Is dedicating a computer to banking transactions worth it?
Results 1 to 8 of 8

Thread: Is dedicating a computer to banking transactions worth it?

  1. #1
    Junior Member
    Join Date
    Feb 2013
    Location
    San Antonio Texas
    Posts
    2

    Is dedicating a computer to banking transactions worth it?

    I had been wondering if I ought to get a computer that would be dedicated to banking transactions (zero web surfing). Yesterday on the TV money channel one of the talking-heads mentioned a new virus that copies account passwords and advocated the dedicated computer.

    How many of you have a computer that is NEVER used for anything but banking transactions?

    And if there is only one physical computer, would a VM running on it be any safer than the underlying physical computer?

  2. #2
    Administrator
    Join Date
    Apr 2011
    Location
    USA
    Posts
    239
    There is nothing new about a virus that copies passwords... They've been around for ever. You can always pay bills with checks.

    Did the TV show also talk about getting a separate computer for ordering stuff on line... Maybe a different pc for each on line retailer?

  3. #3
    Junior Member
    Join Date
    Feb 2013
    Location
    San Antonio Texas
    Posts
    2

    additional info

    Currently I have only one computer and it runs Win/7 and Trend Micro AV. I am at the stage where if someone hacks my accounts and takes the money (and I can't get $ returned) I don't have enough years to recoup. I consider that a huge risk.

    I have considered: the DoD secure CentOS install to run from CD or USB (done both those) and a VMware VM running in Win/7 (done that with Vista and CentOS). Both the DoD and VMware options are free downloads. Another alternative is to buy a cheap, probably non-Windows, second physical computer (NOT done that yet). And I am not so confident in the security on my WiFi. It uses a long password, but its older technology and (according to an ex-colleage who does nothing but security consulting for a major IT Co) it is not realy secure.

    Right now I am leaning towards the VM. It comes up fast. Backups are easy. Transferring downloads from it to the main machine is straight forward. It still needs its own AV. However if the main machine gets completely compromised I am ... out of luck. So the second machine with better WiFi (or copper) looks good.

    I was just wondering how many people had already made the choice of a second dedicated machine? So far it looks like zero.

  4. #4
    Super Moderator
    Join Date
    May 2012
    Posts
    253
    A work computer and a play around with setup. Yes, been that route.
    Now do your passwords have enough strength?
    https://www.grc.com/haystack.htm

    The box/line with "Massive Cracking Array Scenario:
    (Assuming one hundred trillion guesses per second)" is the one you want.
    Remember you want to log in and log out each and every time.

    I like that line to have "1.49 million centuries" or better as a output.

  5. #5
    Administrator
    Join Date
    Apr 2011
    Location
    USA
    Posts
    239
    My online bank provides:

    What Trusteer’s Rapport Does

    Trusteer Rapport secures communications between your computer system and our site to help prevent malware or fraudulent websites from obtaining your username, password and other sensitive login information. Rapport is not designed to replace your existing protection; it actually works with your existing antivirus software and firewall to enhance your overall online security. You may also use Rapport to protect you while on sites too.
    And if you talk to your bank, they probably have other protection...

    1. Large purchases will generate a phone call to you to verify the purchase.
    2. You have protection again purchases that you didn't make etc...

    My online bank also uses cookies. If I log in from a new computer I am forced to answer prearranged security question.

    If anyone tries to guess at my password - they get three tries and then my account is locked even to me. I have to call and talk to a human to get it unlocked.

  6. #6
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    239
    If you are not certain about the security of your online transactions then its best to simple not do it. Each bank has different security policies, if you don't think your bank is up to par then it would be a good idea to switch banks. My bank uses a one time pin that expires after each session. The pin gets sent to my phone either via a phone call or a text. So even if some one were to get my account info they would need to some how get my phone to get the security pin. If they can manage to get those things then I deserved to get hacked. I don't trust online banking so I really don't use it much. In fact I haven't logged in since I opened the account. I get text messages from my bank telling me my transactions. No account information is sent, just the dollar amounts.

    A VM is just as susceptible to malware as any physical computer. You best security is a mix of common sense and a good security policy, i.e long passwords with a mix of upper and lowercase letters, numbers, and if allowed symbols; clearing your history on a regular basis; don't surf any questionable sites; and stay up to date. Always check for ssl connections too!!

  7. #7
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    239
    Quote Originally Posted by AaronMaxwell View Post
    The actual length of a password is irrelevant. And I view people who pass that canned statement as an easy mark.
    Long passwords make people feel better....So long as you mix it up with characters you should still be fine

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    I don't use online banking as I have no need to, living in a very small and compact town.

    I do have a computer that is dedicated to online purchasing transactions. That is only used for that purpose, and for accounts that I have already set up. This is convenient for accounting and backup purposes, given that I have quite a few computers, and we have an organisation just as obnoxious as your IRS

    If I ever do online banking, I would keep it on a "financial machine", more for convenience and control than security reasons.

    You don't need anything exotic, and it is a good re-deployment of an older machine.

    @ Aaron:

    Longer passwords are stronger against being cracked..............that's just math............ there are plenty of attacks that don't require password cracking though.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. E-transactions
    By w0lverine in forum The Security Tutorials Forum
    Replies: 10
    Last Post: February 23rd, 2004, 03:37 PM
  2. Online Banking help!
    By Computernerd22 in forum AntiOnline's General Chit Chat
    Replies: 12
    Last Post: March 13th, 2003, 05:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •