Friday, January 30, 2009

LIVE CD


What is Live CD?

A live CD is a CD containing a bootable computer operating system.

How is it Unique?

Live CDs are unique in that they have the ability to run a complete, modern operating system on a computer lacking mutable secondary storage, such as a hard disk drive. Live USB flash drives are similar to live CDs, but often have the added functionality of automatically and transparently writing changes back to their bootable medium.

The term "live" derives from the fact that these CDs each contain a complete, functioning and operational operating system on the distribution medium.

While a live CD typically does not alter the operating system or files already installed on a computer's hard drive, many live CDs include mechanisms and utilities for altering the host computer's hard drive, including permanent installation. This is important for the system management aspect of live CDs, such as removing viruses, drive imaging, and system recovery.

The default option, however, is to allow the user to return the computer to its previous state when the live CD is ejected and the computer is rebooted. It is able to run without permanent installation by placing the files that typically would be stored on a hard drive into RAM, typically in a RAM disk. However, this does cut down on the RAM available to applications, reducing performance somewhat. As of 2007, certain live CDs run a graphical user interface in as little as 32MB RAM.

Why, from the security perspective, the Live CD concept is important?

Throughout the last decade, society has witnessed an explosion of network connectivity among PCs and mobile devices as well as a vast proliferation of networked applications, ranging from Web-based email to online banking. The end result of this is that network connectivity has become an almost indispensable resource for many individuals. Yet along with the convenience and flexibility of anytime, anywhere network access, society has also seen an increase in computer-related security and privacy concerns, with the most dreaded being the possibility of identity theft.



While numerous security resources can be found explaining the proper security measures an individual should take n any computer they administer, few resources exist that describe security measures an individual can take to protect themselves when they are forced by circumstance to use a potentially unsecure machine for which they have no administrative control, such as a traveler who wants to check his email at an Internet café or someone choosing to access the Web from a public terminal at a library. While in many instances it can be hard enough for typical computer users to protect themselves against the proliferating world of spyware, Trojans, rootkits, and botnet software installs, it can be even harder to protect oneself from threats hidden in a machine that you do not control. When a would-be user of a public terminal sits down and begins to use the machine, what assurances do he/she really have that there is no software installed that is tracking his/her computer usage, logging keystrokes, or performing other such nefarious deeds? The truth is that, practically speaking, there is little that can be done to verify the security and privacy of information that passes through the operating system (OS) or any of the installed applications of a public terminal. What then is the answer to this dilemma, for users who must make use of computing devices that are open to the public?



The answer is to actually use our own operating system install complete with its own applications. This can be easily accomplished by using a LiveCD, which is a CD (or DVD or USB flash drive) that is executable upon boot and contains a computer operating system, typically Linux. Files that would typically install onto the hard drive of the computer are loaded into system RAM and as such simply rebooting the computer will return it to its previous state. These traits make the use of a LiveCD a great idea for anyone needing to use a public computer terminal. Loading an operating system from the CD will allow a user to take advantage of the computers resources, including network access and access to disk drives, but will not load the OS or any applications that are installed on the computer’s hard drive. This means that any key loggers or other such tracking software that is installed upon the machine will not be loaded and the user of the terminal need not fear software being used to monitor his/her actions. While this will not protect against hardware-based key loggers or network-based monitoring such as packet sniffing, it does help to dramatically improve security and privacy, by all but eliminating software-based threats. Moreover, the fact that the LiveCD install and use data resides only on either the CD or in volatile memory such as system RAM is an added benefit. As soon as the CD is removed and the computer is rebooted, all of the information pertaining to the usage of the machine is wiped out, thereby making it virtually impossible for a future user to garner any usage information from browser histories, caches, or auto-complete features.



Moreover, Linux based LiveCDs come in a great variety with one of the first Linux LiveCDs to appear being Knoppix. Many Linux LiveCDs like Knoppix and the Fedora and Ubuntu Live distributions load versions of Linux that closely resemble desktop installs of Linux, and provide access to robust desktop environments such as KDE or Gnome and applications such as OpenOffice.org. While these types of LiveCD distributions are great if you need all of the features of a full Linux desktop, their performance can be somewhat lacking since data often needs to be read from the CD to load certain applications. Users who are simply interested in a LiveCD distribution for purposes of accessing the Web and email may instead want to consider distributions such as Puppy Linux and Damn Small Linux, as these distributions can be completely loaded into system RAM. While not as application rich as other Linux distributions, most users will find them surprisingly feature complete given their small size, and as a result of running solely off of system RAM, they will yield extremely rapid response times.






FEDORA DESKTOP







UBUNTU DESKTOP












Before you head out the door to make a trip to the airport or even the local coffee shop, remember to grab not only your keys, but also a copy of a Linux Live CD.

References :

http://en.wikipedia.org/wiki/Live_CD

http://linux.sys-con.com/node/514335