Linux distro for online banking/payments

Altiris · 04-25-2014, 02:18 PM

Right now I just have a computer running windows 7 to do online banking and payments of bills and all is fine/well. Should I be using a linux distro installed on the PC, or ran from a CD/DVD instead? If so, what type of distro is the best? I know the United States has their own distro for this type of use called Lightweight Portable Security, should I give that a try?

jefro · 04-25-2014, 02:36 PM

I'd consider a very up to date security distto. On major bug with live cd's is that one, they tend to run in admin and two they mount local drives.
Personally I haven't found any issue with LPS. It even avoided the last openssh deal as far as I know. I get the feeling it is as secure as others.

Be sure to rotate passwords on your bank and monitor the accounts.

jailbait · 04-25-2014, 05:25 PM

Quote:

Originally Posted by Altiris

Should I be using a linux distro installed on the PC, or ran from a CD/DVD instead? If so, what type of distro is the best?

I have been running Debian stable for years and never have had a security problem. The only enhancement that I make to the out of the box security is that I never use the "remember your password?" function in a browser. Instead I have my own directory where I keep my passwords and I encrypt all of the files in that directory using ccrypt.

-----------------------
Steve Stites

frankbell · 04-25-2014, 07:51 PM

I will second what jailbait said. I also doubt there are any significant differences in the security features amongst major Linux distros.

I would recommend running a software firewall and some kind of "no script" type add-on in your browser, if one is available, if nothing else to cut down on the clutter. I use "notscript" in Opera and "noscript" in Firefox. You will then need to turn on the scripts that your bank's website will need to function; it's a little extra work up front but the long-term benefits, both in the control and in knowing how the heck many pointless scripts many websites run, are worth it.

I also delete new cookies on exit from the browser, but that has more to do with getting rid of long-term tracking cookies than with banking.

I also do not use browser-based password storage--I use KeePassX (based on a friend's experience with KeePassX on Windows, I would recommend avoiding the beta version at this time).