Best Online Banking set-up with the Security Programs I have

Discussion in 'sandboxing & virtualization' started by AMD, Jul 28, 2013.

Thread Status:
Not open for further replies.
  1. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Hi, I am looking to set-up my PC so that I have a decent level of security when logging on and using my online bank account.

    From the programs I have installed, I am generally just using Sandboxie when doing online banking but I also have Comodo Virtual Kiosk and Shadow Defender installed too. One or more configurations may be safer. I do sometimes use SBIE in Shadow Defender but this is a pain as I am then in Shadow mode until I reboot.

    Any guidance for a simple configuration would be most helpful.

    Thanks

    Andy
     
  2. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I'd just use SBIE and with a seperate browser or seperate profile for your main browser. I wouldn't use any add ons apart from maybe NoScript if you're using Firefox. I'd also have SBIE configured with rights dropped and not allowing anything to run apart from your browser.
     
  3. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I store all my passwords in Keepass 2X and I use Firefox browser with the keefox plugin and for online Banking I use Sandboxie
     
  4. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    For me it's also KeePass and separate browser (only for online banking) with IP restriction set in LnS.
    Additionally of course in realtime is DefenseWall.
     
  5. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    wouldn't just a random Linux Live CD be better than all of those?

    and then maybe KeePass or some other password program from a USB key.
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Something to really keep in mind. You can have the perfect setup, but if the bank site itself is comprised it may all be for nought. You have to be alert.

    Pete
     
  7. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Either that or BitDefender's new Safepay browser for online banking and shopping activities. :thumb:
     
  8. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    703
    Hi

    I would be interested in knowing how BitDefender Safepay stacks up against Trusteer Rapport in terms of security.

    Trusteer has the advantage of being backed by the banks. Not only that but the banks in the UK are strongly pushing the TR software AND providing it free. So is Safepay a viable and less problematic solution?

    Terry
     
  9. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    Agreed.

    I like this thread and I am very close to what Merisi describes. I really like a separate instance of FF & SBIE. My addition and to address Peter2150 is Cert Patrol. I have found it will look for a match in site cert fingerprints taking out the MITM. Such an attack is a major risk for banking and this handles it well. My bank along with many employ pretty little site pic's to confirm its their site, but I don't trust that as much as an exact fingerpint match.

    Now if the bad guys actually get inside the server of the bank they have Admin and you can't control that.
     
  10. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Actually you can mitigate that with technologies like NoScript and EMET (Certificate Trust Pinning). If they have full access to the datacenter (not what happens in most compromises), then it'll be for nought.
     
  11. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    Hi AMD,

    Your security is only as good as the bank's security features that keep you safe.

    The #1 feature is to use two-step authentication login. Query your bank to see if it has this feature, and if so, use it.

    If not, then recommend to them to make it happen to protect your security or else you will take your banking business elsewhere that is more security conscious.

    -- Tom
     
  12. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    My thought is that if you use some type of browser virtualization (SBIE for instance), start with a empty (cleared) profile and then do your financial/personal surfing in its own session. Then exit before doing general stuff. Being virtualized doesn't mean that you can't be infected, tracked, etc. It just means the host isn't. Starting clean isolates you from anything general surfing could bring in.

    I also like the idea of booting from a Linux build and only banking from it...
     
  13. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Write the kiosk Webconverger to a USB flash drive - its a version of Firefox browser than runs in kiosk mode with no insecure extensions, flash or java to compromise Internet security.

    And its a portable security browsing solution! :thumb:
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Just use a dedicated browser for banking only. Nothing else. Disable all extensions/plugins, disable javascripting allowing bank's site as exception, and even go so far as to restrict it to the bank's IP address range only. Done deal ;) Booting into linux environment or other visualization is unnecessary.
     
  15. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Many thanks for your suggestions much appreciated.
     
  16. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    also, i don't have enough money to worry about it but if i did.... say i had $100k total funds, i would make sure that i had a separate acct that stayed offline/no web access (savings acct, Cert of deposits, etc) with most of my money, and then had another acct that was limited to maybe $5k or less for everyday transactions.
     
Loading...
Thread Status:
Not open for further replies.