Live Ubuntu USB drives are used for the purposes of secure transactions e.g. ban

Question

Live Ubuntu USB drives are used for the purposes of secure transactions e.g. banking, payments,etc in the absence of live CDs since the devices do not include CD or DVD-ROMs.

Since there are regular patches being published and the USB drives have limited storage, what is the best way to ensure the applications being used e.g. browser, shell, etc are updated without attempting to update the entire base?

Is there another way to perform similar tasks to reduce the attack vectors as opposed to using live Ubuntu USB drives?

Explanation / Answer

The value of a Live USB or Live CD for secure transactions comes from the fact that they create a non-persisting in memory system based on a read only ISO image. That prevents all malware attacks to the local file system from being effective beyond the single session of the attack.

Upon reboot nothing from any previous session exists as it is all recreated again from that same read only ISO image that started previous session in memory. That fact also prevents patching of a Live USB stick. While the system might act as if it were taking a patch during the session there would be no persistent change in the media thus no updated behavior on the next boot.

You are right to want the latest browser etc. for your session so you are faced with two choices. You could update your browser every time you boot knowing it would not persist or you could periodically update your ISO image by creating a custom Ubuntu Live USB using their tools and instructions.

Related Questions

Navigate

• Browse (All)
• Browse L
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.