@cybertrapped ,
1) TPM is used to securely store passwords and pin's, and I think only MS is using it. At least Ubuntu does not seem to utilize it.
2) Door locks only serve to Delay an intruder. Door locks are rated by how it can withstand assault. The security it offers is a delay feature, where hopefully a security guard or police will arrive on the scene and the intruder either flees or get apprehended.
3) Taking the modem along with you may not help. Once the modem is exploited thru a network attack, it's firmware may have been changed already. Or the attacker can re-exploit the modem whenever he wishes because he has an exploit/hack tool.
4) You speak of your machine being hacked before it is connected to the internet. There is such a thing as WiFi direct, it is a WiFi standard that allows connection to nearby machines. In Windows, WiFi Direct bypasses the firewall. There is no controlling it. A hacker can connect to your pc directly without a router. Particularly on Windows, you have to go the Device Manager, find the network adapters bullet section and expand it. You should see 2 WiFi Direct entries. Right click and delete them. Deleting them does not affect normal WiFi operation.
Additionally, even you have not 'connected' to the internet (meaning you opened a browser to surf to a web site), you may have joined a WiFi network - your home WiFi network. Know that a hacker in a nearby apartment can Over Power your router's signal and put up a fake network with the same name. You will connect to it and the hacker can attack your pc because that is his network and his machine is connected to it also. There isn't any sign or clue. Your WiFi password will be accepted because that network will accept anything. So don't use WiFi if you live in a crowded neighbourhood.
5) The way to verify that the downloaded Linux ISO is clean and not modified is to check it's SHA256 signature. You can use the Windows Powershell command: Get-FileHash <filepath> -Algorithm SHA256 . You can then compare that to what is provided on the distro's download page. Buy a big USB stick. Use it to hold the big ISO file you downloaded. And connect it and run Get-FileHash on different computers. On Linux, the command is 'sha256sum'.
Or you may be asking about application 'packages' downloaded by using DNF, RPM or APT-GET. These commands will verify that the downloaded software package is intact automatically.
6) Public computers are not trustworthy of course. But it is unlikely that the hacker would have modified the Get-FileHash command executable. If you don't trust a particular library computer, you can double, triple check it using several machines. (your friend's, your father's, your school's )
7) If you don't trust your ISP Cox's provided modem, then you should get your own or add a router. Preferably one that has a firewall. Routers can claim to have a sorta firewall because it implements NAT (network address transalation). But a true firewall has user creatable firewall rules feature. If there isn't a rules page on the router's configuration site, then it doesn't have a firewall. I use this:
Amazon.com
8) ErzCrz has a good tip. Change your WiFi password once a month. Most Password Managers can generate a complex password and remember it for you.
9) Bluetooth is able to transmit thru longer distances with each revision. It is an attack vector. I don't remember the details of the particular hacking tool. Just turn it off in Settings.
9) Patching may not resolve your problem. a) There exists exploits and attack tools that Microsoft knows nothing about. b) As soon as MS releases a patch, hackers work to reverse engineer the patch to over come it the very next day. Hence the terms Patch Tuesday and Exploit Wednesday. You need to disable things on your OS that you don't use. Things that aren't running cannot be attacked.
10) Even though several MT members have ridiculed you, you do have to learn more about the indicators of a hack. It helps you by saving your time spent on recovery and time spent worrying, and it is useful to be able to explain your circumstances. One way is to know your OS thouroughly, remember what you did, and what you didn't do; and also know that the OS doesn't do that thing on it's own as a background process. Then after identifying the attack, you devise ways of stopping it from occurring again.
The MT forum users over rely on antimalware detections. The things antimalware knows about are mass distributed malware. The key here is 'mass distributed'. If the hacker does not make malware and post it everywhere, then the AV people will have 0 chance of knowing about it.
Look at it this way. Metasploit, the hacking tool, has been around for many years (2007). It is only until 2-3 years ago that AV Comparatives made a test to test the participant vendors with attacks created by this tool.
Know this too: You have to put up 'layers' of defenses. Use the tools provided by your distro. If you choose to use Fedora, then learn SELinux and create profiles for the applications you use. Know how to use the permission system of Linux. Know how to craft firewall rules. Use your preferred AI and ask what security tools that Fedora has built in.
If you have questions you can PM me.
Have fun.
