Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Everything I need to know about safe online banking


  • Please log in to reply
22 replies to this topic

#1 The Man from Oahu

The Man from Oahu

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 04 February 2016 - 05:27 PM

Title is self-explanatory, I think.

 

As always, any help appreciated.



BC AdBot (Login to Remove)

 


#2 Al1000

Al1000

  • Global Moderator
  • 7,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:09:36 PM

Posted 04 February 2016 - 05:53 PM

How safe do you want to be?

Personally I boot my computer with a live Linux CD to log onto my bank account, but some people think that's over-the-top.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:36 PM

Posted 04 February 2016 - 09:42 PM


The user is the first and last line of defense. Unfortunately, it as been proven time and again that the user is a more substantial factor (weakest link) in security than the architecture of the operating system or installed protection software.

Security is all about layers, and not depending on any one technology or approach to detect or save you from the latest threats. The most important layer in that security defense? You! Most threats succeed because they take advantage of human weaknesses (laziness, apathy, ignorance, etc.), and less because of their sophistication.

Krebs on Security

...falling victim to data breaches that resulted from attackers exploiting employees or company vendors. Unfortunately, along with exposing millions of identities these attacks also reveal what is often the weakest link in enterprise data security the human element...

Social Engineering: Attacking the Weakest Link in the Security Chain

Humans are a weak link in cyber security, and hackers and social manipulators know this. They try to trick people into getting past security walls. They design their actions to appear harmless and legitimate.

FBI: Internet Social Networking Risks
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 sikntired

sikntired

  • Members
  • 1,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:36 PM

Posted 05 February 2016 - 09:06 AM

How safe do you want to be?

Personally I boot my computer with a live Linux CD to log onto my bank account, but some people think that's over-the-top.

Not to interlope but was curious about this. Would it be possible for you to expand on this and, to explain to those of us who are less knowledgeable, why this method is more secure as I currently have a live Linux DVD. (Linux Mint 17.2 Cinnamon 64 bit).

 

Edit: for grammar


Edited by sikntired, 05 February 2016 - 09:10 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:36 PM

Posted 05 February 2016 - 09:14 AM

Everything You Need to Know About Linux Live CDs

Why You Need to Have a Linux LiveCD

2. Banking

Such is the poor security situation in Windows that experts now commonly discourage users from conducting online banking or other sensitive transactions over a Windows PC. Once again, Linux live media can help you out here.

Use your LiveCD, DVD or USB to boot your computer into Linux when you need to do some banking, and you're effectively removing yourself from the vast ranks of the Windows-based targets most malware seeks. Instead, you can launch a browser and do your banking in comparative safety, away from most malware's prying eyes.

Then, when you're done, you can boot back into Windows again, safe in the knowledge that your money is still in your bank account.


Banking on a Live CD
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 The Man from Oahu

The Man from Oahu
  • Topic Starter

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 05 February 2016 - 10:21 AM

Thanks for replying.

 


How safe do you want to be?

Is this a trick question? :wink:

The safer the better.


Personally I boot my computer with a live Linux CD to log onto my bank account, but some people think that's over-the-top.

This is interesting but I have some questions (see below)

 

@quietman7

I use very strong passwords and KeePass to manage them (although I have a doubt: isn't the database accessible as long as it is opened?)

- AV: Avast

- Firewall: Comodo

- Keeping the OS and software (browsers, etc...) up to date

Do I need to do anything else?

 

I have read the linked articles, especially the latter.

My doubt was: a LiveCD won't have the latest versions of software but it doesn't seem to be an issue as long as I go straight to the bank site. Please correct me if I am wrong.

I thought of using a VM (much easier than reboot the system) but I see some are against this solution (what about a VM with immutable drive?)

Another question about LiveCD: are there tasks to perform each time you boot? E.g. enable the software firewall?



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:36 PM

Posted 05 February 2016 - 10:39 AM

Did you read Everything You Need to Know About Linux Live CDs?...not much I can add to that.

Since you have Windows 7 (according to your other topic), there is no need for Comodo...just use Windows built-in Firewall.You may also want to read Whats the point of having a firewall?

You may want to add an anti-exploit tool to protect against zero-day malware, drive-by downloads, exploits and Exploit Kits.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Al1000

Al1000

  • Global Moderator
  • 7,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:09:36 PM

Posted 05 February 2016 - 10:55 AM

The safer the better.


Well as the last article quietman7 posted in post #5 says:
 

An investigative series Ive been writing over the past three years about organized cyber crime gangs using malware to steal millions of dollars from small to mid-sized organizations has generated more than a few responses from business owners concerned about how best to protect themselves from this type of fraud.

I said this nearly three years ago, and it remains true: The simplest, most cost-effective answer I know of? Dont use Microsoft Windows when accessing your bank account online.

http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/


The idea with using live Linux is that using software that's a few versions old on Linux, is safer than using up-to-date software on Windows.

There are a few ways to use Linux live with persistence (see link in my signature for one way), which means that you can install updated software and save your settings.

#9 The Man from Oahu

The Man from Oahu
  • Topic Starter

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 05 February 2016 - 03:42 PM

Since you have Windows 7 (according to your other topic), there is no need for Comodo...just use Windows built-in Firewall

I find Windows firewall not very user friendly. Besides Comodo has useful features like Sandbox (although I may want to switch to a stand-alone program in the next future).

You may want to add an anti-exploit tool to protect against zero-day malware, drive-by downloads, exploits and Exploit Kits

I want to do that for sure but I need some knowledge first.

Did you read Everything You Need to Know About Linux Live CDs?

Yes I did, nonetheless I still have one question (read below)
 

There are a few ways to use Linux live with persistence (see link in my signature for one way), which means that you can install updated software and save your settings.

Although Linux is considered very safe I know that Linux malware exist out there.
If I use a LiveUSB, especially with persistence, as far as I can understand a malware could still infect the system.
So the way to go seems to be a LiveCD or LiveUSB with no persistence.
Hence the following question: I have read that one of the first things to do on a new Linux system is to enable the firewall. On a non-persistent system you'd have to do this each time. Is this correct? Or is it safe to use a persistent system after all?

I have an old PC with no hard disk, I could use it with a LiveUSB Linux (persistent or not, this depends on how you answer to my previous question) just for online banking.

#10 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,263 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:36 AM

Posted 05 February 2016 - 03:56 PM

 

If I use a LiveUSB, especially with persistence, as far as I can understand a malware could still infect the system.

Technically yes.

 

 

So the way to go seems to be a LiveCD or LiveUSB with no persistence.

Live Puppy Linux on CD with a save file also on the CD.

 

 

On a non-persistent system you'd have to do this each time. Is this correct?

That is correct.

 

This tutorial by Al 1000 is the best and safest way of doing it

Click here for a step-by-step guide to having a secure, portable Linux operating system on a CD, with Firefox browser..


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#11 The Man from Oahu

The Man from Oahu
  • Topic Starter

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 05 February 2016 - 04:21 PM

What is the plus of using a CD instead of USB drive?



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:36 PM

Posted 05 February 2016 - 04:42 PM

USB would be more portable and easy to carry around in your pocket for working with multiple machines.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,263 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:36 AM

Posted 05 February 2016 - 04:59 PM

 

USB would be more portable and easy to carry around in your pocket for working with multiple machines.

+1

 

If you were to go with a Live CD with a save file and the disk is finalized it cant be written to again, So even if by some remote chance the bad guys managed to " Hack " the PC there is no way of making the hack or malware  persistent. 

 

The down side to this method is, a CD is harder to carry around, and every now and then you must create a new CD, for example after a browser update.


Edited by NickAu, 05 February 2016 - 05:01 PM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#14 Smsec

Smsec

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 05 February 2016 - 11:32 PM

Kanguru has a line of USB drives with a physical write protect switch. So you can have the convenience of a USB with the read-only safety of a CD. https://www.kanguru.com/info/compare-defender-secure-usb-chart.shtml

 

I have a several of these and they work great. You can buy them on Amazon too.



#15 The Man from Oahu

The Man from Oahu
  • Topic Starter

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 06 February 2016 - 01:06 PM

USB would be more portable and easy to carry around in your pocket for working with multiple machines.

 
 

If you were to go with a Live CD with a save file and the disk is finalized it cant be written to again, So even if by some remote chance the bad guys managed to " Hack " the PC there is no way of making the hack or malware  persistent. 
 
The down side to this method is, a CD is harder to carry around, and every now and then you must create a new CD, for example after a browser update.


Let me rephrase my question: why did AI1000 use a CD for that tutorial?
I am not familiar with these "save file" and "open CD" things.
Is it like CD is safer because nothing is written on it unless I explicitly allow so, USB can be written on without my knowledge?
Problem is that the PC I want to use (the old one) doesn't have any CD/DVD drive. What about a LiveUSB with no persistence? If I go straight to the bank website I should be safe, shouldn't I? The downside is I would have to enable the firewall each time. 
 

Kanguru has a line of USB drives with a physical write protect switch. So you can have the convenience of a USB with the read-only safety of a CD. https://www.kanguru.com/info/compare-defender-secure-usb-chart.shtml
 
I have a several of these and they work great. You can buy them on Amazon too.

Thanks. They are a little pricey though. Let's see if I can use a regular USB drive first ;)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users