Well, ATM’s still run Windows XP, so if it worked for them for the last 15 years, you might try that?
/s
(wish it were a joke)
But seriously, you could just use a live DVD/USB, just make sure you keep up to date with new updates to TLS and SSL or whatever, and burn a new DVD / USB periodically (like 6 months/ a year) and kinda boot to it like read only, maybe?
yea thats the sad part i just why xp still for ***k , why , yea thats kinda what im leaning towards . so any ideas how to boot cubes os from usb ? or another idea from usb?
If you don’t trust it then… go to a physical bank.
or call .people are pushing me to use it so im trying to compromise and find a way to do it where my paranoia or yea. a ist freaking out half the time
Have you tried tails?
I’ve used online banking for years on a variety of Linux distributions without any problems.
Look at the bank’s security provisions. If that’s insufficient, nothing you can do on your side will fix it. I would not use a bank that does not at least require 2FA to move money into/out of an account.
Sign up for email/text alerts from the bank re: access to your account. Avoid being a phishing victim by avoiding clicking on links in email that appear to be from your bank, even if you’re convinced it is. Go to the site and check for a message posted by the bank. If the bank doesn’t do that, find a bank that does.
If that’s the case then your perception of security is extremely flawed and I’m not sure you completely understand what your trying to achieve.
Chromebooks are pretty much the most secure consumer hardware you can get without shelling out a lot of money and time.
ChromeOS is out of the box pretty much the most secure Linux OS you can get on consumer hardware.
That your saying ‘shudder’ to ChroneOS means your missing a lot of knowledge on the area your asking about here and are willing to ignore good advice because of your own perception regardless if it’s correct or not.
You’ve not even told anyone what your paranoid about. You can get good advice without understanding what your trying to do.
(Also cubes OS isn’t going to protect you)
P.s. willing to help figure out a solution, but it means getting a base in reality, and understanding of what your trying to protect from, how realistic those threats are and what actual risks would exist. Then you can figure out what a good way forward is.
What the others said OP, your choice of OSes won’t make a complete difference. Though Windows is more susceptible to keyloggers, backdoors and other malware (like telemetry stuff MS added in 10) due to their popularity for attackers, your security issue is more between your end device and the bank itself. I have done banking using both iOS and Android before, and the security metrics are no different from each other. Playing devil’s advocate, Linux can get security threats as well, though not on a mass scale.
Hell, if your network connection is shared between other people, like a public hotspot, then your security threats are 80% more within the connection than your device. I can recall a friend of mine from university who was also paranoid to even do transactions in the university hotspot, which I can see his point valid.
Woah, guy, stop right there!
Specture, you say? You have every right to be concerned. Specture and maltdown are the hardware killers right now. InfoSec teams are working overnight to mitigate these issues. My job just issued OpenBSD thin client dumb terminal anti hack proof to everyone. Browsers are banned and email is done through emacs.
Listen, though, OpenBSD is insanely vulnerable. So is Linux. What you need to do is get a plane ticket to Ireland and head up to the mountains. There’s a data center colo cloud secure distributed hosted self aware system there that the U.S. can’t touch. Why am I concerned about the U.S.? Three words:
N.
S.
A.
That’s right. They’re watching you, me, your bank, your dog, your cat, everything. In fact, if you bought your dog collar from Amazon, PetCo, or PetSmart, there’s a GPS chip embedded in the buckle. I HIGHLY RECOMMEND YOU MICROWAVE YOUR PET’S COLLAR ASAP UNLESS YOU HATE PRIVACY.
Now, once you pass the initiation in Ireland, you need to come back, because they’re on to you. Go to your Wells Fargo, BofA, CitiBank, whatever. Go there, now, and get everyone’s name. If they won’t give you their full name and date of birth ask to speak to a manager. If the manager refuses, call corporate. Privacy is only real on Linux, rite?
Now, you need to do deep, full, investigative background checks on all of these people. They need to be fully vetted. Once you can trust them, and I mean TRUST, you need to do verbal transactions from now on. Ask them to turn off their phone and hand it over for your inspection before each transaction (you clearly know your stuff).
Don’t ever use a computer again. Don’t use email. Christ, what are you still doing here, shut down, abort, ABORT, ABORT!
Enjoy your international data center fees in Ireland
Pro tip, throwing around buzzwords and terminology to show how serious you are isn’t the best way to get taken serious.
You talk about Spectre and QubesOS freely, anyone that can exploit a Spectre vulnerability on an individual workstation can wreck Fedora running Xen, which is all Qubes is. Do some basic research and determine if you’re talking about security or privacy (they’re not the same thing)
People gave you ample information which you ignored. You contribute to making this forum a paranoid joke. Congrats.
Just on a side note. If you have a bank that takes online banking seriously then you are insured against damages anyway unless you were careless and the damages were your own doing.
Is that not required by law in the US? (If nit then… WTF?).
I do not need 2FA for my bank. Nor would I want it either.
Whenever I come across this kind of question on thread, I sigh a little and make the cyber cat dance.
Security is not a hardware or software solution. You cannot buy or install security.
Developers try their best to keep you safe, but when the chocolate pudding hits the oscillating ventilator the rest of security is primarily up to you, the user.
The same I wrote before for iOS, applies here to the PC:
You need to define your criteria for more secure. The question you where originally asking really is then: what distro offers the most suitable features for keeping myself secure online. What technologies do each offer that I can use to better protect myself from a internet banking related threat?
And since all distros offer about the same configurability out of the box, I would argue any linux / BSD flavour can be tuned to run just a stripped down web-browser inside a virtual machine with a locked down firewall that restricts traffic only to your banks domain.
Lastly, if you are truly concerned about security, I always suggest you also consider the following:
Not for the login, the question was to regards to making transactions. And here making transactions at least requires a unique TAN per transaction.
im not the most knowledgeable on the topic ,
so im just here to see what people who know more than me, what advise they have to give to someone who’s not very knowledgeable on the topic . so yea , the specture vulnerabilities was a example.
My thought process was i would use a secure linux distro booted via usb , on a computer and wouldnt have to worry about hardware vulnerabilities.
tldr dont know much about linuix , but i know its more secure than windows . unless im wrong .if i am please explain im here to learn
physical stuff i can take care of , hardware im pretty knowledgeable at , but software i really don’t know much about but , some of your ideas i haven’t thought about thank you on the physical side .
thank you .
To be completely honest with you. If you are a normal person doing normal things it is unlikely for any Boogeyman to be after you and you are putting too much thought into this.
I manage my credit card using the edge browser on W10 and the only reason it was compromised is that “they” spoofed my cell number to get past 2FA and change the password.
Your operating system is low on the list of vulnerabilities.
Hahaha. You win
Windows isnt necessarily less secure than Linux. The problem is we cant just make a statement like that as it just cant apply in all cases.
Correct me if i’m wrong. The question seems to be, how best can i do online banking in a way that i can keep what i control secure?
Would that be accurate?
You have to keep in mind that regardless, everything out of your direct control you have no control over. Banks systems could be compromised, 2FA could be compromised (if using SMS for example), the network you’re sitting on could be compromised, the routers could be compromised (MikroTik for example recently).
You do have control over your computer so whats the best options?
I’d argue, in this case, your best option is a Chromebook.
Why?
You’ve said yourself, your not overly familiar with the security side of things. So not trying to sound badly here but you cant secure a windows or Linux system. How would you know you did it correctly?
Windows can be secure, if you know what you’re doing.
Linux can be secure, if you know what you’re doing.
But if you don’t know what your doing, you may think you’ve secured it while leaving 100 other holes in the system. It’s come up multiple times on the forum, where someone looking for advice on security or privacy has (likely through no fault of their own) completely missed out areas they never even knew they had to consider that leaves their initial security or privacy fix absolutely pointless and a waste of time.
So why a Chromebook?
I picked a Chromebook because of your earlier comment. But if you want a secure piece of hardware for doing banking and other tasks you regard as sensitive, i’d challenge anyone to find something more secure out of the box. (a macbook maybe comes in similar security wise)
You can do it with other devices but there’s a lot more involved in almost all cases.
Android, then use your banks app.
It’s Mega secure, not even Dread Pirate Roberts can get in.