0

I currently have two hard disks connected to my computer, one internal and one external(via USB3). The internal one has Windows 10 installed while the external one has Debian. All my important data is also on the external drive. My primary OS is Debian and I rarely use Windows (for some softwares that are Windows-only).

I'm afraid of the Windows installation getting malware infected and corrupting the external drive. Is there a way to "ban" Windows from accessing the external drive without having to physically unplug it i.e. the external drive becomes "ïnvisible" to Windows?

Improve this question
6
  • 1
    Why don't you just not mount the volume from within Windows using Disk Management? If you don't assign a drive letter software cannot access the volume.
    – Ramhound
    Commented Sep 11, 2020 at 4:12
  • Ìf a malware gains admin access, won't it be able to mount it
    – Aditya Pratap Singh
    Commented Sep 11, 2020 at 4:15
  • It would have to be aware the volume exists. Use the appropriate measures to avoid malware. I think you are overthinking this potential risk. Most computer users don't actually download malware, especially those who are familiar with Linux. Use the appropriate software to help you identify sites known to transfer malware, software the will prevent malware from being downloaded, and as a last line of defense, if malware is running, stop it in its tracks (after it did something). You can also configure Windows to block a drive letter's ability to appear in File Explorer also if you want.
    – Ramhound
    Commented Sep 11, 2020 at 4:19
  • @Ramhound "... You can also configure Windows to block a drive letter's ability to appear in File Explorer also if you want" Could you please explain?
    – Aditya Pratap Singh
    Commented Sep 11, 2020 at 4:21
  • There is a group policy that will make it impossible to assign a volume a drive letter, which makes it impossible, to assign a drive letter to an external drive.
    – Ramhound
    Commented Sep 11, 2020 at 4:47

1 Answer 1

Reset to default
1

If you're really that concerned, you need to unplug the drive physically. Sufficiently capable malware could infect the Windows kernel and bypass any policy in place, accessing the drive directly or with a loaded file system driver. The only way to be sure a peripheral is not accessed is via making it physically inaccessible.

However, having said that, this is not a scenario I'd be especially worried about. A reasonably cautious user (which you seem to be) using up-to-date system and software is at low risk from malware, and if you use the built-in Windows Defender, you'll probably be fine. Even though Windows isn't my favorite operating system, it isn't intrinsically a cesspit of malware, and even if you did get some malware, your external disk is probably not using a file system (e.g., ext4) that Windows knows how to read without an external driver, so it would be practically inaccessible without serious, determined effort. Unless you have some reason to be worried about major corporate or state-sponsored actors, it's probably not going to be a problem.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .