You are not logged in.
- Topics: Active | Unanswered
#1 2024-01-28 07:52:22
- archuser38013
- Member
- Registered: 2024-01-27
- Posts: 25
How to install arch on possibly compromised windows machine?
I have been given an windows tablet which comes which has windows 10 already installed. How to install to ensure a clean install with no contamination from previous install or usb install media?
I want to know how to make sure I am starting from scratch as in I want to know no malware could get on via the windows install. What I did so far is download the arch livecd to usb via the tablet, in windows 10, and reboot and it went in to load arch from the usb just fine. I have not continued further yet as I then started to think that maybe the windows install could be compromised. No specific reason to think that as it was given by my mother and she barely used it since she had a second one but she did for a while and she is generally lax with security stuff, just relying on automatic windows updates, and, just generally it is windows with the larger attack surface considerations.
So just for peace of mind really how can I install to it knowing it will be clean? Just download to a usb stick via my own desktop PC arch install?
She also gave me a usb stick so again I would feel paranoid about 'contaminating' my desktop pc with that one. I could use one of my own but this one is smaller and thus more suitable for a livecd and to use for such in general. No problem using my own if it would be better but would like to know the steps to clean this one if it would be all the same once cleaned. So how could a possible non secure usb also be used? Should I load up a livecd linux vm within my desktop and then flash it with arch from that? Dd not necessary before right since dd is done while flashing the drive? Or maybe dd with random to be super sure?
So enter livecd vm, flash usb stick, insert to tablet and install as normal? Sound ok? Any more considerations?
Last edited by archuser38013 (2024-01-28 08:06:41)
Offline
#2 2024-01-28 11:14:27
- seth
- Member
- Registered: 2012-09-03
- Posts: 52,205
Re: How to install arch on possibly compromised windows machine?
https://en.wikipedia.org/wiki/Rootkit#F … d_hardware
https://en.wikipedia.org/wiki/BadUSB
Though neither is realistic in your scenario.
Offline
#3 2024-01-28 16:06:34
- archuser38013
- Member
- Registered: 2024-01-27
- Posts: 25
Re: How to install arch on possibly compromised windows machine?
https://en.wikipedia.org/wiki/Rootkit#F … d_hardware
https://en.wikipedia.org/wiki/BadUSBThough neither is realistic in your scenario.
So you are saying nothing should have compromised the tablet or the usb stick outside of physical tampering and thus no cause for concern?
Offline
#4 2024-01-28 16:22:03
- seth
- Member
- Registered: 2012-09-03
- Posts: 52,205
Re: How to install arch on possibly compromised windows machine?
As long as your Mom didn't find that USB key somewhere and is targeted by 3-letter-agency (3LA) it's unlikely a HID spoofing BadUSB.
And as long as she didn't manage to get a rootkit into the EFI, whatever there is on the inert windows partition cannot do anything when you're booting linux from a usb key and will be gone with that partition as well.
If you or your Mom are actively targeted by a 3LA, you're fucked.
You're not going to outwit a directed attack from that angle.
If you're just JoeSchmoe wanting to install linux, booting the install iso (that you want to have generated on a clean system!) and deleting the windows system is gonna be as safe as it gets.
Offline
#5 2024-01-29 06:42:11
- archuser38013
- Member
- Registered: 2024-01-27
- Posts: 25
Re: How to install arch on possibly compromised windows machine?
As long as your Mom didn't find that USB key somewhere and is targeted by 3-letter-agency (3LA) it's unlikely a HID spoofing BadUSB.
And as long as she didn't manage to get a rootkit into the EFI, whatever there is on the inert windows partition cannot do anything when you're booting linux from a usb key and will be gone with that partition as well.If you or your Mom are actively targeted by a 3LA, you're fucked.
You're not going to outwit a directed attack from that angle.If you're just JoeSchmoe wanting to install linux, booting the install iso (that you want to have generated on a clean system!) and deleting the windows system is gonna be as safe as it gets.
Thanks for the clarification. As for generating part you are saying using the usb stick given by mother will be fine to plug into my main, uncontaminated, arch desktop pc?
Offline
#6 2024-01-29 07:45:35
- seth
- Member
- Registered: 2012-09-03
- Posts: 52,205
Re: How to install arch on possibly compromised windows machine?
Unless you're just trolling, you better install ubuntu.
No research but asking back whether some answer really means what you thinks it means three times in a row will make arch a terrible experience for you.
Offline