Tuesday, 03 July 2007 08:09

Secure web browsing through Live Linux distros

By

There are many good reasons to be concerned about security and privacy online. For example, Internet banking can be at risk if there is any possibility of malicious software on your computer's hard drive. Banks even expressly warn that before using their systems you should ensure you have taken steps to ensure your personal security.

Happily the problem is easily solved by using bootable CDs with an alternate operating system. In fact, Australian open-source advocate Cybersource has been in discussion with banks expressly for this purpose. No matter how virus-ridden a hard drive may be, no matter how lacking its firewall or anti-spyware software, a bootable CD bypasses it all. The user simply reboots their computer with the CD in the tray. The computer ignores its regular installed operating system and loads up that provided on disc. The supplied system is guaranteed to be free from any harmful applications and, being on CD, is unmodifiable and thus can never be infected. Once the user has finished their banking session, they remove the CD and reboot once more, back into their usual environment. For all intents and purposes, it may as well be that the computer had no hard drive whatsoever.

Banking isn't the be-all and end-all: there are many other reasons you'd want a secure system, separate from what's on the hard disk, besides Internet banking. Travellers can't necessarily trust the integrity of a computer in an Internet cafe. And of course, there are issues of simply being able to browse sites of, shall we say, "personal interest", without others who use the computer knowing. The project leader of one such anonymous bootable CD puts it more crudely, "If Granny's into trannies, she should be able to download without fear." Less surreptitious purposes include having a safe, reliable bootable CD for fault-finding and troubleshooting a corrupt system, without fear of being infected by it. A well-known example is the ultimate boot CD. Really, there's no end to legitimate and practical applications for such a safe environment.

In fact, it's possible to get started immediately by downloading any of the many freely available Linux Live CD distributions. One intrepid searcher for a good Internet banking Live CD has reported his findings and these make for excellent reading.

The principle is sound, and downloading one of the above systems will happily work reliably for many people. However, there are two fundamental problems with CDs.


Firstly, a whole new CD must be made if the underlying operating system on disc has to be rebuilt - even just for the smallest security patches. And importantly, a regularly-used and carried CD is highly likely to suffer physical damage and become unusable.

Further, there's a subsequent privacy issue which is not addressed. Although using a Live CD ensures no traces of your Web browsing are left behind on the hard disk, trails are still being deposited on remote servers. Postings made online can still be traced back to the IP address you used at a specific date and time. For many, this is not a big deal but for others, it's important to have total anonymity on both sides of the router.

Consequently, we here at ITWire have two recommendations which will give you peace of mind through a secure and anonymous bootable Linux setup.

Firstly, to solve the problem of using a CD, consider a USB-bootable Linux distribution. These are specially built distros that have been cut down to minimal size. This runs a risk of not having an application you want but being on USB, you are able to add it and tailor the environment as desired subject to constraints. For instance, such tiny Linux versions will generally have just one window manager rather than the five or more which usually ship.

One such minuscule Linux is Feather Linux which takes up less than 128Mb - a trifling size for today's USB drives. Download the distribution and unzip it to a USB drive. Next download SYSLinux - and run the command SYSLINUX E: in Windows or syslinux /dev/sda1 in Linux (replacing E: or /dev/sda1 for the drive letter or location of your USB stick.) This makes the USB drive bootable. It's worth testing it right away; if you find your computer won't boot, check the BIOS settings to ensure that USB is listed as a boot option before the hard drive. Secondly, try running syslinux again with the -s flag. This makes it install a safer (but slower) boot loader which may work on some older machines.

Another tiny distro option is PuppyOS. It is also lightweight, taking no more than 128Mb space. Nicely, it boasts faster run-time performance because it uses available RAM as a virtual hard drive, loading all apps required into memory. Only 128Mb RAM is required, which is a fairly safe memory requirement for most computers built within the last decade. PuppyOS has a more streamlined installation process; download the installer and it will both load all the necessary files onto a USB drive as well as make it bootable.

Now, with a bootable Linux USB drive, there is still one more recommendation for total safety and anonymity and that is to use Tor. Tor was originally designed by the U.S. military but has since become co-founded and promoted by privacy advocates Electronic Frontiers Foundation (EFF). Tor is described as a multi-onion-layered system, which describes its anonymising processes that route traffic three times through random nodes on its way between clients and servers. This makes it very difficult for anyone to track down the identity of the person browsing.

Tor can be freely downloaded. It requires some configuration which is largely straightforward through its bundled tools. You will need to run privoxy, a filtering web proxy, and then the torbutton plugin for Firefox. If you do not use Firefox, or wish to route other apps through Tor, all that is really required is to find where configuration options allow for a proxy to be specified; use localhost, port 8118, and then all your traffic will wend through Tor.

Be warned that Tor can be very slow at times, as a direct consequence of the way it works. Nevertheless, if you want a complete, straightforward mechanism to browse the Web securely without leaving any trace on either the computer or the Internet, you need to look no further than a Live Linux distro coupled with Tor.


Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments