MaS is about computer security, malware and spam issues in general.


I just read about a canadian bank handing out ASUS EEE PCs. Now, a while ago when dealing with a Bank phishing case, I suggested that hypothetically, a bank could offer a simple laptop to their customers solely to do banking with. Of course, that is a problematic proposition that one single bank may not actually want to venture into on its own. We went over perhaps more practical solutions like booting from a Knoppix-like CD that could only be used for bank transactions as well as using a VMWare image. None were adapted, of course.

Now RBC is offering a free ASUS EEE PC as an incentive, but I keep on thinking that having a dedicated cheap laptop would be a good idea for the general population. The EEE is a small and basic Linux system, but supports one important thing: a browser useful for e-banking, Firefox. While I'm not a fan of remote attestation on practicality grounds, I could see it working in this case of a dedicated e-banking machine.

Would banks want to get into this business? I don't think so. However, an enterprising company might be able to convince enough banks to offer such a device to their customers and offer the security maintenance of such systems as a service.