On-Line Banking - LiveCD

Hi all

IUam currently using Chrome 6 with SafeOnline on Windows 7 as my primary security for On-Line Banking. Clearly I have also other standard forms of defence such as A/V and Comodo IS.

I have been reading on various wensites including comment from Brian Krebs (security guy) that the safest way to bank on-line is to use a Linux LiveCD.

I would like to ask Wilders forum members for their views.

Is a Live CD the best way to tackle On-line security when banking?

How does a liveCD compare with my set up ie Chrome 6 and safeonline?

Similarly wth Sandboxie "belt & braces" nothing allowed to run except the browser?

If LiveCD is the way to go which LiveCD distro is suggested, for both ease of use Automatically detects network connections etc and up and running straight away once booted up?


Thanks for your help

Terry

 

i used some live cds in the past, and just about anyone will do. the concept is simple, u boot, log in to y bank and do all your transactions with a virgin system. all live cds nowdays come with just about all u need preinstalled, and all the major distros are easy to use. u can try ubuntu, fedora, suse...

compared to a standard security setup, the live cd has several advantages, and being a linux based os has almost zero chances of getting infected during the procedure. 99.9% of all malware are written for windows, very few for linux...

 

I think using a linux live cd is overkill, but if you're that worried about things, then that's the way to go. With the live cd you won't need to worry about keyloggers or malware running etc. Ubuntu should do the trick nicely...

 

Reason to use a live cd :
If you do your online banking with an ethernet cable, and your
router has not been compromised on beforehand, and you go
straight to your bank site with the live cd, it's almost impossible
to get infected, unless your bank website distributes malware
that can maintain itself in a user-environment under linux.

Criteria are :
must have a firewall
logged in as a user, not administrator (is called "root" in linux)
easy to put on a usb-stick from within Windows for asus eee pc (unetbootin version 248 )
fast boot,
distributions must have large user base, with helpful forum
able at recognizing a lot of hardware,
starting with a minimum of user input (If these cd's start, you always point to the upper options with
your mouse, and push Enter, or you let the cd start by itself : it will always be in a live session)
You must know English, as there are not many completely localized distro's that offer the same quality.
If you use a different keyboard layout than the standard one of the united states, you may want to learn the following command in the terminal first :
setxkbmap + the two letters of your countrycode
setxkbmap de will give you a german keyboard
setxkbmap fr will give you a french keyboard
setxkbmap ch -model 105 -variant fr will give you the french keyboard of Switzerland
You can do things the GUI way as in windows, but sometimes typing these
commands in a terminal will get you quicker to your goal
For security reasons, you never do your banking wireless, always with ethernet cable


If you need SUN JAVA for your banking sessions, then there's only a limited choice


linuxmint-9-xfce-cd-i386.iso based on ubuntu 10.04 with long term support (3 min boot time)
http://ftp.riken.jp/Linux/linuxmint/stable/9/
http://ftp.riken.jp/Linux/linuxmint/stable/9/linuxmint-9-xfce-cd-i386.iso
http://mira.sunsite.utk.edu/linuxmint/stable/9/linuxmint-9-xfce-cd-i386.iso
Firefox
Sun java :
System -> Internet -> Sun java webstart
(click CLOSE and OK)
The firewall is already activated at boot !
In a terminal window,this will make you root : sudo su
root password is : root


pclinuxos-2009.1.iso cd (4 min boot time)
http://ftp.riken.jp/Linux/pclinuxos/live-cd/english/preview/pclinuxos-2009.1.iso
You have to activate the firewall yourself (System configuration - configure your computer - type password : root - click left on "Security", set up firewall, remove all the marks before the entries, and click 3 times OK.
Then you can safely surf the web with firefox
Sun java :
System -> Sun java -> Sun java webstart (click Close, and OK)
You log in as guest, with password guest
In a terminal to become root, type
su
password is root
Pclinuxos is slightly better at hardware recognition than linux mint
You can put it on a usb-stick with the program "make live usb" from the live cd

The following two start with the firewall already enabled BUT they don't have Sun Java; both are unofficial forks of Ubuntu ;
Lubuntu aims at becoming an official fork, and is based on ubuntu 10.04, which has long term support (3 years) ,

http://lubuntu.net/blog/lubuntu-1004-now-available-download
http://people.ubuntu.com/~gilir/lubuntu-10.04.iso
2 min boot time
Browser is Google Chrome
To become root : sudo su
root password is root, if you need it for certain settings

Zenix is the initiative of a buddhist, and the live cd is made with security in mind (firewall at boot, app armor),
based on ubuntu 9.10
3 min boot time
http://zenix-os.net/
http://bodhizazen.fivebean.net/Zenix-9.10-i386.iso
http://serial-coder.co.uk/downloads/Zenix-9.10-i386.iso
firefox noscript
In a terminal to become root : sudo su
root password : there is none, you just have to push the ENTER KEY

Now if you're pretty paranoid you can get the official ubuntu cd's :
for a live cd, you will have to download the "desktop edition",
but they don't offer the same possibilities as those above;

To see if the firewall is already enabled in the ubuntu ones, you type in the
terminal :
sudo ufw enable

If it has been enabled, you'll see it in the output.
If not , continue with :
sudo ufw default deny
and
sudo ufw logging off
Close the terminal , and you can surf safely.
(this does not work in pclinuxos)

If you want to be sure that no hard drives are mounted,
type in a terminal :
umount -a