Key stroke logging and internet banking

[philromford-q]

I have a question regarding internet banking: will Ubuntu 12.04 keep intruders out who are attempting to log key strokes, or any other means of hacking into my account. Perhaps the answer is that Linux doesn't have open ports by default; unlike MS Windows.

I have read conflicting articles on the subject of virus attack/scanning and vulnerabilities. Could someone please offer a definitive answer/guide on this.

Comodo have a free virus scanner which purports to be for Linux, CAVL, however, some people say it is of no practical use. What really are the facts?

[Bucky Ball]

Thread moved to Security Discussions.

Better here.

[The Cog]

Ubuntu is probably vastly safer than windows for internet banking, but nothing is totally secure, so no guarantees.
Your best bet is to use an Ubuntu live CD - boot it immediately before visiting the bank web site, and don't visit anywhere else.

[buzzingrobot]

I'd bet most keyloggers are installed, unwittingly, by users who fall prey to phishing attacks, etc. The status of the ports won't make much difference in those cases.

My choice would depend on the security procedures my bank puts in place. My bank's site does not allow the browser to remember passwords (not that I would anyway). It uses a two-factor login system for routine activities like balance checking and making bill payments to established payees. If you try to take money out or change the account -- like set up a bank transfer, establish a payment to a new recipient, etc. -- then you also need to traverse another level using a temporary code generated by a card the bank sent you. Without that, the only money transfers that can be made are bill pays to the accounts I've set up.

So, I feel reasonably secure. Plus, I bookmark what I know to be the bank's URL and I only access it from one machine. I *never* access the bank's site from a machine I don't own.

As Cog suggests, booting a live image off a CD or USB is likely to be the most secure, if you can tolerate that, A USB will be much faster.

[Jonor]

I don't recall any internet bank allowing access to an account without at least some use of picking characters using the mouse pointer, so key stroke loggers should be inadequate on their own.

[maglin2]

CAVL doesn't actually work (at least not in real-time mode) on Ubuntu beyond 12.04.2 (ie beyond kernel 3.5).

[3rdalbum]

I have a question regarding internet banking: will Ubuntu 12.04 keep intruders out who are attempting to log key strokes, or any other means of hacking into my account. Perhaps the answer is that Linux doesn't have open ports by default; unlike MS Windows.

You've asked that question in a strong way. You're asking "Will Ubuntu 12.04 keep intruders out", which sounds like you're asking if it actively fights against attacks. It doesn't. No operating system does.

However, Ubuntu is designed in a secure way from top to bottom. Separation between administrator and user, better sandboxing of programs, memory layout randomization, execute permission (no executable programs you download can be run until you explicitly give them the Execute Permission), and even the repositories which make you much less likely to go trawling around the internet looking for software and inadvertently downloading trojans. There are very few vectors for attack that are open in a default install of Ubuntu. Keep your system up-to-date and those few vectors get patched.

If you previously used Windows XP... well, that operating system was a joke. Ubuntu 12.04 will be ten times more secure than Windows XP. It'll even be more secure than Windows 7 or Windows 8. Just don't go trawling across the internet for random software to download, that's how most people on Windows got their identities stolen.

I have read conflicting articles on the subject of virus attack/scanning and vulnerabilities. Could someone please offer a definitive answer/guide on this.

Comodo have a free virus scanner which purports to be for Linux, CAVL, however, some people say it is of no practical use. What really are the facts?

More people were killed by sharks in Australia last year, than were infected by Linux viruses in-the-wild worldwide last year.

Rootkits are a different story. System admins get infected by rootkits, but they are pieces of code targetted directly at a single system. Unless you're running anything of value on your computer, and have internet-facing servers running (such as Apache web server or SSH Server) you'll never have anything to fear from rootkits. You'll never see them.

If you run an anti-virus program for Linux, then you should also wear a hard hat everywhere you go. More people worldwide get killed by falling coconuts than get infected with Linux viruses. MANY more people. It's sad for the poor tourists who go home in bodybags, but lucky for Linux users because we don't have to use anti-virus.

[buzzingrobot]

If a Linux machine is on a Windows network and passes Windows files around, running a local anti-malware package will help keep Windows malware from being inadvertantly passed along in email and the like.

[fugu2]

Ubuntu is probably vastly safer than windows for internet banking, but nothing is totally secure, so no guarantees.
Your best bet is to use an Ubuntu live CD - boot it immediately before visiting the bank web site, and don't visit anywhere else.

If i can add my two cents, I'd like to make a counter-point to this. The LiveCD doesn't work well with all updates (i.e. some updates require
you to reboot, which you can't do on a LiveCD without removing the updates). If a software were to have a problem like a vulnerability, someone
would have easier access to 'breaking in' to the LiveCD then they would to a persistent OS that has all of the proper updates.

[Kirboosy]

If you want to keep on the LiveCD vein of thinking there is a distro based on Debian called TAILS - The Ammensic Incognito Live System. The whole aim of the distro is to preserve your privacy and anonymity. Its not meant to be a install and used like a regular distro but as a companion CD while you travel around. You could use it for your banking needs and then reboot back to normal Ubuntu upon completion.

3rdalbum you sir nailed it. +1 from me

~Caboose