A few months ago, with the help of this forum, I set up a EUFI/GPT, W7x64 and SUSE 13.2 x64 dual boot on a new build desktop. Most things are working fine – migrating to Linux is taking me a bit longer than I thought but I’m slowly getting there and always have W7 as a safety net.
However, the main subject of this submission is to ask advice/opinion regarding a specific security issue. I would like to use my new PC for online banking/finance and business/purchasing transactions. This has a few basic requirements: a secure/capable browser, some off-line business/finance processing programs and some space for document storage. But most importantly, it is vital that I have a safe and secure environment in which to perform these activities.
My question is how best to achieve this? I realise I have already made a good start by choosing Linux and Open SUSE as my main OS but is this enough? Some sources recommend a separate dedicated machine for online banking although this seems overkill/expensive to me. Other candidate solutions include: use of an external OS such as a bootable DVD or flash drive (slow/less longevity); the set up and use of some sort of virtual environment (I have little experience/knowledge of this); or just use a separate, dedicated browser (OK - but is this enough?).
This leaves what I’m beginning to think is, in my case, the best ‘balanced’ option: create a new, separate Linux OS installation dedicated solely for this purpose (thus creating a triple boot system). This seems a good balance of increased security/isolation with manageable cost/risk/effort, given that I guess my main objective is to stop any malware or other attacks entering and hijacking/compromising the security of the environment. If I choose this option, then from a maintenance/learning perspective, it seems obvious that the new OS should again be openSUSE – if two versions will co-exist happily on one PC? I notice that many on this forum have twin SUSE OS installations on their machines – one for general use and another as a development/test environment.
What do others think/use? If I choose this separate dedicated OS option, perhaps I should wait for a different version. i.e. 13.3? I guess then repeating most of my previous 13.2 installation would be the way to go - using Yast to create/install 3 new partitions (I have plenty of HDD space and, with EUFI, plenty of partitions). But how would grub2 handle things – how could I keep my existing SUSE 13.2 as the main/default-boot OS and the new 13.3 OS as a selectable option? I guess I should wait for general responses before making a decision and getting into the detail.
Look forward to hearing any opinions. Many thanks in advance.