Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have to confess I still use a Windows box for some things that require security of financial data that I wouldn't feel entirely happy about entering using Linux. I would dearly love to free myself from this dependency and ditch 'doze altogether, but I do have the perception that the Win OS is more secure for bank transactions and whatnot, simply because everything's done for me provided I let the auto-updates install as soon as they come available and I run Kaspersky or whatever to keep the machine clear of malware. To harden a Linux distribution to the same extent would require commitment and no small amount of expertise, would it not? Even notwithstanding that there are far more nasties out there looking for chinks in Windows armor than there are for Linux. How often is it that secure data gets compromised from a Linux system? Anyone experienced this?
Last edited by Completely Clueless; 08-01-2013 at 08:13 AM.
Personally I'd never use a windows box for banking, I strictly stick to linux for that. I don't have flash or java (or any other plugin) installed, and I use a number of firefox addons to protect myself. The list includes:
- Request policy
- NoScript
- Adblock Plus
- Ref control
- Cookie Monster
- GreaseMonkey (+ some scripts)
- FlagFox
- HTTPS Everywhere
- etc.
Then again it's true that you're the one to take caution not to visit malicious websites, accept email attachments from untrusted and/or suspicious sources, etc. A security system is only as strong as its weakest link. And the weakest link is in most cases the user himself.
When a banking site says that they "only support Windows," it has nothing to do with security, but it is a pretty good sign they have a lazy and incompetent IT team.
My bank supports only IE and Firefox and are upfront about not wanting to spend the labor to test and support other browsers (I don't like it, but that is a defensible position and I can respect it). Fortunately, their site works quite well in Firefox on Linux.
There are many reasons for banks being hacked that have more to do with bad practices. If you don't protect your system and update it and change passwords often to the longest offered, you may never be very secure.
The millions of the mums and dads market all believe they better "secured" because they tick a box saying get security updates automatically
---when they won't get them except on a monthly basis.
"saying of preferring windows over Linux for banking !!"-- I would only say its a very bad idea that can cause you a nightmare anytime.
when you say security for a Bank or a financial institution one would only recommend an operating system that is as robust, customisable and can provide different levels of security and guess what LINUX has it all.
I have a hardened box I use for critical things, including online banking. Much as I like Linux (and would prefer it for banking over Windows) it runs OpenBSD and nothing is enabled or installed that isn't absolutely needed.
Unfortuantely most banks compromise your security from the start. Some of the ways are as follows:
1) Using TLS 1 instead of at least 1.1
2) Those that require a specific browser or extensions
3) Those that recommend filtering connections through third parties (eg Trusteer - though some may disagree)
4) Low grade password hashing
Ask your bank about these and others if you want to be really informed about the risks.
From the standpoint of someone with little knowlege on Linux, I would say that maintaining a Windows box dedicated for banking is a very feasible option. Keep the OS updated, antivirus, not install non-banking software, etc. In short, don't use the box for something else.
The other option is to get yourself more familiar with Linux and everything it has to offer, thereby slowly building your confidence on it.
To be honest, I used Linux for banking ever since, and even though my security wasn't as tight as some on this thread, I never experienced problems.
Most trojans are aimed at Windows Systems, because most Linux users are very experienced professionals (and if not yet, trust me, you will become one. You are interested in it, that's why you will learn it quickly), whilst most Windows users are more like "the general population" - lack of even advanced knowledge, that is, at least in my home country. They don't notice whether a trojan horse is on the system. They don't know how to use tools to check the task manager. They don't care much about outdated systems and software. If it works, it works. If it's insecure - doesn't matter. If it's hacked - not my fault. Or is it?
Most Linux users on the other hand will recognize if something's odd with their computer - and they will react to it. Linux users are very good at resolving problems (When I started out, I spent weeks with only this. But I solved them) And if you gain experience and confidence, either on a VM or a Live-USB, you will get very good at this very quickly.
Still, being concious about security is a rare but highly important virtue, and I hear almost daily about new hacks. Companies and even banks in Germany don't do that much, and I even contacted a CEO of one to inform them about the security problems they had, and they were just like "We know. We will take care of it, if our board agrees and..."
The rest of the sentence actually was ignored by me, because I don't waste time listening to dumb excuses. They don't realize what it costs to be hacked.
Ending: You MUST secure every system you use for critical things like that (Usually, money is critical to everyone. Let's agree that banking is critical, OK?). No matter if it is Linux or Windows! You wouldn't believe how many insecure Linux boxes are around in the world, because they aren't updated, have weak passwords, allow unauthorized use of mail servers or the likes of it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.