Knoppix Used in Internet Banking Solution 263
renai42 writes "Australian company Cybersource says it's currently talking to two domestic banks about providing Knoppix-based bootable CDs to consumers to ensure Internet banking security. The company says at least one bank will probably use the CDs in at least one sector of its operations. Cybersource envisages that banks will re-brand its product and provide the CDs alongside other marketing material."
Great, but with some caveats (Score:2, Informative)
I suppose this is geared to internet cafe use? In which case you have to hope the network's set up in a way that doesnt require password authentication...
Nevertheless, a great idea and I hope it works
Re:Great, but with some caveats (Score:3, Insightful)
Ahh... how nice. Getting paid to customize knoppix cds. There's a bunch of folks that have their act together.
Re:Great, but with some caveats (Score:2)
In that light, to surf with *any* OS you need to have supported hardware
btw i don't think many internet cafe's will let you pop in your own operating system
Re: (Score:3, Interesting)
No, read it again... (Score:5, Insightful)
There are tens if not hundreds of millions of users in the world who use USB DSL modems, Windows-only winmodems, unsupported Broadcom wifi connections or password-protected proxies for whom this CD will be of absolutely no use whatsoever, except as a coffee mat.
Re:No, read it again... (Score:3, Funny)
that's my fate... to be nibbled to death by nitpickers, pedents and Jeremiahs...
Re:No, read it again... (Score:5, Funny)
Not just for banks, but for everyone (Score:3, Interesting)
Having used Ubuntu Live and mostly loving it, I agree with this post about problems with the modem, though. Even though it is possible to get the right drivers and get a winmodem going, bootable CDs are not really going to take off until all modems are picked up and configured correctly on the first try. When that
And the group that will hate this the most is (Score:2)
(Yes, I know there are other ways to get a virus than through the Internet, but that is where about 98 - 99% of people are getting them. If you weren't connected to the Net, you could go years without getting one...instead of getting one in 30 seconds while connected, like you do now).
Usurper_ii
Re:And the group that will hate this the most is (Score:2)
Apparently, not enough.
Re:And the group that will hate this the most is (Score:2)
Re:Great, but with some SERIOUS caveats (Score:3, Insightful)
How will it do that? The bank can just instruct people to turn off their PCs at the plug, put in the CD, and switch it back on.
It's still 100 times better than the current state.
Re:Great, but with some SERIOUS caveats (Score:2, Interesting)
I'm not saying this is easy, and I'm not saying the CD solution is not 100 times better than
Re:Great, but with some SERIOUS caveats (Score:2)
How is that possible? (I'm not doubting/arguing with you here - I'm just genuinely curious)
Re:Great, but with some SERIOUS caveats (Score:3)
So, in theory, the machine is compromisable if someone can get the user to run a piece of software that runs to correctly identify the CMOS map, gets permissions to install a kernel module and
Re:Great, but with some SERIOUS caveats (Score:3, Informative)
The complexity you're trying to say can be done is to a
Re:Great, but with some caveats (Score:2)
Umm.. why? (Score:3, Insightful)
If you use their traditional online banking service from a PC not booted using their CD, and subsequently get defrauded somehow, this will enable them to say "Ahhh.. but you weren't using our special software!", and ignore your complaint.
How.. nice.
Re:Umm.. why? (Score:2, Insightful)
"Managing Online Security Risks" (Score:5, Informative)
http://www.sims.berkeley.edu/~hal/people/hal/NYTi
Dr. Varian's writings are in general quite interesting. He is quite able in his discussions of economics for people without a background in the field, like myself.
Re:Umm.. why? (Score:2, Insightful)
Re:Umm.. why? (Score:3, Insightful)
Perhaps, but here's another idea:
Having customers use internet banking is less costly for banks, but potential internet banking customers are hesitant to rely on online transactions because they fear (or know) that their PC is "owned". They think that someone might be lo
Re:Umm.. why? (Score:3, Insightful)
However, Knoppix would come in handy for not-so-savy but still paranoid types.
It's guaranteed that:
This will be viewd as a great idea.. (Score:5, Insightful)
Re:This will be viewd as a great idea.. (Score:3, Insightful)
a) likely behind a firewall
b) running off of read only media
c) doing the equivalent of a fresh install with every use.
There are very few vulnerabilities which could conceivably compromise a well customised bootable Linux CD. It's about as secure as you can get.
Re:This will be viewd as a great idea.. (Score:2, Insightful)
It comes with zero open ports, and refuses to communicate to any computer except the bank.
Plus, its only used for relatively short time spans giving you a very small window to attack, and an active user on the machine at the time of your attack.
And, you can send a specific version number tagged on the browser, so if a customer has an old version with a security threat, the server
Re:This will be viewd as a great idea.. (Score:5, Insightful)
So unless you type in an IP the hard way, tough...
note for Pedents... It gets it's own IP from whatever DHCP service is running on the customers NAT router or ISP service provider, but doesn't use the NAT or service provider for DNS queries.
Re:This will be viewd as a great idea.. (Score:2)
bank's, pedant, customer's
Incidentally, the could configure it to firewall itself and prevent access to anywhere but approved DNS Entries / IPs.
Re:This will be viewd as a great idea.. (Score:2)
Re:This will be viewd as a great idea.. (Score:2)
how secure are NAT routers? Could a malicious software silently reprogram them from the PC to transparently translate the bank's IP numbers to the attacker's? Note that this wouldn't have to be done while Knoppix is running; do it while the normal (vulnerable) system is running, and then rely on the reprogrammed NAT router to silently re-route no matter how secure the system currently running on the PC is.
Re:This will be viewd as a great idea.. (Score:2)
Re:This will be viewd as a great idea.. (Score:3, Informative)
How many CD's do you think they've burnt over the last 10 years (or so)?
UBS Switzerland give you a little calculator with a removable card that hashes a challenge code. You type in the response for a one time password. Seems to work quite well as neither my card not the calculator have my account number on it. It does have a card number, which doesn't have a visual link to my account (which would stop casual theft).
National Australia Bank used to have accounts tied to a specific SSL key
Re:This will be viewd as a great idea.. (Score:5, Insightful)
(You could in principle install a Linux system on each user's own hard disk and push out updates to it, but giving them a new CD has far less to go wrong.)
I rather miss the days when performing an operating system upgrade was as simple as opening the computer and putting in some new ROM chips; putting in a new CD and rebooting is getting back towards that level of friendliness.
Re:This will be viewd as a great idea.. (Score:3, Insightful)
It would be quite easy for someone to slip in a cracked and hacked version, for which the customers (out of habit and routine) will happily treat as the new version, then pass on their banking details to whoever is listening.
Re:This will be viewd as a great idea.. (Score:3, Interesting)
That should solve that problem, I would imagine (unless the trusted apt repository gets compromised).
Re:This will be viewd as a great idea.. (Score:3, Insightful)
Re:This will be viewd as a great idea.. (Score:2)
This Knoppix is designed to connect to the bank and ONLY to the bank.
So this pretty much rules out all browser-vulnerabilities, simply because the browser cannot load anything from other websites.
Also I guess the firewall will block all ports, so there would be no way of an attacker to get in.
I can't think of any security vulnerabilityEVER that would allow an attacker to compromize this system, can you?
Re:This will be viewd as a great idea.. (Score:3, Informative)
Even that poses non-trivial problems. Without setting up dedicated links, I don't see a better solution.
Re:This will be viewd as a great idea.. (Score:2)
Well, in that case the CD doesn't have to patched and redistributed as the problem doesn't lie within the CD but in the network.
QED.
Um, what? (Score:5, Insightful)
Pass
Re:Um, what? (Score:2, Insightful)
surely funny is the more appropriate response, anyone who can't keep track of a bankcard is either a stark staring genius who shouldn't really be allowed outside without supervision or a complete dunderhead (how long has it been since you heard that word?) who again, should not be allowed outside without supervision!
Mini CD/DVD dude... businsss card size (Score:3, Informative)
Re:Um, what? (Score:2)
Re:Um, what? (Score:2)
This is truly a better distro for this purpose IMO. Less stuff means that there's less stuff that can break.
OEM & WinModems (Score:4, Funny)
Actually some Winmodems have been cracked (Score:2)
Even old BeOS 5 had drivers for 2 winmodem chip manufacturers/referance designs.
It is at least a start (Score:4, Insightful)
news? (Score:5, Insightful)
and from TFA: Banks eye bootable Linux CDs
wake me up when something happens, ok?
And BSD is chopped liver? (Score:4, Insightful)
But it seems odd to me that if someone wants a one-trick secure browser solution, he'd use anything other than OpenBSD.
If you sit down and do the analysis (without regard to "religion" or fashion), and say, "I only need a secure browser," you'll likely pick a BSD and it will likely be either NetBSD (hw support) or OpenBSD (security).
I did a similar analysis, and came to this conclusion, after attempting to dispassionately evaluate the options.
Re:And BSD is chopped liver? (Score:5, Insightful)
and say, "I only need a secure browser," you'll likely pick a BSD
I agree... but... the banks are really saying "I only need a secure browser that'll run automatically on a very wide range of hardware". I don't run Knoppix (except as a get-out-of-jail-free card ;-) but it is extremely comfortable with most hardware. Moreso than FreeSBIE [freesbie.org], for example.
Re:And BSD is chopped liver? (Score:2)
> > I only need a secure browser that'll run automatically on a very wide range of hardware
> Easy: Lynx on OpenBSD!
Dude, careful! You'll get yourself arrested! [slashdot.org]
Re:And BSD is chopped liver? (Score:2)
A: They're both dead.
OpenBSD: I'm not dead yet...Chopped liver: (no response - it's dead)
Credit Card CDs would be better (Score:5, Interesting)
The other security features on the credit card could be put onto the CD to ensure authenticity.
Re:Credit Card CDs would be better (Score:2)
I cant imagine the duel use of a credit card cd. Maybe as throwing star if you sharpen the edges?
But: you know that there is only 30 or 40 mb of usable space on a credit card cd. You want a bootable linux, plus a gui, plus all the drivers to get you connectivity... not easily done.
Plus credit card cds arent liked very much by slot in cdroms, if they are actually USED like a credit card (put in the purse), they wont work when you need them.
Re:Credit Card CDs would be better (Score:2)
Re:Credit Card CDs would be better (Score:2)
Damn Small Linux [damnsmalllinux.org] does this and does it quite well. I like the small cd idea. Do you really need a full distro like Knoppix for online banking?
Interesting idea for a very tough problem (Score:5, Insightful)
There's really no surefire way to ensure that a user's harddrive-installed OS is secure for banking. Considering the staggering variety of adware/spyware/viruses on machines today, it must be quite easy for a malicious malware creator to make a program that hijacks name resolution (change DNS servers, or the HOSTS file) for perfect phishing, or they could install a keystroke logger, or whatever else. If they got their bank-website-hijacking malware on machines in whatever way all today's adware stuff gets on, they could easily phish thousands of bank transactions every day.
The prevalence of malware seems to indicate that people can't control or trust the programs on their own hard drives. If that's the case, they can't trust any of their online interactions. Since Knoppix kills your harddrive and all its flexibility, it's much more secure.
What would be funny is if more and more institutions started demanding the use of bootable OS's. Our PC's would be reduced to a BIOS, monitor, and keyboard
Great Idea but... (Score:3, Interesting)
But wait, how will one patch the CDs in case any security holes are found ? Rewritable CDs wont help either...
Re:Great Idea but... (Score:3, Insightful)
Great. So first we have locked out all "not-the-latest-Pentium" computer users - and now we are locking out all slot-loading drive users? My bank uses a nice security device which is also credit card size. It's a, well, card with unique security codes. I can use any Web browser of my choice on any platform to access all the features. I prefer it this way, thank you.
Using knoppix in a bank..... (Score:5, Funny)
All ATM's will now dispense Kash the new qt improved version of cash.
Could be good, probably will be bad (Score:3, Interesting)
Re:Could be good, probably will be bad (Score:5, Funny)
Sure you just go into your bios and set your...I said your bios...You reboot and hit the...reboot...you know that thing Windows makes you do everyday...
Um, that would be a no.
Boot from CD? (Score:2, Insightful)
With windose you could probably set the auto run to automaticly reboot into Linux.
Dutch Banks (Score:5, Informative)
(Almost all) The banks over here use a kind of calculator device. You insert your pass into it. Your normal pass you use for withdrawal from ATM's....
You type in your PIN code and hit 'OK'. On the website of the bank you have to type 2 things. Your account number and the key generated after you hit 'OK' on the device. This key is different every X seconds (I don't know the interval).
This matches with the interval the bank has running. This combination of pass ID, PIN code, account number and the interval is key to have access. You need all of them to get in.
The websites session times out after about 2 minutes when there is no action anymore.
If you want to transfer money, you get another screen. You have to insert the number shown on the screen into the device. After you hit 'OK', another number is shown on the device, you type this in the inputbox of the website. After it is verified, the transfer will be processed.
If the amount to fransfer is higher than X, you have to process 2 numbers on the device and submit the generated numbers on the website.
This is all done on HTTPS and works with most browsers.
I believe this is one of the most secure methods I can imagine. It is not flawless maybe, but it works and there is much needed to hijack information from the sessions. Without the device, the pass and the account number one can do nothing. Without the PIN you still go nowhere....
The device is small, portable and lightweight. Internet cafe's, at the office, at HotSpots, anywhere you can use 'safe' banking this way. As long as the banks website is online and within reach (no stupid proxies or whatever).
Just my view on banking online....
Luxembourgish banks (Score:5, Informative)
(Almost all) The banks over here use a kind of calculator device. You insert your pass into it. Your normal pass you use for withdrawal from ATM's....
Here is Luxembourg, banks are too cheap for handing out these calculator thingies. Instead they use a scratch-off plastic card with 16 alphanumeric digits on it. When logging in to their service, the site choses 2 (or some 3) positions out of the 16 possible, and you have to enter the corresponding digits.
This key is different every X seconds (I don't know the interval).
Well, here in Luxembourg, the "good" banks do it the same: the key (in our case: choice of scratch card numbers) is valid a set amount of time. However, some of the (less technically savy banks [fundmarket.lu]) propose you a different choice of digits each time you hit reload... so a thief who has sniffed some numbers (but not all) can just keep on hitting reload until the bank asks for numbers that he has... not good!
If you want to transfer money, you get another screen. You have to insert the number shown on the screen into the device. After you hit 'OK', another number is shown on the device, you type this in the inputbox of the website. After it is verified, the transfer will be processed.
Our banks do not have this additional security yet... (Apart from maybe Cortal-Consors. I know their German operation has such a system).
This is all done on HTTPS...
In Luxembourg too. No bank is foolish enough to use plain http. and works with most browsers.
Unfortunately, this is not the case in Luxembourg [webbanking.lll.lu] (although some progress was made over the course of last year).
The currently worst offenders [fund-market.lu] have a gateway page which features a Rube-Goldberg like chain of Java Applets, Java Script code, and VB code which only works on Internet Explorer (the Java Applet is MS proprietary java (using the proprietary com.ms.util.SystemVersionManager class...). The output of this is fed, via the VB script, and then the Javascript (!) into a second URL, which gives you access to the Web application itself. Interestingly enough, once that gate is passed, there is no further dependancy on MS-ware, and you can cheat yourself access to the contents [fund-market.lu] (graphs of their mutual funds) by entering that second URL manually.
For their homebanking they have the same "proprietary applet" hack, and in addition a server-implemented browser check. Manually enter the JVM=1 bit into the URL, and fake an Internet Exploder User Agent [mozilla.org] and you are in! What the hell are they thinking?
I believe this is one of the most secure methods I can imagine. It is not flawless maybe, but it works and there is much needed to hijack information from the sessions. Without the device, the pass and the account number one can do nothing. Without the PIN you still go nowhere....
Indeed, the number generated by the device makes it secure even against keystroke loggers that may be installed (but don't challenge your luck either...)
Re:Luxembourgish banks (Score:2)
Re:Dutch Banks (Score:2)
Not very usable, particularly when the number of keys gets larger.
Work, banks, other stuff....
Re:Dutch Banks (Score:2)
True. However, he will have to do it while the session is active, which makes it quite easy to trace him to the exact cybercafé where it happened. With more passive approaches, a thief could use sniffed codes a while later, making it lots harder to find out which of the many cybercafés from which you browsed your
Re:Dutch Banks (Score:2)
But eventually, the user starts getting calls from the intended recipients of these transactions, asking
Dear CitiKnoppix Customer (Score:5, Funny)
For security reasons, we need to verify your personal information and update your CitiKnoppix(tm) software. Please send us your mailing address and we will send you a new CitiKnoppix(tm) CD-Rom. As an added bonus for taking part in this experimental customer service program, we will credit your account with $1000.
Sincerely,
CitiPhishing.
you don't understand security... (Score:3, Insightful)
if you can make comments like that.
"Security is a process, not a product". Its a social problem as much as a technical one and I have doubt that whilst this could help, the scammers will get around it once it becomes commonplace.
-dgr
Banking 3.0!!!! (Score:2, Funny)
50 free transactions if you bank with us!
I liked the days of the floppy better; I could copy Commander Keen on to them.
Stop the complaning (Score:5, Insightful)
I think the power here comes in that the bank can offer it as an option. If it boots in your computer, then great, use it. Maybe they could even throw something like GnuCash so that people can keep better track of their money. I say, don't make it mandatory, but offer it as an option to help at least some users feel more secure.
Convenience vs. Security (Score:5, Insightful)
However consider how it'd work with a bootable CD:
- shut down everything on my computer, save open documents, and all that crap
- find a CD
- boot to that CD (assuming it likes my hardware to start with)
- wait for it to boot... (ho hum...)
- do my banking
- NOT be able to save any info to my local computer (for checkbook reconcilliation, or any other local use) - I guess I'll now have to find a paper and pen to copy the info I need down...
- shut down again...
- reboot again to get back to normal operation... (la-dee-da.... ho hummm...)
- find the stuff I was working on before, and get back into the groove...
Does THAT sound convenient any more? I don't know about you guys, but my computer doesn't boot very quickly. We're talking a total of 15 minutes minimum just to go check your balance.
I can stop by the REAL bank on my way home from work easier than that. I don't see this as a good thing overall - even if it does provide the best security. There must be better alternatives (as mentioned in other threads).
MadCow.
Re:Convenience vs. Security (Score:5, Interesting)
Re:Convenience vs. Security (Score:2)
Re:Convenience vs. Security (Score:3, Informative)
Re:Convenience vs. Security (Score:2)
This is only for people who DO NOT currently use onlinebanking:
If on
Re:Convenience vs. Security (Score:2)
-Walk into cybercafe
-Try to reboot pc, discover it is locked down.
-Get special dispensation from coffee slinger guy
-Reboot.
-Assume Knoppix likes hardware
-Attempt to connect to network
-Lacking network permissions, ask coffee slinger guy for those permissions. He doesn't know the settings, has to call the owner on his cell to get info..
-Assume owner picks up and understands request.
-Assume owner doesn't tell you to forget it, and actually remembers settings/provide
Re:Convenience vs. Security (Score:2)
For most people: you can replace this:
With:
Re:Convenience vs. Security (Score:2)
Cracked distributions (Score:2, Interesting)
Re:Cracked distributions (Score:3, Insightful)
Re:Cracked distributions (Score:2)
The love/hate relationship with Knoppix... (Score:4, Interesting)
Other places LOVE it... it's handy, useful, and easy to transport.
I think one thing that would help this idea a lot would be if the CD booted into a VM. That way users would not have to do a hard restart.. just load the bootable CD into a VM and kill the VM when they're done...
Re:The love/hate relationship with Knoppix... (Score:3, Interesting)
If you don't wanna say, you could always post it as Anonymous and say something like "Well, I dunno who the GP works for, but MY company [company name] is like that" :)
Sli
Re:The love/hate relationship with Knoppix... (Score:2)
Boot into Knoppix, files on the hd set to read only by administrator can be read/copied with ease since Knoppix doesn't respect windows file permissions.
If their workplace is like mine, the usb ports are disabled to prevent people from filling up a thumbdrive and walking out with licensed software or sensitive data. Knoppix enables these ports, allowing data to be copied from them.
Machine
Re:The love/hate relationship with Knoppix... (Score:3, Informative)
Steps like blocking LiveCDs and USB ports may help a bit, but a clueful user/dedicated blackhat-type would get that data through some other means anyway. (assuming it is valuable enough)
I suppose the security measures in a place like that have to be of MUCH, MUCH higher caliber to be of any use. I don't think kicking out people who carry LiveCDs is the solution...
For example, in the situati
Re:The love/hate relationship with Knoppix... (Score:4, Informative)
I'm talking about IT people using Knoppix. If a sysadmin is trying to recover data that a user stupidly didn't back up, a LiveCD is the best way to do that. The OP made it sound like ANY employee that used Knoppix got the boot, IT staff included.
Incidentally, if any company allows users to save sensitive data to their own hard drive, they're asking for problems. Sensitive files should be on a secure server, locked-down and access-restiricted. Disabling the USB ports treats the symptom, not the problem. And before anyone says boo about it, there ARE ways to prevent users from saving anything to their hard drive, even in XP.
* - I once worked for a company that, for some reason, let employees have admin rights on their NT machines. This led to massive problems (the usual stuff). But heaven forbid I want to change my mouse! I've got very large hands, and I couldn't comfortably use the standard-issue mouse. I asked if I could bring in my own, since the Employee Health Dept couldn't provide a mouse that I liked (the only alternatives were either the same size or those stupid-ass joystick style ones). IT said I wasn't allowed to use a non-standard mouse because it might cause the computers to crash.
Re:The love/hate relationship with Knoppix... (Score:2)
You mean, like this [slashdot.org]?
I tried it. On my XP2000+ it took 15 minutes to boot, but was fairly decent at running applications (by fairly decent, I mean approxomately equal to remotely VNCing into a box on a cable modem).
That's actually an even better idea.. boot it under the VM, but don't actually la
Fatally flawed (Score:4, Insightful)
If the whole OS is supplied on a CD, that means that when you boot from it, there will be NOTHING on the PC to validate that the CD doesn't contain a virus or trojan. While this won't be a problem for the bank's real CDs, it will be a matter of days before people start being spammed AOL style with fake CDs though their doors which look exactly like the ones their bank sent out and some with a covering later saying that it's an upgrade or something.
Because you're BOOTING from the CD rather than using it to install something, you'll be bypassing your antivirus software and software firewall and there's no way that anything can warn you that the CD you're using is a trojan. It can litterally slip in right though your letterbox and into your CD-ROM drive without any checks whereas downloaded or web based applications have to go through your firewall and be scanned by your virus scanner in order to get onto your machine.
The CD could be set up to transfer your money into some else's account and because it was done by your machine on your IP with your user/pass it will be very difficult to pursuade your bank that you didn't do it.
This is an absolutely crap idea and most of the posts above seem to miss this point entirely. These CDs better have some pretty cunning holograms on them or something and the users need to know EXACTLY what they're going to look like before they get them.
Odd definition of fatal... (Score:2)
Let's try to be constructive here. This could really be a good idea, there's no need to say "it's fatally flawed" if the first iteration is not 100% secure...
Re:Fatally flawed (Score:3, Insightful)
Re:Fatally flawed (Score:3, Interesting)
Re:Fatally flawed (Score:2)
It would be a lot more expensive than e-mail phishing, but it would work wi
Re:Fatally flawed (Score:2)
> is a genuine one and not some trojanized version that is giving you
> false sense of security?
Because I know exactly where it came from. Typically your antivirus software doesn't just arrive in the mail. What a stupid point.
>Once you get pristine Knoppix disk from authorized source...
A disc arriving in the mail is NOT an authorized source! Anyone could have sent you that. It could be your bank, but it could be your neighbo
Great Idea (Score:4, Interesting)
Knoppix is not just a good start, it is a GREAT start to solving the problems of infected Client PC's. Every boot is a clean install, and user settings CAN be saved to the HD if you really want.
Reboot my computer to use my bank's site? (Score:2)
Oh, yeah, that'll catch on.
Re:Banking Knoppix (Score:2, Insightful)
This isn't aimed at people who understand source code. This is for people who can't even spell ISO. For this to work right everything has to be streamlined and dumbed down.
Re:Text-based browser (Score:2)