Can Ubuntu Save Online Banking?

CWmike writes with a pointer to this ComputerWorld mention of an interesting application of Live CDs, courtesy of Florida-based regional bank CNL: "Recognizing that most consumers don't want to buy a separate computer for online banking, CNL is seriously considering making available free Ubuntu bootable 'live CD' discs in its branches and by mail. The discs would boot up Linux, run Firefox and be configured to go directly to CNL's Web site. 'Everything you need to do will be sandboxed within that CD,' [CNL CIO Jay McLaughlin] says. That should protect customers from increasingly common drive-by downloads and other vectors for malicious code that may infect and lurk on PCs, waiting to steal the user account names, passwords and challenge questions normally required to access online banking." (But what if someone slips in a stack of doctored disks?)

BIOS

[sourcerror]

What about infecting the BIOS?

Re:BIOS

They could ship you a free NetBook w/ CD.

Don't mod me funny, I'm serious. Like maybe a $100 little book running Linux, automatically set to keep itself up to date to eliminate hundreds of millions of dollars in cybercrime. The banks would own it, maybe even lease it to you for a $2 banking fee for having an online account with them. When you don't need it anymore or switch banks, you give it back to them and they would wipe the BIOS and system and reuse it.

In fact, they could probably even make the netbook cheaper by not including a hard drive. Just boot from USB or CD, maybe even a small USB traveldrive installed internally inside the case itself. The USB ports could be removed or completely disabled, no CDROM drive included, no HDD, etc. It becomes more or less a dumb terminal whose only purpose is to connect to the bank on boot. And, in addition, sandboxed to not allow any other applications to run besides the required startup items.

Just checked and it looks like Gateway sells a $49 netbook, found it on CNETs list of netbooks when I sorted by lowest price. And, that's *consumer* price, if the banks bought in bulk they'd even be cheaper than that. If they banks told them they didn't want USB ports (except the internal one), no harddrives, etc. then it would even be cheaper. I bet they could get them for $25 or so apiece in bulk for say 1000 units. That's not much cost to essentially eliminate the wholesale highway robbery of people's accounts that's been going on. The savings would be pretty enormous. Offset that with a small lease fee like I suggested above and its a win/win for everyone involved. Not to mention it would help Gateway out of its slump.

Gateway LT2016u (Verizon Wireless) Specs: Intel Atom N270 / 1.6 GHz, 1 GB, 160 GB, Microsoft Windows XP Home Edition, 10.1 in TFT active matrix, 3 lbs

Interesting, but what about users?

[ricebowl]

The majority of users I have contact with resent having to enter passwords/user-verification at all. With banks they do, often at least, appreciate the value of the process. But they still take every opportunity to minimise the process, so what're these users to do when they can't have Firefox (et al) save their username/passwords?

Personally, I'm thinking they'll go back to using Windows, which can't be reasonably prevented by the institution, without cutting off a large user-base. Still, a nice -and, to me, novel- idea.

Re:Reply

[Cryacin]

I actually think this is a good idea. Gives the user something physical to insert, that way they understand it. It also reduces the number of variables in the transaction process.

Hence, if you're too lazy, don't have the knowledge or it isn't economically viable to get someone in that can secure and configure your computer system, this seems like a sane alternative that makes it a bit harder for a black hat to come in and pillage your account.

Utah does this...

[gandhi_2]

Lots of Utah state government employees who work from home (for example, people who do data entry for Dept. of Workforce Services). It's worked pretty well, bypasses a lot of problems.

How to really advocate FOSS ...

[perpenso]

I don't think its a question of difficulty. It would be a total pain in the rear if I had to reboot every time I wanted to get on my bank's website. Or do I keep a dedicated bank terminal ready to got at any instant?

Actually, yes, you could have a "dedicated bank terminal". Take the old PC that is getting replaced, boot from the Linux cd-rom, use it for banking, and let the family screw up the new computer with trojans and malware while you enjoy relative peace of mind. I know a few families that have gone this route. They could care less about FOSS and its philosophies or politics, they just like the practicality of the solution. This is how FOSS can make inroads to the public, through practicality, not through ideological conversion.

Re:How to really advocate FOSS ...

[Artemis3]

How about an ultra cheap ARM such as the 80$ Menq's Easy PC E790?

With their custom OS pre-installed, I'm sure many people would like a dedicated "secure terminal" instead of having to deal with issues in their everyday PC.
Takes up much less power and is faster to boot (flash based) than an old pc. They could even try an ARM tablet or such.

Re:Unpatched Firefox for online banking? No thanks

[caluml]

Unless they plan on sending you a new Live CD every time a new Firefox or Linux kernel security bug is patched, many users would be vulnerable to attacks within a few months of this CD being released.

Er, no. If you've got a distro with no open ports, firewalled as well, that can only get to a single IP address on port 443, which doesn't let you connect unless the remote server's SSL cert is signed by the bank's CA which is the only one in your browser's CA list - where does the vulnerability come from?

Re:Why uses a PC to do banking?

[blueg3]

If you're distributing your own discs, you could just use DNSSEC and include the cert needed for verification on the disk itself. Similarly, making your own CA isn't really a good plan if you want to serve customers who don't have this disc, but the disc can have no CA certs installed on it and just have the verification data for your site.

Re:Why use Ubuntu?

[Runaway1956]

Uhhh - wait a minute here. Ubuntu doesn't "just work"? The most problems I've had were getting video cards to work like they are supposed to. Damned ATI drops support for this card or that, then you have to jump through hoops to get your hardware acceleration.

But, if you're booting to a secure OS specifically for the purpose of doing online banking, what need is there for super graphics?

Next most common problem is the WIFI card. Whoever distributes the CD needs to ensure that 99.9% of all WIFI cards are detected and supported.

What's the next most common problem? None that I can think of, really. If your browser opens, and connects to the bank, you should be good to go. No dongles, no bluetooth, no state of the art multimedia, none of that nonsense - just do your banking, then boot back into your main operating system.

Not so difficult, is it?

Of course, I'm not going to go that route. I just installed Ubuntu and Debian on all of my machines, and I don't worry very much about security. Yes, of course I check on things, and watch the logs, run Wireshark now and again, avoid phishing attacks, avoid using Root privileges, etc - all the common "common sense" security measures.

Re:Reply

[Zordak]

Why not just hibernate your main OS and then boot into the live CD? It doesn't take that long to load the memory snapshot from a cold boot.

Re:Reply

[unixan]

Not for long.

Re:Reply

[jesset77]

OSK, eh? I don't know about modern keyloggers, but Back Orifice took posturized screenshots 128px square centered around the mouse at each click without users noticing in the days of dialup.

Re:Reply

[jesset77]

1> Keylogger screenshots are faster than Javascript taint/redraw cycles

2> increase from 128px squared to full client area which has click focus. Even if redraw were faster than screenshot, you'd get a view of each OSK layout paired with cursor position. The correct OSK key is either under the cursor this screenshot, or last screenshot.

From a size perspective, you can grab WSXGA screenshots at 12kb per change base (tiff group 4) and 5-7kb per frame (gif) which may have been hefty in the nineties but makes facebook laugh at you today.

What I could get behind instead would be a standard for Keyboard security. One where a keyboard could speak raw TLS with an LCD display confirming the identity of the remote endpoint.

TLS to the local computer defeats any hardware keylogging attempts, defeats van eck, and can be used casually. TLS straight through to the remote server beats any software rootkits. I think that is about as powerful as your single factor of authentication can get. ;3