Choose style:

Author Topic: Online Banking with peppermint 8 respin (SOLVED)  (Read 1550 times)

0 Members and 1 Guest are viewing this topic.

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Online Banking with peppermint 8 respin (SOLVED)
« on: January 24, 2018, 11:19:36 am »
is it safe to bank online with peppermint 8 respin installed on my laptop?  or should i just run the live usb for banking?  is it even safer if i run the usb on a laptop without an internal hdd?  I have an old laptop that shuts down everytime i play videos, so i took the HDD out to use externally.  I am not very IT literate.  All i know about Linux is how to create a live USB and plug stuff in and out. 

thanks in advance for any help given
« Last Edit: January 25, 2018, 10:40:21 am by Sutsie »

Offline mac

  • Global Moderator
  • Veteran
  • *****
  • Posts: 1088
  • Karma: 336
    • View Profile
  • Peppermint version(s): Peppermint 7-8-9
Re: Online Banking with peppermint 8 respin
« Reply #1 on: January 24, 2018, 11:49:54 am »
As you probably already know, no operating system is entirely secure (hack proof).  However, Peppermint is as secure as any and more secure than many.  For the most part, common sense is the key to internet security, banking or otherwise.  IMHO internet banking security depends on the following:

the security of your bank's software
keeping your OS & Browser updated
creating a strong password and keeping it private (memorized & not written down)
doing your business on the site quickly and then logging out and restarting your browser each time
*using a hardwire connection and not using wifi

It would also help to use a private, personal computer to which no one else has access.  I would also use a VPN if your bank allows.  The benefit of using detatchable media for the os would be nonimal, IMHO.  Be careful, diligent and stay on top of your bank statements & transactions. 


* Many people do use wifi for banking but I do not / would not.  Wifi is by nature less secure than hardwire. 
Peppermint: Standing Out from the Cloud
Reg. Linux User #432835

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Re: Online Banking with peppermint 8 respin
« Reply #2 on: January 24, 2018, 11:58:12 am »
thanks for the reply.
how do i keep my browser updated on a live usb?  most likely i will run the live usb as it seems to be the recommended way  because everything is erased on shutdown?

Offline mac

  • Global Moderator
  • Veteran
  • *****
  • Posts: 1088
  • Karma: 336
    • View Profile
  • Peppermint version(s): Peppermint 7-8-9
Re: Online Banking with peppermint 8 respin
« Reply #3 on: January 24, 2018, 12:20:36 pm »
Create a persistant USB install.  Here's how: https://forum.peppermintos.com/index.php/topic,5076.msg50704.html#msg50704
The tutorial is for P7 but it works with P8 as well.  Post back if you run into problems. 

cheers
Peppermint: Standing Out from the Cloud
Reg. Linux User #432835

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Re: Online Banking with peppermint 8 respin
« Reply #4 on: January 24, 2018, 12:57:51 pm »
thanks.  will try it out first.  however, i was reading while waiting for a reply and it seems that live usb is recommended for banking precisely because nothing is saved after shutdown. the implication being that the live usb cannot be infected in any way.  if i create persistence as suggested, doesn't that mean that i might unintentionally save something malicious onto the live usb?

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26280
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Online Banking with peppermint 8 respin
« Reply #5 on: January 24, 2018, 01:03:27 pm »
Whilst using a LiveUSB may not be any more secure as far as the online connection goes (which should be secure and encrypted via https anyway), it'd certainly be more secure as far as NOTHING being left behind on the PC at all.

But you'd definitely want a NON persistent LiveUSB, or traces may be saved to the persistence file.
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 3136
  • Karma: 567
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): P10 / P9 Respin
Re: Online Banking with peppermint 8 respin
« Reply #6 on: January 24, 2018, 01:11:34 pm »
"Touch Wood"

I have had no adverse transaction doing online banking whilst using Peppermint on my main PC at home since July 2015 (1st Peppermint install)

Hard wired not wi-fi and no VPN

I have also made Credit Card transactions and again "Touch Wood" to no ill effect.

If you feel the need to carry out extra precautions that is your choice. I am just letting you know it's OK for me as is.

Regards Zeb...
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P10 x64 Desktop - AMD Threadrippe 2950X - 64Gb RAM - NVIDIA RTX2080Ti 11Gb - 1 x 43" 1 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
P10 x64 Laptop - i7-7700HQ - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26280
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Online Banking with peppermint 8 respin
« Reply #7 on: January 24, 2018, 01:27:49 pm »
Peppermint is about as secure as you'll get, but the web browser may not be .. let's say you somehow unintentionally installed a browser plugin that transmitted your text entry to a third party .. bank pwned.

Or maybe you downloaded a malicious .deb file from outside the default repos that contained a keylogger .. bank pwned.

But a LiveUSB with NO persistence will have its browser (and all plugins), and all installed software reset to default as soon as it's powered down .. so the next time you boot it, it's as clean as it gets again.

Also nothing gets saved to the PC, and there are no persistent caches on the NON-persistent LiveuSB .. so even if you loose the USB stick, there'ss absolutely no trace it was ever used if someone else finds it.

It depends how security minded/paranoid you are ;)
« Last Edit: January 24, 2018, 01:30:28 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Re: Online Banking with peppermint 8 respin
« Reply #8 on: January 24, 2018, 01:32:47 pm »
Whilst using a LiveUSB may not be any more secure as far as the online connection goes (which should be secure and encrypted via https anyway), it'd certainly be more secure as far as NOTHING being left behind on the PC at all.

But you'd definitely want a NON persistent LiveUSB, or traces may be saved to the persistence file.

my gut feeling tells me live usb is safer, however the part about using updated browser makes sense to me too.  so, now the next question what to do if the browser is not the updated version?   

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Re: Online Banking with peppermint 8 respin
« Reply #9 on: January 24, 2018, 01:36:08 pm »
Peppermint is about as secure as you'll get, but the web browser may not be .. let's say you somehow unintentionally installed a browser plugin that transmitted your text entry to a third party .. bank pwned.

Or maybe you downloaded a malicious .deb file from outside the default repos that contained a keylogger .. bank pwned.

But a LiveUSB with NO persistence will have its browser (and all plugins), and all installed software reset to default as soon as it's powered down .. so the next time you boot it, it's as clean as it gets again.

Also nothing gets saved to the PC, and there are no persistent caches on the NON-persistent LiveuSB .. so even if you loose the USB stick, there'ss absolutely no trace it was ever used if someone else finds it.

It depends how security minded/paranoid you are ;)



my level of  paranoia is at 10/10 right now due to hackings on people i know.

to all who replied, i really appreciate the effort taken to educate me.  linux is really a great community as reported.

the learning curve is quite hard for me as i have no experience except being able to read and write english.   with support like this, i feel greatly encouraged.
« Last Edit: January 24, 2018, 01:43:53 pm by Sutsie »

Online murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1997
  • Karma: 344
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8, 9
Re: Online Banking with peppermint 8 respin
« Reply #10 on: January 24, 2018, 02:06:09 pm »
You should be able to do a software update in the live session which would include the browser.

Offline Sutsie

  • nOOb
  • *
  • Posts: 9
  • Karma: 1
  • New Forum User
    • View Profile
  • Peppermint version(s): 8 respin
Re: Online Banking with peppermint 8 respin
« Reply #11 on: January 24, 2018, 02:25:57 pm »
You should be able to do a software update in the live session which would include the browser.


so, this means i have to update browser for every session since live usb does not save anything?

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26280
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Online Banking with peppermint 8 respin
« Reply #12 on: January 24, 2018, 02:39:14 pm »
Why would you need to update the browser ? .. I mean you can, but as you say you'd have to do it every time (on a non persistent LiveUSB).
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1997
  • Karma: 344
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8, 9
Re: Online Banking with peppermint 8 respin
« Reply #13 on: January 24, 2018, 02:43:55 pm »
From a security point of view, some of the mitigations for Intel's woes are at the browser level.

Offline pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1837
  • Karma: 258
    • View Profile
Re: Online Banking with peppermint 8 respin
« Reply #14 on: January 24, 2018, 03:18:08 pm »
Yes, but it would be hard to explore either Meltdown or Spectre if the system reverts back. Woundn't it? I mean, nothing is saved on the live system.

Skickat från min SM-G900F via Tapatalk