1. 11
  1. 1

    If you were booting from this usb-stick, as a “live-cd”, with a save-file on the internal drive, if you wanted to change the kernel vmlinuz, or edit the initrd, you can’t, you have to rebuild the entire ISO.

    Personally I think this is the key point.

    1. If you want to boot a machine you own/trust with Linux frequently/repeatedly, you’re probably going to want to install to a local storage device, because USB devices will never be as fast.
    2. If you want to boot a machine that you trust a lot less, you probably going to want your OS volume to be immutable, ideally more strongly immutable than using a format that’s difficult to change.

    There’s probably somebody out there who boots their personal device into Linux once every three months, doesn’t want to commit local storage to the task, and needs that image to be able to service itself, but it seems like an uncommon case to me.

    On this note, if anyone knows of good USB attached devices that provide hardware immutability for use in untrusted devices, let me know :)

    1. 2

      On this note, if anyone knows of good USB attached devices that provide hardware immutability for use in untrusted devices, let me know :)

      SD to USB with an SD card that handles “internal write protect”? That’s an optional part of the SD specs.

      1. 1

        Do such SD cards exist, though? Every SD card I’ve ever seen does have a write protect enable “switch,” but it works just like the one on a 3.5” floppy – that is, it’s just a mechanical marker that can be taped over.