Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Does using a Linux Live CD protect me from keyloggers on public computers?

Question:

In your last newsletter, someone had a question about accessing email via
LastPass from a public computer. I’ve heard that the safest way to access
online password protected websites is by using a Linux Live CD. Would this be a
safe of way doing this on public computers?

In this excerpt from
“Answercast #55
, I look at the problems involved in using a Live CD on a
public computer and how safe it actually is.

Become a Patron of Ask Leo! and go ad-free!

Safety on public computers

Well, I do need to point out that there’s never going to be an absolute
“safe.” You’ll see why in a moment.

It would be “safer,” absolutely – if in fact the computer allowed you to
boot it from CD. Many public computers are configured in such a way that
prevents exactly that; to prevent people from running “who knows what” on those
computers.

Live CD runs independently

So, yes. It is in fact safer to run from a Linux Live CD. And the reason
would be simply that any malware that was installed on that PC would not be
running while you are running from your Linux Live CD.

You provide all the software that’s running on that machine using your Live
CD. Therefore, anything that might be on that hard disk is basically
ignored.

Hardware loggers

Here’s the problem. It is possible to have what’s called a “hardware
keylogger” or a “hardware activity logger.”

What those are is as it sounds. They are pieces of hardware that get
installed on computers (often surreptitiously) and that record all of the
keystrokes that go into the machine. Or maybe all of the network traffic that
happens on the machine. Or who knows what else.

The point being though that they are there in the hardware regardless of
what you run. So those things would still be recording your keystrokes, even
though you are running from a Linux Live CD.

Safer but not “Safe”

That’s why I say, “Yes, you’re safer running from a Linux Live CD,” because
ultimately, what I’ve described as hardware keyloggers aren’t as common as
software keyloggers. But they definitely exist and that means that you may
still be at risk when you run from a Linux Live CD.

Unfortunately, there really is no absolute solution here. What I strongly
suggest to most people who are concerned about this particular issue is that
you avoid using public computers. Avoid using computers that you don’t control
to login with your sensitive account information. You simply don’t know whether
or not that information is being recorded by someone… even if you replace all
of the software on the machine, there is still the potential for hardware
intervention.

Next from Answercast 55 – Why does printing take so long to start?

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

3 comments on “Does using a Linux Live CD protect me from keyloggers on public computers?”

  1. It’s also possible that the network activity could be monitored from the router/access point/switch level.

    This would mean all activity from the computer, regardless of the devices operating system, would be monitored.

    Good point. Theoretically that’s the same level of risk as an open WiFi hotspot, and using https sites would protect you – except that even https can be compromised with fake certificates if the both the public computer and network are suspect.

    Leo
    23-Sep-2012
    Reply
  2. Yes, the router can monitor all activity. That’s why it’s recommended that you use HTTPS and/or a VPN in public places, even if using your own computer on a public WiFi. These encrypt the data before it even leaves your computer, so while the router could “see” that your computer is talking to computer X, it would have no way of knowing *what* data was going back and forth.

    See my response above – even https can be compromised with fake certificates if the both the public computer and network are suspect.

    Leo
    23-Sep-2012
    Reply
  3. It is all about minimizing risk ..not eliminating it entirely.
    The bootable CD eg Ultimate Boot CD is still the safest option notwithstanding physical key loggers which are not nearly as common as software key loggers.
    Jp

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.