I currently have a Dell laptop that runs Windows for work. I use an external SSD via the Thunderbolt port to boot Linux allowing me to use the laptop as a personal device on a completely separate drive. All I have to do is F12 at boot, then select boot from USB drive.

However, this laptop is only using 1 of the 2 internal M.2 ports. Can I install Linux on a 2nd M.2 drive? I would want the laptop to normally boot Windows without a trace of the second option unless the drive is specified from the BIOS boot options.

Will this cause any issues with Windows? Will I be messing anything up? For the external drive setup, I installed Linux on a different computer, then transferred the SSD to the external drive. Can I do the same for the M.2 SSD – install Linux on my PC, then transfer that drive to the laptop?

Any thoughts or comments are welcome.

Edit: Thank you everyone! This was a great discussion with a lot of great and thoughtful responses. I really appreciate the replies and all the valuable information and opinions given here.

  • FigMcLargeHuge@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    10 months ago

    Here’s a scenario for you. His laptop running his linux os gets hacked. Said hacker discovers another drive with windows or an encrypted partition. Now he could sit there and try and de-encrypt it, or if he has the time and inclination just completely overwrite it with whatever he wanted. OP finishes what he is doing and reboots back into what he expects to be his work provided Windows OS, and sees some error message, or maybe nothing at all. In the background the hackers OS which is now running just leads him on while it’s doing what it needs to do, like scanning the network it might be connected to. Or prompting him for a id/pw.
    Regardless, the linux os will have access to the drive the Windows os is loaded onto. Now what happens to it may or may not be relevant, but it will be a writeable drive, therefore it will be suspect to manipulation.

    • beeng
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      10 months ago

      I’ll come along with your scenario just for fun.

      • the decrypt part. Yes granted! But heavy workload

      • the overwrite stuff. Yes could be dd’d but this is like an nvme drive frying itself by itself. Not uncommon, eg a user spills coffee on the machine.

      • writeable. AFAIK with bitlocker they are hashed and salted and therefore would be corrupted if you opened again with manipulated data.

      • the phishing os, yes a possibility, but would need to be very spear fishing orientated to get the same profile photo, username etc, and then it would still be empty.

      • if you connect to wired company network, totally compromised. I am 100% remote so this one skipped me, but yes this one is completely cooked.

      Thanks for saying an actual scenario also, most were like hurr dürr, don’t do it.

      • FigMcLargeHuge@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        writeable. AFAIK with bitlocker they are hashed and salted and therefore would be corrupted if you opened again with manipulated data.

        No problem. This part right here might be enough to cause concern. Lets say it isn’t a hacker, but just someone dicking around with his linux os, and manages to accidentally write to the bitlocker drive. I don’t know enough about bitlocker, but writing random data to an encrypted file is a great way to corrupt it. So if nothing else he could possibly corrupt his work os. And then hope that they buy the old “I don’t know how it broke.”

        When I was making this all up in my head, I was thinking that if I was a hacker and wanted to just mess with people, I wouldn’t need to write a huge os, just overwrite his os with something like a DBAN iso. Something small, but again any tampering with the drive would likely invalidate the bitlocked os. So even just a dd if=/dev/zero of=/dev/{os drive} and that’s all she wrote.

        • beeng
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          10 months ago

          It’s all true, but the deleting of data is so common from the simple coffee on laptop trick that you’d think if your work was that important you’ve already got it setup with Dropbox/one drive on My Documents for the non-eng types and git for the rest.

          Can’t lose too much.

          I was more worried the data would get out, not corrupted.