Whats the most secure and why ? Im pararnoid about online banking, I dont trust it so any ideas ?
If this is going to be used in a kiosk environment, then I recommend Porteus.
If this is just for home use, then literally any linux distro.
Remember that security with your bank, if they have a shitty and insecure web portal, then don’t bother.
eh good point i didn’t think about that , i was more worried about ex .specture , (hardware based vulnerabilities) . ill do some research work on that end (web portal), but in the mean time , cubes OS booted of a usb stick running some sort of security based os thoughts? (or am i insane wait dont answer that, its yes )
side note 256gb usb sticks are 40 bucks holy cow that’s cheap
You have little to worry about. This mostly affects cloud/IaaS/PaaS providers. Unless you happen to be doing some shady shit and come across a landmine.
Get a $150 Samsung Chromebook and use it strictly for banking.
2 Likes
I hate chrome books with a burning passion, piles of crap . Moving on not a bad idea , (not running chrome os , can i say i have battle scars ), so any ideas for distro ? cubes with something running inside it .?
As long as you don’t really use the computer for mixed security purposes, anything will do. i.e. get a $150 Chromebook that gets you a screen/battery/soc/storage for a browser and some ports and just run Debian on it.
I mean it’s not like you’re banking in 4k 144fps
Im fine with a chrome book , as long as its not running chrome os (shudder)
I’d say the problem isn’t just the distro at home, it’s also the risk between PC, router,ISP, L3/backbone, Banks ISP, then the bank itself…
If your PC is releatively secured from a physical security standpoint, and the bank uses HTTPS, you might as well use Windows (joke) for all the difference an OS would make.
I would pose a different hypothetical, if one were a dissident who’s life depended on security, ananomity, and encryption, then what distro would suffice?
1 Like
thats why i really dont like the idea.
Well, ATM’s still run Windows XP, so if it worked for them for the last 15 years, you might try that?
/s
(wish it were a joke)
But seriously, you could just use a live DVD/USB, just make sure you keep up to date with new updates to TLS and SSL or whatever, and burn a new DVD / USB periodically (like 6 months/ a year) and kinda boot to it like read only, maybe?
yea thats the sad part i just why xp still for ***k , why , yea thats kinda what im leaning towards . so any ideas how to boot cubes os from usb ? or another idea from usb?
If you don’t trust it then… go to a physical bank.
4 Likes
or call .people are pushing me to use it so im trying to compromise and find a way to do it where my paranoia or yea. a ist freaking out half the time
1 Like
Have you tried tails?
1 Like
I’ve used online banking for years on a variety of Linux distributions without any problems.
Look at the bank’s security provisions. If that’s insufficient, nothing you can do on your side will fix it. I would not use a bank that does not at least require 2FA to move money into/out of an account.
Sign up for email/text alerts from the bank re: access to your account. Avoid being a phishing victim by avoiding clicking on links in email that appear to be from your bank, even if you’re convinced it is. Go to the site and check for a message posted by the bank. If the bank doesn’t do that, find a bank that does.
1 Like
If that’s the case then your perception of security is extremely flawed and I’m not sure you completely understand what your trying to achieve.
Chromebooks are pretty much the most secure consumer hardware you can get without shelling out a lot of money and time.
ChromeOS is out of the box pretty much the most secure Linux OS you can get on consumer hardware.
That your saying ‘shudder’ to ChroneOS means your missing a lot of knowledge on the area your asking about here and are willing to ignore good advice because of your own perception regardless if it’s correct or not.
You’ve not even told anyone what your paranoid about. You can get good advice without understanding what your trying to do.
(Also cubes OS isn’t going to protect you)
P.s. willing to help figure out a solution, but it means getting a base in reality, and understanding of what your trying to protect from, how realistic those threats are and what actual risks would exist. Then you can figure out what a good way forward is.
4 Likes
What the others said OP, your choice of OSes won’t make a complete difference. Though Windows is more susceptible to keyloggers, backdoors and other malware (like telemetry stuff MS added in 10) due to their popularity for attackers, your security issue is more between your end device and the bank itself. I have done banking using both iOS and Android before, and the security metrics are no different from each other. Playing devil’s advocate, Linux can get security threats as well, though not on a mass scale.
Hell, if your network connection is shared between other people, like a public hotspot, then your security threats are 80% more within the connection than your device. I can recall a friend of mine from university who was also paranoid to even do transactions in the university hotspot, which I can see his point valid.
1 Like
Woah, guy, stop right there!
Specture, you say? You have every right to be concerned. Specture and maltdown are the hardware killers right now. InfoSec teams are working overnight to mitigate these issues. My job just issued OpenBSD thin client dumb terminal anti hack proof to everyone. Browsers are banned and email is done through emacs.
Listen, though, OpenBSD is insanely vulnerable. So is Linux. What you need to do is get a plane ticket to Ireland and head up to the mountains. There’s a data center colo cloud secure distributed hosted self aware system there that the U.S. can’t touch. Why am I concerned about the U.S.? Three words:
N.
S.
A.
That’s right. They’re watching you, me, your bank, your dog, your cat, everything. In fact, if you bought your dog collar from Amazon, PetCo, or PetSmart, there’s a GPS chip embedded in the buckle. I HIGHLY RECOMMEND YOU MICROWAVE YOUR PET’S COLLAR ASAP UNLESS YOU HATE PRIVACY.
Now, once you pass the initiation in Ireland, you need to come back, because they’re on to you. Go to your Wells Fargo, BofA, CitiBank, whatever. Go there, now, and get everyone’s name. If they won’t give you their full name and date of birth ask to speak to a manager. If the manager refuses, call corporate. Privacy is only real on Linux, rite?
Now, you need to do deep, full, investigative background checks on all of these people. They need to be fully vetted. Once you can trust them, and I mean TRUST, you need to do verbal transactions from now on. Ask them to turn off their phone and hand it over for your inspection before each transaction (you clearly know your stuff).
Don’t ever use a computer again. Don’t use email. Christ, what are you still doing here, shut down, abort, ABORT, ABORT!
Enjoy your international data center fees in Ireland
5 Likes
Pro tip, throwing around buzzwords and terminology to show how serious you are isn’t the best way to get taken serious.
You talk about Spectre and QubesOS freely, anyone that can exploit a Spectre vulnerability on an individual workstation can wreck Fedora running Xen, which is all Qubes is. Do some basic research and determine if you’re talking about security or privacy (they’re not the same thing)
People gave you ample information which you ignored. You contribute to making this forum a paranoid joke. Congrats.
2 Likes