If you create a bootable live CD/DVD for an OS such as Linux or Windows, is that more secure than a live USB that does the same thing? What if the disk is a CD-R or DVD-R as opposed to a CD-RW or DVD-RW? What I am interested in is malware in-place modifying the media on which the live OS is stored, and possibly infecting machines on which the live disk or USB is inserted into and booted from.
Linux – Are live CD/DVDs more secure than live USB
linuxlivecdmalwareSecuritywindows
Related Solutions
Look at the open-source, fast, free, easy and small Rufus:
UNetbootin can boot any live CD image off a USB stick. (I think it works by emulating a CD drive.)
Some other options are listed here.
If you wanted to include several bootable CDs on the same USB drive, see How can I keep multiple live/bootable ISO images on a single USB drive?.
Best Answer
Yes and no. You cannot alter the contents of a livecd - so if you get attacked by malware, it'll only affect you that session. Remove the cd, and the malware is 'lost' when you reboot, only having existed in the ram. Any malware that alters a disk needs to be aware of the disk, and somehow write to the disk thats being read. Its just too complex, since the malware writer wouldn't know what environment he's attacking.
Many liveusb implementations tend to involve some sort of 'write filter' or having seperate OS areas for a 'base system' and additional files to save on writes. The base system is probably safe unless the malware is specifically designed to affect it. The OS areas arn't. I'd say a 'standard' windows winpe/barpe disk should be 'reasonably' safe, as would a linux one.
In either case I've not heard of malware being specifically designed to affect a livedisk so far. Its just too muck work, for too little benefit.