March 26, 2010

Cool use of Linux

Brilliant idea -- from Computerworld:
Can Ubuntu save online banking?
Jay McLaughlin has me worried. I do my online banking from the same home computer the rest of the family uses for Web surfing and online games. I have the McAfee security suite loaded and do regular scans so accessing online banking should be protected. Right?

Not really, says McLaughlin, a Certified Information Security Professional and CIO of CNL Bank. Accessing online banking from your everyday PC is just asking for trouble, he says.

In fact, the CIO of the Orlando, Florida-based regional bank would like to see all of his customers - both consumers and businesses - access online banking either from a dedicated machine or from a self-booting CD-ROM running Ubuntu Linux and Firefox.

The Ubuntu option
Recognizing that most consumers don't want to buy a separate computer for online banking, CNL is seriously considering making available free Ubuntu Linux bootable "live CD" discs in its branches and by mail. The discs would boot up Linux, run Firefox and be configured to go directly to CNL Bank's Web site. "Everything you need to do will be sandboxed within that CD," he says. That should protect customers from increasingly common drive-by downloads and other vectors for malicious code that may infect and lurk on PCs, waiting to steal the user account names, passwords and challenge questions normally required to access online banking.

A bootable CD works because it's isolated from the host PC environment. Malware on the host can't touch it - and any malware picked up when running from the CD-ROM goes away once the CD is ejected. "When you eject the CD you have removed everything off the machine," McLaughlin says.
The article mentions a couple other ways to handle authentication and security but this is by far, one of the simplest and cheapest ideas to implement. The only "hassle" is the need to shut the computer down, reboot into Linux and then shut down and reboot into Windows. This also doesn't address automated data downloads through Quicken or other accounting software but I would only hope that your accounting computer is not used by kids to play "free" online games... Posted by DaveH at March 26, 2010 9:27 AM
Comments

take that idea one better: install a free virtual pc (virtbox, qemu, etc) and run ubuntu there. Then you don't have to reboot... just restore the already running/hibernating ubuntu. (Sure, it's possible malware could modify that... but bloody unlikely.)

...and I'd say run gnucash on your accounting computer. Not quite as flashy as Microsoft Money or Quicken... but probably more "correct" in the accounting sense. And oh the cool things you can do with the backend if you can read and parse the file...

Posted by: spork at March 26, 2010 5:24 PM
Post a comment









Remember personal info?