February 22nd, 2013, 04:01 PM
Is dedicating a computer to banking transactions worth it?
I had been wondering if I ought to get a computer that would be dedicated to banking transactions (zero web surfing). Yesterday on the TV money channel one of the talking-heads mentioned a new virus that copies account passwords and advocated the dedicated computer.
How many of you have a computer that is NEVER used for anything but banking transactions?
And if there is only one physical computer, would a VM running on it be any safer than the underlying physical computer?
February 22nd, 2013, 09:18 PM
There is nothing new about a virus that copies passwords... They've been around for ever. You can always pay bills with checks.
Did the TV show also talk about getting a separate computer for ordering stuff on line... Maybe a different pc for each on line retailer?
February 24th, 2013, 01:48 PM
Currently I have only one computer and it runs Win/7 and Trend Micro AV. I am at the stage where if someone hacks my accounts and takes the money (and I can't get $ returned) I don't have enough years to recoup. I consider that a huge risk.
I have considered: the DoD secure CentOS install to run from CD or USB (done both those) and a VMware VM running in Win/7 (done that with Vista and CentOS). Both the DoD and VMware options are free downloads. Another alternative is to buy a cheap, probably non-Windows, second physical computer (NOT done that yet). And I am not so confident in the security on my WiFi. It uses a long password, but its older technology and (according to an ex-colleage who does nothing but security consulting for a major IT Co) it is not realy secure.
Right now I am leaning towards the VM. It comes up fast. Backups are easy. Transferring downloads from it to the main machine is straight forward. It still needs its own AV. However if the main machine gets completely compromised I am ... out of luck. So the second machine with better WiFi (or copper) looks good.
I was just wondering how many people had already made the choice of a second dedicated machine? So far it looks like zero.
February 24th, 2013, 06:27 PM
A work computer and a play around with setup. Yes, been that route.
Now do your passwords have enough strength?
The box/line with "Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)" is the one you want.
Remember you want to log in and log out each and every time.
I like that line to have "1.49 million centuries" or better as a output.
February 25th, 2013, 11:17 AM
My online bank provides:
And if you talk to your bank, they probably have other protection...
What Trusteer’s Rapport Does
Trusteer Rapport secures communications between your computer system and our site to help prevent malware or fraudulent websites from obtaining your username, password and other sensitive login information. Rapport is not designed to replace your existing protection; it actually works with your existing antivirus software and firewall to enhance your overall online security. You may also use Rapport to protect you while on sites too.
1. Large purchases will generate a phone call to you to verify the purchase.
2. You have protection again purchases that you didn't make etc...
If anyone tries to guess at my password - they get three tries and then my account is locked even to me. I have to call and talk to a human to get it unlocked.
February 28th, 2013, 05:17 PM
If you are not certain about the security of your online transactions then its best to simple not do it. Each bank has different security policies, if you don't think your bank is up to par then it would be a good idea to switch banks. My bank uses a one time pin that expires after each session. The pin gets sent to my phone either via a phone call or a text. So even if some one were to get my account info they would need to some how get my phone to get the security pin. If they can manage to get those things then I deserved to get hacked. I don't trust online banking so I really don't use it much. In fact I haven't logged in since I opened the account. I get text messages from my bank telling me my transactions. No account information is sent, just the dollar amounts.
A VM is just as susceptible to malware as any physical computer. You best security is a mix of common sense and a good security policy, i.e long passwords with a mix of upper and lowercase letters, numbers, and if allowed symbols; clearing your history on a regular basis; don't surf any questionable sites; and stay up to date. Always check for ssl connections too!!
March 1st, 2013, 08:02 PM
Long passwords make people feel better....So long as you mix it up with characters you should still be fine
Originally Posted by AaronMaxwell
March 1st, 2013, 10:03 PM
I don't use online banking as I have no need to, living in a very small and compact town.
I do have a computer that is dedicated to online purchasing transactions. That is only used for that purpose, and for accounts that I have already set up. This is convenient for accounting and backup purposes, given that I have quite a few computers, and we have an organisation just as obnoxious as your IRS
If I ever do online banking, I would keep it on a "financial machine", more for convenience and control than security reasons.
You don't need anything exotic, and it is a good re-deployment of an older machine.
Longer passwords are stronger against being cracked..............that's just math............ there are plenty of attacks that don't require password cracking though.
By w0lverine in forum The Security Tutorials Forum
Last Post: February 23rd, 2004, 02:37 PM
By Computernerd22 in forum AntiOnline's General Chit Chat
Last Post: March 13th, 2003, 04:15 AM