Slashdot Mirror
LiveCD for Secure Web Browsing?
An anonymous reader asks: "Say you want to do your online Internet banking on your home PC, with a bank that lets you send actual money to complete strangers online, and you want to be really, really sure that some hacker isn't stealing your password or your money or both. You don't fully trust Windows, despite your best efforts to keep it secure, and you know that no OS installed on a hard disk is guaranteed secure or immune to root-kits and the like. You know enough about computer security to know that you are always just one careless mouse click or one security hole away from being screwed. You've read the advice from your bank, which says 'turn up' your security settings (whatever that means), and don't click on 'unknown' links (ever). So what you really need is a bootable CD with software so simple and stripped down that it lets you browse the web and nothing else. The nearest I can think of is one of the Linux mini-LiveCD's with Mozilla or some other browser included, such as Damn Small Linux, or ByzantineOS. Such a system shouldn't even know how to speak to your hard drives. Do Slashdot readers know of anything like this?"
Just using Knoppix/DSL should be enough, you don't have to worry about the CD being able to access the harddrive. Just use a base Mozilla with no extensions or whatever, and type in your bank's URL manually and don't do anything else. That should make you 99.99999% safe, excepting the .00001% chance God and Jesus hate you and are conspiring to ruin your life. Good luck.
I hate grammar Nazi's.
Knoppix with Mozilla ought to be fine for the software end of things, but the hardware could be compromised too. Someone could have a hardware keylogger such as the KeyKatcher . Building your own computer from scratch is the only way to really be sure. And by "from scratch" I mean from the raw ore.
This post written under Gentoo-linux with an SCO IP license.
Just run an old version of BeOS!
No one writes Malware for BeOS!
Wow, that's paranoid. What kind of transactions are you planning? Transfer of $28,000,000.00 to Farouk Bello, Executive Director of the Comercial Bank of Africa (Nigerian division)?
Why is anything anything?
If you're really that worried about it, why not just drive to the nearest branch? Even then its not 100% secure, because the teller is still using a comptuer connected to the bank's network, which is in turn connected to the internet (even of not directly).
Knoppix should be enough for what you're talking about, tho.
Nicholas Brand (who I believe has posted here before) has compiled a great looking List of Live CDs.
Looks like they are even categorized quite extensively too. You should find at least something to ease your paranoia. But if you don't, you can make your own with Morphix, which is sort of a customizable Knoppix, and even has a how-to for something similar to what you want.
Personally, I could get by with a standard Knoppix CD if I really felt I needed the extra security for web browsing. So could the majority of slashdotters. But Knoppix would be a little tricky for the non-Linux user. So, I thought that a totally automated LiveCD for secure web browsing would be great for the average computer user - the very users who most frequently have spyware on their systems.
As I thought about the idea, I came up with a few major complications:
Many people are still on dialup or have weird login processes to get internet access - not the simple DHCP that I have at home and work. Most modems are of the "winmodem" variety, PPOE is often a mystery even in Windows, and let's not forget AOL's proprietaryness.
Then I thought about printers. Invariably, you'll want a hard copy of some sort of banking transaction. That should prove to be lots of fun to get working. Unfortunately, most folks don't have Postscript printers at home, and text mode won't cut it. So printer drivers and settings will be an issue.
Assuming you could step the average user through the two biggest troublespots above (and assuming there are NO other problems, yeah right) using a LiveCD without saving the configuration somewhere would become tiresome very quickly. So, some local storage would be required, i.e. hard drive, USB drive, or perhaps a floppy. So, saving configuration information somewhere should prove to be even more fun for Linux newbies.
Some other things to consider: access to email (if you're not using webmail), the time to cycle between Linux and Windows (LiveCD's are "fast" when you're in a jam, but I wouldn't want to boot one everyday just to spend 10 minutes on my Bank's website!), web browser compatibility (depends on the bank), Personal Finance Software (what's the point in all this if Quicken or MS Money is going to connect through a suspect Windows installation anyways?).
In the end, I just didn't see any easy way for the average computer user to have access to something like this - at least not until internet connection technologies get a lot more standardized or someone is willing to do a LOT of work on the Linux distribution side. I became disenchanted with the idea and forgot about it... until this Ask Slashdot. Well, that's my CAD 0.02 - it's a good question/idea, and I hope that someone else has a more positive answer.
A keystroke logger could easily be wired in, or simply plugged in the back... waiting for you to enter your credentials.
If you can't trust the computing platform, all bets are off.
if you're worried about your money, then securing your money is the main thing. Securing the computer is useful, but there are numerous other things involved. The people holding your money are usually the banks and other financial institutions. Their online banking apps and _processes_ may not be that secure (cross site scripting attacks etc)- since most are quite new to it and haven't been burnt enough yet. Plus depending on your setup you may be reliant on your ISP to provide you the right IP address for your online banking site (and the dns traffic has to be untampered with). If you somehow get the wrong IP address you could be screwed too- unless you connect directly to the site using https and check the certs (that's assuming you ALWAYS make sure the fingerprints are the same and don't transact if fingerprints change, OR you trust the CA to NEVER incorrectly issue certs to the wrong parties - verisign has screwed up before with an MS cert).
Because of that and so many other issues, if you are really worried about your money, try to get your bank to not allow online transfers, or only to selected accounts - e.g. to the bank account you use for credit card payment. If the bank doesn't allow that, then do you feel your money is safe in that bank? If no, then change banks- or keep the bulk of your money in a safer bank and transfer money from the unsafe one to the safer one. You can often also get the bank to limit the amount transferred per day.
For online payment (and offline where reasonable) pay everyone else using your credit card. That way if anything goes wrong, at least it's not _your_money_ that's gone - it's the card issuer's money that's gone or the Merchant's (or some other party, just not you!) - in which case while you're going through all the legal processes to fix things, you still have money to live on, and the pressure is on the OTHER parties involved to get things fixed, you can actually be a bit more passive. In contrast, if it's your money that's gone, often the rest could be sitting around whilst you'd be the one burning up the phone lines trying to fix things.
In conclusion, allowing money to be transferred online from your account to random parties is quite insecure even if it's with your permission, and even if it's your own hardware and software, coz unlike ATM transfers, you and the bank are _unlikely_ to control everything else involved in the transaction. Plus the devices involved often do other things as well.
I have checked out a bank's online app before (with their permission as part of a job) and I found I could cancel other people's cheques without their permission, fortunately money transfers somehow didn't work - some other control was probably stopping it. I also found SQL injection in another bank's online app.
There are bound to be flaws in banking apps. Previously this wasn't such a problem because the only people using the banking apps were the bank's staff who had to be trusted significantly anyway.
I didn't mean to insinuate that it is difficult to take over an ISP (ours had a server owned about once every four months, and we weren't a windows shop), but rather how easy it is to tap, as well as otherwise modify, a phone line. As Mitnick proved, it's easier to convince the phone company to switch a line or add a tap for you than it is to do the legwork yourself.
The ______ Agenda
So you've got yourself a secure solution for online banking with the liveCD, and then your banking website tells you you need IE otherwise you can't continue. (And you really can't)
Interesting as some banks and companies want their clients to connect insecurely, no other options available.
How many condoms do you wear during sex?
You can't live you life like that.
You must be new here.
If you are afraid of losing the CD and having whomever finds it figure out how to use it, just use the bookmarks part. It's unlikely that someone will be able to connect a keylogged uname and password with the correct bank name (especially if you click on the password field first and type it, then click on the uname field and type it second.
I mean, internet cafés are incubation sites, but the scammers/keyloggers aren't superhuman!