If I dual boot Windows 10 and Ubuntu, could a keylogger affect me if i'm on Ubuntu?

boot windows

If I have a keylogger on Windows 10, can it affect me when I boot into Ubuntu on the same computer.


Solution 1:

No: when you boot into Ubuntu, programs stored on the Windows 10 partition cannot be run and cannot log what you are doing on Ubuntu.

Windows also can not store files on an Ubuntu system since it does not recognize ext4 filesystems.

So for a virus/keylogger/whatever to infest Ubuntu, it would need to magically move itself to something you can open in Ubuntu. You need to activate that something by making it executable, clicking it in Ubuntu to run it and it would need to have valid instructions for an Ubuntu system to be able to run.

Not going to happen any time soon.

A possible method (but it is a stretch): from Windows you get infected by UEFI malware; when Ubuntu is booted it copies some software over to your Ubuntu system and executes itself. (that is assuming something can be copied over from an UEFI partition to another partition).

Solution 2:

As some comments have already stated, it's absolutely possible that a malware can jump between different operating systems on dual boot. There are only two barriers the malware must overcome:

  1. It must bring its own ext3/4 driver to handle the file system used by Ubuntu
  2. It must run with high privileges in order to access the required APIs

Everything else is just a question of the attackers intentions and skill. I don't know any case where "COTS" class malware did this. But when you look at some "weapon" class of malware you'll see modules to persist in BIOS or even the firmware of your hard drive. You will also see that it's highly modular so that every kind of functionality can be added at any time. So if the attacker thinks its necessary, there will be a module for it.

However if you are using full disk encryption (not only /home) it's much harder to jump over.

Otherwise the attacker could just modify existing binaries or scripts which are executed by default by the system.

Solution 3:

Windows 10 can only track you when it is booted. As privacy-invading as Microsoft is, they can't legally (I hope), make it so something is injected into Ubuntu to track you there too. Unless Windows is booted, it is completely inactive, tracking features and all.

Related

Hard Drive error: bad/missing sense data
Prove: $\int_0^{\infty} \frac{\ln{(1+x)}\arctan{(\sqrt{x})}}{4+x^2} \, \mathrm{d}x = \frac{\pi}{2} \arctan{\left(\frac{1}{2}\right)} \ln{5}$
A definition of Conway base-$13$ function
German sofa primes: Can both $q$ and $\frac{q^3+1}{2}$ be prime?
Algorithm for generating integer partitions
Checking whether a graph is planar
How to write "let" in symbolic logic
Homomorphism between cyclic groups
Minimal axioms for a group
Alternative construction of Direct Limit
Building the integers from scratch (and multiplying negative numbers)
Mutual Information Always Non-negative