Am I secure?

[dutchdummy]

I'm going to be on the road for a while and because I will need to rely on my laptop and public WiFi, I'm a bit concerned about security when I do my online banking. I think I have a good plan in place, but want to get some feedback in case I'm missing something. Here's what I'm using:

- AVG Internet Security 2011 (antivirus and firewall)
- Ensuring that all sites I log on to are SSL encrypted by looking for HTTPS://
- SecurityKiss Tunnel

Right now, I've just started using the free version of SecurityKiss with the 200 MB limit. My plan is to turn it on when doing online banking or visiting any site in which I have to log on, but turn it off for regular web browsing. If it turns out to be a useful product, I might just purchase the 20 GB plan. (I'll have to figure out why I can't get Microsoft Outlook or Forte Agent to connect with it running, though.)

So should I feel safe about my online banking using this plan?

[eyeb]

hm... get a sandboxing program to help a bit

If you want to really feel safe, I'd get a linux distro installed on usb/cd and boot off it and use it only for banking/etc. And turn off the save feature/make it read only, so when you shut down, changes are lost and next time you use it you dont have to worry about catching anything. You'll have to read up on using vpn on linux though, cant help with that.

Or if you have a mobile plan and phone that allows it, I'd tether it and use phone as moden instead of free wifi for secure browsing. It's slower but it's also more secure

edit: is there a reason you have to do online banking while on a trip? Why not just wait till you are home?
edit: Oh I forgot, make sure to turn off sharing on your computer... who knows who might be trying to look in on you while you use their "Free" wifi

[dutchdummy]

Quote:

Originally Posted by eyeb

hm... get a sandboxing program to help a bit

If you want to really feel safe, I'd get a linux distro installed on usb/cd and boot off it and use it only for banking/etc. And turn off the save feature/make it read only, so when you shut down, changes are lost and next time you use it you dont have to worry about catching anything. You'll have to read up on using vpn on linux though, cant help with that.

Or if you have a mobile plan and phone that allows it, I'd tether it and use phone as moden instead of free wifi for secure browsing. It's slower but it's also more secure

edit: is there a reason you have to do online banking while on a trip? Why not just wait till you are home?
edit: Oh I forgot, make sure to turn off sharing on your computer... who knows who might be trying to look in on you while you use their "Free" wifi

The reason why I'll need to do online banking on the road is because I'll be gone for 3 months to look for a job in California.

I've already turned off file sharing in Windows. I'll look into the mobile phone plan - I wasn't aware this was an option.

Sandboxing is a completely new concept to me. I'll look into the Linux option as well, but how high is the learning curve?

Thanks for the suggestions.

[mr6n8]

This article by Gizmo has some good info:
How to Improve Your Security When Using a Public Terminal
http://www.techsupportalert.com/impr...l-security.htm

[Ritho]

I live and work overseas in one of the countries know for having some of the highest rates of internet crime. I have to do online banking, it is really the only option available. Of course most of the time I do it from home. When away from home I use a vpn. Ones like Hotspot Shield and others are better than nothing, but I use a paid one, mainly because of the speed. Actually it is prepaid. I like it because I use it sporadically, and would only be waisting money on a monthly subscription. It also based only on the bandwidth used, not on the time you are connected like some others, so you can browse casually on it cheaply enough. I can send you a personal message if you want the url.

[Dedoimedo]

Security has nothing to do with what software you use.
It's about strategy - what poses a risk for you - and how you avoid/minimize those risks.

None of the tools you listed will be of any help if you connect to a bogus bank site and input your credentials. Knowing how to connect to your bank and identify possible problems/exposure vectors is what you need to invest in.

Dedoimedo

[garth]

This might be worth having if you use Firefox.
https://www.eff.org/https-everywhere

[bo.elam]

Quote:

Originally Posted by Dedoimedo

Security has nothing to do with what software you use.
It's about strategy - what poses a risk for you - and how you avoid/minimize those risks.

Thanks for posting this powerful and enlightening statement, in my opinion
its worth more than the last 20 articles about security that I read.

Bo

[dutchdummy]

Quote:

Originally Posted by Dedoimedo

Security has nothing to do with what software you use.
It's about strategy - what poses a risk for you - and how you avoid/minimize those risks.

None of the tools you listed will be of any help if you connect to a bogus bank site and input your credentials. Knowing how to connect to your bank and identify possible problems/exposure vectors is what you need to invest in.

Dedoimedo

I already know how to connect to my bank and am well aware of phishing scams. That advice is really for newbies, which I'm not. I'm looking to maximize my online security when using a fundamentally unsecure connection such as public WiFi.

[eyeb]

only way you can do that is really vpn :S and that isnt gaurenteed either

i would still suggest a mobile wifi plan. One of those usb dongles for wireless by cell towers, or tethering your phone and using its data plan

oh, btw if you look up firesheep, you'll see a how easy it is for someone to get info over a public wifi