Possible to use Puppylinux as a safe OS on a SD-card?

Using applications, configuring, problems
Message
Author
kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

Possible to use Puppylinux as a safe OS on a SD-card?

#1 Post by kattami »

I have been wondering about something for a while.

Even if I tried to do this, I wouldnt know if it really did work. Because I am not that knowledgeable to be able to test this by checking what happens when using it.

Thats why I thought about asking here.

In case someone here knows that it will really work, or not.

We know that using LiveCD with puppylinux is a safe way to do our banking and so on. When we need to get into websites that we dont want any others to hack into.

And that made me think.

I've been running Saluki on an SD-card for a long time now. I saved the savefile onto it and also all the sfs-files that I use in Saluki. It goes very well.

Thats why I started to wonder if it was possible to use the SD-cards as a safe operativesystem for the times one need to get into ones own netbank when travelling and so on.

The SD-cards has that button you can push one way to make it only readable and the other way makes it readable/writable. What I am thinking about is the only readable state. Not possible to write into.

Would this mean it is possible to make something that is similar to a LiveCD? To have an SD-card that is specifically for safe banking. With all the other things, like a savefile and also sfs files on the SD-card too? And just push the button on the side so its not writable.

I would really like to know if it would work, because when I have been on travel I always get that feeling that its not that safe to use the hotels wifi. But if it had been possible with one safe SD-card, I would know this one would be a very good option.

With all the netbooks and ultrabooks that is now, which doesnt have a DVD-player/burner, it would be very practical having a safe card.

User avatar
Amgine
Posts: 231
Joined: Thu 22 Sep 2011, 01:27
Location: Washington State

#2 Post by Amgine »

Good idea..

At boot up, the puupy screen that has options if you press F2 or F3
You can make your puppy run in RAM like a Live CD. "I think it tells you how at the screen".

I wonder how we could make it start off that way everytime?

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#3 Post by Sylvander »

I have my Puppy [Slacko-5.3.3.1] set up so it only saves session changes back to the pupsave on the partition on the internal HDD, if I tell it to.

Hence...
I can boot into a session...
Do my banking or purchasing [stuff at safe websites]...
And reboot without saving any session changes.

The next session might need [or not need] manual saves.

With each session, I can choose "to save or not to save".

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#4 Post by kattami »

And this is enough?

I can see that booting a session without saving would be safe.

But one of the things that I need to access netbank, is java.

Because of the bankid-window which pops up when logging in.

This bankid is an identification thing the banks gives to customers and its used to login on quite many sites. Not sure if this is just a special thing for Norway or if other countries too has this.

How do I boot into a session which normally doesnt have sfs's, adding the sfs file with java, without having to reboot to get puppylinux to add the sfs?

I dont want java installed on my savefile, hence I rather use the sfs when I need to.

As far as I can see, Saluki doesnt add automatically right there and then. And I dont know if any of the new puppylinux versions is able to do that?

This is partly why I was wondering if a SD card that can only be read, which has a savefile and sfs's added to it, would work.

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#5 Post by kattami »

Nevermind.

I remembered just now there was some talk before about that it is possible to add sfs's and set up everything as it should be on a liveCD. And it boots up in RAM with it all working. Hopefully I do remember right.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#6 Post by Sylvander »

1. "And this is enough?"
I'm not a Puppy super-expert, but...
Seems to me that it IS enough to keep me safe.

2. "But one of the things that I need to access netbank, is java.
Because of the bankid-window which pops up when logging in.
"
So you can have that if you like.

3. "This bankid is an identification thing the banks gives to customers and its used to login on quite many sites."
I get this too...
And I keep all my usernames and passwords etc in a password-vault= "Acerose Password Vault" [a Windows program that needs to be run using the winefile command].
I copy&paste stuff from the vault to the input windows, so I'm unlikely to get them wrong.
I never get the Puppy to save passwords, except the harmless Puppy forums password.

4. "I dont want java installed on my savefile"
Why not?
If during your banking session [as I do], you copy&paste the address of the banking website from the password vault, then you MUST be at the genuine banking webpage...
And surely your bank isn't going to use Java to do anything nasty.

User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#7 Post by Semme »

Really? Are you sure you're not confusing Java with JavaScript?
One of the things that I need to access NetBank, is Java."
You should ask as I highly doubt this to be the case.

Browser enabled JS, coupled with Adobes` FlashPlayer *IS* the norm..

numbfingers
Posts: 1
Joined: Sat 19 Jan 2013, 00:08

#8 Post by numbfingers »

kattami-

I have used many Puppies in the last few years, but your post is the first one I know much about.

I use Puppy on a 2GB SD card that my computer can boot. I download the .iso for the Puppy in Windows and use unetbootin to set up the FAT formatted SD card.

I reboot from the SD card, set up networking, and use Puppy Package Manager to add any software I want. I set up Firefox with add-ons like Adblock, Flashblock, Noscript, Better Privacy, and Eraser. I set the Firefox preferences so that it won't remember history, cookies, or passwords.

Then I test Firefox on some harmless sites (not my banking site), erase history (checking every box), and close Firefox.

Then I shut down Puppy and create a 512M or 1GB pupsave file. I reboot from the SD card and and make sure everything is still working, but don't go to any banking sites or any other site that stores personal info. Then I poweroff the computer and slide the switch on the SD card so it's read-only.

This has worked OK for me. Puppy will run fine and it says it is saving to the pupsave file, but nothing seems to be stored as long as the switch on the card is in the "lock" position. I usually power down the PC by holding the power switch for 10-15 seconds until it shuts off. Not the recommended procedure but it's worked for me.

A few other things:

- I've seen claims that the write-protect switch on SD cards is not in hardware, but instead a flag that the OS must observe. I have no idea if this is true.

- I usually install Bleachbit, but you must also get Python working properly on your Puppy.

- I also like to use the "Remove Built-in Packages" option in Puppy to remove NTFS-3G so that my Puppy SD card can't write to Windows partitions on my hard drive.

-I don't use a swap file.

Hope this helps. I'm using Windows right now so I may have mixed up some of the Puppy details since I'm not looking at it.

-Steve W.

User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#9 Post by Semme »

Consider this and the two posts by Amigo that follow. IMO- Pup's first and foremost.. a developers distro.

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#10 Post by kattami »

Really? Are you sure you're not confusing Java with JavaScript?

Quote:
One of the things that I need to access NetBank, is Java."


You should ask as I highly doubt this to be the case.

Browser enabled JS, coupled with Adobes` FlashPlayer *IS* the norm..
Yeah, I am sure.

Norwegian banks gives out bankid that is not working without having java installed.

Went to the bankid site to find the info concerning java. Hope you understand the text (I used google translate):

"Problems using BankID?

Banks have learned that there may be problems with the use of BankID from users in certain businesses. Here are the system administrator of the business information on how to identify and resolve any issues related to the use of BankID.

Use of BankID assumes that used Java-based BankID software:

BankID software is a digitally signed Java applet that is downloaded on the user's computer each time BankID used
The software is downloaded and run on the user's web browser and communicates encrypted with the site that the user interacts with
To use BankID software, a user must be able to download and run both signed and unsigned Java applets"

Google translate was not able to translate the link because the site is using the https:// - so all I can do is giving you the norwegian link that has only norwegian text. The bit I got translated is from this link:

https://www.bankid.no/Hjelp-og-nyttige- ... ke-BankID/

They have been mumbling about trying to make something else that doesnt need java because of the problems the late years, but no news on this so far.

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#11 Post by kattami »

4. "I dont want java installed on my savefile"
Why not?
If during your banking session [as I do], you copy&paste the address of the banking website from the password vault, then you MUST be at the genuine banking webpage...
And surely your bank isn't going to use Java to do anything nasty.
Its just me liking to avoid having big programs installed into the savefile. I like to have a few sfs outside the savefile because then I know it works no matter how many new savefiles I create.

Passwords: I never store them anywhere. Remember most of them in my head and if not, I reset and make new password at the sites where I forget the password. :-)

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#12 Post by kattami »

numbfingers wrote:kattami-

I have used many Puppies in the last few years, but your post is the first one I know much about.
Very glad you posted. Thank you very much!
A few other things:

- I've seen claims that the write-protect switch on SD cards is not in hardware, but instead a flag that the OS must observe. I have no idea if this is true.

- I usually install Bleachbit, but you must also get Python working properly on your Puppy.

- I also like to use the "Remove Built-in Packages" option in Puppy to remove NTFS-3G so that my Puppy SD card can't write to Windows partitions on my hard drive.

-I don't use a swap file.

Hope this helps. I'm using Windows right now so I may have mixed up some of the Puppy details since I'm not looking at it.

-Steve W.
Thanks for this info. I will try to find if this lock is hardware-based or not.

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#13 Post by kattami »

Semme wrote:Consider this and the two posts by Amigo that follow. IMO- Pup's first and foremost.. a developers distro.
I read the posts. Thanks.

Yes, I guess one can never know.

But at least it could perhaps be more safe to just run one sd-card only for banking and no surfing, then switch to another sd-card for the "normal use"?

As for the bios, would this affect a new session running only in RAM for a few minutes while banking when not surfing anywhere else on that card?

User avatar
rhadon
Posts: 1292
Joined: Thu 27 Mar 2008, 11:05
Location: Germany

#14 Post by rhadon »

kattami wrote:But at least it could perhaps be more safe to just run one sd-card only for banking and no surfing, then switch to another sd-card for the "normal use"?
This is what I'm doing, and although I'm allways root and don't use any anti virus program and using a save file , I feel much more save than using any OS for all.

About save file:
I think it depends on how you're doing home banking. If you're using only a browser and all datas are on the server of your bank, you don't need one.
In my case, I'm using a banking program which records all datas, so I can analyze them offline too. In this case, I don't see any advantage by not using a save file.

To prevent a save file (if you don't need to store any datas from bank), you can make a remaster. This means, you install a Puppy, make your personal settings, install the programs you need and then build a new Puppy with all this settings and programs included. It's not so difficult as it sounds. Look in menu for Live CD or remaster.

HTH and cheers,
Rolf
Ich verwende "frugal", und das ist gut so. :wink:
Raspberry Pi without Puppy? No, thanks.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#15 Post by Sylvander »

kattami wrote:Passwords: I never store them anywhere. Remember most of them in my head
I have so much multi-various info inside my password vault it would be impossible for me to memorize all of it.
e.g. URL's to websites [cannot be redirected to spoof websites].
Plus, it's SECURE inside there because it's encrypted, and protected with a username and LOOoong password.
Plus it's SAFE [unlikely to be lost] because the program automatically makes and keeps 5 backups of the contents.
Plus I can use the program to auto-generate long and complex passwords, that can then be copied and pasted rather than typed into place.

User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#16 Post by Semme »


kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#17 Post by kattami »

Semme wrote:*WOW!* No Sh_t Sherlock! >> http://www.chronicles.no/2012/09/bankid ... riend.html
Yeah.

Pretty crazy, isnt it?

More than crazy, I would say. Fortunately I only have one place where they only have this bankid as login. I am going to write to them and ask why they dont have more than one choice in login.

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#18 Post by kattami »

Sylvander wrote:
kattami wrote:Passwords: I never store them anywhere. Remember most of them in my head
I have so much multi-various info inside my password vault it would be impossible for me to memorize all of it.
e.g. URL's to websites [cannot be redirected to spoof websites].
Plus, it's SECURE inside there because it's encrypted, and protected with a username and LOOoong password.
Plus it's SAFE [unlikely to be lost] because the program automatically makes and keeps 5 backups of the contents.
Plus I can use the program to auto-generate long and complex passwords, that can then be copied and pasted rather than typed into place.
Very clever!

kattami
Posts: 109
Joined: Fri 18 Jan 2008, 02:16
Location: Norway

#19 Post by kattami »

As for the remastering, yes I thought about that when I said the comment earlier where I said nevermind.

Was remembering some folks her said it was possible to add whatever one needs to and the remaster it. Also sfs files.

User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#20 Post by Semme »

Kattami, does BankID's software work with the plugin on your system, and with which browser.. FF 18.0.1?

Post Reply