You are not logged in.
Pages: 1
Hi dear forumers.
I have a spare netbook with Arch installed. I use it to write some stuff, send e-mails and surf the web. I have no problems with it, I just want to know if there's a way to make my Mozilla Firefox safer, because I do a lot of bank movements through internet and the last thing I want is to find no money in my bank account because somebody stole my data, which is a "common" thing in my country
The bank's site has a secure conection (https) and it's verified by VeriSign (RC4 connection, with a 128 bit encryption).
Regards.
PS. I'm so sorry for my ignorance about this matter, I've searched out the wikis and found almost nothing. Maybe I'm just paranoic....
Last edited by Silex89 (2012-03-24 01:39:55)
"The way your heart sounds makes all the difference" John Myung
I love Dream Theater! ImL
Best Guitar Solo Ever
Offline
The main thing I do to try to make Firefox safer is to run the NoScript add-on. Their site can explain what it does better than I: http://noscript.net/
Tim
Offline
1. If you are really paranoid, run it in a virtual machine that you build specifically for banking.. Make a new copy of the machine each time you use it and dispose of the copy afterwards.
2. Run it on a Linux box
Last edited by ewaller (2012-03-23 22:48:04)
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
Thanks a lot for your help guys , I'll do that from now on.
Regards
"The way your heart sounds makes all the difference" John Myung
I love Dream Theater! ImL
Best Guitar Solo Ever
Offline
Maybe something like this https://bbs.archlinux.org/viewtopic.php?id=135884 as well. But don´t be surprised if it blocks some legit sites, just update the host file then.
Offline
1. If you are really paranoid, run it in a virtual machine that you build specifically for banking.. Make a new copy of the machine each time you use it and dispose of the copy afterwards.
2. Run it on a Linux box
But there is no guarantee that your firefox will be safe to any of these options.
For the real paranoid people it makes them feel better. But nothing more.
You can't stop all exploits when you visit some websites. Sandboxing helps to an extent but even chrome was taken down twice at the pwn2own , few days back.
The point is there is threat all the time, you maynot be equipped for a 100% protection.
If interested read:
http://theinvisiblethings.blogspot.in/2 … ation.html
http://www.nsa.gov/research/_files/seli … 1/t1.shtml
Last edited by hadrons123 (2012-03-24 02:42:49)
LENOVO Y 580 IVYBRIDGE 660M NVIDIA
Unix is user-friendly. It just isn't promiscuous about which users it's friendly with. - Steven King
Offline
For peace of mind, I run firefox protected by apparmor. I also use the AdBlock plugin, and the Privoxy proxy server.
Offline
But there is no guarantee that your firefox will be safe to any of these options.
For the real paranoid people it makes them feel better. But nothing more.
You've a good point. My rational is that if, during a given session, an attack succeeds in compromising the session; then, at least, any exploits that were installed do not persist into the next session. Also, if the browser is not used for anything except banking, one is less likely to pick up exploits from the random site of dubious security.
Edit: Security depends on a layered approach. If an attacker should peel back one layer of the onion, make sure there is another layer underneath.
Last edited by ewaller (2012-03-24 18:02:15)
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
http://www.tomsitpro.com/articles/it-se … 147-6.html
Read the "Alan: What do you do for your regular systems? segment. She talks about using a "dirty" VM, a "semi-sensitive" VM and a "squeaky clean" VM (for banking and such), just for the browser. I'm thinking of using a custom TinyCore or maybe SliTaz for each of those. They take up around 30 MB or so, plus the browser cache... I'd give it an even 100-300 MB, depending on the VM.
I have made a personal commitment not to reply in topics that start with a lowercase letter. Proper grammar and punctuation is a sign of respect, and if you do not show any, you will NOT receive any help (at least not from me).
Offline
Visit my blog and my DeviatArt page
Offline
First thing to be safe with online banking is to stay clear of phishing attempt. If you receive an email from your bank or about your bank account do not click on any link from that email.
Then to be on the safe side you should connect to the website by typing the address manually and verify you are using safe DNS so you don't get redirected to a fake site pretending to be your bank.
Check that you're connected through https before entering your credentials.
Now about firefox itself, you should run an up to date version, disable unnecessary extensions and block third xss and third party javascript (noscript does that), running adblock is probably also a good idea.
You could also look into hardening your arch installation, there's a wiki article about security, tcp/ip hardening, configuring a firewall and hardening the kernel will help protecting against remote attacks.
Offline
Woah! thanks a lot guys! . I'll read the documentation and follow your advices. I had no idea about this, so thank you
Regards
"The way your heart sounds makes all the difference" John Myung
I love Dream Theater! ImL
Best Guitar Solo Ever
Offline
Pages: 1