Banking on Linux, Revisited

July 15, 2012

Back in October, 2009, I posted a couple of notes here about the idea of using a PC booted from a Linux Live CD for online banking (or other sensitive functions) to improve security.    A Live CD is a bootable CD-ROM that contains a complete Linux distribution  (the OS itself plus applications); the system is booted and run entirely from the CD, and the PC’s hard disk is not touched,  Since everything runs from the CD, any malware on the PC’s hard disk will not have a chance to run.   The topic had been discussed by Brian Krebs in a post on his “Security Fix” blog at the Washington Post. following a series of investigative reports on online banking fraud against small- and medium-sized businesses (SMBs).  I was glad to see and endorse his recommendation,

Krebs is now writing an independent blog, Krebs on Security (there’s always a link in the sidebar), and has continued to investigate banking fraud.   He has once again published a post suggesting the Live CD approach, and I still think it is a very sensible way to go for SMBs.  My ideal solution, as I’ve written before, would be a dedicated machine with a hardened OS and no applications software except what is required for the banking function.  But economics matter, and the Live CD solution gives many of the same benefits at significantly lower cost — and it costs almost nothing to try.  The article includes a step-by-step guide to getting and using a Live CD, using the Puppy Linux distribution; it is a “light weight” distro, which should run well on any PC that can run a reasonably current version of Windows.

As Krebs points out in his article, the point is not that malware does not exist for other systems, but that the vast majority of it is targeted at Windows PCs.

All of the malware used in the attacks I’ve written about is built for Windows. That’s not to say bad guys behind these online heists won’t get around to targeting Mac OS X, or users of other operating systems.  Right now, there are no indications that they are doing this.

If you are going for a swim, and you can choose between two beaches, one of which is infested with sharks and the other is not, does it really matter that much why the sharks prefer the first beach?

SELinux Resources

July 15, 2012

I’ve mentioned SELinux (Security Enhanced Linux) here before; developed by the US National Security Agency (NSA), it is not a Linux distribution in the usual sense, but a set of modifications to the stock Linux operating system to provide more robust security capabilities, especially mandatory access control.  (The NSA also has a similar project, SEAndroid, for the Android mobile operating system.)  I’ve recently discovered some additional resources on the technical architecture and history of SELinux, and thought some readers might find them helpful.

IBM’s developerWorks site has released a couple of papers on SELinux in the last few weeks.  The first, Anatomy of Security Enhanced Linux, by M. Tim Jones, discusses some of the mechanisms and techniques that are used in SELinux.  It also has a brief comparison and discussion of other Security-enhanced systems, such as Solaris 10 (formerly Trusted Solaris) and Trusted BSD.  The second paper, SELinux: History of its Development, Architecture, and Operating Principles, by Evgeny Ivashko,  It has a historical overview of the projects development, and its relations to other security projects and initiatives.   Both of these papers, which are intended for a technical audience, are also available as downloadable PDFs, and contain “Resources” sections with links to additional information.

The NSA  also maintains a comprehensive SELinux site, which contains background information, documentation, and download links.  As the main article indicates, SELinux is not intended to be a security panacea, but as an example of how a mainstream OS can be given better security features.

This work is not intended as a complete security solution. It is not an attempt to correct any flaws that may currently exist in an operating system. Instead, it is simply an example of how mandatory access controls that can confine the actions of any process, including an administrator process, can be added into a system.

If you are interested in running SELinux, or just interested in the general topic of OS security, I think you will find some interesting reading.

%d bloggers like this: