Dedicate a Separate Computer for Online SafetyBy: Counter Threat Unit Research Team
Publicly, SecureWorks has long recommended using a separate computer dedicated exclusively to online banking, online retail purchases, account management, and other financial transactions. This would be a computer other than the one used for activities like surfing the web, window shopping, email, and social networking. The idea is to protect the system that you use to manage money from common exposures to threats that seek to break into bank accounts and steal your identity.
Direct from manufacturers, many computers come with the latest service pack pre-installed and automatic updates for the operating system, major applications, and security software turned on by default. The computer you dedicate to financial transactions should be placed behind a firewall. Most already are, even if you don't know it, since practically all home routers include a robust packet inspection (SPI) firewall by default. I suggest turning off this computer's wireless connection and connect it via cable to one of the standard Ethernet ports on the home router, since there are fewer security pitfalls this way, and the point is not to let the system roam around. The temptation to use the dedicated system for riskier activities when the regular computer is being repaired is the most difficult pitfall to resist. Only turn on the system when it's necessary to conduct transactions that involve financial or sensitive personal information, and turn it off when finished.
Recently, some security experts have recommended using a live CD to accomplish virtually the same task. A live CD is a self-contained, read-only operating system and user environment on a separate, removable disc (usually a CD or DVD) that you can use to boot a computer without using the system already installed on the hard drive. Booting from a live CD is something I recommended back in 2006. It basically substitutes your existing computer system for another. However, the concept of separate physical computers is easier to explain, and could mean better compliance with the practice by the average user.
Tech savvy people understand the idea of using a live CD: it offers a read-only, presumed-good base operating system and user-environment that can be used to perform sensitive operations like transferring money between accounts, applying for student loans, or buying a new computer online. Many might already use a live CD on a regular basis. It's even possible to create a live CD with active defenses against some forms of spoofing and ARP poisoning, but in reality, most people can't or won't do that.
For the average user to use a live CD, they might have to configure their computers to boot from CD or a USB device instead of the hard drive, or the live CD might not have network or display drivers for their hardware. Some wireless devices and video cards required drivers that are not open source, are encumbered by patents, or otherwise not freely distributable legally. This is a problem for both Linux-based live CDs and Windows PE (pre-execute environment) live CDs. Additionally, Windows PE requires building a disc and copying files that may (and technically probably do) constitute an unauthorized copy under the Windows license. People who have used Windows for years may also find the different arrangements of user interface objects and how to interact with them to get the result they expect to be troublesome.
Some of the advice regarding the adoption of live CDs targets those who have never used a Live CD and are interested in learning how. That is definitely not the average user. The average user is not going to use a live CD until it's handed to them free of headaches, especially not as long as individual financial liability is as limited as it is or until after their identity is actually ruined.
Neither of these configurations separate computer or live CD protect the user from phishing or social engineering (used solely in about 50% of attacks), or network-based attacks such as rogue DCHP servers, ARP poisoning, and rogue proxies. It won't protect anyone against the breach of a bank system or a retailer's point-of-sale, but those are not under the control of the end user.
Live CDs reduce the overall risk, but for a very small subset of users. Other, larger risks stem from issues not addressed by a live CD. The separate computer configuration is even easier to justify given the low cost of adequately equipped used systems, devices like netbooks, and brand-new economy desktops. Many people have an old computer that might fit the bill, but even if you have to purchase a system for this, the cost will almost certainly be lower than the impact of an act of account takeover fraud. Using a separate computer exclusively for financial transactions is easier to understand, comes with fewer pitfalls, and appeals to a much larger user base. The fewer victims, the better.