Gizmo's Freeware Forum

Gizmo's Freeware Forum (https://www.techsupportalert.com/freeware-forum/)
-   Linux (https://www.techsupportalert.com/freeware-forum/linux/)
-   -   Is it o.k to do online banking with out of date live cd linux? (https://www.techsupportalert.com/freeware-forum/linux/10619-is-it-o-k-to-do-online-banking-with-out-of-date-live-cd-linux.html)

autoexit173 29. Oct 2012 09:37 PM

Is it o.k to do online banking with out of date live cd linux?
 
Hi everyone,


Over the weekend i did my online banking using Kororaa live cd.

Anyway i downloaded the latest version they have and used imgburn to burn on a dvd.

Anyway i boot up the linux os by only using boot from cd. What i notice is obviously if you just boot from the cd you cannot change anything because the os boots from a cd.

Since all people say the safest way to do online is through a live cd because that way you cannot really get a virus, keyloggers stealing your passwords, my question is if the firefox is using 13 and most up to date is 16.02, and if only boot from a cd, does it matter if my firefox is out of date?

If i install the linux to my hdd, obviously then i need to update everything to be safe right?

So if i just boot from cd, 99% of the time i should be o.k even though the linux os and its browser is out of date?

eyeb 29. Oct 2012 11:08 PM

you're fine even without all those steps too

the fact is that almost all data compromise happens on the bank end, and not your end, what you do before sending the data wont affect it since it all ends up at same place, bank servers

I say this because it's really doubtful that anyone would be targeting you, when they would just target the bank for a bigger pay out :S plus they don't know where you are, but the banks are kind of set in where they are located

George.J 30. Oct 2012 02:39 AM

The major reasons that you should update your browsers are these:

1. serious security flaws with older versions that may allow malicious websites to read your files, damage your files, steal your passwords, infect your computer with viruses …

(This is ok with your current setup, as you are running from live cd, so you don't have to worry about that)

2. Bugs in the previous versions which may create some problems when visiting websites like broken pages, freezes etc....

3. New features

Looking at your current setup it doesn't matter if you're using an older version of Firefox.

autoexit173 31. Oct 2012 03:48 AM

Which Linux would be suited for just online banking?

Lightweight Portable Security (LPS) – A Linux distro from the US Department of Defense.

Ubuntu – fast, secure and easy-to-use.

Puppy Linux – A complete operating system with suite of GUI apps, only about 70 – 140MB, and boots directly off the CD.

KNOPPIX – Live Linux file system on CD.


ubuntu.

Mint.



I have tried using ubuntu and kororra and so far i like using linux. I haven't had time to try all the linux live cd.

The only problem i have with kororra is the firefox is only using v13.

Is out of all the options, which linux would best suited for online banking and most secure?

1002richards 31. Oct 2012 09:27 AM

Just for banking, I'd go for LPS. But any one of those you list would be just fine. I'd say give'em all a try (not doing banking) just to see which suits you best - looks, speed on your machine etc.

Richard.

MidnightCowboy 31. Oct 2012 11:12 AM

What 1002richards says, plus it depends on how you connect. Ubuntu or Mint will be the easiest out of that selection to connect with, especially if you use DSL or a broadband modem. If LPS recognizes your connection though, I'd go with that as it's a custom build for the purpose.

autoexit173 12. Nov 2012 01:20 AM

thanks a lot guys... sorry for the late reply, been busy with work.

anyway i've tried using lsp, i cannot get to work.. after 2-3 seconds of loading my whole pc froze.

so i tried using kororra live cd = which was very easy to use but i find it has no security features besides it own firewall. all it is its just a firewall that says firewall=yes.

also i tried knoppix = it was easy to set up and use, but has no security feature besides ssl certification which is useless considering all the top banks have their websites ssl secure. for some reason using knoppix i cannot log into a certain bank online. it just says it will load the internet banking page but stays their. this is happens to bitdefender safepay.

i also tried ubuntu = this is the easiest to use and follow, but has no security feature besides delete track records. but for some reason using ubuntu i can log in to all my bank accounts while kororra didn't work with all banks.


my only concern using linux live cd is;

1. kororra uses old firefox 13 and ubuntu uses firefox 14. from alive cd i cannot update the firefox version.

i cannot really update any software batches because i am running the software from a dvd with all my hdd unplugged.

2. running from a live cd (dvd) ubuntu, kororra has no strong firewall, or secure encryption protocol, if it does i don't see it on live cd.

questions:

a) with windows its always a good idea to update windows, browsers before using, with live cd i know you're running the operating system from a cd/dvd, which no virus or trojans can load their bad stuff onto you're OS, unless you press yes to everything.

anyway so basically even though i most likely won't get a virus because i am running it from a live cd, will the data be secure using a older version of software transmitting my personal data with no firewall and real time protection? if it is safe can someone please explain how its safe?

b) if i want to install a strong firewall with antivirus, anti malware software that works with linux, what free programs will you recommend?

i just don't feel safe using a OS without a known firewall and real time protection.

MidnightCowboy 12. Nov 2012 03:52 AM

You don't need an antivirus for Linux. Scanners are available but these merely hunt for Windows viruses to prevent you passing them on to other Windows users. Linux ships with iptables that does packet filtering, network address translation (NAT), and port address translation (PAT). Additionally, some distributions include an enhancement for this such as Shorewall, UFW, Firestarter etc., although mostly these will require enabling and configuring. I can't speak for the others but Korora has a very strong firewall which achieves full stealth with GRC for what it's worth. Korora also employs SELinux. Other distros might use AppArmor instead.

http://en.wikipedia.org/wiki/Security-Enhanced_Linux
http://en.wikipedia.org/wiki/AppArmor
http://img37.imageshack.us/img37/3913/firewalle.png http://img89.imageshack.us/img89/565/firewall1.png

autoexit173 12. Nov 2012 04:29 AM

Thanks M.C... but when you're talking about Kororra, are you talking about Kororra (running from dvd) or install to hdd Kororra?

Because i've downloaded and currently using Kororaa 17 (Bubbles) KDE (Live DVD) and only running it on dvd. I disconnected all my internal hdd's.

I can't fin the firewall config for Kororra. Any advice please?

MidnightCowboy 12. Nov 2012 06:25 AM

Quote:

Originally Posted by autoexit173 (Post 78429)
Thanks M.C... but when you're talking about Kororra, are you talking about Kororra (running from dvd) or install to hdd Kororra?

Because i've downloaded and currently using Kororaa 17 (Bubbles) KDE (Live DVD) and only running it on dvd. I disconnected all my internal hdd's.

I can't fin the firewall config for Kororra. Any advice please?

Yes, you can run this from the Live DVD but obviously the changes don't save. Just type "firewall" into the main menu search box and the config link will appear.

Panzer 12. Nov 2012 09:19 AM

Quote:

Originally Posted by MidnightCowboy (Post 78432)
Yes, you can run this from the Live DVD but obviously the changes don't save.

... or you can try to rename Kororaa into Fedora and then put it on USB via liveusb-creator (https://fedorahosted.org/liveusb-creator/).

I think you can make it persistant that way ... I think I made it that way, but that was a long time ago and I frankly don't remember if it was successful ...

Anupam 12. Nov 2012 09:28 AM

If you are able to use Linux via a USB drive, then you can also download the latest version of Firefox from its site, for Linux, which installs as portable. I had done that for Linux Mint, when I had installed it on my older computer.

Jojo Yee 12. Nov 2012 10:28 AM

Quote:

Originally Posted by Panzer (Post 78440)
I think you can make it persistant that way ... I think I made it that way, but that was a long time ago and I frankly don't remember if it was successful ...

LiveUSB is a good way for making persistent changes.

See this tutorial from Dedoimedo.

Panzer 12. Nov 2012 10:38 AM

I am aware of it, but if I remember correctly LiveUSB doesn't support Kororaa (you can put it on USB but only Live mode is supported) ... and my Sabayon is also supported for Live use only (tried to made persistence file manually but that didn't work either) ...

autoexit173 15. Nov 2012 03:46 AM

thanks guys...


2 questions;

1. if i fully install kororra, ubuntu, mint, etc... as a full operated operating system, i need to properly setup and configure everything just like in windows right? Just for online banking and shopping not surfing the net.

2. is it less secure running linux from a hdd compare to running linux from a livedvd?

will my mobo stuff up if i boot two different operating system each day?

you know how people say the only real threats you can get when running from a livecd is a windows virus which was already on your pc, so before i make a livecd or usb for linux, how do i check if my current pc is windows virus free for a secure linux?

at the moment i have installed avast for antivirus, malwarebytes and emisoft for antiware and spyware. i also use kaspersky TDSSKiller, microsoft malicious software removal, hitman pro for scanners.

if all those scanners come up clean, i should be safe to make a linux usb and that usb will be secure right?

is usblive creator the only way to make a linux boot from a usb?

Panzer 15. Nov 2012 09:54 AM

Quote:

Originally Posted by autoexit173 (Post 78553)
thanks guys...
is usblive creator the only way to make a linux boot from a usb?

I have posted some of the alternatives here:
http://www.techsupportalert.com/free...computers.html

autoexit173 19. Nov 2012 12:27 AM

Burning a DVD


DVDs are read-only so your Tails can't be altered by a virus or an attacker.
DVDs are cheap but you will need to burn a new DVD each time you will update your version of Tails.


Installing onto a USB stick


The content of the USB stick will be lost in the operation.

An attacker with physical access to your USB stick or through a virus could alter your Tails.

------------- = above was from tails....

"https://tails.boum.org/download/index.en.html"



1. how do i help prevent my linux running on a stick (kingston) from being altered?

2. doing your online banking by live cd is safest right? because virus cannot be stored onto a live cd.

with that logic i understand, doesn't that defeat the whole logic of needing to update your internet browser, operating system security updates?

live cd only helps stopping viruses from being stored and altered, but the data (passwords) you type in when in browser is transmitted through older version of firefox and older operating system is less secure, right? or am i wrong about being less secure?

so my question is it safer to do online banking, shopping through

a) live cd where you viruses cannot be stored but the limitations is you cannot update your firefox and update any security updates or

b) linux installed on hdd fully functional with options to update your system and everything and probably configure your firewall, but can be vulnerable to viruses being stored?

luckily i didn't use linux tails v.13 because it had many security holes.

is knoppix and korroa still rated the top in security compared to other popular linux (less in security holes and more in stronger firewall and protocol?



can someone help me use lightweight portable security? i burn it on a dvd by using imgburn but when i got to running it, it will only load for 2 secs then freeze.

please help me correct my mistakes?

thanks.

MidnightCowboy 19. Nov 2012 06:45 AM

I think maybe some of your concerns are leaning towards the paranoia. :)

Just to give a personal experience, online shopping was already a huge industry when I left Europe 8 years ago but not so here in Brazil although they are quickly catching up. Let's not forget also that Brazil has some of the highest levels of crime and especially fraud in the world and yet I have been using online shopping and banking here for the past 12 months without issue.

This is just my opinion, but others may vary. :)
  • If you haven't got a router, get one.
  • Use a free DNS service that is security orientated such as Norton ConnectSafe
  • If possible open an auxiliary account for just online shopping and only transfer as much as you need per session into it.
  • Make sure you have fraud protection insurance but check out some independent policies too. That offered by your bank might have too many get-out clauses and not be the best available.
  • Dual boot your PC with windows and use a properly configured and updated installed version of Linux for your online banking and shopping.
  • Sleep easily at night and enjoy a happy life. :)

Dedoimedo 19. Nov 2012 02:51 PM

It is ok to do online banking as is, without any special preparations.
In the worst case, close the browsing session and start fresh.
Dedoimedo

autoexit173 20. Nov 2012 03:06 AM

I think maybe some of your concerns are leaning towards the paranoia. :)



:p

I did say i was paranoid with security, especially online banking. :D






If you haven't got a router, get one.



Yeah i have a modem/router. Well its actually a wireless modem/router but i disconnect the wireless. This is how paranoid i am i never use wireless. :o




Use a free DNS service that is security orientated such as Norton ConnectSafe

I thought about using Norton dns or Comodo dns, but other people are using the same dns server so i'm sticking with my own provided by my isp.




Make sure you have fraud protection insurance but check out some independent policies too. That offered by your bank might have too many get-out clauses and not be the best available.



In Australia, the top bank all have the same government fraud protection. Its not the money i'm most worried about. I am worried about the money i have, but I'm more worried about hackers stealing my passwords and finding important information and start making false documents to open up accounts and apply for credit card loads, etc....



Dual boot your PC with windows and use a properly configured and updated installed version of Linux for your online banking and shopping.


Yeah i was really thinking about using Linux full time as an operating system now instead of using live cd for online banking. But instead of dual booting from Windows to Linux, i was thinking of buying a ssd (60gb) solely for Linux.

All Linux that i have tried can connect to my connect easily, i just have to manually type in my details, easy.


With Linux firewall, i don't have to worry about ports and policies like in windows firewall?

Example: With Widnows OS i am using Comodo free firewall, which allows your own application policies and have options to allow or block or limit different ports. But since i don't know what all the ports mean besides 443 and 563 which are ssl, i am just going to leave them as default.



Oh btw thanks Midnight Cowboy, you have been a big help from the start and thanks to everyone else.

Remah 20. Nov 2012 03:34 AM

How paranoid
 
Quote:

Originally Posted by autoexit173 (Post 78799)
I did say i was paranoid with security, especially online banking. :D

What else do you do outside computers?
  • Do you destroy all your personally identifiable documents yourself?
  • Do you get your mail delivered to a secure PO Box?
  • Do you send other incoming parcels and deliveries to the postal/courier depot or similar facility where you can pick them up yourself?
  • etc

MidnightCowboy 20. Nov 2012 04:04 AM

Quote:

Originally Posted by autoexit173 (Post 78799)


With Linux firewall, i don't have to worry about ports and policies like in windows firewall?

Example: With Widnows OS i am using Comodo free firewall, which allows your own application policies and have options to allow or block or limit different ports. But since i don't know what all the ports mean besides 443 and 563 which are ssl, i am just going to leave them as default.


This is something else you can easily get bogged down with and enjoy much head scratching and heartache during the process. :)

Basically, Linux firewalls do what they are meant to do so long as you remember to switch them on (not all are auto-start). Rest assured that if they didn't, or if a new flaw was discovered, this would be very quickly patched by the Linux community.

Although many of the so called firewall tests are pretty meaningless (especially Matusec :eek:), if passing tests is important you may want to press a couple of buttons in your ICMP settings to block ping responses and achieve "true stealth" for what that's worth. :)

http://www.hansenonline.net/Networking/stealth.html

autoexit173 21. Nov 2012 04:52 AM

What else do you do outside computers?

Do you destroy all your personally identifiable documents yourself?




Yes i do... hahaha



Do you get your mail delivered to a secure PO Box?



No.



Do you send other incoming parcels and deliveries to the postal/courier depot or similar facility where you can pick them up yourself?
etc


No


I see what you're getting at. :p


Anyway as far as the most secure Linux i find LSP and Kororaa to be the most secure and equipped with the right security features i'm looking for.

What is your top security linux distro?

When i get paid this week i'll buy a ssd and install Kororaa.


All times are GMT +1. The time now is 06:22 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.