online banking-is my pc more secure this way?

martin57

Hi there,

I do a lot of online banking and some buying stuff over the internet. Like everyone else I am very concious of security virus, trojans,keyloggers that sort of thing.

I have 2 separate copies of win xp on my computer. What I have done is partitioned my hard drive into c and d with c windows installation only for online banking etc and make sure I have kept it up to date with windows updates, antivirus etc.

I use my d windows installation for run of the mill browsing downloading etc and will only use c for banking etc, which necissitates me restarting my computer, but I am willing to do that for the added security I feel I have.

Is this a good idea do you think, and especially if you have others and kids using your computer as well. Just let everybody use the d drive windows?

Martin

martin57

Well if some sort of malware is already on your windows installation surely it doesn't matter if you have separate logins, its still going to be there?

martin57

cledor

OK but I would use a separate physical drive for each OS to minimise the virus risk.

crox

You could use a live linux cd... Or linux on a memory stick.

Failing that I'd make sure that the account you use on your online banking installation is just a user, it's a major pain in the ****, but it's safer to not go on the internet as a machine administrator.

MickMack

This sounds like a good idea, but as has already been said, I think you should consider having this install on a physically separate hard disk which you could then boot from when you want to do banking. When your doing regular pc use then you can physically disconnect the drive and that way it is definitely isolated from the other install.
It's unlikely but still not impossible that malware from one install could get across the disk partition somehow on to the other.

Say you had an external Hard disk with xp installed, and you set your BIOS boot order to check USB first, then that way it would boot from the clean install when its plugged in but boot from the other install when the disk is unplugged.

MadCowMan

I'd go with a linux live CD for this - as its essentialy a read only system so no malware can be installed on it.

http://featherlinux.berlios.de/download.htm for example.

martin57

MickMack wrote: »

This sounds like a good idea, but as has already been said, I think you should consider having this install on a physically separate hard disk which you could then boot from when you want to do banking. When your doing regular pc use then you can physically disconnect the drive and that way it is definitely isolated from the other install.
It's unlikely but still not impossible that malware from one install could get across the disk partition somehow on to the other.

Say you had an external Hard disk with xp installed, and you set your BIOS boot order to check USB first, then that way it would boot from the clean install when its plugged in but boot from the other install when the disk is unplugged.

Yep thats a good idea about a separate hard disk that you plug in, and I can see this becoming the norm for online banking down the road, or else an internal disk not connected but switch to connect it quickly. Just as a matter of internest as my computer is fairly old with no usbs 2.0 does it take long to boot going the usb route?

martin57

kingmonkey

I think your being too paranoid, as long as your up to date with antivirus etc.

A separate partition wont really make a difference but of course it depends on the virus.

Using admin and user accounts on win XP will help, but I've found running a user account on XP painful!

An up-to-date light linux live CD will work well and saves installing win XP twice. https://www.damnsmalllinux.com is one of my faves.

opportunity_cost

martin57, it's good that you're thinking laterally and taking steps to protect your computer but I feel you're running the risk of getting a false sense of security. No amount of partitioning is gonna prevent a virus/trojan/spyware infection or someone hacking your computer. The only way to prevent that is to secure your computer and to browse safely.

Go about making your computer secure:
1. Keep your computer patched with all the Security Updates from Windows Update
2. Run a firewall (Comodo/Jetico)
3. Run an anti-virus program (avast/AVG)
4. Run an anti-trojan program (AVG Anti-Spyware)
5. Use a safe browser (Firefox)

Browse safely. Apply common sense when downloading files and set your anti-virus and also your anti-trojan to scan files you download (including e-mail attachments) or scan them manually.

You may also wanna run regular virus, trojan and spyware scans since the other computer users may not follow those rules and instruct your kids/anyone else to scan everything they download. If you do that, you won't get any nasties in your computer.

Genghis

I'd stick to options 1 and 5. Don't rely to heavily on your antivirus.. if I write a virus now and send it to you, your antivirus/anti-spyware software will not pick it up. If you have 10 firewalls configured but still use email or browse the internet then i'll just send my virus via email or web browser and connect to your computer through one of the allowed ports.

By installing all the security updates you'll limit the number of methods an attacker can use to execute code on your browser etc. and by having common sense, you will limit the chances of falling into an attackers trap (of which there are many).

ksrao

I am using portable firefox with a flash memory.I will attach it to my comp.only when I do my banking and then remove and keep it safely.Do you think my internet banking is safe?