Internet banking safer on linux?

[moe2freaky]

Would it be safer to do internet banking and ebay (buying and selling) on linux than than windows 7?
If so please give reasons why. I think I just might make the jump to Linux Mint if it is.

 

[linux_0]

Definitely. Although there is no such thing as perfect security, a properly configured Linux, *BSD or Unix system can be very secure and orders of magnitude better than any version of windows.

Linux, Unix and *BSD are 100% immune to windows viruses and exploits as long as you don't install WINE ( WINE allows windows software to run on Linux ). There are about 80,000-100,000 windows viruses, while Linux only has about 100, MacOS X 60-100 and Unix about 10-100.

If you use well written firewall rules, SELinux and you configure and use the system properly it can be very hard for anyone to break your security.

Some security experts recommend using only one computer or a secure Virtual Machine (VM) running on top of Linux for your banking and ebay and nothing else. If you use your computer or VM for other tasks you'll open yourself up to a number of threats even if you have a very secure operating system like Linux.

Firefox is also more secure than other browsers, especially internet explorer, although firefox has been targeted due to its popularity.

Tell us about your hardware and what you're trying to do and the OSS experts on the forums will make some suggestions.

Semper Fi

 

[moe2freaky]

Thanks linux_0 your a champion.

I will do a format this weekend and load vista, steam, drivers and block all ports except steam. I have chosen linux mint to dual boot as it's noob friendly, configure firewall rules, install avast for linux which is free for a year and install rest of the applications.

 

[linux_0]

AVG free is also free for Linux but closed source, and clamAV is free and open source.

http://www.avg.com/us-en/download?pl=avg90&prd=asl&typ=&lng=ww-en

apt-get install clamav* or something like that should install it on debian based linux distributions like ubuntu and mint.

Linux supports whole disk encryption which can help keep your system secure. Since you are planning to dual boot whole disk encryption would certainly help, without encryption windows will be able to read and write to your Linux partitions and break your security.

If you use encryption use a good passphrase and don't forget it, if you write it down lock it up in a fireproof safe. You should encrypt all filesystems except /boot.

Good luck

 

[Devastator_uk]

Basically what linux_0 said.

I do favor the Virtual Machine method, but also recommend having a pretty secure host OS, but I use an extra secure Linux VM for anything that needs to be secure.

Within the VM, I have a couple of anti-viruses, disk encryption, and extremely complex root password, firewall, and so on. Not that I use it anymore because my bank is sh*t.

 

[linux_0]

I forgot to point out that you should be very careful what you install on your "secure" Linux distro that you use for banking. You shouldn't install 3rd party software or anything fancy.

As I mentioned in another post some people recently made a screensaver containing malware and posted the .deb online.

It was discovered and taken down within 24 hours and the cleanup was easy but the moral of the story is you shouldn't be executing programs you find on the internet.

You should always verify the pgp signatures and all the checksums and thoroughly check the files for viruses and malware even on Linux *BSD and Unix systems.

Stick to the official distro repositories if possible, all software is checked and is digitally signed and checksumed but you shouldn't count of the distro having perfect security.

People have been trying to slip malware into Linux for many years and so far they have been caught but it only takes one insecure program to own your system.

If you want to play with Linux games and multimedia, etc you should install another copy on your system and triple boot, use another computer or use a VM. [ fixed typo ]

Good luck

 

[TegGhola]

If I had a separate machine for banking, I certainly wouldn't risk polluting it by using ebay.

And even a virtual machine can be compromised, so some experts recommend using a Live CD (such as most Linux installer CDs offer now). That way, nothing is installed or executed from your hard disk.

 

[randomizer]

A PuppyLinux or Damn Small Linux "Live USB" would be better, because unlike a Live CD for most major distros, it's not slower than a quadriplegic trying to run in molasses

 

[audiovoodoo]

Not really. The issue is that you have a writeable file format right there for the bad guys to work with. I don't rate the main distros for live CD use, they are designed to be installed. Better in my eyes to use something designed to be live from the start.

The trick with many of the small 'mini distros' is to use the 'toram' boot option which leaves the whole CD loaded into RAM and makes it run like the proverbial off a stick. I've played with Puppy and Slax this way and if you've got more than a couple of gig of ram it's a whole world of joy.

 

[randomizer]

I thought that it just loaded into RAM automatically with the small distros as long as you had enough.

 

[audiovoodoo]

Nope, cached from the CD as tmpfs. You can even use the toram trick with Knopix if you're feeling ram rich.