How easy is it to swap the hard drive, and can it run Windows? And is it safe?


#1

I ask this because if I buy a Purism laptop, there’s a high likelihood I’ll still need to use Windows for some things.

I wanted to ask if it’s easy to open up and pop in your own hard drive, in my case specifically being an SSD.

Second, if I do so, if it’ll run Windows without any problems if it’s already installed on said hard disk.

Thirdly, if it’s safe. I wouldn’t want to do it if there’s a risk that software in the Windows hard disk could infect other components in the laptop. But this is something I’m not quite educated on and don’t know if it’s possible.

In the end, most of the things I use a Windows machine for needs a good dedicated GPU anyway, so I’l probably just be getting a second computer for that stuff. This would just cement my original plan of “Have one computer for communication and business, and another computer for fun and games” into place I suppose.

Thanks.


#2

Yes. Slim, 7 mm (up to 10 I believe) height.

No, you need to reinstall.

No. Windows itself is a privacy/safety risk.

It can’t infect other components, but remote attacker can use them to get unauthorized access to your laptop. Luckily, you can protect yourself with hardware kill-switches, but you won’t have internet connection if you kill wifi for example.


#3

I’ll have to take it out and see how big it is. It’s an OCZ Max IOPS from 2011, might be biggish, not sure.

Huh, that’s kinda strange. Is it for driver reasons? In that case I suppose there’d be no sense in doing it because part of the reason I want to use it is that it has my files on it.

Well, that wasn’t really what I meant. That’s a no-brainer, after all the main influence in switching to Pruism is because Windows isn’t privacy respecting and the NSA are a buncha hacks. I was more referring to the “can it spread to other components” thing.

I have to use Windows for certain programs like my video editor and many Steam games. Though I do my best to secure the system by using Windows 10 LTSB (as opposed to consumer versions) and first changing all the privacy settings and then using Windows 10 Privacy, DisableWinTracking, and Group Policy settings as well as adding a ton of stuff to the hosts file. That’s pretty much the best anyone can do to it.

But yeah, I was more asking “is it safe?” in regards to it spreading to the system, I’m not sure if it’s theoretically possible for something to infect the chipset or something. I was asking that because I wanted there to be no risk that when I pop-in the Linux drive again, there’ll be no potential problems.

Again, not exactly what I meant. I know that Windows isn’t safe while Windows is in use - I just use it for things that I really don’t care if the NSA or whatever three-letter-agency sees - like video editing and video games.

When the Linux drive is in, that means I want to do more secure things. I don’t care if the NSA sees me playing Team Fortress 2, they can just watch my skills then :stuck_out_tongue: .

But I do care about them snooping on my private conversations, or what I mayyybe do in the darkweb and torrent sites. That’s when the Linux side comes into play for me. I really rather they not be making a web of my social relationships and communications and stuff like that.


So yeah, I know the risks of using Windows. Rather, I was just wondering if malicious code could theoretically infect deeper parts of the system that aren’t on the hard drive, like if it could jump into the chipset, BIOS, stay in the memory somehow, etc. I’m not versed on that kinda stuff. I’d be sure to take out the battery for a while between hard drive swaps since I know memory can only hold anything while electricity is supplied… does the laptop have a CMOS battery?

Thanks.

Edit: Upon looking into what form of laptop I may want, I noticed something that may have caused some confusion. I think maybe you thought I’m talking about putting a drive in the hard drive bay and leaving the M.2 in as well, don’t you?

If I do this I’m going to look to pull-out the M.2 drive beforehand. I’d want to take out the M.2, put in the SSD, and use it as the boot drive by choosing it in the bios menu. I wouldn’t want any other storage media inside it when I do this because I don’t want anything to potentially spread.

The generic drivers in Windows usually works cross-platform on most systems. I won’t use the camera or microphone anyway so I don’t really care if stuff like that doesn’t function without a driver installation. Audio, yeah I’d probably try to make sure that works at least.

Overall I may just wait on all that until I get a new Windows computer.


#4

Yes. I’ve never heard Windows installations can easily change hardware like this. You could try, though, and see how it will behave.[quote=“Alex, post:3, topic:984”]
I was just wondering if malicious code could theoretically infect deeper parts of the system that aren’t on the hard drive, like if it could jump into the chipset, BIOS, stay in the memory somehow, etc.
[/quote]

Have you tried googling for this? :slight_smile: Information in RAM is retained for a while after a powerfailure or if you pull RAM module out, but I don’t think this is the case if you shutdown ir restart the laptop.

Yes.

Nope.

Windows can’t read Linux filesystem. There was a driver for ext2 and ext3, but it’s old and unmaintained, and I don’t know if it can work with ext4. But in theory, there could be malicious code that could format other partitions (therefore destroy your data).


#5

The Windows 10 generic drivers tend to be pretty cross-platform in my experience, but even if there was a driver issue I’d just use one of my tools to scan and find more appropriate drivers, assuming at least the network adapter works fine - if not I’d have to install that manually first. Of course, I don’t really care if the webcam and microphone don’t work - when I want to do something like that I have an external camera and podcast mic I like to use, integrated ones quite honestly just suck by comparison. And I use an external AMP/DAC for audio, which driver is already installed, assuming it would still recognize it on the new motherboard.

Thanks for the rest of the info. Overall I think I’ll just be leaving the hard disk out for security reasons, I feel wrong exposing it to anything even if any threat is just theoretical and highly improbable.


#6

if an os can write to firmware or the bios, it can infect that. is this possible with purism? its theoretically possible to infect graphics or network hardware too.

when the company was young, i asked about disabling a given drive in bios, so you could, for example, have windows on one without having to physically swap them. then it was impossible. has that changed since?


#7

You can’t do this with latest PureOS kernel, you need to boot it with special boot option.

Nope, we now switched to coreboot and coreboot itself does not have any options.


#8

Could you use Qubes-OS with a Windows APP vm?


#9

Late in discussion but read on…

Well “You can’t do this with latest PureOS kernel” certainly needs to be explained… In the case of this guy that is asking if it can runs Winblows on it (I’d NEVER do that), there are malicious code floating i the internet that will infect the BIOS firmware… So in the case of any PC/Laptop, we’ve been asking for a physical write protect switch / jumper to protect the BIOS for years… So kill switch is “cool” for wireless but it is IMHO more important to have one for BIOS protection… NSA, China, name it: They have it all…

On top of that, it’s an Intel chipset based laptop: It’ll certainly embed Intel Management Engine, a hardware access without you to notice. How Purism addressed that?


#10

Purism has invested a lot of time in neutralizing the IME - check this page for some info and links to more in-depth write-ups:

https://puri.sm/learn/intel-me/