Dec 07 2009
Protect your financial information: Use a Live CD for banking and shopping
Today’s topic may be a little technical for the average user, but I’ll try to make it easy for even non-technical users to follow. If you read this article and are interested, but don’t understand something, feel free to post a comment and I’ll try to help.
So we have talked about a number of ways to protect your personal and financial information, mostly in the context of a Microsoft Windows environment. But there is another way to make sure that you don’t have Trojans stealing your information when you are banking or doing online shopping – don’t use Windows! No, I’m not suggesting that you go out and buy a Mac, or that you install another operating system. I’m suggesting you use a Live CD when you do any financial transactions.
What is a “Live CD”? It is a bootable CD-ROM with a copy of a valid operating system (OS) on it. When you boot from the CD, you generally are given the option to install the OS or use it. If you choose to use the OS, the system launches to a desktop where you can access any number of pre-installed applications, including web browser, an office suite of applications similar to MS Office, multimedia players, etc.
The advantage of using a Live CD is that no data can be written to the OS. While you still need to exercise the same caution concerning to which sites you send your personal information, none of that information is saved on your computer or to the CD. So once you complete your banking session and reboot into Windows, there are no traces of your personal information for a Trojan or other malware to find and steal.
The most common Live CDs have various flavors of Linux on them, but don’t let that scare you. Most of the versions of Linux now available are very user friendly, and for simple tasks like web browsing the average user should have no problems. The one I personally like best is called Ubuntu (www.ubuntu.com). There are several versions of this OS, the main difference being the desktop style used. If you are a Windows user, I would recommend a version called Kubuntu (www.kubuntu.com). The KDE desktop is made to appear very similar to the Windows environment, and will be easier for many Windows users to navigate.
How do you get started? Well, simply download the Live CD of your choice and burn it to a CD-ROM. I would recommend a free utility called ImgBurn, which you can get at www.filehippo.com (note: this link is not available from the school district network). Once you have burned the CD, simply reboot your system. If your system reboots into Windows, it may be that your system is not set up to use the CD/DVD drive as the first boot device. In that case, pressing F9 at the BIOS screen will usually bring up a boot menu, allowing you to select the CD drive as your boot device.
Some people will note that it is inconvenient to have to reboot every time you want to check your bank account or do some online shopping. True, but for many people the peace of mind may outweigh any inconvenience. However, another option is available. Most of the major browsers, including Internet Explorer 8 and Firefox (version 3.1 and higher) now offer “private browsing” sessions. These sessions do not record any data to the Internet History or Cache folder or accept any cookies. While this is more secure than the normal browsing mode, it is not as secure as using the Live CD, as personal data can still be written to the hard drive as pages are viewed.
For the techno-geeks among us (and yes, I count myself in that group), another alternative to rebooting each time is to create a virtual machine (VM), and set the VM to boot from the Live CD image file each time. Then, instead of rebooting, you can launch the VM whenever you wish to do your banking and shopping. No changes will be written to the Live CD or to the temp folders of your Windows OS.
As I said at the outset, this may seem like a pretty technical topic, and it might scare you off. However, it is not nearly as hard as it may sound,and it might be worth checking out. I’d be happy to answer any questions. You can post them in the comments section below.