It seems the Desktop Wars are over and I need to embrace the New World Order:
Smartphones, Tablets, Mobile-Devices have changed the problems and our thinking.
Damn you're good!!!! [comments at end]
Security Expect wrote on 14/10/12 9:33 AM:
>> Idea: Run browser in a bank-supplied VM, with mini-Linux.
>> hardened O/S & only required Apps, no user root-access, automatic updates (debian style), user SSL-certificate pre-installed, VPN connected, use Bank DNS or /etc/hosts. No Java on the VM - perhaps keys stored on an USB-key in an file, which is an encrypted file-system. Can do that easily on LNX
> Too complicated. The reality is that nobody gives a shit.
> What's equally good and 100,000 times easier is to use an iPad that you don't use for anything else on the internet.
>> Are programs (like a browser) running within a VM on a Windows m/c safe from being 'sniffed'?
> Of course not!
> The kernel can see everything and so can the hypervisor. Joanna Rutkowska was popping holes in hypervisors ages ago.
>> Obviously, any sniffer program on the Host system will capture all input, but will it necessarily give away passwords and account/card numbers?
> The host system can also attach the process' memory with a debugger and pull the encryption keys right out of where they are stored.
Thanks very much for your detailed reply and not stating the obvious:
*What* were you thinking (steve)?!?!?!
Obviously, not a lot :-(
You are dead-right, that dedicated devices for 'secure access' are now cheap enough that Banks etc can give them away, or at least subsidise them for customers. If you won't spend $100 on secure access, you deserve what you get...
It's only a small extension from their current "tokens" for "two-factor authentication".
I need to revise my Old-World thinking about "everything is a desktop".
The security solutions needed for laptops/desktops are massively different in this new world...
I was thinking that a secure hypervisor that could run a well-controlled Linux browser environment alongside a generally insecure Winders environment might be 'useful'...
Sort being thought of by MSFT with "Hyper-V" (though not sold that way).
And JR/'invisiblethings' are doing something similar based on XEN, aren't they? (Qubes)
But "use a dedicated, purpose-built device" is an end-run around this whole approach. Love the idea.