Knoppix Remastered for Phishing Prevention
by Kyle Rankin
Cybersource, an electronic payment services company, has announced a new product called "Coastguard" to help make accessing online banking sites more secure. Coastguard is basically a remastered Knoppix CD that has DNS servers and other settings are automatically configured to use secured bank servers. This is a departure from token-based systems that other companies use.
I like the fact that this company was able to recognize how useful Knoppix is, particularly for this kind of security. Of course, at a $250,000 price tag, it's not exactly cheap. For the cost you do get complete access to the remastered CD with the ability to further tweak it, although I think you could probably pay a lot less for someone who knows Knoppix to create a remastered version just for you.
"The costs of burning and distributing the CDs will have to be borne by the institution but it will definitely not be as high as the $18 which one bank pays for its security tokens,"
"In any case, the bank which adopts a security token as a solution will have to make some backend changes which will cost it much more than our solution does,"
What I wonder is just how well this solution will work. As many of you know, a number of banking sites (or at least the web designers behind them) seem to think that this is an IE-only world. I can live with not being able to access functions on some random website because the designers weren't clueful enough to code it to standards, but banking sites are a different matter! At least for the most part, these sites will work if you spoof your user agent, and perhaps that's just what Cybersource did with their Knoppix CD.
Maybe a Knoppix hacker with some spare time will work up a remastered edition for the home user that implements some of these security features.