dual boot for security

Discussion in 'Networking and Security' started by blackjack007, Dec 4, 2007.

  1. ideally you should have two computers: one for trading and one for surfing, etc. but i occasionally travel and it would suck to carry two laptops around.

    it occured to me, what if you had a dual-boot laptop (both partitions are windows)? one partition for trading, one for surfing. would this keep one partition safe? does ntfs security prevent programs on one partition from affecting other ntfs partitions?
  2. tef8


    you can multi boot many windows os's with this tool:


    up to 99 xps on the same machine.
    read the faq's on the site.
  3. i just set up my dual-boot laptop.

    partition 1 is for surfing. most of the time i am logged on as a restricted user, so viruses/spybots can't install themelves on the machine or harm the other partition.

    partition 2 is for trading. the entire partition (d: drive) has restricted permissions in ntfs, so that only a particular administrator can even read data. i removed "everyone" from the permissions. you cannot view d: from the other partition. this initially caused some troubles with the page file but i got it squared away.

    i didn't need to use any boot loader. the one that comes with windows is enough.

    this is working well and i believe it's the most secure way to do surfing & trading on a single machine. a stroke of genius, if i must say so. :)
  4. Try a virtual machine like VMWare. I run it on my notebook. Malware in the VM can't touch the outer filesystem or boot sector, and you can take snapshots of the virtual disk so you can roll it back if the VM gets compromised. Just be sure to have a lot of RAM, because you have to devote a chunk of it to the VM.
  5. lugging my laptop around and surfing in internet cafe's: use a Linux "live" cd to boot from (e.g. Ubuntu). Won't access the hard disk at all unless you "mount" the HDD.

    Some malware is becoming aware of VMWare and behaves accordingly (without disruption), other malware will adapt and then still create havoc. Whenever the HD is accessed you run a risk.

    if in doubt then you can always restore with Acronis using a boot CD from an external backup. Then run the necessary scans to make sure before restoring the "trading environment" (which has no anti-virus, anti-trojan, anti-whatever since I run the machine to the max load it will handle.)