1 (edited by easteregg 2014-07-29 18:57:09)

Topic: Security regarding live USB Sticks

Good evening!

I have a question regarding the security of a live USB.
At the moment if i find a harddrive could be insecure (containing Malware) i usually boot one time from a Gparted live cd and create a partition table on that drive.
Then i boot once more from the Gparted live DVD and create a partition table on the possibly infected drive again.

The thought behind this process is that the malware could somehow influence the filesystem of gparted and hence the drive could not be properly formatted.

The only problem i have with this process is that it consumes a lot of time.

Is this really necessary or would it be also possible for me to format infected drives with Gparted on a live USB?
I am afraid that probalbly a worm or virus on my harddrive could infect gparteds filesystem on a USB Stick.

2

Re: Security regarding live USB Sticks

I suppose it is possible that the USB stick could somehow be infected when booting the GParted Live image.  For this to occur, the malware would need to be present in the boot process just prior to the hand off to booting the USB stick.  To me this would mean that the BIOS would be infected, and if that's the case then formatting the hard drive would not get rid of the malware.

I think that such a situation would be extremely rare, but I cannot guarantee that it would not happen.  Personally I am reasonably confident that booting the USB stick once should be sufficient.

3

Re: Security regarding live USB Sticks

So if i understand you correctly you see no possibility that a Harddrive that is connected (before turning the power of the PC on ofc) could somehow infect the Systemon the Live USB created with YUMI f.e.?
This would save me a lot of time.

4

Re: Security regarding live USB Sticks

If you need a definitive answer, I think your best bet would be to learn all of the boot steps for your computer and operating system and to logically think about where and when a Live USB flash drive might be infected.

5

Re: Security regarding live USB Sticks

Well thinking about it logically i come to the conclusion, that if i boot GParted from the USB Stick and within the Debian System Atutoplay is disabled the HDD i connected to the PC before booting from the USB should not be mounted.
Hence no worm or other malware could affect the running GParted System and i can format the harddrive, right?

6

Re: Security regarding live USB Sticks

My personal opinion is that booting the USB stick once should be sufficient.