Linux vunlerablity to keyloggers?

[ColKurtz]

I stopped using Windows boxes to do online banking a couple of years ago after reading that rootkits can make keyloggers invisible to most AV software. Since then I've been using a Linux Mint live CD and firing it up when bills are due. This gets to be a chore, however, having to close programs on my work PC to reboot, having to take the few extra steps of getting it on wifi, etc.

I have Mint loaded on the HDD of one of my kid's machines and it would be quicker to just fire it up. Is Linux still fairly secure? I'm using Firefox on Mint (Mate) 14. I have Flash add-on enabled in Firefox, and my kid plays all kinds of Flash games on the internet.... not sure if there are Firefox/plugin vulnerabilities.

Are there any vulnerabilities I should be concerned about? TIA.

 

[lxskllr]

Sure, there's GNU/Linux keyloggers, but AFAIK, they'd require root privileges to install them. I'd be reluctant to do banking on a machine I didn't admin. If you're kid can install software, he can install malware, though it isn't as likely on GNU/Linux since there isn't much available.

You could use a VM on your system instead of using your kid's machine. Either do a full install, or just run a live image off the VM. That's what I do for trying out different distros. I have a small virtual HD I rewrite when I want to try a full install of something.

 

[jaqie]

Sure, and a frog or rabbit can kill you if it lands on a trigger to a gun just right which happens to be aimed at you. Don't try to keep frogs and rabbits away, just make sure the guns are secured or even just not pointed at you, or not loaded.

Seriously, there is a hell of a lot of stock in "good enough vigilance". Windows is fine for security, so long as you are vigilant, same as linux. It's just with linux most of the vigilance is handed over to someone else, a lot of other someones - the program contributors and the people checking the code for issues if any exist anymore in a non secured linux, which I seriously doubt all the code or anything even close has been checked in its' current revisions.

A slow but sure shift is happening, due to the sheer amount of code... the more popular an OS the more it is checked and also patched for security holes, and the more well known they are thus the more likely aftermarket programs for security plug those holes. I don't know any OS in the world that is more popular than windows 7 is, with the proper vigilance it can definitely be plenty secure for the task.

 

[oynaz]

Instead of booting from a live CD, use install Linux on a virtual machine. Oracle's VirtuaBox is free and easy to use.

It is not as secure, but still well into "extremely hard to hack" territory.

 

[Hero1711]

Instead of booting from a live CD, use install Linux on a virtual machine. Oracle's VirtuaBox is free and easy to use.

It is not as secure, but still well into "extremely hard to hack" territory.

What if your host OS had keylogger?

 

[smakme7757]

If you're deadset on using Linux and don't like the idea of virtualization then i would just install Linux on an old machine or buy a used laptop and install Linux on that. If it has to be portable then i would strongly consider a virtual machine.

Security is important, but it shouldn't be impractical for everyday tasks. It's a balancing act.

If you are on Windows Vista (With AV), 7(With AV) or 8 then you are more or less in good shape already. Windows might have a bad name and I see people going absolutely insane with security measures on these forums, but having:

*An updated and current version of Windows (Vista, 7 or 8)
*Some Common sense
*An AV

And you're in pretty good shape.