This sounds like a nefarious question but it's really not. I have a work laptop and I need to get some personal planning done after work tomorrow. Naturally I don't want to carry 2 laptops or run the laptop on the internal hard drive for personal use, but going back home and out again is very inconvenient. So my question is - would dual booting via an SSD (that I already use on another machine) leave any trace on the internal hard drive?
Honestly, I don't expect this to ever be a real issue, I doubt anyone will ever check or even care, but I just want to keep my work stuff entirely separate from my personal stuff. So if there's a fair chance I could muddy the two in any way by doing this, I won't - but it's my understanding that dual booting would be more or less adequately secure?
It wouldn't leave traces that would be likely to be detected unless you work in a national security sensitive area or other restrictive environment with very high security needs.
I admit I'm not familiar with the exact forensic traces in such a situation so this is largely an informed guess but assuming you're booting to Windows and the laptop has Windows installed already, your Windows install will touch the NTFS file system on that drive in a way that will leave forensic artifacts. Assuming you don't open it up and explore through the folders these would be extremely minor and unlikely to be noticed via automated means, only through an extremely thorough manual forensic examination.
Now UEFI may or may not give you trouble. You'd need to either disconnect the work drive or enter settings to change the boot drive to your new drive then change it back.
The thing to know about dual booting is assuming an operating system can read a drive (knows the file system, it's not encrypted) it can read the drive and everything on it. So if you have anything on your personal drive you don't want to chance your employer being able to see with work-spyware you wouldn't want to boot into your company install with your personal drive connected.
Other poster makes a point that Windows would not react well to being moved to another machine. It would probably trigger a demand to re-activate it which isn't a huge issue on windows 10. But the bigger problem might be drivers for hardware on your other machine being present and drivers for the laptop being absent.
All in all I wouldn't recommend moving disks with OS installs around and booting on dissimilar hardware if possible.
Windows 10, presumably 11 as well, doesn't seem to care about being moved to new hardware. Usually you just get the "please wait while we get ready" type of screen and it just works. Obviously game ready device drivers for graphics hardware could interfere, some laptops don't have great firmware for switching between a low power GPU and dedicated GPU without some specific drivers that Windows can't manage to automatically resolve.
Unless the work laptop had extra care put into security, probably not. If the OS drive is encrypted and leveraging a TPM, it's possible that the other drive being installed would fuck the TPM config though and make the main drive unbootable even if the procedure were completely reversed. Then someone with access to the recovery key for the drive would have to take some action to get back into the OS. You can try running manage-bde.exe and see if you can view your own recovery key, that would make TPM stuff mostly irrelevant (but you might not be able to reset the TPM without UEFI/BIOS access so you'd have to enter the long recovery key on each subsequent boot) though the endpoint protection software they use might log recovery key operations, I know Windows Defender for Endpoint/Identity will so if your business uses InTune or anything I'd be careful about that. There are also laptops sold to Enterprise that still feature LoJack for some reason, so if you boot into a new Windows OS the UEFI/BIOS will drop some LoJack related rootkit drivers into the OS Folder and autorun them at launch. LoJack doesn't really report back anything about machine names changing or anything, but I'm sure it would be logged in their database. Honestly if the machine did get stolen later on, odds are the alternating machine names prior wouldn't even come up in any communication with the company. The LoJack folks would just try to identify where the laptop was now, if someone did swap the drive, but I think some people stealing laptops are smart enough to flash the bios or swap the bios chip with a clean bios that has LoJack disabled...
When I was involved in security an endpoint would be locked down to only boot from a specific device, otherwise it would just sit on an unbootable device based on our boot order, even if the OS drive were swapped.
Do only have one connected at a time ideally thoug, there shouldn't really be anything detectable unless the device decided to reorder the boot order or something weird. Odds are nobody would ever notice it though, unless your machine were being forensically examined and the place had a super well-documented build process defined, it would still be pretty inconclusive.
With a portable OS install it should work, the only trace could be an entry in whatever boot manager the system uses but there are probably ways to circumvent that (not using it to load your OS)
I don't think this would work; pretty sure windows will freak out if you try to run it from a completely new computer with different hardware. You could set up a Linux live-USB that would allow you to boot into Linux without leaving any traces on the machine, and you could then plug in your drive as an external so you have access to your files. But if you need to actually boot into your personal PC's Windows install, I think you need to bring it along too :(
Edit: realized you didn't mention Windows. Not sure if the above also applies to a standard Linux install but my guess would be yes.
I have had Windows work switching between two laptops with very similar (though not identical) hardware, but it is a much bigger dice roll than something like Debian. In general, Linux handles this much better because the vast majority of drivers are open source and included with the mainline kernel, whereas you often need to go hunting down drivers on Windows.
WRT OP: This is definitely something you can do, but you need to pay close attention to how the secondary operating system is set up. You could boot TAILS for instance (or something along those lines). You could set it up to boot from the SSD. You could probably find something that does the job at much lower paranoia levels as long as you understand how it's configured.
If you need a temporary solution, you could try booting any live-cd Linux distribution. These generally won't leave any traces on your system as long as the hd filesystems aren't mounted. They just won't run as fast from a DVD/thumbdrive as they would from a SSD.
You can read and modify what's on one drive from the other, so you could mess up if you're careless. If you want better isolation, leave only one drive installed at a time.
Windows won't like you doing this: it will reboot many times to install drivers and may mark your install as pirated. Linux generally does not care if you move it to a different computer.
