Introduction
This document presents a way you can use online banking with greater safety, even if your computer has been compromised with malware. I am starting to do this myself, and the inconvenience is not too bad. In today's dangerous online world, I recommend everyone does the same.
The idea is to split computing tasks into different classes of sensitivity. This is a similar principle to the government classifying information as "secret" or "top secret", etc. In a home context, online banking would be "top secret", while everything else on the computer is "secret". To keep these separate, use virtualization software to run multiple virtual machines for the different classifications.
Feasibility
I tried this myself for several weeks, to gauge how feasible it is. I used VMWare Converter to create an image of my physical machine, and VMWare Player to use it. Both are free downloads. My overall impression is that it is not feasible to work inside a virtual machine at all times - the performance impact is too great. Performance aside, my impressions are positive:
- Getting started with a Virtual Machine mirroring my original physical machine was impressively straightforward.
- Almost everything works - sound, network, USB devices, extra mouse buttons, CD reading and writing, standby, etc.
- Performance is pretty good - fine for normal usage.
- No stability problems so far.
But there are some problems:
- Performance loss - an IO and CPU intensive build process takes around twice as long. There is some flicker on video.
- Some things don't work - the extra buttons on my keyboard (e.g. mute), and there's a bad interaction with my USB KVM switch.
- Windows licensing requirements - if you have a Windows host and a Windows guest, you need two Windows licenses.
Trying This
If you want to try this out, I recommend the following. This is not what I did, but it seems a better approach, in particular avoiding the need for two Windows licenses.
- Install a Linux partition on your computer, configured to dual-boot
- Install VMWare Workstation on the Linux partition
- Configure VMWare to use the existing Windows installation (
read this)
Once you've done this, you would usually boot into Linux and use the Windows VM. Do online banking directly in the Linux partition. If after a while you decide you don't like this arrangement, you can simply boot directly into Windows.
My Experience
There are a number of virtualization products available. I decided to try VMWare, primarily because of its reputation, and have been happy with the results. So far, I've been using the evaluation version of VMWare Workstation. When this expires I will have to decide whether to pay for the full product, or switch to either Player or Server, which are free.
To get started I used VMWare Converter, which creates a virtual machine by copying a physical machine. This did work very well, but using virtual machine images has some inherent problems. You need a lot of disk space for the image, and you can't easily get at files inside the VM from outside it. Also, if you use both the VM and the physical install of Windows, you should have two Windows licenses. For these reasons I recommend avoiding Converter, and instead pointing the VM at the physical partition.
Some issues I hit:
- Windows needed to be reactivated due to significant hardware changes.
- "Duplicate computer name" errors - until I renamed the VM to "pajvm"
- On my 1GB machine, VMWare initially gave the guest OS 768MB, which caused heavy swapping and a significant slow down. Setting this to 512MB improved performance considerably.
- The extra buttons (forward and back) on my Intellimouse didn't work, but adding the following line to the .vmx file fixed this:
mouse.vusb.enable = "TRUE" - The extra buttons on my keyboard (home, mute, etc.) don't work, and nothing so far has fixed this.
- CD writing and ripping (capturing audio tracks) didn't work at first, but turning off "Legacy emulation" fixed this.
General tips:
- Set VMWare tools to do "Time synchronisation between the VM and the host".
- Shared drives can be done in VMWare player; you need to edit the .vmx file.
- For me, putting the host into standby worked fine without suspending the guest. The manual recommends you suspend the guest before doing this.
Security
The idea is that the Linux host operating system will have high security. This comes not from elaborate protections, but simply from doing as little as possible in the host OS. You need to apply the basic precautions of firewall, automatic updates and anti-virus. Beyond this, all desktop attacks rely on some kind of user-initiated action. A desktop that is only used to access a small number of highly trusted sites is at relatively low risk.
The VM for day-to-day use still needs to be well secured. Because of all the browsing, downloading and such, it is at high risk. You absolutely need to take the basic precautions, and it is worth taking further precautions.
The security of the host OS is dependent on malicious software in the VM not being able to affect the host. This is a design goal for virtualization, although it's not completely achieved. There have been security problems with VMWare, but not a huge number, and it is encouraging to see that people are looking for these kinds of problems, and they are being fixed. There are also convenience mechanisms, such as shared clipboard and drag and drop, which reduce separation. I recommend these be disabled. Also, take care about firewalling - you need the host to be firewalled from the guest.
Other Classifications
A common use for VMs is as a "red zone" for performing risky tasks, such as trying out software downloaded from the Internet. VMWare provide a free VM for doing just this.
One option for protecting online banking is to do that work inside a VM, while doing all day-to-day work in the host. This is not a strong security control - it is possible for the host to control the VM. However, it provides enough security by obscurity to defeat most or all current malware.
