Knoppix Remastered for Phishing Prevention

by Kyle Rankin

Related link: http://www.smh.com.au/news/Breaking/Safe-CD-solution-for-online-banking/2005/03/…



Cybersource, an electronic payment services company, has announced a new product called "Coastguard" to help make accessing online banking sites more secure. Coastguard is basically a remastered Knoppix CD that has DNS servers and other settings are automatically configured to use secured bank servers. This is a departure from token-based systems that other companies use.

I like the fact that this company was able to recognize how useful Knoppix is, particularly for this kind of security. Of course, at a $250,000 price tag, it's not exactly cheap. For the cost you do get complete access to the remastered CD with the ability to further tweak it, although I think you could probably pay a lot less for someone who knows Knoppix to create a remastered version just for you.

From Cybersource:

"The costs of burning and distributing the CDs will have to be borne by the institution but it will definitely not be as high as the $18 which one bank pays for its security tokens,"

"In any case, the bank which adopts a security token as a solution will have to make some backend changes which will cost it much more than our solution does,"



What I wonder is just how well this solution will work. As many of you know, a number of banking sites (or at least the web designers behind them) seem to think that this is an IE-only world. I can live with not being able to access functions on some random website because the designers weren't clueful enough to code it to standards, but banking sites are a different matter! At least for the most part, these sites will work if you spoof your user agent, and perhaps that's just what Cybersource did with their Knoppix CD.

Maybe a Knoppix hacker with some spare time will work up a remastered edition for the home user that implements some of these security features.