard drive should not be hibernated and should be safe to use.
I think it is unlikely to have one installed, but it would work while running Puppy or Windows.
A plugin usb keyboard should be invisible to a hardware keylogger connected directly to the builtin keyboard.
Otherwise, while Puppy is running with a save file on a usb drive, they should not be able to spy on you.
If you do mount and use the hard drive, you need to disable Windows fast boot hibernate mode, or the hard drive's file system can be severely corrupted. If you don't disable hibernate, you can use the hard drive safely by ALWAYS ALWAYS rebooting Windows (as opposed to a shut down) just before booting Puppy. Windows does not hibernate when it reboots.
You can shut down Windows without hibernating by rebooting, then briefly pressing the power button just as it restarts. So if you reboot Windows, and boot to the CD, when you see the boot menu, if you press the power button it should shut off and the hard drive should not be hibernated and should be safe to use.
Last edited by williams2 on Sat 11 May 2019, 19:15, edited 1 time in total.
They could in theory install a key logger directly in the keyboard. This could give them the password to your keystore. Also if whatever network security protocal you use is vulnerable to the replay attack then they might be able to capture the hash using some kind of MITM (man in the middle) network device.rufwoof wrote:One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.
One solution for the first problem is a keyboard that uses some kind of encryption protocal.
Anyway, why not just buy a cheap used computer?
I should also mention if they are using some kind of MITM network device then they could do cookie/session-jacking. Also in this case you'll need some kind of encrypted DNS service to keep them from monitoring which sites you visit, and the actual traffic must also be encrypted (e.g. SSL). Finally you'll need some kind of VPN (or maybe proxy) to keep them from identifying what sites you visit by IP addressing.
All this assumes a MITM network device, which is unlikely to be Installed.
All this assumes a MITM network device, which is unlikely to be Installed.
Last edited by s243a on Sat 11 May 2019, 19:28, edited 3 times in total.
They probably are and should be monitoring what you do on the companies hardware (computer)!It is a laptop provided by my work.
Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.
If they are not doing this. They are really being dumb!!!
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)