What is a way to keep the main system as safe as possible aside from getting a completely separate computer for just pirated software? - eviltoast

Would installing an OS on an external ssd and booting into that to run pirated software while blocking access to other drives in your system or physically unplugging them be one way?

Or are there better ways to isolate the software you run and use as much as possible?

  • Rabbit@lemmy.dbzer0.comOP
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Threat model is just trying to lower the chances of infecting the main drive even if stuff like games or software are from a “trusted source”.

    Aside from getting an enitely separate system dedicated to just running pirated games which is expensive to do.

    Unmounted drives in case of dual booting still leading to infections is what made me wonder about installing an OS entirely on the external SSD and physically unplugging other drives. Of course, as you said bios is still a risk. But, more just trying to lessen chances from trusted game sources by not installing right away from release to see if anything happens to other people the first couple of weeks. And just wishing to not intermingle the two environments.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 year ago

      If your computer has a TPM, and secure boot, you could reasonably swap out your data drives. So you have one drive for your untrusted programs and one drive for your trusted programs. Never put them in the computer at the same time together. And that would cover a lot of the risk surface.

      If you have any connected peripherals that have data storage, like fancy monitors that have a boot drive attached, or programmable keyboards, or anything like that, those are potential vectors to cross contaminate. So don’t plug those into the system with the untrusted programs