-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
IronKey launches secure online banking USB stick
,----[ Quote ]
| The IronKey TAB runs a Linux based operating
| system which in turn runs a dedicated Firefox
| based browser. It takes a number of steps to
| prevent key-loggers from intercepting passwords
| and has an optional virtual keyboard for non-
| keyboard password entry. It also makes use of
| the IronKey's integrated RSA SecurID to provide
| login tokens, but adds an extra, variable
| obfuscation to ensure that any malware spies
| will see an invalid token.
|
| In some ways, the IronKey TAB is similar in
| intent to the process of booting a Live CD of
| Linux and performing banking from the read only
| Live CD environment, but without the need to
| reboot the host system and activated only when
| the stick is plugged in and the stick itself is
| not compromised.
`----
http://www.h-online.com/security/news/item/IronKey-launches-secure-online-banking-USB-stick-988577.html
Recent:
SQN Banking Systems Announces Linux Versions of SENTRY: SigCheck and SENTRY: Inspect
,----[ Quote ]
| Rancocas, N.J.-based SQN Banking Systems, a
| leading provider of integrated fraud
| detection and process improvement products
| for the financial industry, has responded to
| client demand for open source enabled
| solutions by releasing Linux versions of its
| SENTRY: SigCheckâ and SENTRY: Inspectâ
| products.
`----
http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_view&newsId=20100426005085&newsLang=en
On-Line Banking and Linux
,----[ Quote ]
| I have been banking on-line for a long time
| now. Indeed I started banking by telephone
| with the Co-operative Bank when they first
| introduced it, well before any other bank
| had done so in the UK. I haven't actually
| been to my nearest bank (which is 48 miles
| away) for about 15 years. No need.......cash
| machines for cash at no cost, cheque
| deposits through the Post Office and of
| course the on-line banking for paying bills
| and moving money around.
|
| [...]
|
| I am no Linux expert but how about providing
| a "barebones" Linux OS which in the form of
| a LiveCD, configures your internet
| connection wired or wireless, and provides a
| basic secure browser to access your on-line
| banking services. If small enough this could
| be issued in the form of a "credit card"
| sized CD you could keep in your wallet along
| with your other cards.
`----
http://wadsworths-way.blogspot.com/2009/11/on-line-banking-and-linux.html
Windows unsafe for online banking? Shopping?
,----[ Quote ]
| The most prominent example of this is The Washington
| Post's security columnist, Brian Krebs. Krebs
| recently recommended that after interviewing "dozens
| of victim companies that lost anywhere from $10,000
| to $500,000 dollars because of a single malware
| infection," he's now recommending that, "commercial
| online banking customers consider accessing their
| accounts solely from non-Windows systems."
|
| As Krebs points out, he's not the only one. The
| Financial Services Information Sharing and Analysis
| Center, an online financial-sector security forum
| recommends business users, ""carry out all online
| banking activity from a standalone, hardened, and
| locked-down computer from which e-mail and Web
| browsing is not possible."
`----
http://www.itworld.com/security/81556/windows-unsafe-online-banking-shopping
Teeth-Gnashing and Tongue-Lashing Over Desktop Linux Foot-Shooting
,----[ Quote ]
| "Even if the Windows installation on the underlying
| hard drive is completely corrupted with a keystroke-
| logging virus or Trojan, that malware can't capture
| the victim's banking credentials if that user only
| transmits his or her credentials after booting up
| into one of these Live CDs," Krebs explained.
|
| The community's reaction? More than 400 comments on
| Slashdot just a few days later, not to mention
| discussions on OStatic, as well as on LXer and
| beyond.
|
| Linux, you're on a roll!
`----
http://www.linuxinsider.com/rsstory/68409.html?wlc=1256048572&wlc=1256048554
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkverF4ACgkQU4xAY3RXLo5fmwCcDhou98qZ9ySwG5tZPE387RSL
9C0Anji/GiZRZT+5DroJgPOr0dKps8wV
=lI+t
-----END PGP SIGNATURE-----
|
|
