IRC Log from 2014-01-21
00:51:10 *** m3b (~m3b@63-155-95-12.chyn.qwest.net) has joined #portableapps
04:55:13 *** neogeeo (~tesla@60.Red-79-146-237.dynamicIP.rima-tde.net) has joined #portableapps
05:10:17 *** m3b has quit (Quit: Leaving)
05:47:04 *** m3b (~m3b@63-155-95-12.chyn.qwest.net) has joined #portableapps
06:14:38 *** gluxon has quit (Ping timeout: 264 seconds)
06:25:34 *** neogeeo has quit (Quit: Leaving)
06:31:51 *** AlleyKat has quit (Ping timeout: 260 seconds)
06:57:27 *** ronjn has quit (Ping timeout: 259 seconds)
06:57:58 *** ronjn (~ronjn@p5B13E5B7.dip0.t-ipconnect.de) has joined #portableapps
13:07:20 *** ZAX07 (~ZAXO7@60.Red-79-146-237.dynamicIP.rima-tde.net) has joined #portableapps
13:07:27 *** ZAX07 has quit (Client Quit)
13:47:53 *** neogeeo (~tesla@60.Red-79-146-237.dynamicIP.rima-tde.net) has joined #portableapps
14:16:58 *** m3b has quit (Read error: Connection reset by peer)
15:58:13 *** neogeeo has quit (Quit: Leaving)
16:08:08 *** mythulto (~geek@209-252-15-129.ip.mcleodusa.net) has joined #portableapps
16:13:37 *** pa_2524 (6b0f8ecf@gateway/web/freenode/ip.107.15.142.207) has joined #portableapps
16:14:44 <pa_2524> I live the idea of using portable apps on my usb drive, but how do I keep it from infecting a client's computer system when I plug it in and use it on their system? If the answer is in the documentation or the forums, can you point me to it?
16:14:55 <pa_2524> like the idea, crap
16:16:05 <mythulto> You can't keep it from infecting a computer you plug into. Just make sure you regularly run virus scans on the USB.
16:17:35 <pa_2524> do the portable browsers, like Chrome Portable, swap files with Win on the host computer while you are running it on USB?
16:17:40 <mythulto> My issue isn't that I infect clients -- it's that they infect my PortableApps drive.
16:18:32 <mythulto> I'm reasonably certain the portable browsers use their own temp folders on the portabel device.
16:18:47 <mythulto> lemee check mine...
16:19:28 <pa_2524> ok, thanks. For me, it would be helpful if there were a way to keep the portable device from writing to the host computer.
16:21:30 <mythulto> Yes, the browser temp files are on the portable drive.
16:22:21 <pa_2524> so if I were using the USB on a client computer, and a virus attacked my browser, would it not then see the C: drive on the host computer and infect it?
16:22:35 <mythulto> I run Portable Apps as much as possible on my home and office computers, too. It leaves the native Windows install as clean as possible.
16:22:48 <mythulto> To your question, yes.
16:23:32 <mythulto> Usually infections search for environmnet variables such as path, etc.
16:24:18 <Gizmokid2005> it really depends on the malware
16:24:35 <Gizmokid2005> some will only infect temp files, but some will drop temp files that then manifest into startup, windows folders, etc etc
16:24:46 <mythulto> Correct.
16:24:49 <Gizmokid2005> there's no sure-fire way to prevent against a USB device infecting a computer and vice versa
16:24:56 <pa_2524> is there a way to isolate the path so the virus would see only the USB?
16:25:25 <mythulto> One possible workaround if you're really worried about it, keep a copy of DamnSmallLinux on your USB drive. It boots fast, right from Windows, and you can browse within that.
16:25:33 <Gizmokid2005> pa_2524: sadly no
16:25:38 <Gizmokid2005> not without running some kind of virtual machine
16:25:42 <Gizmokid2005> like mythulto said.
16:26:02 <pa_2524> is DamnSmallLinux running like a virtual machine?
16:26:14 <mythulto> Kind of like a vm, yes.
16:26:30 <Gizmokid2005> you could use something like Qemu as the VM software
16:26:33 <Gizmokid2005> that doesn't require installation
16:26:43 <Gizmokid2005> DSL is just a distro, so you'd need some software to run the VM with.
16:27:36 <pa_2524> I am a CPA, and my clients would not look kindly to me infecting their systems. I am looking for a way to do updates without running the risk of infecting their machines.
16:27:51 <Gizmokid2005> do updates as in installing program updates pa_2524?
16:28:00 <pa_2524> everyone just says, keep your virus software up to date
16:28:14 <mythulto> Why would you need PortableApps to do updates?
16:28:27 <pa_2524> but the virus updates just mean something was able to get by the virus software
16:28:46 <Gizmokid2005> ^^ that's my question. If you're just installing app updates for some locally installed program, just copy the installers to the drive and make sure to scan the drive regularly with AV/Anti-malware programs
16:28:54 <Gizmokid2005> but if it's more than that, we'd need some more details
16:29:07 <pa_2524> I do updates as well as get backups from their systems, and go to the cloud
16:29:24 <mythulto> You could install SandboxIE on each client machine and run your PortableApps within that.
16:29:46 <Gizmokid2005> doing updates and then getting backups wouldn't require anything major withing PA
16:30:00 <Gizmokid2005> just do the uploads of the backups on a different machine rather than running it from a portable app
16:30:07 <Gizmokid2005> but if that's all you're doing and you're using trusted sites
16:30:11 <Gizmokid2005> your risk is minimal to none.
16:31:08 <mythulto> I've been using my various PA drives on client computers for years and I've never infected anyone.
16:31:15 <pa_2524> I realize that, but there are viruses now imbedded in video, like the cryptolocker.
16:31:37 <Gizmokid2005> pa_2524: which is fine, but if you're using trusted sites and ONLY then, what's the risk?
16:31:45 <Gizmokid2005> are the sites you're using known for hosting malicious content?
16:31:59 <mythulto> Plus, why would you be running video in a PA browser on a client machine?
16:32:18 <pa_2524> What if I have a funny youtube video that I just have to show the client? Life's more than debits and credits
16:32:42 <Gizmokid2005> if it's youtube, again, safe site.
16:32:54 <Gizmokid2005> I get where you're going with it, but you have to realize our side as well
16:33:04 <pa_2524> ok, thanks for the info. I'll look into those options you gave me.
16:33:18 <mythulto> If you're client insists you show him funny videos, it's his own fault if he gets infected.
16:33:49 <pa_2524> sometimes I insist, but hey, that's why I have the risk
16:34:08 <Gizmokid2005> at the end of the day
16:34:23 <Gizmokid2005> there's no real safe/guaranteed way to "sandbox" your PA apps to make sure you don't do anything to the host
16:34:29 <Gizmokid2005> aside from virtualizing with something like Qemu
16:34:39 <mythulto> There's no way to protect against bad judgement.
16:34:50 <pa_2524> there was an article in today's local paper about the cryptolocker. Companies are paying the damn $300 fee because it's cheaper than cleaning the machines and restoring date
16:35:25 <Gizmokid2005> pa_2524: yup. You won't be able to restore most of the data due to the crypto that it uses.
16:35:26 <pa_2524> and they all have virus protection, but the crooks stay ahead of the security
16:35:29 <mythulto> Users should be backing up data. Then they don't need to pay the ransom.
16:35:29 <Gizmokid2005> that's why backups are so critical
16:35:41 <Gizmokid2005> people ignore the need for backups far more than they should.
16:35:47 <Gizmokid2005> Backups will ALWAYS save your bacon.
16:35:49 <Gizmokid2005> Always.
16:36:09 <Gizmokid2005> ON-machine backup (windows backup, etc) and RAID are not valid options
16:36:38 <pa_2524> I understand. I have local and cloud backups, but it would still be costly to clean and restore, in terms of $ and time
16:37:22 <mythulto> Better to restore yourself than pay the ransom and finance the crooks.
16:37:39 <pa_2524> I agree, thanks again.
16:39:57 *** pa_2524 has quit (Quit: Page closed)
17:29:11 *** Venusaur has quit (Ping timeout: 272 seconds)
17:45:30 *** Venusaur (~wdwrf@wikipedia/Antonio-Lopez) has joined #portableapps
18:01:57 *** rainroom69 (~RainrooM@d54c34389.access.telenet.be) has joined #portableapps
19:25:37 <KookyMan> Gizmokid2005- Just read that conversation from earlier.. Wouldn't an effective "safe" to insure that you couldn't infect the drive be to run it from a drive with a Read Only lock switch? I know they're becoming very hard to find, (and in fact might make a good "sell" for the custom drive market) but if performance was less of an issue and safetey more, install PA to a SD Card, and then
19:25:37 <KookyMan> plug the SD Card into the system with the Read Only lock set.
19:25:56 <KookyMan> In fact sdcard readers are so common anymore that you might not even need to carry an adapter
19:25:59 <KookyMan> Just food for thought.
19:26:04 <Gizmokid2005> KookyMan: nope.
19:26:13 <Gizmokid2005> because he's worried about the drive infecting the machine as well
19:26:32 <Gizmokid2005> and a read only switch will also not prevent active malware that you navigate to on a portable browser from infecting the host machine.
19:26:56 <Gizmokid2005> and most people don't carry SD cards as their portable device, they're still mainly USB drives that don't have read-only switches
19:34:57 <KookyMan> wEll, it doesn't cover 100% of safety, but it is some.... And if you're doing rescue kinda stuff, you wouldn't be browsing much anyways... So not an entire solution, but for some it might help reduce some risk..
19:35:17 <KookyMan> Not to mention if you infect a machine via browsing, you'll only infect that one machine, not every machine you plug into from there forward...
19:36:10 <Gizmokid2005> KookyMan: it's not anything rescue. That's the thing. it's normal day-to-day stuff.
19:36:15 <Gizmokid2005> and the second comment isn't true
19:36:34 <Gizmokid2005> if the temp files don't get blasted (which they don't unless you explicitly specify) the malicious file exists on the drive still.
19:47:29 *** andreasma (~andi@pC19F16C5.dip0.t-ipconnect.de) has joined #portableapps
20:07:56 <mythulto> I'm playing with LinuxLive USB Creator. It uses a "portable virtualbox". I didn't know such a thing existed.
20:08:22 <mythulto> I'm a regular VB user -- didn't know they had a portable option.
20:10:12 *** AlleyKat (~Miranda@188-183-213-253-dynamic.dk.customer.tdc.net) has joined #portableapps
20:19:43 *** neogeeo (~tesla@60.Red-79-146-237.dynamicIP.rima-tde.net) has joined #portableapps
20:24:46 *** andreasma has quit (Quit: Verlassend)
20:31:43 <Gizmokid2005> mythulto: can it really be portable though?
20:32:11 <Gizmokid2005> Virtualbox needs so many drivers installed to function, that's why I brought up Qemu earlier
20:38:13 <mythulto> I've never used Qemu. I'll have to check it out.
20:51:46 *** Guest69384 (~matt@46-64-54-93.zone15.bethere.co.uk) has joined #portableapps
20:52:22 *** Guest69384 is now known as Matt_A
20:56:07 *** Matt_A has parted #portableapps (None)
21:02:48 *** neogeeo has quit (Quit: Leaving)
21:39:39 *** rainroom69 has quit (Read error: Connection reset by peer)
22:40:24 *** Venusaur has quit (Quit: Leaving)
22:54:17 *** mythulto has quit (Quit: Leaving)
23:54:03 *** Venusaur (~wdwrf@wikipedia/Antonio-Lopez) has joined #portableapps