acess sensitive sites

[Peter2]

I would like to start a discussion about three choices to guard against intrusion in sites you want to be confidential.
One is the Live cd. Another is the Live flash drive. The third is a virtual machine.
Bear in mind, please, that at times one must print from these sites.
With this is there anyone one who wishes to join this discussion?

 

[Julio Cortez]

Nice topic which surely deserves a deeper insight as I'm looking for something similar too.

I'm interested in something similar in order to feel more secure while doing online banking transactions and in general everything that involves sensitive data (e.g. ordering things on Amazon and paying via credit card).

Live CD/DVD surely has the advantage of being an optical disk which has been closed and finalized, so each and every time you boot it you know for sure you're in a clean environment.
On the other hand (and this is the reason I probably won't use it) it's not persistent so you cannot save data on it. I'd like to have an environment in which all my banking documents/Amazon receipts and so on can be directly stored (and having to use an additional, external USB drive for persistent storage defeats the purpose somehow).

Indeed, I decided to go for a Linux Mint install on a 32GB USB 2.0 pen drive as first choice, thinking that it would boot nearly everywhere without me having to tinker with drivers and/or activation problems if I ever used it also on another computer (so maybe during holidays on my GF's laptop for example).
Unfortunately it ended up being so slow and sluggish to be nearly unusable probably because of the USB 2.0 data transfer rate being too small (480Mbit/s is actually slower than an average IDE drive). Need to try it with a USB 3.0 pen drive or external disk and see if it behaves well, as it looks like the best solution for me right now.

Now I'm just using a VM, but I'd really like to know if there's a better/more convenient way to have a safe, standalone environment which I can tailor to my needs and carry with me wherever I go (thing that, obvoiusly, can't be easily done with a VM).

 

[Peter2]

security cont.

Nice of you to join, Julio.
I can tell from the content of your reply that you are more knowledgeable than I am BUT that is why I started this discussion. I see that you have issues you would like explained and elaborated upon so it is my hope that those who are skilled will join us with the information we both seek.
I have the same needs and perhaps by the time the thread is completed we shall both have attaind our goals.
I would be happy with a VM but as you say it lacks portability and my pcs are relatively new. I don't want to chance a blowout on either end and I did not have much luck with a VM on my older pc and also lack the skill..

I have Puppy 5.6 Live cd which zips along but need to print and have not been able to tackle that yet. I also don't know if it would compromise my security. I was thinking about the flash drive but will not after reading your comments.

So you need portability and the ability to save data with the same security as the live cd and I need to know how to print with the live cd.
I would settle for the ability to print or the skill to create a VM which I can print from.

Let us hope someone will join who can help each of us.
Thank you for replying and keep fingers crossed. Do not be discouraged by my naiveté as you may get your issue resolved regardless of my level of skill.
May I ask, do you consider the VM as secure as the Live cd and can you print from it?
Peter
P.S. This is the iso that I referred to which is lightweight and fast that I need to be able to print from. You may be interested in trying it.http://distro.ibiblio.org/puppylinux/puppy-5.6/slacko-5.6-PAE.iso

 

[caperjack]

im no expert on any of this ,but it seems to me its not the media we choose but the security of the internet where we choose to access the device we use ,like a hotel ,restaurant , or work wifi ,ect ect or am I missing something ,
I have a live puppy Linux dvd that I can save file ,settings ,IE favorites ect ect ,to ,and I have one that is not writable ,I think the one that is not writable would be the safest .

 

[Peter2]

That is my understanding as it cannot be written to.
More ideas?
I need to know how to print from my non writable puppy cd and Julio has concerns he posted above.

 

[Julio Cortez]

it seems to me its not the media we choose but the security of the internet where we choose to access the device we use ,like a hotel ,restaurant , or work wifi ,ect ect or am I missing something

You're absolutely right: I for one wouldn't use a wi-fi network which I don't trust.
And I'm a little paranoid when it comes to wi-fi security: the one I have at home is turned on just during the evening hours when usually I'm at home, doesn't broadcast the SSID, has a strong password and... A MAC-based whitelist
Of course having a separate environment just to do banking/ecommerce operations can sound like an overkill but better safe (if possible without too much pain) than sorry

 

[Peter2]

I am connected directly with the desktop and would not do anything like banking from the laptop. I am still working on printing amnd am thinking I might be better off with Ubuntu.
Hang in we will get there.

 

[broe23]

It does not matter what you use to access them. If someone gets the password and username for the site(s), you can forget all of the precautions. I run Linux on my laptop, have an iPhone 5, Google Nexus 7 tablet. I use my phone on Cellular if I am checking banking info. I never connect to a public wifi hotspot to check my banking.

Emails there is nothing in there to worry about. If I really need to, I would encrypt emails or files with PGP and use a disposable passphrase & password between myself and the other party, that is to get the email or file.

 

[Peter2]

@ Julio
My friend accomplished this by downloading Ubuntu 12.04.4 32 bit and when there could print easily.

 

[broe23]

it seems to me its not the media we choose but the security of the internet where we choose to access the device we use ,like a hotel ,restaurant , or work wifi ,ect ect or am I missing something

You're absolutely right: I for one wouldn't use a wi-fi network which I don't trust.
And I'm a little paranoid when it comes to wi-fi security: the one I have at home is turned on just during the evening hours when usually I'm at home, doesn't broadcast the SSID, has a strong password and... A MAC-based whitelist
Of course having a separate environment just to do banking/ecommerce operations can sound like an overkill but better safe (if possible without too much pain) than sorry

The problem with turning off SSID & using a MAC ID white list, you are doing nothing but creating a false sense of security.

The Wifi A/P still shows up in scans with inSSIDer and other programs. MAC ID's can be spoofed. If you want real security, use a Radius server and user keys with a rotating random key, that the user plugs into the computer to validate who they are.