Tuesday, 03 July 2007 08:09

Secure web browsing through Live Linux distros

By
There are many good reasons to be concerned about security and privacy online. For example, Internet banking can be at risk if there is any possibility of malicious software on your computer's hard drive. Banks even expressly warn that before using their systems you should ensure you have taken steps to ensure your personal security.

Happily the problem is easily solved by using bootable CDs with an alternate operating system. In fact, Australian open-source advocate Cybersource has been in discussion with banks expressly for this purpose. No matter how virus-ridden a hard drive may be, no matter how lacking its firewall or anti-spyware software, a bootable CD bypasses it all. The user simply reboots their computer with the CD in the tray. The computer ignores its regular installed operating system and loads up that provided on disc. The supplied system is guaranteed to be free from any harmful applications and, being on CD, is unmodifable and thus can never be infected. Once the user has finished their banking session, they remove the CD and reboot once more, back into their usual environment. For all intents and purposes, it may as well be that the computer had no hard drive whatsoever.

Banking isn't the be-all and end-all: there's many other reasons you'd want a secure system, separate from what's on the hard disk, besides Internet banking. Traveller's can't necessarily trust the integrity of a computer in an Internet cafe. And of course, there's issues of simply being able to browse sites of, shall we say, "personal interest", without others who use the computer knowing. The project leader of one such anonymous bootable CD puts it more crudely, "If Granny's into trannies, she should be able to download without fear." Less surreptitious purposes include having a safe, reliable bootable CD for fault-finding and troubleshooting a corrupt system, without fear of being infected by it. A well-known example is the ultimate boot CD. Really, there's no end to legitimate and practical applications for such a safe environment.

In fact, it's possible to get started immediately by downloading any of the many freely available Linux Live CD distributions. One intrepid searcher for a good Internet banking Live CD has reported his findings and these make for excellent reading.

The principle is sound, and downloading one of the above systems will happily work reliably for many people. However, there's two fundamental problems with CDs.


Firstly, a whole new CD must be made if the underlying operating system on disc has to be rebuilt - even just for the smallest security patches. And importantly, a regularly-used and carried CD is highly likely to suffer physical damage and become unusable.

Further, there's a subsequent privacy issue which is not addressed. Although using a Live CD ensures no traces of your Web browsing are left behind on the hard disk, trails are still being deposited on remote servers. Postings made online can still be tracked back to the IP address you used at a specific date and time. For many, this is not a big deal but for others, it's important to have total anonymity on both sides of the router.

Consequently, we here at ITWire have two recommendations which will give you peace of mind through a secure and anonymous bootable Linux setup.

Firstly, to solve the problem of using a CD, consider a USB-bootable Linux distribution. These are specially built distros that have been cut down to minimal size. This runs a risk of not having an application you want but being on USB, you are able to add it and tailor the environment as desired subject to constraints. For instance, such tiny Linux versions will generally have just one window manager rather than the five or more which usually ship.

One such miniscule Linux is Feather Linux which takes up less than 128Mb - a trifling size for today's USB drives. Download the distribution and unzip it to a USB drive. Next download SYSLinux - and run the command SYSLINUX E: in Windows or syslinux /dev/sda1 in Linux (replacing E: or /dev/sda1 for the drive letter or location of your USB stick.) This makes the USB drive bootable. It's worth testing it right away; if you find your computer won't boot, check the BIOS settings to ensure that USB is listed as a boot option before the hard drive. Secondly, try running syslinux again with the -s flag. This makes it install a safer (but slower) boot loader which may work on some older machines.

Another tiny distro option is PuppyOS. It is also lightweight, taking no more than 128Mb space. Nicely, it boasts faster run-time performance because it uses available RAM as a virtual hard drive, loading all apps required into memory. Only 128Mb RAM is required, which is a fairly safe memory requirement for most computers built within the last decade. PuppyOS has a more streamlined installation process; download the installer and it will both load all the necessary files onto a USB drive as well as make it bootable.

Now, with a bootable Linux USB drive, there is still one more recommendation for total safety and anonymity and that is to use Tor. Tor was originally designed by the U.S. military but has since become co-founded and promoted by privacy advocates Electronic Frontiers Foundation (EFF). Tor is described as a multi-onion-layered system, which describes its anonymising processes that route traffic three times through random nodes on its way between clients and servers. This makes it very difficult for anyone to track down the identity of the person browsing.

Tor can be freely downloaded. It requires some configuration which is largely straightforward through its bundled tools. You will need to run privoxy, a filtering web proxy, and then the torbutton plugin for Firefox. If you do not use Firefox, or wish to route other apps through Tor, all that is really required is to find where configuration options allow for a proxy to be specified; use localhost, port 8118, and then all your traffic will wend through Tor.

Be warned that Tor can be very slow at times, as a direct consequence of the way it works. Nevertheless, if you want a complete, straightforward mechanism to browse the Web securely without leaving any trace on either the computer or the Internet, you need look no further than a Live Linux distro coupled with Tor.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments