[tlug] Downloading ISOs from compromised machine is risky . . . . . . . . . (was Re: promoting linux one CDR at a time)

[Jim <jep200404@example.com>]

Pack your own Knoppix disk that was downloaded and burnt from an 
_uncompromised_ machine. 

scott wrote:

> For example, a couple of weeks ago I was visiting the family, and my
> little brother was asking me to fix his computer which had been infected
> with some virus. So instead of doing all the boring sysadmin crap I do
> at my job, I just downloaded the Knoppix ISO, booted off of it and
> voila: fully functional OS. 

That _is_ a hoot to boot Knoppix on a crippled Windows machine. 

However, downloading and burning from a machine that is not known 
to be clean (or even worse, known to be compromised) is risky. 
When a machine is compromised, attackers can modify anything they want, 
include modifying an ISO (or redirecting you to a corrupted ISO). 
They can also corrupt the md5sum program to look correct. 
The chances of this are low, but with the popularity of Knoppix 
for emergency sysadmin stuff, it's an attractive target. 

Pack your own Knoppix disk that was downloaded and burnt from an 
_uncompromised_ machine. I keep spares along with me to give away. 

There was one cousin's machine that was so corrupted, that it would 
no longer boot Windows. I had given him a Knoppix disk about a half 
year earlier, so that he'd have it when there was some issue. When 
I got the plea for help, I told him to boot that disk that I'd given 
him and that he'd forgotten about. That cousin was just amazed and 
impressed as heck that Knoppix could boot on a dead Windows box, and got 
everything working without configuration. Knoppix is now his main OS. 
Windows remains unbootable. He just doesn't bother with the hard drive 
anymore.