ZDNet is promoting using live Linux CD's for banking, finance and email
internet activity. Spyware, phishing, keyloggers and viruses can't write
themselves to your CD drive.
I suppose you can still get attacked in live memory though, you think?

That wouldn't be much of an issue if you're booting up the Live CD just
to do your banking. In that case, you'd start the system with the Live
CD, go to the banks website, do whatever you were going to do at their
site, log back out and shut down. Unless you go looking elsewhere while
doing stuff at the banks site there wouldn't be any opportunity for any
malware to infect anything.

Beware of he who would deny you access to information,
for in his heart he dreams himself your master.
Commissioner Pravin Lal: "U.N. Declaration of Rights"

You can download a live CD for just that from the SUSE Studio site. I am
working on just that where the browser pops up and all you have to do is
select what bank and then go through the standard process. It will be
very user friendly and ther will be NO mallware on it. Honestly.
The CD is called MitM-Attack.(1)

This is where the issue of trust comes into it. You'll need to know
about a download location where you know you are you going to get an
unmodified Live CD from, and that you can check it to make sure it's
not been tampered with.

Build and burn your own little custom banking Linux distro for use only
with your online bank...

be sure its based on Ubuntu,

you could call it
something like BankBuntu Linux..

least I don't think this ones been built
as of yet.

Finally, purely for those that have a susestudio account and can repeat
the build process, I started with a Minimal X server as a basis, added
the packages firefox, firefox-translations and
firefox-branding-openSUSE.

Well, BankSUSE 0.0.1 and 0.0.2 has been built. 0.0.1 took just over 5
mins to build and, after making some configuration changes and saving
them for inclusion in 0.0.2, the second version was built. The total
time for building both versions was less than 30 mins, including about
10 mins testing, configuring, etc. A final build of a Live CD image
took a further 6:28 mins, and created an ISO image of 231MiB.

Now, I could leave it at that and let the user remember what the login
page is for their bank(s), or I could create a bookmarks file with a
selection of login pages for the various banks and create 0.0.3.

Finally, purely for those that have a susestudio account and can repeat
the build process, I started with a Minimal X server as a basis, added
the packages firefox, firefox-translations and
firefox-branding-openSUSE. I tweaked to the Firefox config and .xinitrc
modified to auto-start Firefox. Since it's using IceWM as the window
manager, there isn't an auto-login as there's an issue with the
keyboard[0] where a non-KDE/Gnome desktop is auto-loaded.

The same could be done using a KDE or Gnome desktop environment and
auto-login enabled without keyboard issues, but the size of the ISO
would most likely grow by 100MiB[1], and quite probably even more.
XFCE or WindowMaker could also be used, but these still suffer from the
keyboard issue and so no auto-login could be used.

Can the images be made USB stick ones there?

I've put Milestone Live images from Suse on sticks and they work just
fine but the netinstall ones have not booted, they seemingly need to be
put on a CD.

What kind of images can one create in Studio?

Vahis wrote:
Can the images be made USB stick ones there?

Yes.

I've put Milestone Live images from Suse on sticks and they work just
fine but the netinstall ones have not booted, they seemingly need to be
put on a CD.

What kind of images can one create in Studio?

5 types basicaly
1) USB stick/HD image. This is the default
2) CD/DVD ISO. This will warn to install the live installer as well
3) VMWare/VirtualBox (.vmdk) Not tried that yet
4) XEN Not tried that yet
5) Export your settings to Kiwi configuration

Besides that, you can add repo's like Packman, so you can make a liveDVD
with MPlayer on it. Or any RPM. You can also run scripts and edit files
and add files and ...

Well, almost anything

The live images of Milestones and now rc1 (oops, sorry, I'm doing it
again) are said to hybrid, that is they can be put on CD or on a stick.

The netinstall.isos are not hybrid seemingly, they don't boot if you put
them on a stick. Why? Or maybe it's just me...

How do you make a USB stick netinstallthingy?

Vahis wrote:
The live images of Milestones and now rc1 (oops, sorry, I'm doing it
again) are said to hybrid, that is they can be put on CD or on a stick.

They say that where?

It is not the case with Studio. If it should work,
perhaps it is a bug if it does not.

Here are three:
The disk image 1.1GB http://tinyurl.com/yzy9mjz
The ISO 320 MB http://tinyurl.com/ygzpwk8
The VM one 320 MB http://tinyurl.com/yftnenf

All are the same basically identical. Oh and try going to CLI (or run it
with init 3)

ssh might be an option, for now. Also not yet restricted to just that
bank, so I am having fun trying to get to say playboy.com

On Saturday 17 Oct 2009 16:28, houghi played with alphabet spaghetti
and left this residue on the plate:

ssh might be an option, for now. Also not yet restricted to just that
bank, so I am having fun trying to get to say playboy.com

Might try adding the specific hostnames to the /etc/hosts file and then
disabling name server lookups. That might be an issue with the
malicious website protection in Firefox.

Vahis wrote:
The live images of Milestones and now rc1 (oops, sorry, I'm doing it
again) are said to hybrid, that is they can be put on CD or on a stick.

They say that where?

They say that where?

URL:http://en.opensuse.org/Live_USB_stick#Procedure

It is not the case with Studio. If it should work,
perhaps it is a bug if it does not.

I've never tried it, so can't say if it would work. I build the disc
images for testdrive, and ISOs for local usage.

Here are three:
The disk image 1.1GB http://tinyurl.com/yzy9mjz
The ISO 320 MB http://tinyurl.com/ygzpwk8
The VM one 320 MB http://tinyurl.com/yftnenf

I'll have a look at these just to see what the difference is between
your versions on mine.

All are the same basically identical. Oh and try going to CLI (or run it
with init 3) :-D

Have you disabled the virtual consoles? Good idea if you have

Might try adding the specific hostnames to the /etc/hosts file and then
disabling name server lookups. That might be an issue with the
malicious website protection in Firefox.