This article caught my eye this morning. The CIO of CNL Bank in Oriando is considering sending its customers Ubuntu Live CDs customized to autoload the web browser defaulting to the banking website. This places the customer in a sanitized operating system isolated from the customer’s home operating system. The reason for this is obvious–to mitigate against the effects of malware infections on the customer’s system while the user performs online banking transactions. Malware, depending on how it was designed, can often steal authentication information from banking customers as they log in. Software keyloggers as well can steal all the keystrokes and transmit them to the attacker, giving him access to all sorts of data.
This is a very good idea. The Live CD would not be persistent, meaning that whatever bad things are in memory would be no longer there when the system was rebooted. The user would always be greeted by the same safe, clean environment.
Making this a requirement of customers is also not a bad idea. The session to the bank could somehow be keyed to the Live CD, making any other connection impossible. It is really more about protecting the bank than the consumer. Perhaps the FDIC could lower premiums for banks who inforce such policies and controls? <shrug>.
However, we must not fall into what I call the SSL trap. Some companies who started doing business transactions online have had a bad habit the past of telling their customers that because their site uses SSL, it’s perfectly safe from intruders. Many such companies have found out the hard way that SSL does nothing to mitigate against XSS, SQL Injection and the like. Hopefully, banks will not think of this kind of sandboxing as a bullet proof vest either. While Malware may be virtually eliminated, other man-in-the-middle attacks still pose a threat. And let us not forget about hardware keyloggers.
I say that Malware may be “virtually” eliminated. A system booted from a live CD may be isolated from the user’s hard drive and any malware that infects it, but it is not invincible against memory-resident baddies that infect the system while the user has it up and running.I wouldn’t be surprised if malware creators shifted their attention to Ubuntu should the live CD become a popular way to do banking. I’m also thinking about how simple it would be to create a trojan version of the LiveCD with a counterfeit label. Hey, I’m a paranoid weirdo geek. I can’t help but think of such things. 
The inconvenience exists, of course, with having to reboot your system every time you want to do online banking transactions.One alternative to rebooting, however, is that he user could also install Virtualbox and run the live CD in a virtual machine. As with security controls and policies, we are always slowed down a bit. Security is no friend to efficiency. It is the price we pay.
Nonetheless, my hat’s off to the geeks working at banks who come up with these simple, elegant solutions for end-user security.
DH