2021/06/08 Persistent USB

Persistent USB


This is a subject I have been a large proponent of for some time. I mainly work directly from a USB due to both security and portability. I highly recommend trying this yourself if you have a spare 32GB USB lying around. You might find the experience liberating. Persistent Linux, you may be wondering what Persistent Linux means. I will cover my understanding of persistence in relation to GNU/Linux, data storage, recovery and security. I will also try to explain some of the limitations of using a USB Persistent or Persistence Data storage while expressing the unique benefits. Persistence refers to the characteristic of data that outlives the execution of the program that created it. Without persistence, data only exists in RAM, and will be lost when the memory loses power. In a typical case the system would save all persistent data on your hard drive making you computer a target for potential physical threats such as BAD USBs and bridged attacks from your local network or local devices.

The Benefits Of A Persistent USB

Modular storage space the Live Linux System is compressed with most persistent installs, the entire operating system takes up less space. Allowing your system, that usually require GBs of space to be condensed into storage capacities less than 1GB in most cases. This gives the ability to maintain a modular approach to storage, maintaining one device for your system and another for sensitive documents and files.

Less wear most of the system is loaded into RAM and only the changes are written to the USB storage device, the read/write cycles decrease, prolonging your USB flash drives life. Due to the prevalence of SDDs and the slow decay of Spinning Hard Drives, this becomes more vital to the longevity of your data.

Security as previously stated, storage space used for persistent changes is independent of the system, allowing you to backup or recover persistent changes without re-installing and rebuilding the entire system. Keeping good back ups are important but this streamlines the process by backing up a singular file and flashing the USB as needed. The system will continue to function like a fresh install if the persistence feature is disabled allowing a secure, fresh experience on every boot.

Portability all your files can in most cases be stored and retrieved when booting from different or multiple machines. This allows you to take your entire system with you on the go and all you need to use your system is an available machine with a available USB port. This is useful if you cannot afford to lose expensive hardware or you do not trust the systems at your workplace or school due to monitoring, auditing, invasive settings, and other malicious programs.

The Detriments Of A Persistent USB

Persistent data can be insecure though using encrypted persistence should go without saying. If you choose not to encrypt, the system can be compromised and the persistent data if sensitive in nature and if left localized on the USB will make it an attack vector as well as leaving the potential to run out of usable disk space.

Some changes pending on the type of system are not saved persistently, In some cases further modification is required to enable things like graphical card settings and network card settings to be saved. This is an issue if you plan on switching machines often with your USB.

Slower boot up and shut down time On boot, the USB has to run a series of compatibility tests to make sure that it can run well on the machine. This slows down the boot up time greatly. This is added to the data saved to your USB, potentially making shutdown longer as well.

Making A Persistent USB

Fundamentally we are just installing GNU/Linux to a USB instead of a typical internal hard-drive. In order to do so we are going to need...

To make a Persistent USB in a current Linux system via your terminal the following steps can be taken. With your target USB in your computer, open terminal.

lsblk (This will readout a list of device names, find your target USB in the list and make note of the /dev/sdx After use the dd command carefully.)

sudo dd status=progress if=PATH/TO/ISO of=/dev/sdx

After the USB ISO is made, plug in your target USB for your system and reboot into your BIOS or Boot Selection screen either by hitting ESC, F1, or F12 and select the USB ISO, Following the steps in the installer you want to always target the second USB designated for our system. After installation is complete you can remove the Installer USB and reboot into your new system.

In Summary

I have always been a big fan of this storage type and installation. I do recommend this to anyone who is concerned for their device and data security and/or privacy, while you do run the risk of losing or damaging the USB, I still make it a point to say BACK UP YOUR DATA. But even with the risks mentioned above I find this to be the best way to use your favorite GNU/Linux operating system.