Results 1 to 6 of 6

Thread: Banking On-Line

  1. #1
    Join Date
    Feb 2009

    Default Banking On-Line

    At my workplace we use Microsoft Windows (mostly XP), this wasn't a concious decision made by my employer, it's just that, as we have accumulated them over the years our computers have come with Windows pre installed. At home I use Linux, and have done since the late nineties.

    I was asked a question at work last week about an offer that the bank is providing it's customers, to download and install additional free security software called Rapport from Trusteer. I did some research and concluded that as we have anti-virus on all machines which has anti-spyware, anti-rootkit, linkscanner, firewall, etcetera etcetera included, and given some speculation that Rapport it'self has become a target for malware, and also given that there is some speculation Rapport has caused problems on older computers (which ours are), I have advised that we don't install it for the time being.

    I saw some recommendations that small businesses could use a Linux liveCD to boot into an environment and conduct their banking activities. I thought this might be a good idea, however there are some hurdles that I will need to overcome before I can put this to the powers that be.

    How can we be sure that the site we access is the one we type into the address bar. Rapport purports a feature that will "lockdown" communication with the banks website, and prevent users from giving their data to phishing sites. Is there an equivalent application that can be included on a Linux LiveCD?

    Browser updates. Is it possible to create a Linux LiveCD that will automatically download and install browser updates from a trusted repository, before a user can access the browser? Also can a link to our bank login page be placed on the desktop or as homepage?

    I burned a copy of OpenSuse 11.4 KDE for the purpose but there is a problem; With these older machines I need to turn off desktop effects before the GUI is properly usable.

    Thanks in advance for all your thoughts and suggestions with this.

    Kindest Regards

  2. #2
    Join Date
    Jun 2008
    Earth - Denmark

    Default Re: Banking On-Line

    using SUSE Studio <> you can cook up your own
    custom live CD image that will do all you wish, and more..

    yes, it can automatically have desktop effects off and have your bank
    address "hard wired" into the browser...and, i wouldn't worry a lot
    about a need for rapport's "lockdown"...just use google's or OpenDNS'
    DNS servers and you should be good to go..

    then, just download it and make all the disks you can add
    your bank logo, other languages, whatever you want..

    there is a learning curve involved, of course..

    dd CAVEAT:
    [NNTP via openSUSE 11.4 [] + KDE 4.6.0 + Thunderbird 3.1.10]
    Dual booting with Sluggish Loser7 on Acer Aspire One D255

  3. #3
    Join Date
    Jul 2009
    Rockyford Alberta Canada

    Default Re: Banking On-Line

    Banks tend to lean with the masses. Rapport is not any guarantee at all. Problem is that any user has the ability to set/use bookmarks, click links, and use the address-bar. Trustworthy browser download should not be an issue. Stick with openSUSE repositories for your updates to the browser will do the trick. Teaching employee's to enter the bank page address into the address-bar rather than using bookmarks and one-clicks is a more difficult issue. I would never use Windows to do on-line banking in the first place, even most of the clearing centers I worked with a few years back used a Unix/BSD/Linux system at the server and stations for security reasons.
    When your up to your a** in Alligators it's pretty hard to remember you intended to drain the swamp (author unknown)

  4. #4

    Default Re: Banking On-Line

    Hash: SHA1

    On 05/23/2011 08:06 AM, miclac wrote:
    > How can we be sure that the site we access is the one we type into the
    > address bar. Rapport purports a feature that will "lockdown"
    > communication with the banks website, and prevent users from giving
    > their data to phishing sites. Is there an equivalent application that
    > can be included on a Linux LiveCD?

    When going to any site that needs any kind of credentials or does anything
    sensitive SSL should be used which should guarantee your destination is
    who you think it is. This is functionality included with every browser
    out there. I'm skeptical that anything could do this more-securely and so
    the value of Rapport (based on your description) is less than zero unless
    it does something else really neat to make up for its wasted processing
    time, space, bandwidth, etc.

    Good luck.

    Version: GnuPG v2.0.15 (GNU/Linux)
    Comment: Using GnuPG with Mozilla -

    -----END PGP SIGNATURE-----

  5. #5
    Join Date
    Feb 2009

    Default Re: Banking On-Line

    Thank you everyone for your feedback. I will use SUSE Studio create a liveCD as suggested.
    A learning curve... Sounds like an adventure
    Kindest Regards

  6. #6
    Join Date
    Apr 2011
    Northamptonshire, UK

    Default Re: Banking On-Line

    You might find this an interesting read.

    The only problem with traditional Live CDs is that they are a snapshot and aren't upgradeable. Maybe a different solution would be better in terms of ease of applying patches etc. like dual booting, virtual machine or even one or two dedicated Linux machines. Draw up a few best practices like not adding any applications from outside of the distribution's repositories and browsing habit suggestions as already mentioned and you should be a lot more secure than your existing setup.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts