secure payments w/ qubes via banking VM best practice?
99 views
Skip to first unread message
Oleg Artemiev
Jan 27, 2017, 7:16:57 PM1/27/17
to qubes...@googlegroups.com
Actually I've banking VM as recommended. I'm even lazy enough not to
rename it to avoid default configurations. )) I use it for all sort of
legal payments and so on.
I've used paypal account on banking VM to pass a paymant to some
service. The service redirects me to paypal . I copy url from personal
vm to banking vm, authorize paypal to pay. When I'm looking into
payment details I'm accidentally opening the receiver company url.
I'm not hidding currently, but this sort of click by occassion to a
link provided by a paymet detalisation is an addon to attack surface.
I can run one VM per bank or payment system. But that is annoying. Any
better ideas?
--
Bye.Olli.
gpg --search-keys grey_olli , use key w/ fingerprint below:
Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E
Blog keys (the blog is mostly in Russian): http://grey-olli.livejournal.com/tag/
rename it to avoid default configurations. )) I use it for all sort of
legal payments and so on.
I've used paypal account on banking VM to pass a paymant to some
service. The service redirects me to paypal . I copy url from personal
vm to banking vm, authorize paypal to pay. When I'm looking into
payment details I'm accidentally opening the receiver company url.
I'm not hidding currently, but this sort of click by occassion to a
link provided by a paymet detalisation is an addon to attack surface.
I can run one VM per bank or payment system. But that is annoying. Any
better ideas?
--
Bye.Olli.
gpg --search-keys grey_olli , use key w/ fingerprint below:
Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E
Blog keys (the blog is mostly in Russian): http://grey-olli.livejournal.com/tag/
Andrew David Wong
Jan 27, 2017, 10:19:12 PM1/27/17
to Oleg Artemiev, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2017-01-27 16:16, Oleg Artemiev wrote:
> Actually I've banking VM as recommended. I'm even lazy enough not
> to rename it to avoid default configurations. )) I use it for all
> sort of legal payments and so on.
>
> I've used paypal account on banking VM to pass a paymant to some
> service. The service redirects me to paypal . I copy url from
> personal vm to banking vm, authorize paypal to pay. When I'm
> looking into payment details I'm accidentally opening the receiver
> company url.
>
> I'm not hidding currently, but this sort of click by occassion to
> a link provided by a paymet detalisation is an addon to attack
> surface.
>
> I can run one VM per bank or payment system. But that is annoying.
> Any better ideas?
>
If you don't want to have separate VMs for different services, you
could try using Qubes firewall rules. It won't be a clean solution,
and you'll probably have to add a lot of CIDR blocks (so it'll be
leaky, and there's the potential for overlap with servers you don't
want access to), but it's probably your best bet.
Another option is a browser extension that allows you to whitelist the
domains you want. This is less secure than Qubes firewall rules
(because it's enforced from within the browser instead of from outside
the VM), but it allows potentially much more fine-grained control than
Qubes firewall rules currently allow.
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYjA2gAAoJENtN07w5UDAwZeUQAK39Il0DN4L1gBJ3//JypcfO
piM30qsaDeN/XSMqWlPKqBQm44zCHEBSJrNLM2M+FyBpOKoSfVaRe846iWzS8UFZ
woSqfrDwFU2nMsnjmcmpDYb6dxiq/h1NfH7LSIVyAxDzeGaiyGto6qn5nPzAaT7l
QtnTGJSYs12j1Xhfmd28CM+7s6lcZiCz3l7KUlJA0sPuoAVpib5bqQLyqrYN712B
USB2blFZ7M6HNKb4DoKBt2M+CAm3AlYpYDeVcwmysYRTrBZ1W8ERMQL0LY50M74z
77zICisRC3l9XT/u79roh4M4c6xNFT7YsZn6rG+YKaMJxSUVBVlNHcTAOAYTlvvM
lQkKGcc6aCpdOZuii+GkOlSZ7IkF4w188y5Obwvl0Qbll1i73lP6BbXvKZV3seEB
yXiP1VKUhsiB4f+G5ne0G0fYXKyhRxwUcnpfTXHsU+qitvBxuOsSVv4lLFrRSuIu
a85OcnSzZDQCoLFjcWIbd9oEeEuZ5ZR1I/gFo61h2zJbXbxcGxFeORZ/5XpCE4Dq
kEqDMbDNY9opxlegHg2u64vRItHxrTPHyFRY26z3Sl+g5oi0843iB/GFMKmGboeH
uFjM10GbM/e6UGfOwkryuB+WQrUXOE5DQvBseNj75xqhPMlcHkRzn+d6j3EdtO2I
/Z6BaxTN1yjB/iZvA+en
=AENa
-----END PGP SIGNATURE-----
Hash: SHA512
On 2017-01-27 16:16, Oleg Artemiev wrote:
> Actually I've banking VM as recommended. I'm even lazy enough not
> to rename it to avoid default configurations. )) I use it for all
> sort of legal payments and so on.
>
> I've used paypal account on banking VM to pass a paymant to some
> service. The service redirects me to paypal . I copy url from
> personal vm to banking vm, authorize paypal to pay. When I'm
> looking into payment details I'm accidentally opening the receiver
> company url.
>
> I'm not hidding currently, but this sort of click by occassion to
> a link provided by a paymet detalisation is an addon to attack
> surface.
>
> I can run one VM per bank or payment system. But that is annoying.
> Any better ideas?
>
could try using Qubes firewall rules. It won't be a clean solution,
and you'll probably have to add a lot of CIDR blocks (so it'll be
leaky, and there's the potential for overlap with servers you don't
want access to), but it's probably your best bet.
Another option is a browser extension that allows you to whitelist the
domains you want. This is less secure than Qubes firewall rules
(because it's enforced from within the browser instead of from outside
the VM), but it allows potentially much more fine-grained control than
Qubes firewall rules currently allow.
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYjA2gAAoJENtN07w5UDAwZeUQAK39Il0DN4L1gBJ3//JypcfO
piM30qsaDeN/XSMqWlPKqBQm44zCHEBSJrNLM2M+FyBpOKoSfVaRe846iWzS8UFZ
woSqfrDwFU2nMsnjmcmpDYb6dxiq/h1NfH7LSIVyAxDzeGaiyGto6qn5nPzAaT7l
QtnTGJSYs12j1Xhfmd28CM+7s6lcZiCz3l7KUlJA0sPuoAVpib5bqQLyqrYN712B
USB2blFZ7M6HNKb4DoKBt2M+CAm3AlYpYDeVcwmysYRTrBZ1W8ERMQL0LY50M74z
77zICisRC3l9XT/u79roh4M4c6xNFT7YsZn6rG+YKaMJxSUVBVlNHcTAOAYTlvvM
lQkKGcc6aCpdOZuii+GkOlSZ7IkF4w188y5Obwvl0Qbll1i73lP6BbXvKZV3seEB
yXiP1VKUhsiB4f+G5ne0G0fYXKyhRxwUcnpfTXHsU+qitvBxuOsSVv4lLFrRSuIu
a85OcnSzZDQCoLFjcWIbd9oEeEuZ5ZR1I/gFo61h2zJbXbxcGxFeORZ/5XpCE4Dq
kEqDMbDNY9opxlegHg2u64vRItHxrTPHyFRY26z3Sl+g5oi0843iB/GFMKmGboeH
uFjM10GbM/e6UGfOwkryuB+WQrUXOE5DQvBseNj75xqhPMlcHkRzn+d6j3EdtO2I
/Z6BaxTN1yjB/iZvA+en
=AENa
-----END PGP SIGNATURE-----
raah...@gmail.com
Jan 28, 2017, 11:18:49 AM1/28/17
to qubes-users, grey...@gmail.com
I do both. Allowing specific https domains only. I tried to go by ip address only but it got crazy after a while.
I use chromium with apparmor, https everywhere and scriptsafe.
Also I try not to copy form less trusted vm into more trusted no matter what. It takes strict discipline like a shaolin monk..haha
When I do shopping. I use a disposable vm always, cause alot of websites require some unencrypted pages. I preferably use paypal, or a credit card that is only used online. two factor everything. I keep separate banking vm and major credit cards vm. separate store cards vm if page is secure. and dispvm for everything else like shopping sites. Always create a diff dispvm for diff transactions.
Grzesiek Chodzicki
Jan 28, 2017, 11:41:40 AM1/28/17
to qubes-users
raah...@gmail.com
Jan 28, 2017, 11:48:53 AM1/28/17
to qubes-users
Reply all
Reply to author
Forward
0 new messages