# Live linux CD really safe ?



## sa3er (Apr 15, 2010)

Hi. for our business bank account we need extra security. as i researched on google seems the only real safe way to avoid spywares is using a live linux CD instead of windows.
but my question is if we get a BIOS virus then what ?! 
see here : threatpost.com/en_us/blogs/researchers-unveil-persistent-bios-attack-methods-031909

let say is that possible a virus attack us when we are in Live CD from BIOS ?
or maybe modify the BIOS so when we try to restart computer and go to Clean LIVE CD then the bad guys send us to a Fake infacted OS which looks like LIVE LINUX ... ?! :huh:


----------



## Dwarflord (Dec 13, 2007)

LOLS Too paranoid.

You can use the "Tor Browser", more or less Bullet proof.

https://www.torproject.org/projects/torbrowser.html.en


----------



## greenbrucelee (Apr 24, 2007)

BIOS viruses are not possible these days unless you use a flash file that is corrupted and if your modifying the BIOS with a file that is not from the laptop/desktop manufacturer then you are asking for trouble.

The BIOS cannot be written to without a flash file.


----------



## sa3er (Apr 15, 2010)

> if your modifying the BIOS with a file that is not from the laptop/desktop manufacturer then you are asking for trouble.


but dude stealing hardware information from the factory who made the BIOS is not difficult ... then make flash or whatever which needed !
the bad guys will just send an email to one of their employers with a zero day exploit and then boom ...

and if you guys think personal maybe looks paranoid but when you have a serious enemy then its not funny at all (when they make stuxnet then such a malware is thousands time easier...)

:banghead:


----------



## Dwarflord (Dec 13, 2007)

Stuxnet is for PLC's not computers.
The Tor browser is as safe as it gets.

You don't install it, you just run it, all your personal stuff is changed,not even your 
own IP address is used. read the overview for the project.


----------



## greenbrucelee (Apr 24, 2007)

sa3er said:


> but dude stealing hardware information from the factory who made the BIOS is not difficult ... then make flash or whatever which needed !
> the bad guys will just send an email to one of their employers with a zero day exploit and then boom ...
> 
> and if you guys think personal maybe looks paranoid but when you have a serious enemy then its not funny at all (when they make stuxnet then such a malware is thousands time easier...)
> ...


This does not happen and secondly a linux live cd does not get installed it runs from the disc, no info is written to the computer.

You seem very paranoid, are you on the run from the CIA or something?


----------



## sobeit (Nov 11, 2007)

sa3er said:


> Hi. for our business bank account we need extra security. as i researched on google seems the only real safe way to avoid spywares is using a live linux CD instead of windows.
> but my question is if we get a BIOS virus then what ?!
> see here : threatpost.com/en_us/blogs/researchers-unveil-persistent-bios-attack-methods-031909
> 
> ...


nobody can change files on a live cd nor is anything copied to a computer. No place for any nasty to get copied to.


----------



## Dwarflord (Dec 13, 2007)

sobeit said:


> nobody can change files on a live cd nor is anything copied to a computer. No place for any nasty to get copied to.


To be fair though, the connection between the live OS/browser/Internet
could potentially still get hijacked.

Thats why the Tor project is so good.


----------



## sa3er (Apr 15, 2010)

guys , there no no need change live CD codes.
as i said they just can send us to a fake live CD which is in hard by changing Bios data which looks like live ubuntu CD ...
or even running bad code on live CD in RAM (there is no need install the bad code in HDD)

you guys have no idea about underground hackers from Ukraine


----------



## Dwarflord (Dec 13, 2007)

SO if I download a Ubuntu CD, from Cannonical,The Ukraine hackers are so good that
My download will be replced by their fake Ubuntu.. Yea right.

At the furthest end of the scale this is schizophrenic, and the lesser end disturbingly
paranoid. 

Are you here to get advice or ......... ?


----------



## epshatto (Dec 23, 2010)

If you need a secure way to perform bank account transfers, actually your best bet is to set up a dedicated machine with a dedicated account that can't be used for anything other than that purpose.

If you're running a Windows domain your administrator can set up an account that only a small handful of people know about. They can then use this account to log into a specific machine that is locked down such that it can only perform that one action, and isn't used for anything else at all. It also should not have an email client on it. You could set it up so the system is in a physically locked room and any access to it is remote like a VNC client/server setup or something.

You can use a Tor client, as mentioned already. I'm an advocate for Tor but I feel compelled to point out that it's still possible to sniff traffic on the Tor network and determine where it really came from. Not at all easy, but it's been done by researchers.

BIOS viruses are indeed a possibility in general but for all the reasons already stated I would not worry about it. It seems a very remote possibility indeed. 

If the system is physically locked away, doesn't receive email, can't access any internet other than what is necessary to perform bank account transfers, fully patched and hardened and has a very small circle of individuals who are aware of a secret account with a strong password, I'd call that highly secure.


----------



## greenbrucelee (Apr 24, 2007)

Dwarflord and epshatto bot give great advice.

Dwarflord makes a good point, and I will add to it no hacker worth there salt is going to even attempt to hijack the linux live CD they have better places to hack.

BIOS viruses these days are a myth, it does not happen. It has hapened in the past but that was when BIOS were easily hacked.


----------



## sobeit (Nov 11, 2007)

Dwarflord said:


> To be fair though, the connection between the live OS/browser/Internet
> could potentially still get hijacked.
> 
> Thats why the Tor project is so good.





sa3er said:


> guys , there no no need change live CD codes.
> as i said they just can send us to a fake live CD which is in hard by changing Bios data which looks like live ubuntu CD ...
> or even running bad code on live CD in RAM (there is no need install the bad code in HDD)
> 
> you guys have no idea about underground hackers from Ukraine



get real people, you probably think crossing an empty street is not safe because a car might eventually come down the street and hit you. 

If you download the live cd from the proper sites, only use it for online banking, and never use it on a public wifi, 99.9 percent of the time nothing will happen. IT IS SAFE!!!


----------



## Dwarflord (Dec 13, 2007)

I agree with you, but that doesn't exclude the fact that your Internet traffic coudn't get sniffed.

Jus sayin, that it is in the realms of possabilty.

I don't agree with sa3er....he's way to nervous :grin:


----------

