this post was submitted on 05 Feb 2024
58 points (79.6% liked)

Linux

48338 readers
630 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I currently have a Dell laptop that runs Windows for work. I use an external SSD via the Thunderbolt port to boot Linux allowing me to use the laptop as a personal device on a completely separate drive. All I have to do is F12 at boot, then select boot from USB drive.

However, this laptop is only using 1 of the 2 internal M.2 ports. Can I install Linux on a 2nd M.2 drive? I would want the laptop to normally boot Windows without a trace of the second option unless the drive is specified from the BIOS boot options.

Will this cause any issues with Windows? Will I be messing anything up? For the external drive setup, I installed Linux on a different computer, then transferred the SSD to the external drive. Can I do the same for the M.2 SSD – install Linux on my PC, then transfer that drive to the laptop?

Any thoughts or comments are welcome.

Edit: Thank you everyone! This was a great discussion with a lot of great and thoughtful responses. I really appreciate the replies and all the valuable information and opinions given here.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 6 points 9 months ago

As many companies now use Bitlocker encryption, you’ll probably Bitlock your work partition by trying to install the second drive internally. IF YOU MUST boot to another drive, keep it external. And DO NOT unlock or mount your work partition in your personal OS. Really, though, you shouldn’t do this at all.

[–] [email protected] 5 points 9 months ago

🙃

How badly do you need your job?

[–] [email protected] 19 points 9 months ago

Any thoughts or comments are welcome

If this is a corporate decide your cyber security team have really dropped the ball by enabling you to change the boot order.

[–] [email protected] 8 points 9 months ago

Damn my laptop has secure boot and extra on top , I believe the usb ports are physically disabled.

I assume everything is watched on what I'm doing. Can't remember the wording but i can't do shit without getting in a heap of trouble.

Browser add-ons are like a 2 week process to get approved

[–] [email protected] 7 points 9 months ago* (last edited 9 months ago)

In most cases, work laptops have software(s) installed to automatically keep track of these activities, and flag it to security team of your organization. At that point, it will either lead to a formal warning to you, or termination/forced resignation.

From organization point of view, this is to avoid any accidental (or intentional) leak of confidential data, and/or accidentally (or intentionally) infecting your (work) system with malware/ransomware.

The latter had happened in one of my previous organizations, and the person responsible was terminated from job immediately.

[–] [email protected] 14 points 9 months ago (1 children)

You can buy a used ThinkPad T480 for like $75 on ebay. A lot cheaper than having to explain your shenanigans to Maude from HR.

[–] [email protected] 7 points 9 months ago

Honestly, this is good advice. It's much better to keep personal computer activity on a personal device, whether that's on a ThinkPad or anything else.

[–] [email protected] 4 points 9 months ago

I knew someone who did this but swapped out the physical hard drive each time. I wouldn't dual boot because then it's much more obvious to IT what you've done.

This is only realistically feasible though if the hard drive is easily accessible. If it's something like a Mac or soldered in dual booting is your only choice. As others have said, this could get you in a lot of trouble with your company. Check the docs you've signed

[–] [email protected] 6 points 9 months ago

I work in IT and that's what I do lol

[–] [email protected] 34 points 9 months ago

IDK about other places, but the document we make our users sign make it clear that modifying the internal hardware is a fireable offense.

The laptop isn’t yours, use a personal device for personal stuff, and work device for work only.

[–] [email protected] 2 points 9 months ago

I think this is a good idea. You may want to use a different MAC on Linux, true.

Also only use the personal drive at home if you fear being spied on.

The chance that your company embeds spyware in the BIOS is like 0%. If you can press F12, Windows is off and you will not be spied on.

Otherwise make sure to do real reboots and use this shutdown command to really turn off windows, as otherwise it hibernates only.

[–] [email protected] 5 points 9 months ago

For anyone wondering about the security issues caused by this, even if the windows partition is encrypted, it's still possible to get secrets from the Windows install.

If you have root access to a Linux machine, you can easily replace the Windows kernel loader with one that looks just like Windows, but does nothing other than steal your encryption password on login/boot.

Secure Boot/TPM would protect against this, but Linux users (especially those that are more lax about security) tend to disable it as part of installing Linux.

[–] [email protected] 9 points 9 months ago (1 children)

Looking at the replies I'm happy I line in Germany where none of this is legal without signing a document that explains in detail how exactly you are surveiled.

[–] [email protected] 7 points 9 months ago

None of these answers talk about watching you or your actions, only the device and the network.

[–] [email protected] 27 points 9 months ago

apparently you are unaware of how much monitoring goes on in corporate IT. you're lucky they haven't already found the mac address yet booted with a different os, or maybe they're already onto you.
I would stop doing what you're doing immediately and hope it's not too late

[–] [email protected] 15 points 9 months ago

This is just a bad idea in general.

load more comments
view more: next ›