runing linux off of a flashdrive on a possibly infected pc

[futurelinuxuser]

I’ve never used Linux before so I’m sorry if this comes off as a dumb question and topic. The reason I’m looking at Linux is so I can use a pc I don’t trust but at the same time being able to defeat any locally installed spyware along with internet being monitored through a router or some other way. I was experimenting with Firefox tor portable edition on my home pc using an sdhc flashcard with a simple usb plugin, but I believe that can be spied on by spyware since it stores session data in ram.

I’ve read about virtual machines with Linux so I decided that might be a way to defeat spyware installed on a pc. I found guides online on how to install a virtualmachine on a flashdrive and run linux through it but none of them mention how vulenerable to snoping it is. (I know I could prevent Linux from accessing the host computer’s ram and having it create virtual ram on the flashdrive, but I rather not because the speed would probably be horrible on a class 6 flashcard and firefox would leave recoverable session data on the flashcard). If this method is vulnerable to snooping in anyway is there a method of still using the ram but defeating the spyware such as encrypting Linux in the computers ram. Also is there anyway of defeating a keylogger stored on the host machine.

I realize there are several virtualmachine programs and several Linux distros available. I want the virtual machine program to run off the flashcard with nothing installed on the pc. The Linux distro I am most interested in is Ubuntu if that distro does not work at the very least I want a distro that supports tor and firefox and maybe TrueCrypt.

[impert]

This link does not answer your question, but it may be of help in getting rid of nasties.

[lladlu]

Well, there's several things in your question:

Linux is so I can use a pc I don’t trust but at the same time being able to defeat any locally installed spyware

This will indeed be defeated by running Linux from USB, since it won't touch the harddrive at all.

...along with internet being monitored through a router or some other way

Here you'll need encryption. you can achieve this be using SSH, VPN or TOR, as I see it.
Since you're interested in Linux from a USB, I'd advice you to use something like "The (Amnesic) Incognito Live System" (Use Google to find their homepage, I'm not allowed to post links yet).
You can use it as a live USB (which means no traces of your activities, since nothing is read/written to HD), and it will route all your connections trough "The Onion Router" (TOR, google that as well).

Please note, that there are certain drawbacks by using TOR:
1) Your internet connection will be significantly slower than usual (due to the routing)
2) The exit nodes of TOR can read your data unencrypted, including passwords, but not your router or personal pc.

And also, please note that the mentioned OS is still beta.

[futurelinuxuser]

Quote:
Originally Posted by futurelinuxuser
Linux is so I can use a pc I don’t trust but at the same time being able to defeat any locally installed spyware
This will indeed be defeated by running Linux from USB, since it won't touch the harddrive at all.

They spied on firefox tor portable even though it was running from usb and writing no data to the harddrive and residing only in ram on the computer so I don’t think it’s that simple




I probably should have been more honest in the first post. I know you probably will not believe me but would be nice if somebody could help anyway. My internet activities are being spied on for cyber Bulling/real life harassment. I tried firefox tor portable edition to see if this would defeat it but it did not. Yes tor can be beaten but from what I have read that would require the nsa or fbi or some other large government origination which is kind of far fetched. That method only works on non tor websites and there is currently no known way (that is know publicly anyways) to spy on tor only websites which they have. So therefore they are not just monitoring the internet but using spyware also. Since I am new to linux and did not way to us a duel boot system and did not want linux stored on the pc. I started looking at linux through a virtual machine of a memory card/flash drive. I thought this might prevent them using the spyware to read programs through ram. Which is why I posted here wanting to know if the setup could be read through ram. So is it possible to read the virtual machine linux files currently stored in ram or not and if so as I mentioned in my last post is there a way around it? After I made my first post I realized the spyware could not be just tracking programs but taking screenshots which might have been the way they defeated firefox tor portable edition. In which case the whole virtual machine linux is a waste of time is it not? So is my only a duel boot system? If so is there a way of booting windows xp and linux and being able to quickly switch the two while linux is stored on a flashcard/drive? Or maybe running windows through a vm on linux(without changing the host pc) and being able to use and defeat the spyware that way?

Removing the spyware and keeping it off my system will not be easy which is why I’m thinking of using linux at least temporally. It’s really easy to completely avoid random spyware through the web with browsers such as firefox along with add-ons such as noscript and using a firewall/antivirus but it is a lot harder when you are being specifically targeted.

Im sorry if I'm asking the impossible but since I never even touched Linux before I have no idea where to start.

[Rubberman]

The easiest way to keep spyware off your system is to ditch Windows completely and install Linux on the hard drive. Then, if you need to run Windows applications, you can install Windows in a virtual machine (VirtualBox works well). With VirtualBox, you can install all of your WIndows software in the virtual machine, then take a snapshot of it. Then if the VM gets infected, you just rollback to the last snapshot - bingo, no more spyware! That's what I do, and I've been able to stop all that sort of cruft dead in the water that way.

[lladlu]

If they're able to record your internet-activity even though you're using Firefox Portable, they must be using spyware, as you correctly conclude.

By using the Linux OS I suggested you will get rid of the spyware (as long as you uses Linux, when you boot into Windows it will still be active). This is because of the spyware being OS-specific and not computer-specific.

Running a portable app from an USB-stick inside Windows is not the same as running a live USB-image of linux from an USB-stick, since the later will not boot Windows and therefore not wake the spyware.

Are you sure that they are using both spyware and internet-activity logging through the router? Because it sounds to me as if they're only using spyware, but spyware that is capable of logging internet activity within Windows also.

If the above is right, you will not need TOR at all, and will be perfectly safe from the spyware by simply using an Ubuntu-livecd, as it won't touch Windows either.

[nujinini]

...Then, if you need to run Windows applications, you can install Windows in a virtual machine (VirtualBox works well). With VirtualBox, you can install all of your WIndows software in the virtual machine, then take a snapshot of it. Then if the VM gets infected, you just rollback to the last snapshot - bingo, no more spyware!

Count me in!

With this set-up, the smaller kids can download any game they like and if it screws up? Click my snapshot and voila...as if nothing happened. Fresh install.