Solved FreeBSD an windows on same machine, advice on security

wolffnx

wolffnx

Hi , I'am go to run FreeBSD and windows10 on the same machine (fbsd for personal use,windows for games, separate disks)
in FreeBSD I'have passwords saved of many sites and many personal passwords too , in ZFS encrypted pool , mozilla directory and files

so, I'have to worry that FreeBSD is in the same machine that windows? I'mean , for the virus..etc..etc..
windows can access to physical memory to read the FreeBSD content used before? and things like that

what are the best advices to this scenario?

Thanks guys
 
Windows can access the FreeBSD disk.

But if the FreeBSD filesystem is encrypted at rest it would be annoying to get into that. You'd have to manipulate the FreeBSD OS to log the key for the encrypted filesystem somewhere. This is not what malware payloads typically do.
 
A very safe solution is to install FreeBSD to a USB stick and boot from it. This will be slow at first but if you also have access to a fast disk parttion, you can move things to it and limit access to the storage on the original bootdevice to almost nothing. Without installing a secondary system on your computer.
 
Technically, if a machine has ever booted Windows with malware you cannot use it for secure computing under any OS ever again.

There are way too many places to compromise firmware in a modern computer.
 
You should use Windows 11 instead. Windows 10 isn't patched anymore for the common run of mortals.

I paid this price once, didn't want to change my habits on Windows 7. Never again.
 
cracauer@ said:
Windows can access the FreeBSD disk.

But if the FreeBSD filesystem is encrypted at rest it would be annoying to get into that. You'd have to manipulate the FreeBSD OS to log the key for the encrypted filesystem somewhere. This is not what malware payloads typically do.
Click to expand...

Yes, at least the pool where is the sensible data is ZFZ encrypted, But I realize myself....
the windows machine will not have access to internet 🤦‍♂️
I only use it for download games and is done , and already download everything
so,the only damage(if there is one) is destroy the ZFS disk .. only have to do external backups(fbsd) from time to time
 
Emrion said:
You should use Windows 11 instead. Windows 10 isn't patched anymore for the common run of mortals.

I paid this price once, didn't want to change my habits on Windows 7. Never again.
Click to expand...

If I use it for daily desktop(shoot in the foot with a 12 shotgun) , maybe
is the same...if its run fine on windows 10 , is only for games, I dont lose anything

today I have a "dvr" machine with windows 7 , offline, closed network
3 hikvision ip cameras recording to local disks and Ivms from manage..works like a charm (I dont trust upload everything in p2p to a tailand or wherever for my personal cameras)
 
cracauer@ said:
Technically, if a machine has ever booted Windows with malware you cannot use it for secure computing under any OS ever again.

There are way too many places to compromise firmware in a modern computer.
Click to expand...

True, never realize that facts
 
POSIX.1 said:
LOL, the best vectors ever!
Click to expand...

the only thing I dont understand is why wolfenstein the old blood run too fasttttt , I have modest hardware
if only know the cvars to change the "anglespeedkey" or "yawspeed" but there is no one, I searched the internet upside down
 
Well, my Windows 7 got infected on my own network. I though that it was sure and it was, but only from internet. It wasn't my fault, but a laptop connected on my wifi (the one of my son). All the others machines were on Windows 10, FreeBSD or Linux (all up-to-date) and they remained clean.

Never trust as OS you can't update, no matter for what you use it. Even if Windows 10 is of no importance, you won't play anymore until you reinstall something. Windows 7 is in a closed network until something or someone manages to open it (or yourself by mistake).
 
Emrion said:
Well, my Windows 7 got infected on my own network. I though that it was sure and it was, but only from internet. It wasn't my fault, but a laptop connected on my wifi (the one of my son). All the others machines were on Windows 10, FreeBSD or Linux (all up-to-date) and they remained clean.

Never trust as OS you can't update, no matter for what you use it. Even if Windows 10 is of no importance, you won't play anymore until you reinstall something. Windows 7 is in a closed network until something or someone manages to open it (or yourself by mistake).
Click to expand...

yes, and more in windows, but I have it all in a separate physical network,so no chance to escape from there
 
You must log in or register to reply here.
Back
Top