Results 1 to 7 of 7

Thread: Secure habits for on-line banking?

  1. #1
    Join Date
    Jan 2008
    Location
    Spain
    Beans
    1,185
    Distro
    Ubuntu

    Secure habits for on-line banking?

    Hi, I'm worried about a friend: He was recently 'converted' to linux by me, and he's quite happy now.

    But he does a lot of on-line banking. Someone hacking his pswds would be a big problem.
    As a previous M$W user, he asked about viruses and exploits. I told him that viruses are not an issue in linux. As for other malware, I figured out that the weaker point could be something sneakely installed in the browser, so I suggested him to use a browser (epiphany for example) only for banking, and another one for general-purpose surfing (firefox).

    Was it a wise piece of advice?
    Any other hints?

    I would be grateful if someone adept at security could enlighten me.
    What's even more important than free software? - OPEN FORMATS.

  2. #2
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Secure habits for on-line banking?

    Well, using two different browsers isn't a bad idea... however I reckon firefox with noscript addon as pretty save...

    (but then I don't worry much about online banking anyway...)

  3. #3
    Join Date
    Jun 2007
    Location
    New York
    Beans
    147
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: Secure habits for on-line banking?

    I do not bank online, but I imagine if you did it from the live cd it would be very safe if banking was the first thing he/she did when online. Using a different browser may be a good idea, but if keyloggers stealing information is the concern, most of them are not embedded in any particular browser. Deleting all private data in firefox prior to banking would probably accomplish the same thing. Oh, and the noscript thing.

  4. #4
    Join Date
    Dec 2005
    Location
    USA
    Beans
    886
    Distro
    Ubuntu

    Re: Secure habits for on-line banking?

    I do all my banking online if possible. At some point you have to do a risk assessment and figure out where your risks are. For most people the risk is more likely to be a phishing attack, and this will happen regardless of operating system.

    My advice? Don't worry as much about malware/viruses and focus on ensuring that the website he goes to is correct. Type it in once and then use a bookmark to ensure he always gets to the correct page.

    Resorting to rebooting and using a live cd just to check your finances is, in my opinion, being a little too paranoid. Besides, that vector still does not prevent any type of phishing attack. What happens when, without using a bookmark, he types in the wrong site? All that "security" did nothing to prevent someone from stealing his credentials.

    Sincerely,
    Richard
    I use both Windows and Linux. Is that a crime? || Ubuntu User # 16597

  5. #5
    Join Date
    Feb 2006
    Beans
    457

    Re: Secure habits for on-line banking?

    Running from bookmarks is a first rate idea, my banks states that they will never contact me by email so that helps to cut down on the social engineering type of breaches. When banking I am warned not to use the Back or Forward buttons on the browser rather I should use the on screen icons produced by the bank's banking application within the browser. I also use a one time hardware device / token provided by my bank that will generate a code number allowing me to access my account, with all of the precautions in place I feel safe trusting on-line banking. As for key loggers and other physical intrusions that could take place are ruled out as I only use one of my home machines for communicating with my bank.

    PS I also look at my accounts once every couple of days to see if any untoward or unexpected transactions have been posted to them.
    Last edited by tubbygweilo; June 19th, 2008 at 02:28 PM.

  6. #6
    Join Date
    Jun 2007
    Location
    New York
    Beans
    147
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Angry Re: Secure habits for on-line banking?

    What happens when, without using a bookmark, he types in the wrong site
    My bad, I was assuming that the person was not a blithering idiot.

    Resorting to rebooting and using a live cd just to check your finances is, in my opinion, being a little too paranoid.
    Absolutely agree. It was just a suggestion regarding the safest way to do online banking,

  7. #7
    Join Date
    Jan 2008
    Location
    Spain
    Beans
    1,185
    Distro
    Ubuntu

    Re: Secure habits for on-line banking?

    Everybody here: Thank you for your posts. Both your suggestions and to know what does other people do, have been very interesting to me.
    The collected ideas will be useful to my friend and of course to me too.
    Greetings
    What's even more important than free software? - OPEN FORMATS.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •