[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
From: Ben Tasker <ben@xxxxxxxxxxxxxxx>
Date: Wed, 3 Apr 2019 15:03:08 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 Apr 2019 11:03:33 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bentasker.co.uk; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=lFKOR68yK3r4pJkTJ2SUMNga/aE8aeHU6jW5Y7ye9ZE=; b=MRUz8TnvIHySdkyvD1ld5077zvsOcHyQMOpMo+7A6ZcJhn7EVQ2Tr3y/JvOu9QXPF2 vmV+gIQ3KBJ8DIQB9vjMOtBA0KLyMwt+LXnuHktCOnliljejf+AM9zun1JyorpC7sBX4 +wVXtqmlm+D755dsPWWV35o071cHMobCNivKQ=
In-reply-to: <169e38eb4e4.103232a4f8625.1299399493971020287@zoho.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <169afe11736.d283f77a93261.2016894534794041759@zoho.com> <CABMkiz7CN8v=rR2ihp2TeRxs8n2so=EURSLqKJZH7K9RRsnW1Q@mail.gmail.com> <5C9F1727.5070500@copper.net> <169ddb5ae39.10feb86cc164132.5870605885373901306@zoho.com> <5CA44EB0.2010005@copper.net> <169e38eb4e4.103232a4f8625.1299399493971020287@zoho.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Apr 3, 2019 at 3:17 PM npdflr <npdflr@xxxxxxxx> wrote:

> Thanks a lot Jim for the information.
>
>
>
> If I am running a live system on a DVD for internet access and booting
> from that DVD then the DVD should be able to write some data on itself
> (Example: if I am using a browser then the browser needs to write some data
> on the DVD to function). So, I would need a DVD-RW (DVD rewritable) not
> DVD-R (one-time recordable disc)
>

No, one time recordable is fine (preferable, even).

When the system boots from the disk, it loads the OS into memory, so things
like your browser cache files are written into memory (and so lost when the
DIMMs lose charge).  If you want persistence then most live CDs will allow
you to provide a writeable media (normally a USB drive) for that purpose,
but then you get back into the risks associated with having writeable media
available.



>
> Running a live system on a USB would still have some risk as the USB could
> read/write data to the attached Hard Disk of the PC or Laptop.
>
> A DVD-RW can't read/write to the attached Hard Disk on its own, am I right?
>
>
>
It can just as easily as the same ISO running off the USB could. If you
need that level of security, then you're going to want to remove the
harddrive from the system.

Alternatively make sure whatever system you've got installed on the
harddrive is using software Full Disk Encryption. At which point the ISO
cannot read any data from it, and write attempts will (at most) corrupt
your filesystem.







>
>
>
> ---- On Tue, 02 Apr 2019 23:12:00 -0700 Jim <jimmymac@xxxxxxxxxx> wrote
> ----
>
>
>
> npdflr wrote:
>
> > Can you elaborate or give example on how to run a live CD/DVD for
> internet access.
>
>
>
> It has been a while since I have done this so I am a bit out of date,
>
> but presumably the procedure hasn't changed.  You need to find and
>
> download an .iso image from the internet or obtain it from another
>
> source.  Hopefully the creators of the image provide a way to verify
>
> that the image you get is correct and unaltered (PGP signature, a signed
>
> list of secure hashes, etc).  You should verify your image.  Then you
>
> need to burn the image to a CD or DVD (as appropriate) *as an image*.
>
> You can find instructions on the Internet about how to to this.  Do
>
> *not* just write it to the optical disk as a file.  Put the disk in
>
> your computer and boot to it.  You will then be running from the optical
>
> disk and there should be no hard drive access unless you specifically
>
> request it.
>
>
>
> There are multiple live systems to choose from.  Probably all will give
>
> you Internet access but some/many may not include Tor.  TAILs does
>
> include Tor and is specifically set up to direct all Internet traffic
>
> through Tor.  There may be others.  You should be able to find any
>
> additional information you need through searching the Internet.
>
>
>
> My impression is these days it is more common to run live systems from
>
> thumb drives than optical disks.  But I specifically mentioned CD/DVDs
>
> because they are read-only media and therefore can't get infected
>
> (assuming your original image is clean).
>
>
>
> > One has to install an OS on the CD/DVD and there needs to be some means
> for CD/DVD to access a network-specific firmware etc for using the
> internet, am I right?
>
>
>
> Live systems auto-detect hardware and will usually "just work" with the
>
> hardware you have.  If it doesn't you need to either find a different
>
> live system or different hardware.  But if your hardware works with
>
> standard Linux I wouldn't expect a problem.
>
>
>
> HTH
>
>
>
> Jim
>
>
>
> --
>
> tor-talk mailing list - mailto:tor-talk@xxxxxxxxxxxxxxxxxxxx
>
> To unsubscribe or change other settings go to
>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


-- 
Ben Tasker
https://www.bentasker.co.uk
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
  - From: Mirimir

References:
- Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
  - From: npdflr
- Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
  - From: Jim
- Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
  - From: npdflr

Prev by Author: Re: [tor-talk] Research Survey
Next by Author: Re: [tor-talk] tor project website change
Previous by thread: Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
Next by thread: Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
Index(es):
- Author
- Thread