Live Boot CD makes online banking safer

Discussion in 'Software' started by Bold Eagle, Oct 30, 2009.

  1. Bold Eagle

    Bold Eagle MajorGeek

    Well it has been brought to my attention that it is very cheap and rather easy way to make yourself almost "bullet proof" for online banking.

    - Make a read-only Live Boot CD of a good linux OS (many are free).
    - Enter BIOS and turn of the HDD and set system to boot from CD.
    - Boot into the OS and do your banking (making sure you are at "the right site!!"

    http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html

    No mailware can ever be written to the "read-only" CD and thus there is nowhere for malicious code to be stored and then hack your details.

    Anyone got any suggestions on some decent linux OS's please.
     
  2. hawklord

    hawklord Master Sergeant

  3. foogoo

    foogoo Major "foogoo" Geek

  4. studiot

    studiot MajorGeek

    How does this prevent you being redirected from the real bank site to some fraudulent one?
     
  5. augiedoggie

    augiedoggie The Canadian Loon - LocoAugie (R.I.P. 2012)

    I would think if one put the energy and time to run a LiveCD then one would be able to spot a phisher or as you say a redirect. My bank has 3 levels of security when it doesn't have a previous cookie installed, actually happened today and I make sure I know what the URL's look like and check everytime. I've been burned once by phishers but that was at a forums I admin and a hole was inadvertently created with a mod. That taught me a big lesson!:)
     
    Last edited: Oct 31, 2009
  6. Bold Eagle

    Bold Eagle MajorGeek

    Excellent question but some points that are bought up in the article and links from them may help prevent this:

    "Virtually all of the data-stealing malware in circulation today is built to attack Windows systems, and will simply fail to run on non-Windows computers."

    http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html

    A more complex procedure for making the LiveCD so that the linux has FireFox with NoSCript and the Bank's website saved as a bookmark before the final copy is here from page 41 on:

    http://www.sans.edu/resources/student_projects/200910_05.pdf

    This would arguably significantly raise the security "level" for the average user when ever they do online banking and would halt the "current" threats in their tracks.
     
  7. Bold Eagle

    Bold Eagle MajorGeek

    I have been using NoScript for years and it does stop "ClickJacking" (redirecting).
     
  8. Bold Eagle

    Bold Eagle MajorGeek

  9. Bold Eagle

    Bold Eagle MajorGeek

    Well guys and gals I am now typing to you from Ubuntu LiveCD session and I must say I'm very impressed so far :major. Either I'm just getting more and more geeky or this is a really easy to use OS with some nice features.
     

    Attached Files:

  10. augiedoggie

    augiedoggie The Canadian Loon - LocoAugie (R.I.P. 2012)

    It is easy to run, easy to install but still weak in some driver areas like video and wireless.
     
  11. loonacycle

    loonacycle Private E-2

    it's hard out there for a pimp. plenty of good live cd's to use for many various computing tasks.

    the only prob is ya gotta use them !

    Bold Eagle the specs on pc #3 cool... little monkey w "electro El Shocko rectal probe"

    reminds me of my Dell X1-Spinchter Blaster Lap Dancer Attitude

    :drool
     
  12. sikvik

    sikvik Corporal Karma

    In the same boat kinda. Down loaded Mint ran of CD no problem.
    .
    Now this being a Sunday, chilled beer was todays poison. Never dual booted before. So I'm tinkering and thinking give it a go Had win7 Rc running on the LT

    Looked up dual boot win 7 and ubuntu on the net. C$@P every search I got was win over ubuntu but none for ubuntu over Windows. Hmm boredom and beer sets in :-D

    I figure nothing important on the LT lets give the install a go.

    Of course the beautiful partition manager options show up. I can see where win 7 is installed. But what next?

    Ahha right time to chug the beer and get a refill!

    Well the beer didn't help at all :-D

    Long story short after a lot more beer I managed to loose win7 :-D And the Cd was only 300 miles away :p

    Next step might as well go with Mint. The damn thing went all the way to step 7 the last and froze while installing at 5%. Tried it a few times same prob.
    Could have been a burn issue or the MD hash. Beautiful just my luck!

    Suddenly have a fuzzy recollection. Had an Ubuntu Jaunty CD lying around. Installed it. Phew!!

    And posting from it.

    I'm so tired :-D
     
  13. augiedoggie

    augiedoggie The Canadian Loon - LocoAugie (R.I.P. 2012)

    Ya, I always burn OS's at the lowest speed. I don't dual-boot Ubuntu but I'm running it virtually, of course one has to have the HW specs to run that properly.
     
  14. sikvik

    sikvik Corporal Karma

    augie, burnt it at 4x. Must have been a problem with MD5 sum/hash. New to this.
    Boom and Bugballou will be in hysterics reading my post roflmao
     
  15. Bold Eagle

    Bold Eagle MajorGeek

    I had 3 failed attempts (MD5 and SH1) with Linux OS's but I finally DL via a "usenet" newsreader, "GrabIt", with all the PAR2 files. Maybe the PAR2 files where an extra 100MB but at least it flew through all the MD5, etc. Usenet for those "delicate" files".
     
  16. BoredOutOfMyMind

    BoredOutOfMyMind Picabo, ICU

    Nope, Mint 7 borked on me. I posted a thread.
    Now 300 miles away...:cry
     
  17. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

  18. risk_reversal

    risk_reversal MajorGeek

    Although I have Linux installed on a couple of dual boot laptops, I also use Linux Live cds. The ones I have been using for a while are Puppy. They are about 100Mb in size and once booted it installs and runs in ram only (need enough ram though).

    Once booted to the Linux desktop, you can just take the Live cd out as it is not required any more.

    I have tried other Live Cds but they are usually larger (apart from DSL) and create this slowness.

    Other reason I like Puppy is that it was virtually the only Linux distro that allowed for relatively easy wireless configuration.

    Good Luck
     
  19. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi Risk

    I will give that a go cheers with Puppy, not run Linux off a liveCD for a while and only in troubleshooting various PCs, tend to have a few versions of Linux and a collection of Windows versions in VPC.

    Running Mint and Kubuntu at present and just wondering if in a VPC enviroment you end up with the same effect as the original posting in running linux to prevent Windows malware keylogging etc, not that I'm too worried at using Windows to bank or shop as my PC is as secure as I can get it for those tasks.
     
  20. risk_reversal

    risk_reversal MajorGeek

    Halo, try it I think you will love Puppy. You can also do a full install which I have done.

    The Puppy Linux forum is also full of info for additional enhancements and software.

    Good Luck
     
  21. Bold Eagle

    Bold Eagle MajorGeek

    Excellent question Halo and I had certainly intended to get back to this. As the author of the earlier article indicates "Virtually all of the data-stealing malware in circulation today is built to attack Windows systems, and will simply fail to run on non-Windows computers." http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html.

    Which makes perfect sense the criminals are purely playing a numbers game and therefore design the malware to potentially affect as many systems as possible. If Apple or Linux held such a dominate or even significantly larger portion of the market and then I am sure we would have a greater diversity of malware threats out there. As to whether a malware can become activated on a infected Windows HDD when using a VPC Linux "instance" I can't ascertain but I am sure the vast majority just would not be able to interact with the Linux kernel and OS. Let's be clear I am no expert here but it would certainly be "significantly safer" than a Windows environment.

    I love my LiveCD and swear by this method for the extremely limited online transactions I do.
     
  22. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi Bold Eagle

    I think my rationale for VPC and Linux is that I just wonder if its safe or if an infected Windows OS had a keylogger then as Windows is running in the background will the keylogger pick up any typing in a Linux VPC, I've just not looked into this enough but rough guess is that the keylogger would pick up keystrokes when you where in VPC.

    Good thread topic BTW.
     
  23. hawklord

    hawklord Master Sergeant

    i think that if you have an infected host system and you are running a clean virtual machine, then anything that is typed into the vm will be 'at risk'

    when you type something in a vm then it has to pass through the host first, so mr keylogger will get your info,

    finger > keyboard > pc > host > vm

    this is how i believe it works - but i could be wrong

    the host is still accessible through the keyboard, i know this because i run mdv2010 with virtualbox installed and guest o/s's, i can type in a guest and also - without moving anything - press ctrl + alt + down arrow (or any arrow) and shift screens on my mdv host, shift back and carry on typing
     
  24. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi Hawklord

    Cheers for the post, yes I believe you are correct and was my suspicion too.
     
  25. radiot

    radiot Private First Class

    My, limited, understanding seconds Hawklord's assertions, that when a rootkitted PC runs a VM the VM keystrokes are accessible to rootkit.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds