nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Virtual Banking?

NightShade03

What do you guys/gals think about banking on a virtual platform? IE. Suppose that to do all banking I always fired up my Ubuntu distro in Virtualbox, did my banking, and then shutdown the virtual machine. Do you think that it makes the user experience more secure? Obviously there is a long wait time for the virtual machine to boot, and all that, but do the security benefits (if any) out weight this?

Note: Linux isn't super secure...its just less targeted

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

wd40

If someone is monitoring your windows, will he/she be able to see/record what you are doing in the virtual machine?

tiersten

It would be a little better than running everything on the host OS but it isn't infallible for the reasons wd40 said.

To make it secure (assuming the VM package is correctly written and you can't break out) you'd have to have at least two VMs. One for banking and one for everything else you do online. You never use the host OS directly.

msteinhilber

I suppose it would be slightly more secure, but I wouldn't go through all the hassle. Honestly, I'm far less concerned about how safe I personally am with any transactions that I conduct with any financial institution online. Same with any transactions I conduct by making purchases online. Instead, I'm far more concerned about how the other end of the transaction is protecting my credentials and/or money.

eMeS

It sounds to me to be a solution in search of a problem.

I'm no security guy, but it seems to me that the weakest link(s) in any system will be wherever there are people involved. When dealing with any financial institution online or offline, there are so many places where people are involved that doing all banking transactions from a virtualized OS seems irrelevant when considered in terms of the big picture.

Now, if you said something along the line of "is there a security benefit to doing all of my downloading and running of .com and .exe files from a virtualized session?", I'd probably agree....

MS

dynamik

Yea, if you don't want to do your banking online in your host OS because it might be compromised, well, how secure is a VM running in that?

NightShade03

Thanks for the feedback all. There are alot of valid points here and I guess looking at it quickly it may seem like a good idea for those that aren't very computer savey but like most of you pointed out....it wouldn't help those that A) don't know anything about using a PC in the first place or

on a machine that is already compromised and listening on the host machine.

I guess there really is no "secure" way for non-technical people to really bank, aside from user education.

Kaminsky

Anyone hacked my bank account I would hope they would take one look at the balance, feel sorry for me and donate something.

ajmatson

Kaminsky wrote: »

Anyone hacked my bank account I would hope they would take one look at the balance, feel sorry for me and donate something.

+1 however, there are some good points on how secure are we really?