Load Kicksecure into RAM

Hello. I have read an article from the anarsec guide about best practices using Tails. It recommends to use a write protect switch. It mentions two methods (using a USB drive with a write-protect switch and using a mircoSD card) that relies either on a proprietary hardware, or on a method that is not secure (SD card write protect switch asks for a protection but does not physically prevent writing on the disk).

But the article mention one way that could provide a provably secure operating system : Load the OS into RAM. The idea would be to boot the ISO on, load it into RAM, unplug the drive, and then start browsing the internet and maybe expose to viruses and malwares. My proposition is to add an option to load Kicksecure/Whonix Host into RAM with a graphical interface.
Sorry for my grammar, English is not my native language.

P.S. : I know that compromising the Kicksecure/Whonix source code would make this protection futile, but three-letters-agency-secret-supply-chain-attacks-operations aside this would allow a nearly invulnerable system against virus persistence.

Try using Kicksecure ISO Live Mode and apply a Temporary Kernel Boot Parameter Change by adding kernel parameter:

rd.live.ram=1

Boot.

Then try to remove the boot medium.

Untested.

dracut cmdline man page:

Keep in mind firmware compromise is still a possibility in some instances, see:

There are measures some (many?) systems take to prevent firmware compromise, but oftentimes these are vulnerable, improperly set up, or absent, and peripheral firmware may be vulnerable even if the machine’s BIOS firmware is protected.

As usual, whether this matters or not depends on your threat model.