As I have mentioned, you can only be safer not safe.
Web access through HTML language and HTTP protocol is stateless. Most computer communications are statefull.
Analogy Statefull Phone conversation. Once connected and started the information flow builds. If you have called your lawyer about a concern at any point in the statefull conversation the case details are implied and understood by both parties. Stateless is like mail. Each letter between the parties should state the concern explicitly.
Since browsers have vulnerabilities, as do operating systems, that can cause cross site scripting, cross site request forgery, and other vulnerabilities caused by a stateless protocol it is safer to have a single browser session to a financial site where IDentity and currency is involved. A safer environment for such sessions could be a Linux machine running a more secure browser. As the goal of the financial session is to make or save money, buying or running yet another computer system is a consideration.
Consider then two alternatives - keeping your existing PC, operating system, network setup, etc.
One. A virtual machine (VM) on your existing hardware. When you need to visit a financial site or site that requires a more secure setup -- boot up the VM with Linux and a secure browser with nothing else running. Revert to a clean Linux install at each boot. Reboot to that clean install after and before each secure WEB session. The advantage of a VM over method two is most malware checks to see if it is running in a VM and will exit or be better behaved in a VM.
Two. Similar setup with Linux and a secure browser but booted from a read-only DVD or CD-Rom. The advantage over a VM is there is no ability for malware to write to disk.
The learning curve for Linux is much less now than in the past. Once booted all that is required is to login and invoke the secure browser. From that point connecting to the secure WEB site is the same.
Add the procedure to reboot to your native environment and you have the method to make your WEB sessions safer.
No comments:
Post a Comment