Live CDs for online banking

[moontan]

apparently, Live CDs are the best way to fight malwares when surfing the net.
which comes handy for online banking.


i tried a few ones:

Webconverger.
very easy to operate. it is made specially for kiosks.
you boot from the live CD and it opens a web browser automatically.
unfortunately, a web browser is all it has.
you can't save documents to a flash drive.
getting the printer to work was too complicated.
the only thing you can do with it is surf the net.

Privatix Live:
i likes the concept of this:
you burn the live CD, boot with it and it supposedly is able to create a bootable USB Flash drive.
i could not get it to create my bootable flash drive as it told me my Flash drive was too small or some damn thing.
in the end it took both my 8 GB flash drives and transformed them into 37 MB flash drives.
needless to say, i was not amused...
there probably are ways to make this work but it's too complicated for a noob like me.

Parted Magic:
it boots fast and work well.
it is a distro that specialized in partitioning.
which came handy in unfu**ing the flash drives that Privatix fu**ed up.

next one i might try is Puppy Linux.

please share your experience with Live CD for online banking if you have any to share.

[Boost]

Only one I've ever tried was Puppy Linux.

Didnt use it for very long,but it worked for me.

[aigle]

Why not use a full distro like Ubuntu?
PartedMagic id however fast to boot.

BTW I am still unsure about this idea of online banking from boot CD. Wil a boot CD prevent you from attacks like phishing, farming, spoofing etc? Probably not I guess. Also the browser in live CD might not be updated and may have un-fixed vulnerabilities. What about all these issues?

The only benefit of a live CD is a surely clean system with no malware/ keylogger etc.

I am interested to know what solution other people use who deal with online banking, credit cards etc.

[moontan]

as long as you ONLY surf to your bank using a Live CD, chances of Man In The Middle attack are reduced to 0.
and as long as you make sure you have a SSL transaction (HTTPS) phishing and other attacks should be almost nil.

as long as you use a non-rewriteable CD/DVD nothing can be written to the OS.
that is as long as a virus doesn't "mount" one of your drive which is close to impossible if you only surf to your bank.
and having a version a version of Firefox that is not the newest version from a Live CD is better that using an OS that might be compromised.
Apparently there is no tool that can certify 100% that a computer hasn't been compromised.
the only sure way is using a Live CD.

banks here only use a username et password as security measures.
my bank apparently offers full guarantee that my money will be reimbursed if it was stolen via the Internet but i'd rather not go through the inconvenience.

keep in mind i'm not an expert on this matter.
but i've read extensively on the subject for the past few days.

[tobacco]

I agree - it vastly reduces the risk. However, with cloud technology widely available now, i would like to see a LCD include the likes of SafeOnline to prevent the phishing, etc attacks.

[Barthez]

If you're looking for simple , stable and polished linux distro, then i would suggest PCLinuxOS (info to DistroWatch.com, you can find links to homepage, reviews, or screens there). It comes on LiveCD and you can also install from it if you feel so. Old version of browsers or plugins are not issue since, you can update components using packet manager (Synaptic in PCLOS). From what i remember, after installing PCLOS you can make portable USB version of it.

Motto behind PCLinuxOS is "Radically Simple" which explains a lot. It is aimed to be simple, effective and stable. It's not pure online banking linux, but i think you would be satisfied.

P.S
You mind find program called UNetbootin interesting (if you don't know it already). It allows to make LiveUSB out of LiveCDs. More at http://unetbootin.sourceforge.net/

HTH

[m00nbl00d]

Quote:

Originally Posted by aigle

Why not use a full distro like Ubuntu?
PartedMagic id however fast to boot.

BTW I am still unsure about this idea of online banking from boot CD. Wil a boot CD prevent you from attacks like phishing, farming, spoofing etc? Probably not I guess. Also the browser in live CD might not be updated and may have un-fixed vulnerabilities. What about all these issues?

The only benefit of a live CD is a surely clean system with no malware/ keylogger etc.

I am interested to know what solution other people use who deal with online banking, credit cards etc.

Kees started this thread, which is very explanatory and with well implemented security measures: http://www.wilderssecurity.com/showthread.php?t=279624

[Searching_ _ _]

Quote:

Originally Posted by aigle

I am interested to know what solution other people use who deal with online banking, credit cards etc.

U.S. Banks are federally insured, if there is any fraudulent activity they are required to replace any missing funds.
Visa and Mastercard have TOS with banks that if fraud is involved any missing money gets replaced.

That's why I some times wonder, why some people have too much worries about it? :/
do they have something like millions to lose, which banks may not cover.

I agree, Live CD is great. But isn't it a bit pushing limits too much?
Online banking meant to speed up banking, but turning off pc, putting Live CD, waiting for it to load and then go on banking?
Anyway, if you are really concerned, in my opinion dual booting some Linux distro (just don't go on and install all rubish into it) is equally safe but faster and more convinient to Live CDs

[CloneRanger]

Instead of a live CD, why not Returnil etc ?

[moontan]

Quote:

Originally Posted by Jav

That's why I some times wonder, why some people have too much worries about it? :/
do they have something like millions to lose, which banks may not cover.

I agree, Live CD is great. But isn't it a bit pushing limits too much?
Online banking meant to speed up banking, but turning off pc, putting Live CD, waiting for it to load and then go on banking?
Anyway, if you are really concerned, in my opinion dual booting some Linux distro (just don't go on and install all rubish into it) is equally safe but faster and more convinient to Live CDs

maybe you're right.
maybe i'm just too paranoid.

isn't it what this place (Wilders) is all about though?
i mean, i often surf the dark corners of the Internet and since i installed Geswall a month ago it still list the numbers of attacks at 0.
is it possible we're just all a little bit too paranoid around here?

[Boost]

Quote:

Originally Posted by CloneRanger

Instead of a live CD, why not Returnil etc ?

This^

All I've ever done is reboot,"flush everything down the toilet",and I do all my banking,buying etc etc.

I did this with Returnil,Shadow Defender and now Deep Freeze
Never an issue!

[Kees1958]

Anyone tried Cameyo free with Opera or Iron for instance as a secure browser? see http://www.wilderssecurity.com/showthread.php?t=280894

Regards Kees

[aigle]

Quote:

Originally Posted by Searching_ _ _

U.S. Banks are federally insured, if there is any fraudulent activity they are required to replace any missing funds.
Visa and Mastercard have TOS with banks that if fraud is involved any missing money gets replaced.

My bank sends me a one time-usable code via SMS each time i try to login. I can,t login without using it( This is in addition to my user name and password). So if some one even knows my user name and password, he can,t login unless he has physical access to my cell phone.

[gdvbel]

As some of the newest and most sophisticated malware
sometimes isn't discovered, I prefer not to take any
risks, and do my online banking with a linux live-cd.

I have made an overview based on different criteria :

-the cd has to support a big variety of hardware
-must offer a choice of different keyboard layouts.
Or the ability to open a terminal, and type
setxkbmap + country-code to have your keyboard layout
-must have a familiar web browser. Most of them work with firefox or iceweasel (a
linux fork of firefox).

Provided you only go to your online banking website, and you use
an ethernet cable, this is secure,
unless you use wireless, and your router is compromised

If you need sun java, then these are the following options :

pclinuxos-2009.1.iso cd (based on mandriva) (4 min boot time)
http://ftp.riken.jp/Linux/pclinuxos/...xos-2009.1.iso

linuxmint-9-xfce-cd-i386.iso (based on ubuntu , 3 min boot time)
http://ftp.riken.jp/Linux/linuxmint/...ce-cd-i386.iso
http://mira.sunsite.utk.edu/linuxmin...ce-cd-i386.iso

linuxmint-debian-201009-gnome-dvd-i386.iso (dvd based on debian, 3 min boot time)
http://ftp5.gwdg.de/pub/linux/debian...e-dvd-i386.iso
Other download mirrors : http://www.linuxmint.com/edition.php?id=66

Sam linux, (based on pclinuxos), downloadable here :
ftp://ftp.heanet.ie/pub/SAMlinux/iso/SAM2009.iso
ftp://sam.mirror.garr.it/mirrors/sam/iso/SAM2009.iso

If you don't need sun java, then these are equally good :

Linux Peppermint one (2 min boot time), based on ubuntu
http://peppermintos.com/download/
http://peppermintos.info/dl3/Pepperm...e-08042010.iso (versie van 4 augustus 2010)
http://peppermintos.info/dl3/Pepperm...e-06172010.iso (versie van 17 juni 2010)
If you prefer google chrome , there is peppermint-ice

pclinuxos 2010, openbox edition, (based on mandriva) (2'20" boot time)
http://ftp.nluug.nl/ibiblio/distribu...ox-2010-07.iso
http://distro.ibiblio.org/pub/linux/...glish/preview/

Pclinuxos can easily be put on a usb stick for online banking with an asus eee pc

For older pc's there is puppy linux 4.3.1 (newer versions did not work on this laptop)
which works on a toshiba satellite 1800-624 with 1 gb celeron, and 512 mb ram, and an ethernet pcmcia card.
You'll have to know your resolution, though, and set up internet connection
via a wizard. Not quite as user-friendly as all the other distro's.
http://distro.ibiblio.org/pub/linux/...x/puppy-4.3.1/

[korben]

I started my adventure with online banking with PCLOS LIVEcd, but dropped the idea after a few weeks as it was just too much hussle.[see post #9]

I regained peace of mind with VBox + Mint.

[Pedro]

Quote:

Originally Posted by moontan

Privatix Live:

I wouldn't use TOR to go banking.

Quote:

easy to use live-cd for anonymous internet surfing with Tor

http://www.mandalka.name/privatix/faq.html.en

Quote:

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

http://www.torproject.org/

Quote:

Tor anonymizes the origin of your traffic, and it encrypts everything between you and the Tor network and everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication.

http://www.torproject.org/download.html.en#Warning

It just may be the same in the end, since you'll be using HTTPS, but anonymity isn't the problem anymore, and at best you're just using a slower connection.
And i don't believe you solve the man in the middle problem with a live cd. Your connection is still the same.

Try the Ubuntu live cd like aigle suggests.

[drkoopz]

I've done all my online banking on my Window's PCs with just simply an antivirus and have never had a security issue. The need for an entire operating system on a CD so you can check your accounts and do transfers is baffling. I understand if you're using another PC, maybe a friend's to do banking however the need for that should be so slim that carrying around a CD would look stupid. That's what a smart phone is for.

Anyway you should use an Ubuntu live disc because it's easy to use and Ubuntu is a solid Linux OS

[Victek123]

Quote:

Originally Posted by moontan

maybe you're right.
maybe i'm just too paranoid.

isn't it what this place (Wilders) is all about though?

Yes, Wilders should adopt that bumper sticker as its' motto:

"Just because I'm paranoid doesn't mean they're not out to get me"

But back to your question....A simpler, more convenient solution would be to create a Windows Limited User account just for Online Banking. This would be especially helpful if you normally use an Admin account. Then pile on the layers, such as Prevx SafeOnline, OpenDNS (or some other enhanced DNS service) with strict filtering enable, fully updated browser of choice, LastPass for login credentials (don't let the browser save the passwords), firewall, AV, etc. You could also raise the security setting for the Internet Zone to HIGH and add your bank to the Trusted Zone with HTTPS required.

My bank offers email notification for transactions. That way I'm immediately notified of activity on my accounts and makes it obvious if something I didn't initiate is happening.