Language Selection

English French German Italian Portuguese Spanish

E-Banking on a Locked Down (Non-Microsoft) PC

Filed under
Ubuntu

In past Live Online chats and blog posts, I've mentioned any easy way to temporarily convert a Windows PC into a Linux-based computer in order to ensure that your online banking credentials positively can't be swiped by password-stealing malicious software. What follows is a brief tutorial on how to do that with Ubuntu, one of the more popular bootable Linux installations.

Also known as "Live CDs," these are generally free, Linux-based operating systems that one can download and burn to a CD-Rom or DVD. The beauty of Live CDs is that they can be used to turn a Windows based PC into a provisional Linux computer, as Live CDs allow the user to boot into a Linux operating system without installing anything to the hard drive. Programs on a LiveCD are loaded into system memory, and any changes - such as browsing history or other activity -- are completely wiped away after the machine is shut down. To return to Windows, simply remove the CD from the drive and reboot.

More importantly, malware that is built to steal data from Windows-based systems simply won't load or work when the user is booting from LiveCD.

rest here




Consider Linux for Secure Online Banking

earthweb.com: Do you make online financial transactions from a Windows computer? If so, you may want to re-visit that decision.

It's a given that almost all malicious software targets Windows. In my opinion, while it is possible to secure a Windows computer, the process is too hard, too time-consuming and/or technically over the head of most people.

A recent article at WashingtonPost.com described multiple organizations whose bank accounts were emptied by malicious software on their Windows computers. In one case, the Clampi Trojan sat undetected for a year on the computer of the Controller of a small business, before it decided to make withdrawals from their bank account.

According to recent news reports, "Fraudsters are taking advantage of the widely used but obscure Automated Clearing House (ACH) Network in order to pull off their attacks." Businesses don't have the same safeguards as consumers from this type of theft. Both articles describe serious losses and lawsuits.

In response to this, I wrote Defending against the Clampi Trojan, which applies to all Windows based malicious software (malware). In short, the advice boils down to this:

rest here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's leftovers

Linux and Graphics

Security Leftovers

  • Cockpit 0.104
    Cockpit is the modern Linux admin interface. There’s a new release every week. Here are the highlights from this weeks 0.104 release.
  • FFmpeg 3.0.2 "Einstein" Multimedia Framework Released with Updated Components
    Today, April 28, 2016, the development team behind the popular FFmpeg open-source and cross-platform multimedia framework has released the second maintenance release in the stable FFmpeg 3.0 "Einstein" series. FFmpeg 3.0 was a massive release announced in mid-February, which brought in numerous existing changes, including support for decoding and encoding Common Encryption (CENC) MP4 files, support for decoding DXV streams, as well as support for decoding Screenpresso SPV1 streams.
  • Using bubblewrap in xdg-app
    At the core of xdg-app is a small helper binary that uses Linux features like namespaces to set up sandbox for the application. The main difference between this helper and a full-blown container system is that it runs entirely as the user. It does not require root privileges, and can never allow you to get access to things you would not otherwise have.
  • Build System Fallbacks
    If you are using Builder from git (such as via jhbuild) or from the gnome-builder-3-20 branch (what will become 3.20.4) you can use Builder with the fallback build system. This is essentially our “NULL” build system and has been around forever. But today, these branches learned something so stupidly obvious I’m ashamed I didn’t do it 6 months ago when implementing Build Configurations.
  • Node.js version 6 is now available

today's howtos