PDA

View Full Version : Secure Online Banking



neu5eeCh
June 16th, 2011, 04:01 PM
Partly just to learn how to do it, but also to actually use it. Found the following article:

http://linuxconfig.org/secure-online-banking-with-linux-usb-live (http://linuxconfig.org/secure-online-banking-with-linux-usb-liveha)

Does anyone here use a live USB key for online banking? Seems the two most essential features are non-persistence and encryption (in case the USB key is lost). From what I can gather, the method above allows one to customize the browser by building in add-ons like flash?

Edit: Corrected link. I blame the missing piece on Ubuntu and touchpads. I have accidentally deleted any number of notes, posts and lines because of the touchpad's hyper-sensitivity in Ubuntu/Linux. My thumb will brush the touchpad, a menu will pop up, all while I'm typing a word, and in the blink of an eye I've closed two or three tabs, launched an ICBM, and contacted an alien civilization.

coffeecat
June 16th, 2011, 04:42 PM
So secure that I get...



404: Not Found

1.1.1.1. Sorry, but the content you requested could not be found

:(

I suspect the end of your URL has been chopped off. Could you check the link address please? I would be interested to read it.

neu5eeCh
June 16th, 2011, 04:48 PM
So secure that I get...



:(

I suspect the end of your URL has been chopped off. Could you check the link address please? I would be interested to read it.

Done.

LowSky
June 16th, 2011, 04:51 PM
here's the link: http://linuxconfig.org/secure-online-banking-with-linux-usb-live

Anyone else think this is taking online security too far?
It's would be like walking into a bank with your own mini safe.

Its easier to set your browser to not save cookies or passwords. use a password containing Numbers, letters, and symbols, and making sure your bank uses a secure connection.

neu5eeCh
June 16th, 2011, 05:14 PM
here's the link: http://linuxconfig.org/secure-online-banking-with-linux-usb-live

Anyone else think this is taking online security too far?
It's would be like walking into a bank with your own mini safe.

Its easier to set your browser to not save cookies or passwords. use a password containing Numbers, letters, and symbols, and making sure your bank uses a secure connection.

For the individual, it probably is taking security too far. Besides that, individuals are protected from banking fraud in a way that businesses and corporations are not. Check out the latest here (http://krebsonsecurity.com/2011/06/fbi-investigating-cyber-theft-of-139000-from-pittsford-ny/). However, I thought it would be an interesting process to try - essentially making ones own specialized Live USB.

Also, I don't think the Zeus Trojan can infect a Linux PC - a Windows only Trojan. I don't know about key-loggers and other malware, but even knowledgeable Linux experts recommend LiveCDs or non-persistent USBs for hard-baked security.

Businesses and corporations, on the other hand, should be using something like Iron Key USBs (https://www.ironkey.com/) (linux-based live USBs apparently) and yesterday.

timZZ
June 16th, 2011, 05:33 PM
You know ... it is funny how people say "You are paranoid" until something happens to them. If you had a lot to lose then yes I would say this is reasonable ... You like your money, don't you?

DZ*
June 16th, 2011, 06:25 PM
Does anyone here use a live USB key for online banking? Seems the two most essential features are non-persistence and encryption (in case the USB key is lost)

It seems that article suggests banking from live USB as an option for someone who doesn't normally use linux.

I think a "regular" install on a USB stick (with an added encrypted non-admin account dedicated to banking) is a better option. This way the system can be kept fully updated. After all, a non-persistent install can still get malware during one session ("non-persistence" only exists between reboots).

I have a 16Gb stick that I've been upgrading since Intrepid (running Natty now). It boots fine from all kinds of PCs.

neu5eeCh
June 16th, 2011, 06:39 PM
It seems that article suggests banking from live USB as an option for someone who doesn't normally use linux.

I think a "regular" install on a USB stick (with an added encrypted non-admin account dedicated to banking) is a better option.

Good points. It didn't occur to me that one could encrypt a specific account. As to your point concerning non-persistence, I'm guessing the odds of becoming infected in one session, with Linux, are vanishingly small. There are possibly a handful of places, in the world, offering that kind of "danger". Vermont isn't one of them. ;)

DZ*
June 16th, 2011, 06:45 PM
You know ... it is funny how people say "You are paranoid" until something happens to them. If you had a lot to lose then yes I would say this is reasonable ... You like your money, don't you?

Paranoia involves anxiety over something. I wouldn't go on the internet from Windows. Who knows what lives inside the Windows? :p I'm too lazy to go all the way out to some site and buy stuff like antivirus. However, I neither think nor care about it. So, no paranoia, just common sense and laziness.

DZ*
June 16th, 2011, 06:50 PM
Good points. It didn't occur to me that one could encrypt a specific account. As to your point concerning non-persistence, I'm guessing the odds of becoming infected in one session, with Linux, are vanishingly small. There are possibly a handful of places, in the world, offering that kind of "danger". Vermont isn't one of them. ;)

LOL


sudo adduser --encrypt-home vtpoet

SoFl W
June 16th, 2011, 06:58 PM
I blame the missing piece on Ubuntu and touchpads. I have accidentally deleted any number of notes, posts and lines because of the touchpad's hyper-sensitivity in Ubuntu/Linux. My thumb will brush the touchpad, a menu will pop up, all while I'm typing a word, and in the blink of an eye

I would have the same problem, I have closed things, changed paragraphs around, deleted stuff I wanted to save and sent out pictures of my crotch to Congressman Weiner's facebook friends. I am not on my laptop now but I believe you can turn the touchpad mouse click off in mouse settings.

as2000
June 16th, 2011, 08:31 PM
Working at bank I see fraud all the time. But it is usually from being sloppy in the way a person handle thier own security. For instance, writing passwords down, leaving statements in the open or in the garbage. Social networking is also a huge issue. In general, it is usually the individual just being careless or unattentive to personal information.

fatality_uk
June 18th, 2011, 12:44 PM
There is no such thing s secure online banking!