Anyone carry a Linux OS flashdrive with them? (1 Viewer)

stryk3

Newbie
Joined
Feb 23, 2015
Messages
8
Location
Alaska
Carry a computer sounds impractical so I was thinking I could just cop a high capacity flash drive and throw a linux distro and all my files on there for all my computing needs.

I'm probably gonna use https://tails.boum.org/

Seems fairly simple in practice just boot up a public PC, goto the BIOS and change the boot order. If they're smart enough to have a BIOS password I think you can use a program to flash it so it replaces the password, you could also take out the CMOS battery but that seems impractical in a public setting. Anyway the advantage of this is you would have all your shit with you and be able to access the internet on any system without the worrying about introducing any malware to your device because you're not interacting with the owners OS.

if you're really 1337 then you could run backtracker or Kali Linux which is used by infosec professionals to do "vulnerability testing"
http://tools.kali.org/tools-listing

lots of neat shit to play around with but honestly way over my head. I'd love to learn more about this type of shit but I'm far more captivated by the natural world.
 
Click here to buy one of our amazing custom bandanas!

Preacher

Wanderer
Joined
Jan 28, 2015
Messages
211
Location
Pennsylvania
No, but I carry a thumb drive with portableapps.com launcher and the following portable programs firefox browser, thunderbird email client, skype, KeePass password vault, Audacity, VLC and these portable utililties 7zip, CCleaner, Spybot S&D, Cybershredder, Kapersky Rootkit Killer, Recover Files, Smart Defrag and System Info for Windows.
 

Cirno9

Rambler
Joined
Aug 17, 2014
Messages
56
Location
Seattle
Kali linux I have on a flash drive just so I can get wifi passwords for free if I am going to be somewhere for a while at night. other than that and for most people its useless besides the fact its just ubuntu with stuff preinstalled. I also have a fedora usb I keep around just in case my computer breaks. ^_^ I keep losing the damn things though.
 

Matt Derrick

Permanent Wanderer
Staff member
Admin
Joined
Aug 4, 2006
Messages
10,416
Location
Austin, TX
Website
youtube.com
Carry a computer sounds impractical so I was thinking I could just cop a high capacity flash drive and throw a linux distro and all my files on there for all my computing needs.

I'm probably gonna use https://tails.boum.org/

Seems fairly simple in practice just boot up a public PC, goto the BIOS and change the boot order. If they're smart enough to have a BIOS password I think you can use a program to flash it so it replaces the password, you could also take out the CMOS battery but that seems impractical in a public setting. Anyway the advantage of this is you would have all your shit with you and be able to access the internet on any system without the worrying about introducing any malware to your device because you're not interacting with the owners OS.

if you're really 1337 then you could run backtracker or Kali Linux which is used by infosec professionals to do "vulnerability testing"
http://tools.kali.org/tools-listing

lots of neat shit to play around with but honestly way over my head. I'd love to learn more about this type of shit but I'm far more captivated by the natural world.

The only bad thing about tails is that if you wanted to save anything I'm not sure you could. If i remember right, tails is designed to revert back to it's previous state after using it, including removing any new/changed files.
 

creature

plastic wingnut in a microwave
Banned
Joined
Sep 23, 2009
Messages
1,708
Location
folks who know me have my #.
use a MAC changer, too..
the network card native MAC is burned in, so you can be ID'd by it. It is, however, settable.
i'm just starting to use linux, but there's a good app call MadMacs for up to Win XP:

http://www.irongeek.com/i.php?page=security/madmacs-mac-spoofer

it'll also change your hostname, if you like... i try & limit my host names to something common, like "workstation" or "computer" or somesuch, although there's typically an alpha-numeric suffix...
it also gives instructions for linux, but i don't know my command lines there, yet.

at a public computer this is not so bad, since there are many users (although i suspect there are probably CCTVs at many libraries, with time stamps.. especially hell-hole nazi states like fucking can's ass..).
MadMacs will sometimes work on an adapter that hasn't been disabled, but you would need to check, if you are on a public machine.
Most likely you won't have access to the device manager to disable the adapter & then run MadMacs, to insure a new setting, but you *may* be able to check (in XP) by: start > run > ipconfig /all which will then show you the adapter physical address (MAC), which you can compare to after running MadMacs.. this assumes the command line has not been disabled, in which case you *may* be able to run ipconfig /release, then MadMacs, then ipconfig /renew (just a thought, there)... Regedit will almost certainly be disabled, so there's no point in going into the reg keys..

after running MM, do ipconfig /all again & make sure the mac has been changed. just remember the first 4 hex characters.. all it takes is 1 to be changed (with absolute certainty) to know you now have a new mac.

Also, if you are running firefox, look at the Random Agent Spoofer (spoofs your browser type, & possibley machine type), and will also disable or modify referers.. there are some decent proxy addons, too, like Anonymizer, but maybe someone knows something better. (?).
Also, firefox has a Tor enable version..

on the point of portable USB operating systems, there is also Bart's PE, which is a rip of basic system files from the XP install environment, cloned to CD or USB, and which can then run (for the most part) native microshit or compatible applications..

one thing i'm curious about is whether or not VMware could be run on a public machine, so that the VM signature could be configured as desired..

haven't done anything along the VM lines, yet... just learning..

I'm def watching this thread, because i know some of you crustygeeks know yer shit..

C.
 

creature

plastic wingnut in a microwave
Banned
Joined
Sep 23, 2009
Messages
1,708
Location
folks who know me have my #.
one other thing.. you might want to use a micro sd in a usb adapter.. way easier, of course, to keep private.

should be pretty easy to encrypt the whole damn flash, too, no?

dual/multiple partitions, one for the native executable, and another for it to extract system files & apps into.
perhaps a 3rd encrypted partition for new/changed files..
 
Joined
Apr 9, 2015
Messages
7
Location
Indiana
Tails Linux is a great option for staying anonymous if necessary. It does delete your files after every use though, this is because it stores your files on the RAM rather than the hard drive.

I'd suggest making a LiveCD - you can still keep any files you may need on that. You can use any OS you like as well.
 

Matt Derrick

Permanent Wanderer
Staff member
Admin
Joined
Aug 4, 2006
Messages
10,416
Location
Austin, TX
Website
youtube.com
I'd suggest making a LiveCD - you can still keep any files you may need on that.

unfortunately the ability to save files on a livecd isn't possible. all the files are read only, except what is stored in ram, like you said. if you want to be able to save files you have to use a livecd that's been installed onto a usb stick with a 'persistent files' partition enabled.
 
Joined
Apr 9, 2015
Messages
7
Location
Indiana
Thanks for the correction, I meant to add you can save your files if you have a persistent files option. I believe the easiest OS to do so with is Ubuntu, though I haven't attempted before.
 

Durp

Hobo
Joined
Feb 22, 2011
Messages
508
Location
VA for now
Make a bootable ubuntu live usb with ubuntu 14.04. It will allow you to save your changes and it is end user friendly. Good luck changing bios tho, they are usally locked down by IT to prevent such things. It is possible to bypass, but if you had the technical expertise in such things this post would not exist ;) ubuntu is the easist option if this is one of your first forays into linux, play around with it, have some fun and you will learn quickly. Do be ready to learn how to use terminal and potentially be pulling your hair out trying to get everything configured correctly. After a little patience and practice you will get it tho. Its not really all that hard. There is a bit of a learning curve. If you have something to trade I can send you a preconfigured drive long as you mail me a flash drive.
 

shabti

Wanderer
Joined
Feb 21, 2014
Messages
177
Location
San Francisco, United States
I do that. Shit, my avatar is the debian logo. Right now, what I have going on is a virtual machine on a flash drive. I have the machine settings set up in virtualbox on my home computer, the server (at my friend's house), and my laptop. That way, I can drag and drop files between the host and my debian install.

I'd suggest dropping some $$ for a USB 3.0 type flash drive, so that accessing files is faster. The read/write speeds are better using those drives even when on a 2.0 port.

The way I do it is to have two flash drives going. One is the live USB. This take the disk image and makes it bootable. (Unetbootin is a great app for that.)

The other one
(a corsair survivor if you're worried about shit breaking. )

is where you install said distro. Change the boot order in the BIOS to the live USB, and during the installation, install that sucker to your other flash drive. You might have to do it a few times to get it set up properly. I would suggest you NOT format it into ExFat, since that's not always compatible. Whether or not you need GRUB or a specific partition table is up to that distro.

You might want to consider throwing Kali onto a tablet. They make native images for that, and LinuxDeploy is a great app if you don't want to flash the whole distro over.
https://www.kali.org/tutorials/kali-linux-android-linux-deploy/
 

Preacher

Wanderer
Joined
Jan 28, 2015
Messages
211
Location
Pennsylvania
Checking back on this thread. Why is it so necessary you have a whole OS on the drive? Are you using it just to check mail, surf the intertubes and/or surf porn on a library comp or are you trying to hack comps from bootup?
 

Durp

Hobo
Joined
Feb 22, 2011
Messages
508
Location
VA for now
I like debian personally, but that's just cause I know it. You can buy a live usb with any distro from osdisc.com avoid gentoo unless you like to pretend its the 1980s and compile source code all the fucking time. Don't get me wrong gentoo is great, but has fucked me a couple of times when money was involved. Debian stable is up 99.99% of the time. I like mate desktop enviroment. Its all just preference, distros are boring, the kernal is where all the magic and fun hides! ;)
 
Last edited:

stormcrow

Pilgrim
Joined
Dec 22, 2014
Messages
52
Location
Philadelphia, PA
Website
deposed.bandcamp.com
I think computing from a usb creates a lot of computing problems that I can't see past. The biggest of those problems is that you must always be able to find a computer where the bios hasn't been locked down. Sure there are a ton of stupid people out there that don't know what bios is, but what if your in a jam which requires a computer to get out of and you have no access to any of those things. I think it is worth the pack weight to carry an eeePC. I carried mine all through Oregon and Northern CA, before ending up where I am at now and it did quite well. It is pretty durable as far as laptops and netbooks go. I've replaced the battery a few years ago. Added more ram, put in a bigger hard-drive and it's still kicking ass(though getting a little slow for the modern internet at times). I personally need a lot of control over my computing environment, so an android tablet doesn't cover my needs and installing cyanogenmod still doesn't give me as much power as customizing a linux distro. As has been stated all over the place, I recommend using debian if you can. My current setup is ubuntu because some of my hardware was impossible to get working with debian even using the same drivers and the same kernel. I never did figure it all out. After you get installed here is a small list of things I consider crucial and you can look into all of these things on your own:

Install Tor
Install GNU Icecat
Install MM3 Proxy Switcher(Icecat plugin) and configure it. I use this as my base configuration:

[Tor
socks=127.0.0.1:9050
clear=cache
homepage=http://3g2upl4pq6kufc4m.onion/
noProxy=loaclhost, 127.0.0.1
config:network.proxy.socks_remote_dns=true
config:general.useragent.override=Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0
config:dom.storage.enabled=false
none=[object Object]
manualconfiguration=[object Object]
]
[None
config:network.proxy.socks_remote_dns=false
config:general.useragent.override=Mozilla/5.0 ;Windows NT 6.2; WOW64; rv:27.0; Gecko/20100101 Firefox/27.0
config:dom.storage.enabled=true
]

Disable insecure SSL(this means you won't be able to go on facebook... So sad... Get a Diaspora Account and ditch the status quo) Open Icecat, Type about:config in the url bar, click past the warning and search for the following keys and disable them:

security.ssl3.dhe_dss_camellia_128_sha
security.ssl3.dhe_dss_camellia_256_sha
security.ssl3.ecdhe_ecdsa_rc4_128_sha
security.ssl3.ecdhe_rsa_rc4_128_sha
security.ssl3.rsa_fips_des_ede3_sha
security.ssl3.rsa_rc4_128_md5
security.ssl3.rsa_rc4_128_sha
security.ssl3.rsa_seed_sha

The above are all considered insecure and you will be surprised how many sites still use them.

Install HTTPS everywhere(Icecat plugin)
Install Ghostery(Icecat plugin)
Install No Script(Icecat plugin)

Edit your torrc file to create a control port password. This can be a little convoluted if you are not familiar with the Terminal and entering commands, but this is Linux, no hand holding allowed(rtfm). Don't worry you can and will learn it all.

Open a terminal and type "man tor" and hit enter, from now on assume you will hit enter after any commands you type in. What you see now is called a manual page(you have just rtfmed). You will notice this little bit:

--hash-password PASSWORD

We will replace PASSWORD with your password. Now type "tor --hash-password YOUR_PASSWORD_HERE" and copy your password. When in the terminal copying text is done with ctrl-shift-c.

Now I prefer using vi as my editor, but you might not be familiar with vi yet and it has a bit of a learning curve so I would say stick with gedit, type "sudo gedit /etc/tor/torrc" This will open your torrc file in the gedit text editor. Anywhere you see a line start with "#" that line is "commented out." That means the setting is off. Go to where it says "[HASHTAG]#control[/HASHTAG] port" and remove all the "#" from that line, there may be more than one. Then do the same where you see "HashedControlPassword" and paste your hash at the end of that file. Then save that file.

Now you can use this script to change your tor id:

##############################################################

#!/usr/bin/python

import sys
import getpass
import stem.connection
import stem

from stem.control import Controller
from stem import Signal

CP = 9051



controller = Controller.from_port(port = CP)

pw = getpass.getpass("controller password: ")

controller.authenticate(password = pw)

controller.signal(Signal.NEWNYM)

print "changed identity"

#############################################################


Copy that into a file and save it something to the order of torID.py you may need to install the python stem library. Go back to Terminal and enter "Sudo apt-get install pip && pip install stem". The && means if the first command is successful execute the next one.

Then you want to make your tor id switching script executable. In ubuntu you can usually just right click on it and go to properties, then click the permissions tab and click executable.

Now you can run this script to change your tor id.


For more privacy you may want to run this in ubuntu too:

"sudo apt-get remove zeitgeist zeitgeist-core zeitgeist-datahub python-zeitgeist rhythmbox-plugin-zeitgeist geoclue geoclue-ubuntu-geoip geoip-database whoopsie"

This can cause ubuntu to say you've experienced an internal error occasionally, but to me the trade off is worth it.

I occasionally run the following script to remove logs from my computer:

###############################################################

#!/bin/bash
recursiveShred(){
for f in *
do
echo "found $f"
if [ -d "$f" ]; then
echo "cd to $f"
(cd $f; recursiveShred)
elif [ -f "$f" ]; then
echo "shredding $f"
chmod 755 $f
shred -xzvfu -n 25 $f
else
echo "$f is not a file"
fi

done
}

(cd /var/log; recursiveShred)

################################################################

And this to remove temporary files:

################################################################

#!/bin/bash
recursiveShred(){
for f in *
do
echo "found $f"
if [ -d "$f" ]; then
echo "cd to $f"
(cd $f; recursiveShred)
elif [ -f "$f" ]; then
echo "shredding $f"
chmod 755 $f
shred -xzvfu -n 25 $f
else
echo "$f is not a file"
fi

done
}

(cd /tmp; recursiveShred)

################################################################

Use at your own risk.

Finally I would say install mega using the ubuntu installer so you can have a more secure way to share files quickly.

Get a proton mail account so you have a secure way of sending and recieving email.

Also install macchanger, "sudo apt-get install macchanger" and use this script to change your mac address and hostname:

################################################################

#!/bin/bash
echo "changing mac on $1"
ifconfig "$1" down && macchanger -A "$1" && echo `tr -dc "[:alpha:]" < /dev/urandom | head -c 15 ` > /etc/hostname && hostname --file /etc/hostname && ifconfig "$1" up;

################################################################

I put this in my start up programs too so that I always have a different mac and hostname. If you always use the same hostname the router you are connected to can be used to quickly deduce who you are even if your ip and mac change all the time. Anything that can be used to identify you should be changed frequently including your browser's user-agent. I think this is a point of a lot of debate, but I use really common user agents because I think blending in is better than having some unique random string that changes all the time because there are not that many people who do that with their user-agent so if you do you make the pool of potential browsers smaller. If some corporate or government interest is tracking you, create the most amount of work possible. Make the search criteria as vague and unhelpful as possible. That is my philosophy. I go here: https://panopticlick.eff.org/ to check how unique my online signature is. I want it to be as common as possible with as few bits of identifying information as possible.

As per hostnames you could get a list of common ones and change my script around to randomly select common hostnames. I'd say use stuff like "mike's iphone". For my purposes the random string generation is sufficient, but you have to make that call for yourself.

These are only some small, basic steps towards having a secure, mobile computing environment. There is a lot more that goes into keeping your stuff safe and I think it is incredibly important when you are on the road. People can steal your stuff. The police could attempt to violate your privacy. Don't make it easy. I even install truecrypt and put anything really important in a hidden archive, then with some voodoo you can even zip your entire truecrypt archive and hide it in a jpeg file. Your average person is not going to be capable of finding that sort of thing so it is reasonable to keep important documents that way.

Now the final thing. The role of your usb flash drive... Backups. Copy all your important stuff onto at least one flash drive and make sure it is encrypted.

Sorry for the long speech, but I think computer security is particularly important for marginalized people of all kinds. Your iphone is an expensive tracking device. Your android phone is little better, but your computer doesn't have to be, with Linux you can control everything save some of the hardware, but if you are really worried about that you can get laptops made entirely from open source hardware...
 

Users who are viewing this thread

About us

  • Squat the Planet is the world's largest social network for misfit travelers. Join our community of do-it-yourself nomads and learn how to explore the world by any means necessary.

    More Info

Support StP!

Donations go towards paying our monthly server fees, adding new features to the website, and occasionally putting a burrito in Matt's mouth.

Total amount
$35.00
Goal
$100.00

Monthly Goals

  1. Paying the Bills
    $35.00 of $50.00
    The first $50 in donations go towards paying our monthly server fees and adding new features to the website. Once this goal is reached, we'll see about feeding Matt that burrito.
  2. Buy Matt a Beer
    $35.00 of $75.00
    Now that we have the bills paid for this month, let's give Matt a hearty thank you by buying him a drink for all the hard work he's done for StP. Hopefully this will help keep him from going insane after a long day of squishing website bugs.
  3. Feed Matt a Burrito
    $35.00 of $100.00
    Now that the bills are paid and Matt has a beer in his hand, how about showing him your love by rewarding all his hard work with a big fat burrito to put in his mouth. This will keep him alive while programming new features for the website.
  4. Finance the Shopping Cart
    $35.00 of $200.00
    Now that the bills are paid and Matt is fed, perhaps it's time to start planning for those twilight years under the bridge... if only he had that golden shopping cart all the oogles are bragging about these days.