LlamaMaster (OP)
Newbie
 Offline
Activity: 51
Merit: 0
|
 |
October 08, 2014, 11:30:42 PM |
|
I'm currently trading through windows, but I suspect that one of my computers has been infected with a keylogger, virus, or something to that effect. I have a laptop that I've been using in place of the computer that might be compromised, but I've used a flash drive between the "compromised" computer and this laptop, so it's possible that this laptop is infected too.
That said, I'm looking to create a LiveCD for linux (using a DVD+RW) that can be used *solely* for trading and nothing else.
However, I'm having an issue finding a distro that meets the following criteria:
1. Is trustworthy
2. Is secure (doesn't have security holes like java, flash, etc. installed from day one)
3. Does NOT use TOR (to guard against an end node operator or middleman obtaining my passwords)
4. Does NOT store data to anything but RAM (which is temporary)
5. Is not capable of being infected by the "compromised" computers over my wireless network or via the "compromised" hard drive in the laptop I'll be using the LiveCD on (so long as I don't go digging around the HD while I'm in linux)
6. Creates a fresh OS "install" every time the DVD is booted, and then nukes it when I turn off the computer.
I don't plan on using the Linux distro for *anything* but btc-e, cryptsy, bitfinex, and gmail.
Thanks in advance!
|
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
 |
October 09, 2014, 04:24:47 PM |
|
TBH if you really want all of this, just install Ubuntu, then customize it to your liking. That is basically what every Ubuntu and debian based distros are anyway.
|
|
|
|
LlamaMaster (OP)
Newbie
Offline
Activity: 51
Merit: 0
|
|
October 09, 2014, 07:44:56 PM |
|
TBH if you really want all of this, just install Ubuntu, then customize it to your liking. That is basically what every Ubuntu and debian based distros are anyway.
Yeah, I figure that any fairly well known distro that I can use as a LiveCD will be fine, but I was just wondering if something as paranoid as what I was describing existed. I'd rather be paranoid and overkill than lose my money (even if it doesn't seem like its possible). |
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 09, 2014, 08:10:42 PM |
|
Another problem you would have to figure out is how you would even use the said exchanges without java,flash,etc, and using the machine at all if everything is stored to RAM. You are asking for a bulletproof system, and nothing will ever be 100% secure, nothing. So, your best bet is to set up a Liberte linux or Tails, or some other live distro (minimal) with persistent data on a USB for your exchanges and such and an offline system/wallet for your funds (unless you have a massive USB drive for the blockchain data) even then, you will need to have copies of your .dat file, because you are at more risk of dropping the usb drive or a failure with it, to destroy your life then you are from using a linux distro, dual booted on your pc, and those "infected" computers around you. Which IMO, is not a risk at all if you have any common sense  .  |
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 09, 2014, 10:13:16 PM |
|
How is Gentoo catalyst at the moment? Was pretty good to create Live-CDs...
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 09, 2014, 10:25:28 PM |
|
How is Gentoo catalyst at the moment? Was pretty good to create Live-CDs...
I would say that is a good choice actually. I believe it is still decent. Another could be minimal centos or SUSE |
|
|
|
LlamaMaster (OP)
Newbie
Offline
Activity: 51
Merit: 0
|
|
October 10, 2014, 01:00:45 AM |
|
Another problem you would have to figure out is how you would even use the said exchanges without java,flash,etc, and using the machine at all if everything is stored to RAM. You are asking for a bulletproof system, and nothing will ever be 100% secure, nothing. So, your best bet is to set up a Liberte linux or Tails, or some other live distro (minimal) with persistent data on a USB for your exchanges and such and an offline system/wallet for your funds (unless you have a massive USB drive for the blockchain data) even then, you will need to have copies of your .dat file, because you are at more risk of dropping the usb drive or a failure with it, to destroy your life then you are from using a linux distro, dual booted on your pc, and those "infected" computers around you. Which IMO, is not a risk at all if you have any common sense . What persistent files would be required? If the live version of the distro comes preinstalled with everything you need (you mention that the exchanges need java, etc.), then it doesn't seem like I would ever need to store anything but temporary data (the operations of the OS in that current session, which is then deleted on shutdown). Also, what do you mean by common sense? To me it seems like if I never put the flash drive/DVD+RW with linux in the computer while windows is running, and I never access the "infected" hard drive while in the linux session, then I would be fine. That is, so long as some virus doesn't magically float from one of my "infected" computers over my wireless network to linux. ...sorry for all these hypotheticals that may or may not make sense. I'm not well versed in this stuff.  |
|
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 10, 2014, 09:15:43 AM |
|
Very annoying to enter the API keys etc after each reboot?
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 10, 2014, 02:50:56 PM |
|
Very annoying to enter the API keys etc after each reboot?
To say the least. But to answer the former questions, where would you store your wallet? If you have no persistence, how would you hold the massive blockchain(s) of the coins? Why not just take the proper precautions in your browser (noscript, https everywhere, etc) and encrypt or double encrypt (im sure it's possible) your wallets, or keep your wallets in an offline pc, and have a read-only wallet on your networked pc (electrum makes this really easy). |
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 10, 2014, 03:12:14 PM |
|
Hmmh...64 GB usb stick is how much?
|
|
|
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 10, 2014, 04:39:45 PM |
|
I wonder how reliable such a stick would be, considering the amount of write operations? In this case, a broken stick would mean lost money in many cases...
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 10, 2014, 04:41:16 PM |
|
I wonder how reliable such a stick would be, considering the amount of write operations? In this case, a broken stick would mean lost money in many cases...
Exactly what I was thinking. The 64-128GB SanDisk seem to be the most reliable of the lot. I personally have the 32GB version of the Cruzer, and it has never let me down in any way :3 |
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 10, 2014, 04:45:33 PM |
|
The problem is, some users might buy the cheaper sticks and then blame the distro for their lost data, if read/write errors show up.
Maybe add some automagic backup functionality, or so (let the distro ask for another stick and do an automatic backup).
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 10, 2014, 05:20:49 PM |
|
The problem is, some users might buy the cheaper sticks and then blame the distro for their lost data, if read/write errors show up.
Maybe add some automagic backup functionality, or so (let the distro ask for another stick and do an automatic backup).
True. Yeah if you set an auto-backup up, that would work. Bittorrent Sync is a good option, and I use it to backup my data to a LAN-only PC. I encrypt it before transfer, and have never had any trouble, and it has saved my ass from crashes, faults, and other inconveniences. I have found that with USB drives, you can never really be too safe when it comes to sensitive data. It's like the new-age floppy. Works good, and serves its purpose, but be careful you don't place too much trust into it. |
|
|
|
LlamaMaster (OP)
Newbie
Offline
Activity: 51
Merit: 0
|
|
October 10, 2014, 07:09:10 PM |
|
Very annoying to enter the API keys etc after each reboot?
To say the least. But to answer the former questions, where would you store your wallet? If you have no persistence, how would you hold the massive blockchain(s) of the coins? Why not just take the proper precautions in your browser (noscript, https everywhere, etc) and encrypt or double encrypt (im sure it's possible) your wallets, or keep your wallets in an offline pc, and have a read-only wallet on your networked pc (electrum makes this really easy). On an exchange. Yes, I know how bad that sounds (the failure of MtGox, etc.), but I don't have another option if I want to be liquidity provider on Bitfinex. The way I figure it is that major trading sites (like btc-e) are under constant attack by hackers, but they still manage to survive without losing TOO many coins. When they do lose coins due to their own security holes, they tend to reimburse the customer. If the exchange itself survives, and my login information to that exchange isn't being monitored, then I see no reason why I should lose my money. ...that is, if the exchange doesn't pull a MtGox. Basically, my setup would be the following: 1. LiveCD for logging into Bitfinex. 2. Google authenticator on phone for logging in. 3. Google authenticator AND phone message verification for withdrawals (where they call me and give me a code). If the exchange doesn't fail, and the linux distro isn't bugged from the start from the source code, the computer I use to make the LiveCD, or the computers on my network (which I don't THINK is possible), then I believe this is secure. Or at least the weakest link would be the exchange surviving. |
|
|
|
|
DrOfAwesomeness
Newbie
Offline
Activity: 1
Merit: 0
|
|
October 11, 2014, 03:51:38 AM |
|
3. Does NOT use TOR (to guard against an end node operator or middleman obtaining my passwords)
Just as a side note, exit node operators can't see passwords if you're using HTTPS(which you probably should be using at all times anyways) unless they have managed to get a certificate issued for the website you are connecting to (which is incredibly rare.) |
|
|
|
|
mistercoin
Legendary
Offline
Activity: 1044
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
October 11, 2014, 03:19:47 PM |
|
The problem is, some users might buy the cheaper sticks and then blame the distro for their lost data, if read/write errors show up.
Maybe add some automagic backup functionality, or so (let the distro ask for another stick and do an automatic backup).
* mistercoin bows to daybyter I enjoyed our discussion, perhaps we can do it again sometime, over some green tea, and pie |
|
|
|
|
HeroCat
|
|
October 11, 2014, 04:33:36 PM |
|
Well go to Puppy Linux
It works in RAM
Probably the best Linux
|
|
|
|
|
daybyter
Legendary
Offline
Activity: 965
Merit: 1000
|
|
October 11, 2014, 05:48:55 PM |
|
I just wonder, if it might make sense to use such a distro for bot distribution? Maybe with an installer, that copies it to a VPS, or so.
|
|
|
|
|
