Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Key stroke logging and internet banking

  1. #1
    Join Date
    Feb 2014
    Location
    Somerset, England, UK
    Beans
    38
    Distro
    Ubuntu 12.04 Precise Pangolin

    Key stroke logging and internet banking

    I have a question regarding internet banking: will Ubuntu 12.04 keep intruders out who are attempting to log key strokes, or any other means of hacking into my account. Perhaps the answer is that Linux doesn't have open ports by default; unlike MS Windows.

    I have read conflicting articles on the subject of virus attack/scanning and vulnerabilities. Could someone please offer a definitive answer/guide on this.

    Comodo have a free virus scanner which purports to be for Linux, CAVL, however, some people say it is of no practical use. What really are the facts?

  2. #2
    Join Date
    Feb 2008
    Location
    Planet earth, for now.
    Beans
    Hidden!
    Distro
    Xubuntu

  3. #3
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    5,319
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Key stroke logging and internet banking

    Ubuntu is probably vastly safer than windows for internet banking, but nothing is totally secure, so no guarantees.
    Your best bet is to use an Ubuntu live CD - boot it immediately before visiting the bank web site, and don't visit anywhere else.

  4. #4
    Join Date
    Nov 2011
    Beans
    1,043
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Key stroke logging and internet banking

    I'd bet most keyloggers are installed, unwittingly, by users who fall prey to phishing attacks, etc. The status of the ports won't make much difference in those cases.

    My choice would depend on the security procedures my bank puts in place. My bank's site does not allow the browser to remember passwords (not that I would anyway). It uses a two-factor login system for routine activities like balance checking and making bill payments to established payees. If you try to take money out or change the account -- like set up a bank transfer, establish a payment to a new recipient, etc. -- then you also need to traverse another level using a temporary code generated by a card the bank sent you. Without that, the only money transfers that can be made are bill pays to the accounts I've set up.

    So, I feel reasonably secure. Plus, I bookmark what I know to be the bank's URL and I only access it from one machine. I *never* access the bank's site from a machine I don't own.

    As Cog suggests, booting a live image off a CD or USB is likely to be the most secure, if you can tolerate that, A USB will be much faster.
    Last edited by buzzingrobot; February 18th, 2014 at 03:00 PM.

  5. #5
    Join Date
    Dec 2008
    Location
    England
    Beans
    88

    Re: Key stroke logging and internet banking

    I don't recall any internet bank allowing access to an account without at least some use of picking characters using the mouse pointer, so key stroke loggers should be inadequate on their own.

  6. #6
    Join Date
    Feb 2014
    Beans
    19

    Re: Key stroke logging and internet banking

    CAVL doesn't actually work (at least not in real-time mode) on Ubuntu beyond 12.04.2 (ie beyond kernel 3.5).

  7. #7
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,337
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Key stroke logging and internet banking

    Quote Originally Posted by philromford-q View Post
    I have a question regarding internet banking: will Ubuntu 12.04 keep intruders out who are attempting to log key strokes, or any other means of hacking into my account. Perhaps the answer is that Linux doesn't have open ports by default; unlike MS Windows.
    You've asked that question in a strong way. You're asking "Will Ubuntu 12.04 keep intruders out", which sounds like you're asking if it actively fights against attacks. It doesn't. No operating system does.

    However, Ubuntu is designed in a secure way from top to bottom. Separation between administrator and user, better sandboxing of programs, memory layout randomization, execute permission (no executable programs you download can be run until you explicitly give them the Execute Permission), and even the repositories which make you much less likely to go trawling around the internet looking for software and inadvertently downloading trojans. There are very few vectors for attack that are open in a default install of Ubuntu. Keep your system up-to-date and those few vectors get patched.

    If you previously used Windows XP... well, that operating system was a joke. Ubuntu 12.04 will be ten times more secure than Windows XP. It'll even be more secure than Windows 7 or Windows 8. Just don't go trawling across the internet for random software to download, that's how most people on Windows got their identities stolen.

    I have read conflicting articles on the subject of virus attack/scanning and vulnerabilities. Could someone please offer a definitive answer/guide on this.

    Comodo have a free virus scanner which purports to be for Linux, CAVL, however, some people say it is of no practical use. What really are the facts?
    More people were killed by sharks in Australia last year, than were infected by Linux viruses in-the-wild worldwide last year.

    Rootkits are a different story. System admins get infected by rootkits, but they are pieces of code targetted directly at a single system. Unless you're running anything of value on your computer, and have internet-facing servers running (such as Apache web server or SSH Server) you'll never have anything to fear from rootkits. You'll never see them.

    If you run an anti-virus program for Linux, then you should also wear a hard hat everywhere you go. More people worldwide get killed by falling coconuts than get infected with Linux viruses. MANY more people. It's sad for the poor tourists who go home in bodybags, but lucky for Linux users because we don't have to use anti-virus.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

  8. #8
    Join Date
    Nov 2011
    Beans
    1,043
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Key stroke logging and internet banking

    If a Linux machine is on a Windows network and passes Windows files around, running a local anti-malware package will help keep Windows malware from being inadvertantly passed along in email and the like.

  9. #9
    Join Date
    Feb 2014
    Beans
    41

    Re: Key stroke logging and internet banking

    Quote Originally Posted by The Cog View Post
    Ubuntu is probably vastly safer than windows for internet banking, but nothing is totally secure, so no guarantees.
    Your best bet is to use an Ubuntu live CD - boot it immediately before visiting the bank web site, and don't visit anywhere else.
    If i can add my two cents, I'd like to make a counter-point to this. The LiveCD doesn't work well with all updates (i.e. some updates require
    you to reboot, which you can't do on a LiveCD without removing the updates). If a software were to have a problem like a vulnerability, someone
    would have easier access to 'breaking in' to the LiveCD then they would to a persistent OS that has all of the proper updates.

  10. #10
    Join Date
    Aug 2009
    Location
    Charleston, SC (USA)
    Beans
    1,207
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Key stroke logging and internet banking

    If you want to keep on the LiveCD vein of thinking there is a distro based on Debian called TAILS - The Ammensic Incognito Live System. The whole aim of the distro is to preserve your privacy and anonymity. Its not meant to be a install and used like a regular distro but as a companion CD while you travel around. You could use it for your banking needs and then reboot back to normal Ubuntu upon completion.

    3rdalbum you sir nailed it. +1 from me

    ~Caboose
    UA Team Member
    "When our actions do not, our fears do make us traitors." -- Shakespeare
    "Unless someone like you cares a whole awful lot, nothing is going to get better. It's not." -- Dr. Seuss

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •