On Tuesday, June 9, 2020 at 9:39:26 AM UTC-5, Catacombs wrote: > > > > On Monday, June 8, 2020 at 1:00:17 PM UTC-5, tomas.s...@gmail.com wrote: >> >> I understand, that Qubes compartmentalizes OS and parts of OS don't have >> access to other parts of the OS. So even if you had virus in your firmware >> of a network card, it wouldn't matter. I know firmware viruses are rare, >> but still better safe than sorry. I am looking for safe OS to do online >> banking from. If i use live usb of QUBES, does that protect me against all >> firmware viruses ? I wonder. Even there is like 0.2% chance of being >> infected with it. Also i can't disable all my disks in BIOS, could that be >> problem ? I mean if i use live-usb and don't boot my main OS, when usb is >> plugged in. So my main OS can't compromise Qubes. And even if disks were >> enabled and i boot up Qubes from live usb, i am not sure if it could get >> infected, because these viruses has to be loaded somehow right ? But if >> they are passively on the disk and you launch 2nd OS from live-usb, not >> sure if it could get infected like this. I wanted to dedicate my old pc for >> online banking, but Qubes doesn't work there. >> > > You might rather look at those webpages which talk about "Threat Model." > Who you might be contending with. There is, of course, the possibility > that what you are referring to is the fact Intel main processors have > modems which might allow Intel to change the firmware code without your > knowing it. I have been told, by someone who is much more knowledgeable > about these things, that there are no instances of Intel ever having done > that. There are some possible problems with USB Keyboards. > > You might ask your bank. I suspect in any case, what you might be more > interested in is reading about VPN's. Some more expensive that others. > As someone said, don't trust a free VPN, they have to make their money > somewhere, still I use the free version of ProtonVPN. > > Hardware that is produced with the goal of no Firmware intrusion includes > - https://puri.sm/ the qubes certified hardware, > https://www.qubes-os.org/doc/certified-hardware/, notice the Hardware > Compatibility List, https://www.qubes-os.org/hcl/ > > I guess that is off the subject. > > If you use a VPN- My bank checks the IP of the address the login comes > from. If the VPN server is say in New York, a thousand miles away, it will > not let me login. Bank reasons I should have told them I was traveling. > You might find difficulty using Tor, or Whonix to login to your bank. >
I should mention, using a credit card can insulate you from risk. The big risk of using a bank account is allowing someone to have the checking account number itself, the one on the bottom of all your checks. Puppy Linux has a number of Live versions which actually do not have a root, but whose security in the case of a bank account is derived from loading a new fresh version of OS at each re-boot. If one completely power downs the computer after each bank session, and does not save the partition each time, then. No way can software get in around you. Installing a VPN to use with one of the distros of Puppy Linux can be problematic though. Puppy Linux has a friendly forum. I think you might start with Easy OS, create a multi-save DVD. Boot then do your banking, power down. Not perfect. If you are a geek type, then use Qubes. No doubt Qubes is superior in several ways. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3ca355e8-7fc2-4fe8-bb77-ddb507ff60e3o%40googlegroups.com.
