On-Line Banking - LiveCD

Discussion in 'other security issues & news' started by TerryWood, Oct 8, 2010.

Thread Status:
Not open for further replies.
  1. TerryWood

    TerryWood Registered Member

    Jan 14, 2006
    Hi all

    IUam currently using Chrome 6 with SafeOnline on Windows 7 as my primary security for On-Line Banking. Clearly I have also other standard forms of defence such as A/V and Comodo IS.

    I have been reading on various wensites including comment from Brian Krebs (security guy) that the safest way to bank on-line is to use a Linux LiveCD.

    I would like to ask Wilders forum members for their views.

    Is a Live CD the best way to tackle On-line security when banking?

    How does a liveCD compare with my set up ie Chrome 6 and safeonline?

    Similarly wth Sandboxie "belt & braces" nothing allowed to run except the browser?

    If LiveCD is the way to go which LiveCD distro is suggested, for both ease of use Automatically detects network connections etc and up and running straight away once booted up?

    Thanks for your help

  2. dr pan k

    dr pan k Registered Member

    Nov 22, 2007
    i used some live cds in the past, and just about anyone will do. the concept is simple, u boot, log in to y bank and do all your transactions with a virgin system. all live cds nowdays come with just about all u need preinstalled, and all the major distros are easy to use. u can try ubuntu, fedora, suse...

    compared to a standard security setup, the live cd has several advantages, and being a linux based os has almost zero chances of getting infected during the procedure. 99.9% of all malware are written for windows, very few for linux...
  3. Kerodo

    Kerodo Registered Member

    Oct 5, 2004
    I think using a linux live cd is overkill, but if you're that worried about things, then that's the way to go. With the live cd you won't need to worry about keyloggers or malware running etc. Ubuntu should do the trick nicely...
  4. gdvbel

    gdvbel Registered Member

    Jan 28, 2007
    Reason to use a live cd :
    If you do your online banking with an ethernet cable, and your
    router has not been compromised on beforehand, and you go
    straight to your bank site with the live cd, it's almost impossible
    to get infected, unless your bank website distributes malware
    that can maintain itself in a user-environment under linux.

    Criteria are :
    must have a firewall
    logged in as a user, not administrator (is called "root" in linux)
    easy to put on a usb-stick from within Windows for asus eee pc (unetbootin version 248 )
    fast boot,
    distributions must have large user base, with helpful forum
    able at recognizing a lot of hardware,
    starting with a minimum of user input (If these cd's start, you always point to the upper options with
    your mouse, and push Enter, or you let the cd start by itself : it will always be in a live session)
    You must know English, as there are not many completely localized distro's that offer the same quality.
    If you use a different keyboard layout than the standard one of the united states, you may want to learn the following command in the terminal first :
    setxkbmap + the two letters of your countrycode
    setxkbmap de will give you a german keyboard
    setxkbmap fr will give you a french keyboard
    setxkbmap ch -model 105 -variant fr will give you the french keyboard of Switzerland
    You can do things the GUI way as in windows, but sometimes typing these
    commands in a terminal will get you quicker to your goal
    For security reasons, you never do your banking wireless, always with ethernet cable

    If you need SUN JAVA for your banking sessions, then there's only a limited choice

    linuxmint-9-xfce-cd-i386.iso based on ubuntu 10.04 with long term support (3 min boot time)
    Sun java :
    System -> Internet -> Sun java webstart
    (click CLOSE and OK)
    The firewall is already activated at boot !
    In a terminal window,this will make you root : sudo su
    root password is : root

    pclinuxos-2009.1.iso cd (4 min boot time)
    You have to activate the firewall yourself (System configuration - configure your computer - type password : root - click left on "Security", set up firewall, remove all the marks before the entries, and click 3 times OK.
    Then you can safely surf the web with firefox
    Sun java :
    System -> Sun java -> Sun java webstart (click Close, and OK)
    You log in as guest, with password guest
    In a terminal to become root, type
    password is root
    Pclinuxos is slightly better at hardware recognition than linux mint
    You can put it on a usb-stick with the program "make live usb" from the live cd

    The following two start with the firewall already enabled BUT they don't have Sun Java; both are unofficial forks of Ubuntu ;
    Lubuntu aims at becoming an official fork, and is based on ubuntu 10.04, which has long term support (3 years) ,

    2 min boot time
    Browser is Google Chrome
    To become root : sudo su
    root password is root, if you need it for certain settings

    Zenix is the initiative of a buddhist, and the live cd is made with security in mind (firewall at boot, app armor),
    based on ubuntu 9.10
    3 min boot time
    firefox noscript
    In a terminal to become root : sudo su
    root password : there is none, you just have to push the ENTER KEY

    Now if you're pretty paranoid you can get the official ubuntu cd's :
    for a live cd, you will have to download the "desktop edition",
    but they don't offer the same possibilities as those above;

    To see if the firewall is already enabled in the ubuntu ones, you type in the
    terminal :
    sudo ufw enable

    If it has been enabled, you'll see it in the output.
    If not , continue with :
    sudo ufw default deny
    sudo ufw logging off
    Close the terminal , and you can surf safely.
    (this does not work in pclinuxos)

    If you want to be sure that no hard drives are mounted,
    type in a terminal :
    umount -a
    Last edited: Oct 18, 2010
Thread Status:
Not open for further replies.