Porteus

As I have stated before Porteus is not being villified.

I hope I didn't come across in the wrong light. I didn't think for a minute you were putting Porteus down. You wouldn't be using it if you didn't think it was worthy.

My point was that the majority of users booting linux from writable media will never see, nor have the need to minimize attack vectors against any such bugs. Being more cautious is obviously always going to be a better option, but for most users the need to harden up/lock down is not really there.

I'm glad you make these threads available for those that DO feel the need and don't have the expertise to harden.

I'm sure Alan Turing had to wrestle with these early constructs

He most certainly did and became one of the foremost crypt-analysts during/after the war.

Right now there is probably some moron somewhere working on the next generation of Stuxnet or whatever ready to release it into the wild to amuse himself.

I hope it IS simply some moron and not a state funded crypt-analysts.

Salutations...

― William Shakespeare, Hamlet
To sleep, perchance to dream

I have a "dream"... that one day everyone's system will be hardened so we can all throw the Black hat 's under the bus.

Field of Dreams - (1989)
"If you build it, he will come".

Hmmm... I guess I watched that movie too my times.
(in the background I can hear Jiminy Cricket singing the Disney theme... "When You Wish Upon A Star")

"Best Regards"...

<removed>

You don't really need a switch to make a USB non-writable. Check out Porteus Kiosk for example. Making a drive non-writable does not protect your firmware. Security on USB drives is sub par. Search for BadUSB which was released by security researchers in a bid to force the manufacturers to pull their socks up.

Salutations...

The point of non-writable media is static environment. No "change" does not mean no bug. It means no morph... no hook...
no misdirection... no escalation... no false positive(s)/negative(s) or anything else but ONLY if the original boot media is sequested.

Think of it as a dual boot... remove the static boot and the bug is back in business.

This has been the case going back to the 5.25 floppy and will likely remain this way until
a manual USB switch can be virtually overridden or an optical disk can be burned "on the fly".

However... there is a class of bug which will retaliate and either brick... refuse to boot or destroy some devices (I lost some gear this way).
Unfortunately... that is counter productive because infection is the goal.

I am posting on a compromised system... the bug is contained but not eradicated.

"Best Regards"...

<removed>

Salutations...

Kanguru's badUSB solution...
https://www.kanguru.com/info/kanguru-st ... dusb.shtml

"Best Regards"...

Posted by 73.150.85.78 via http://webwarper.net
This is added while posting a message to avoid misusing the service