Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 20 Sep 2019, 07:40
All times are UTC - 4
 Forum index » House Training » Beginners Help ( Start Here)
How private is Puppy from wifi?
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [14 Posts]  
Author Message
sfeeley

Joined: 14 Feb 2010
Posts: 814

PostPosted: Sat 11 May 2019, 11:22    Post subject:  How private is Puppy from wifi?
Subject description: work computer from home?
 

If using a work computer from home on own wifi, how private is puppy?

In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.

Would the computer be safe from keyloggers and other employer monitoring software?

Other issues to consider?

(Need to use it to pay bills/taxes/etc)
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 2073

PostPosted: Sat 11 May 2019, 13:10    Post subject: Re: how private?
Subject description: work computer from home?
 

sfeeley wrote:
If using a work computer from home on own wifi, how private is puppy?

In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.

Would the computer be safe from keyloggers and other employer monitoring software?

Other issues to consider?

(Need to use it to pay bills/taxes/etc)


Are you able to run your remoting software in a virtual machine?
Back to top
View user's profile Send private message Visit poster's website 
bigpup


Joined: 11 Oct 2009
Posts: 12572
Location: S.C. USA

PostPosted: Sat 11 May 2019, 13:47    Post subject:  

Probably really depends on what you connect to.
To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.
If all you ever do is go to very specific safe locations and only those locations. It would be very hard to get some bad software.

Example:
Connecting to a bank and only a bank.

Some people do this for banking.
If you boot not using the save.
Sure you would have to setup network connection and would not have any saved settings.
Go to the bank web site.
Do whatever.
Shutdown computer when completed.
No bad software could get on the computer (hope there is none on a bank web site), because the save is not being used.
Anything that did get installed would be only in RAM memory and would be cleared out when computer is shutdown.
The core Puppy files are working in a read only mode. They always are.
The save is the only place anything is in write mode.

Booted from a live Puppy CD/DVD and not using a save.
No drives are auto mounted.
So bad code would have a hard time installing to just a drive location, because the drive has to be, first mounted, to write to it.

_________________
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
YaPI(any iso installer) http://www.murga-linux.com/puppy/viewtopic.php?t=107601
Back to top
View user's profile Send private message 
sfeeley

Joined: 14 Feb 2010
Posts: 814

PostPosted: Sat 11 May 2019, 14:36    Post subject:  

Quote:

Are you able to run your remoting software in a virtual machine?


I personally don't use any remote software. It is a laptop provided by my work that I use when I travel and at home. I do know that when it is physically at my work and connected to their network, they push updates, etc.

Quote:
To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.


I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3443

PostPosted: Sat 11 May 2019, 14:50    Post subject:  

Some people look to maintain a consistent 'clean' boot i.e. a "Save" content that is "clean". Mostly booting, using that and then shutting down without saving any changes, so the next boot also starts as clean. Periodically changing that (updates/whatever) by booting a clean session, making the changes/updates and then saving those changes, to then revert back to not saving, just using again. In which case, booting, going directly to your banks web site, nowhere else before or after, is 'clean'. Rebooting/reloading again afterwards also ensures that remnants of that 'secure' session are removed. Store your data outside of Puppy space (on a separate usb/partition/wherever) and there's no need to save Puppy changes repeatedly - only save when the Puppy is changed (configuration changes or system updates etc.).

That needn't be using a CD/DVD either. Even with a full HDD install you can validate that the mbr, grldr, menu.lst, vmlinuz, save file/folder and (for frugal/layered booting) initrd and main sfs haven't been unknowingly changed/tampered.

On a full install for instance its relatively simple to check the mbr ...etc. single files, and for the main system (tens of thousands of files) you can run a quick/simple test such as I outlined here http://murga-linux.com/puppy/viewtopic.php?p=1027878#1027878 i.e. for my current fully-installed BionicPup, I restore a clean version using rsync and to ensure that restored rsync copy is clean I run that ls -alR ... | md5sum check. Provided the md5sum's compare to that when the rsync copy was created, then its reasonably certain that the current session is clean (safe). As soon as you start browsing casually around however the session becomes potentially unsafe, but if you only go directly to one site, nowhere else before or after, you can be relatively confident that you're safe.

A nice feature with full installs is that you can rsync your clean 'save' into the current live running session at any time, i.e. in effect roll back to a clean version at any time without having to reboot, and typically that rsync action runs through in just a few seconds. (You can also do a similar action to 'unload' any sfs's that you might have 'loaded' (i.e. in full installs, to load a sfs you simply extract the sfs content), rsync'ing back to a pre sfs being 'loaded' point undoes that sfs load action).

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 2073

PostPosted: Sat 11 May 2019, 14:53    Post subject:  

sfeeley wrote:
]I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.


In theory they could but if you are running an OS that they didn't install then they probably aren't.
Back to top
View user's profile Send private message Visit poster's website 
rufwoof


Joined: 24 Feb 2014
Posts: 3443

PostPosted: Sat 11 May 2019, 14:54    Post subject:  

sfeeley wrote:
I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

If you boot using a Puppy usb/dvd, run in ram, don't even open/access the HDD and use your own network/wifi, then your works IT dept. can't monitor/spy on those activities.

EDIT: s243a is more strictly correct "probably can't". Your work's IT group could be utilising sub-system/hardware layer key loggers/monitors as policy on all the laptops they issue out to their workforce. There's a very low likelihood of that however as that in itself would be a security risk.

Last edited by rufwoof on Sat 11 May 2019, 15:12; edited 1 time in total
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3443

PostPosted: Sat 11 May 2019, 15:04    Post subject:  

One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.
_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
williams2

Joined: 14 Dec 2018
Posts: 141

PostPosted: Sat 11 May 2019, 15:12    Post subject:  

It is possible for a hardware keylogger to be installed.
I think it is unlikely to have one installed, but it would work while running Puppy or Windows.
A plugin usb keyboard should be invisible to a hardware keylogger connected directly to the builtin keyboard.

Otherwise, while Puppy is running with a save file on a usb drive, they should not be able to spy on you.

If you do mount and use the hard drive, you need to disable Windows fast boot hibernate mode, or the hard drive's file system can be severely corrupted. If you don't disable hibernate, you can use the hard drive safely by ALWAYS ALWAYS rebooting Windows (as opposed to a shut down) just before booting Puppy. Windows does not hibernate when it reboots.

You can shut down Windows without hibernating by rebooting, then briefly pressing the power button just as it restarts. So if you reboot Windows, and boot to the CD, when you see the boot menu, if you press the power button it should shut off and the hard drive should not be hibernated and should be safe to use.

Last edited by williams2 on Sat 11 May 2019, 15:15; edited 1 time in total
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 2073

PostPosted: Sat 11 May 2019, 15:13    Post subject:  

rufwoof wrote:
One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.


They could in theory install a key logger directly in the keyboard. This could give them the password to your keystore. Also if whatever network security protocal you use is vulnerable to the replay attack then they might be able to capture the hash using some kind of MITM (man in the middle) network device.

One solution for the first problem is a keyboard that uses some kind of encryption protocal.

Anyway, why not just buy a cheap used computer?
Back to top
View user's profile Send private message Visit poster's website 
s243a

Joined: 02 Sep 2014
Posts: 2073

PostPosted: Sat 11 May 2019, 15:23    Post subject:  

I should also mention if they are using some kind of MITM network device then they could do cookie/session-jacking. Also in this case you'll need some kind of encrypted DNS service to keep them from monitoring which sites you visit, and the actual traffic must also be encrypted (e.g. SSL). Finally you'll need some kind of VPN (or maybe proxy) to keep them from identifying what sites you visit by IP addressing.

All this assumes a MITM network device, which is unlikely to be Installed.

Last edited by s243a on Sat 11 May 2019, 15:28; edited 3 times in total
Back to top
View user's profile Send private message Visit poster's website 
s243a

Joined: 02 Sep 2014
Posts: 2073

PostPosted: Sat 11 May 2019, 15:24    Post subject:  

On another note if they are running a MITM network device then they can port scan you in order to see what network services your are running and then check for known vulnerabilities based on this information.

edit: Kali Linux has the right slogan in this situation which is

Quote:

“The quieter you become, the more you are able to hear”

https://itsfoss.com/kali-linux-review/

I'm not sure how whether or not puppy live up to this ideal.

Last edited by s243a on Sat 11 May 2019, 15:42; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
sfeeley

Joined: 14 Feb 2010
Posts: 814

PostPosted: Sat 11 May 2019, 15:40    Post subject:  

Thanks! I think this answers for my purposes.
I don't think there would be anything too sophisticated in place.

Good to know about the safe-boot/hibernate. Intent is not to ever mount the harddrive, but now will be extra careful.

Yes--waiting for a cheap used computer!
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 12572
Location: S.C. USA

PostPosted: Sat 11 May 2019, 16:13    Post subject:  

Quote:
It is a laptop provided by my work.
Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

They probably are and should be monitoring what you do on the companies hardware (computer)! Shocked

If they are not doing this. They are really being dumb!!!

_________________
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
YaPI(any iso installer) http://www.murga-linux.com/puppy/viewtopic.php?t=107601
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [14 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Beginners Help ( Start Here)
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1553s ][ Queries: 11 (0.0426s) ][ GZIP on ]