(old)Puppy Linux Discussion Forum

If using a work computer from home on own wifi, how private is puppy?

In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.

Would the computer be safe from keyloggers and other employer monitoring software?
Other issues to consider?

(Need to use it to pay bills/taxes/etc)

sfeeley wrote:If using a work computer from home on own wifi, how private is puppy?

In this case, booting from DVD/CD with save file on USB. Harddrive is never really activated.

Would the computer be safe from keyloggers and other employer monitoring software?
Other issues to consider?

(Need to use it to pay bills/taxes/etc)

Are you able to run your remoting software in a virtual machine?

Probably really depends on what you connect to.
To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.
If all you ever do is go to very specific safe locations and only those locations. It would be very hard to get some bad software.

Example:
Connecting to a bank and only a bank.

Some people do this for banking.
If you boot not using the save.
Sure you would have to setup network connection and would not have any saved settings.
Go to the bank web site.
Do whatever.
Shutdown computer when completed.
No bad software could get on the computer (hope there is none on a bank web site), because the save is not being used.
Anything that did get installed would be only in RAM memory and would be cleared out when computer is shutdown.
The core Puppy files are working in a read only mode. They always are.
The save is the only place anything is in write mode.

Booted from a live Puppy CD/DVD and not using a save.
No drives are auto mounted.
So bad code would have a hard time installing to just a drive location, because the drive has to be, first mounted, to write to it.

Are you able to run your remoting software in a virtual machine?

I personally don't use any remote software. It is a laptop provided by my work that I use when I travel and at home. I do know that when it is physically at my work and connected to their network, they push updates, etc.

To get something bad downloaded to the computer. You have to access the location that has it and then download the bad software.

I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

Some people look to maintain a consistent 'clean' boot i.e. a "Save" content that is "clean". Mostly booting, using that and then shutting down without saving any changes, so the next boot also starts as clean. Periodically changing that (updates/whatever) by booting a clean session, making the changes/updates and then saving those changes, to then revert back to not saving, just using again. In which case, booting, going directly to your banks web site, nowhere else before or after, is 'clean'. Rebooting/reloading again afterwards also ensures that remnants of that 'secure' session are removed. Store your data outside of Puppy space (on a separate usb/partition/wherever) and there's no need to save Puppy changes repeatedly - only save when the Puppy is changed (configuration changes or system updates etc.).

That needn't be using a CD/DVD either. Even with a full HDD install you can validate that the mbr, grldr, menu.lst, vmlinuz, save file/folder and (for frugal/layered booting) initrd and main sfs haven't been unknowingly changed/tampered.

On a full install for instance its relatively simple to check the mbr ...etc. single files, and for the main system (tens of thousands of files) you can run a quick/simple test such as I outlined here http://murga-linux.com/puppy/viewtopic. ... 78#1027878 i.e. for my current fully-installed BionicPup, I restore a clean version using rsync and to ensure that restored rsync copy is clean I run that ls -alR ... | md5sum check. Provided the md5sum's compare to that when the rsync copy was created, then its reasonably certain that the current session is clean (safe). As soon as you start browsing casually around however the session becomes potentially unsafe, but if you only go directly to one site, nowhere else before or after, you can be relatively confident that you're safe.

A nice feature with full installs is that you can rsync your clean 'save' into the current live running session at any time, i.e. in effect roll back to a clean version at any time without having to reboot, and typically that rsync action runs through in just a few seconds. (You can also do a similar action to 'unload' any sfs's that you might have 'loaded' (i.e. in full installs, to load a sfs you simply extract the sfs content), rsync'ing back to a pre sfs being 'loaded' point undoes that sfs load action).

sfeeley wrote:]I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

In theory they could but if you are running an OS that they didn't install then they probably aren't.

sfeeley wrote:I'm not worried about myself downloading bad software. Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

If you boot using a Puppy usb/dvd, run in ram, don't even open/access the HDD and use your own network/wifi, then your works IT dept. can't monitor/spy on those activities.

EDIT: s243a is more strictly correct "probably can't". Your work's IT group could be utilising sub-system/hardware layer key loggers/monitors as policy on all the laptops they issue out to their workforce. There's a very low likelihood of that however as that in itself would be a security risk.

One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.

It is possible for a hardware keylogger to be installed.
I think it is unlikely to have one installed, but it would work while running Puppy or Windows.
A plugin usb keyboard should be invisible to a hardware keylogger connected directly to the builtin keyboard.

Otherwise, while Puppy is running with a save file on a usb drive, they should not be able to spy on you.

If you do mount and use the hard drive, you need to disable Windows fast boot hibernate mode, or the hard drive's file system can be severely corrupted. If you don't disable hibernate, you can use the hard drive safely by ALWAYS ALWAYS rebooting Windows (as opposed to a shut down) just before booting Puppy. Windows does not hibernate when it reboots.

You can shut down Windows without hibernating by rebooting, then briefly pressing the power button just as it restarts. So if you reboot Windows, and boot to the CD, when you see the boot menu, if you press the power button it should shut off and the hard drive should not be hibernated and should be safe to use.

rufwoof wrote:One thing to be mindful of is that running Puppy is by no means secure and if whatever you did (even though using a usb or dvd) in your private activities led to something being inserted onto the HDD (or your work security keys being stolen from the HDD etc.) that led to work related security issues/compromise - then likely there would be trace-ability back to you/your laptop i.e. perhaps your work systems security keys were used by a third party to penetrate your work systems network/computers. In which case you'd be open to dismissal or possibly even worse.

They could in theory install a key logger directly in the keyboard. This could give them the password to your keystore. Also if whatever network security protocal you use is vulnerable to the replay attack then they might be able to capture the hash using some kind of MITM (man in the middle) network device.

One solution for the first problem is a keyboard that uses some kind of encryption protocal.

Anyway, why not just buy a cheap used computer?

I should also mention if they are using some kind of MITM network device then they could do cookie/session-jacking. Also in this case you'll need some kind of encrypted DNS service to keep them from monitoring which sites you visit, and the actual traffic must also be encrypted (e.g. SSL). Finally you'll need some kind of VPN (or maybe proxy) to keep them from identifying what sites you visit by IP addressing.

All this assumes a MITM network device, which is unlikely to be Installed.

Thanks! I think this answers for my purposes.
I don't think there would be anything too sophisticated in place.

Good to know about the safe-boot/hibernate. Intent is not to ever mount the harddrive, but now will be extra careful.

Yes--waiting for a cheap used computer!

It is a laptop provided by my work.
Rather I worry that someone from my work's IT department could monitor/spy on what I am doing with this computer.

They probably are and should be monitoring what you do on the companies hardware (computer)!

If they are not doing this. They are really being dumb!!!