Jussi Peltola wrote:
On Tue, Jan 08, 2008 at 10:48:41AM -0500, Douglas A. Tutty wrote:
I suppose the only way to have a "trusted-secure" box and an
"untrusted-insecure" box with one disply/keyboard would be a KVM.
Actual, physical separation of the machines is the only 100% secure way
to prevent information from leaking between them. I'd be more worried
about the network cable between them than a KVM, though.
I looked at KVM and came to the same conclusion - that most now have
some software (partly to allow the boot process to discover the
keyboard, etc hardware), so there is a risk of some leakage. My
configuration will be physical separation of secure box from main box
with network cabling to the router as the only link. So my security
measures on the secure box are a simple PF setup permitting only
outgoing initiation of connections and some sort of restriction on the
internet sites visited. i.e. simply setting up the appropriate bank
sites as bookmarks and only using these as starting pages to visit. Plus
maybe some form of whitelisting in the browser setup if I don't trust
myself to be awake.
Unfortunately some bank sites do use javascript and I have a concern
over cross site scripting - only because I have yet to look deeper into
this to see what the risks are. But if I never visit non-bank sites is
this a problem?
Russell
