- This topic has 1 reply, 2 voices, and was last updated Aug 11-4:41 pm by anticapitalista.
-
Posts
-
rayluo
(Reworded from an earlier version of this post)
When using LiveUSB, if using Persist Root static mode, or using Persist Home which is always in static mode, all your browser sessions would be persisted on the USB disk. And each time you boot from this USB, antiX does NOT require you to type your account password. That would mean if you happen to lost your usb disk, and someone finds it, they can boot into your desktop and resume all your browser signed-in sessions (Gmail, online-shopping, online-banking, etc.), all without ever needing to try your password!
I personally stick with root persistence without saving changes most of the time, so I would be fine. (FWIW, previously I was using TENS Linux for similar LiveUSB usage pattern, but I gave it up due to it was designed to be fully locked down so there was absolutely no way to customize it.)
I figure this might be a potential security risk that worth fixing or at the very least worth mentioning in the GUI when setting up home persistence, before new users notice it too late.
My $0.02
Regards,
Ray- This topic was modified 3 years, 8 months ago by rayluo.
anticapitalista
User can always choose to set up an encrypted live usb for more security.
- This reply was modified 3 years, 8 months ago by anticapitalista.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - leaner and meaner.
- You must be logged in to reply to this topic.
