I’ve been following the Washington Post Security Fix blog for the past year or so. Recently, Brian Krebs has been writing a series of post about businesses are having with thieves stealing their banking credentials, and then the subsequent financial problems since businesses don’t have the same protections as consumers.
One place where I do disagree with the author is the idea of the Macintosh as a safe-haven. In some of his other columns, he’s mentioned that Apple is actually less secure than Windows, but because Windows has more marketshare, that’s what thieves will mostly target. I agree with that much, but the logical leap of “therefore Macintosh is safe”…. I’m just not a big fan of “security through obscurity.”
Three recent articles dealt with the idea (including a How-To) of using a Linux Live CD for online banking.
- Avoid Windows Malware: Bank on a Live CD
- E-Banking on a Locked Down (Non-Microsoft) PC (Tutorial for creating and booting from a Linux Live CD)
- E-Banking on a Locked Down PC, Part II (Follow-up to the reader reactions)
Just to be clear: I don’t think Linux is any more of a panacea than Mac, it’s just a bit more obscure. What I like about this particular solution is that you’re booting from a read-only copy of the operating system. In effect, every time you boot the computer, it’s brand new. Once you’re done with the banking stuff, turn off the computer (you don’t even need to go through the normal shutdown!) and next time you fire it up from the CD, it’s back to the exact same state as when you started it the last time. Even if something does get on to the computer, it can’t save itself to that read-only OS.
I currently do my banking from a virtual machine which I use for absolutely nothing but banking. But I’m definitely digging this as an alternative.