Join Early Retirement Today
Reply
 
Thread Tools Display Modes
Old 06-19-2020, 03:13 PM   #41
gone traveling
 
Join Date: May 2020
Posts: 147
And avoid using Extensions for the browser.
JustVisitingThisPlanet is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 06-19-2020, 04:22 PM   #42
Thinks s/he gets paid by the post
Rustic23's Avatar
 
Join Date: Dec 2005
Location: Lake Livingston, Tx
Posts: 4,202
I got my first computer 40 years ago! I have broken just about every security rule there is. However, currently, I use LastPass, and two factor ID on my financial accounts. *only have 3. I put great trust that if my bank accounts or financial accounts are hacked, the bank or financial co. will make them whole. We have funds in a second bank, not online, to live on should accounts be frozen.

I guess what I am trying to say, is, take basic precautions, but there are a thousand other things to worry about other than 'should I have a separate computer for my financial data.' Try, will I live through Covid, Do I have LTC funded properly, will all this stimulus cause hyper inflation, will xxx get elected? I don't have much control over these things either! It's after 5 o'clock somewhere, and time for an evening drink with my wife of 53 years!
__________________
If it is after 5:00 when I post I reserve the right to disavow anything I posted.
Rustic23 is offline   Reply With Quote
Old 06-19-2020, 04:40 PM   #43
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
target2019's Avatar
 
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,638
Quote:
Originally Posted by Katsmeow View Post
From reading this and other research, it seems that there are a range of protections possible. In these I am limiting myself to Windows 10 and a Chromebook as I don't feel I have the knowledge for Linux or some other options suggested.

1. What I would consider the base with Windows 10. Use a strong password.
Don't reuse passwords and use a password manager. Use a unique user name you don't use anywhere else. Add basic 2FA. Be careful with how you use email. Watch for phishing attempts. Be careful with attachments. Be careful browsing. Look for spoof websites. Be careful what you download. Keep your computer and browser and programs updated. Monitor accounts and set up alerts and email. I am in the process of changing some of my emails that I am using and I am resetting some passwords. You want your financial accounts set up so that they let you know when you do that. Set up a PIN with your cell phone carrier. Set up 2FA for your cell phone carrier also. Set up 2FA for your email accounts. Use software on your computer that scans it regularly for viruses, malware and other threats. Have a secure password for your home network.

Honestly, I think that if you do all the above you are safer than the vast majority of people and that should be "enough". But, a level above that would be to add to the above:

2. Set up a separate email for your financial accounts. Use an authenticator app whenever you can. If a Fidelity customer, use Symantic VIP access. Get a physical Yubikey (or some other brand) and use both on your computer and your phone.

A layer beyond that:

3. Get a separate computer for going to your financial accounts. Don't visit them on the internet except on that computer (note that if you deposit checks online you may need to use a phone app to do it). This could be a Windows computer. But, a stronger alternative is a Chromebook. You could use Chrome apps and go to some websites (known safe sites not just general websurfing). Preferably you would do this things using a separate profile or as guest. No, your Chromebook is not being solely used for the financial accounts, but it is still probably safer than a Windows 10 computer because Chrome OS is safer. The advantage of this alternative is that your Chromebook can double as an occasional laptop for you.

And beyond that:

4. Use the Chromebook solely for visiting your financial accounts.

Conclusion:

All of these add protections. I don't think that anything beyond 1 is actually strictly necessary. 2 is fairly easy to implement and just costs the cost of the Yubikey. 3 and 4 add considerable cost and I am not sure the incremental value is worth it particularly if you are someone already doing 1 and 2. 3 and 4 seems more useful for those people not willing to do 1 and 2 on their main computer. That is, if you don't want to do the 1 and 2 precautions on your main computer then moving financial accounts to a separate Chromebook (or even Windows computer) makes more sense. I am not sure they are worth it if you are already doing 1 and 2 on your main computer.

I haven't decided entirely yet. I am doing 1 and some of 2 already (I don't have a physical Yubikey but that seems worth doing). I could see doing 3 as well. I don't currently have a notebook (although I do have an iPad) so getting one that I could occasionally use as such while doing the financial on there would seem to still add a layer. (To be clear I would never use the notebook on public WiFi). But, again I am not sure the incremental benefit for someone doing 2 is worth it.
+1 -- Nicely laid out. Great analysis!
target2019 is offline   Reply With Quote
Old 06-30-2020, 06:58 PM   #44
Recycles dryer sheets
template's Avatar
 
Join Date: Aug 2005
Posts: 193
Quote:
Originally Posted by Katsmeow View Post
So I am pondering whether to get a separate financial Chromebook. ...
...My interaction with financial sites is often just to do stuff like download statements or confirmations. I usually keep those in PDF form. Not sure how to get them from the Chromebook to my main computer if there is no interaction between the two. ...
You can transfer files to and from a Chromebook using a thumb drive (aka, flash drive) if your Chromebook has a USB port.
__________________
Retired in 2001 at age 49.
template is offline   Reply With Quote
Old 06-30-2020, 07:49 PM   #45
Full time employment: Posting here.
Delawaredave5's Avatar
 
Join Date: Dec 2004
Posts: 699
Clark Howard recommends a dedicated Chromebook for financial. They're cheap and known for security. I'm assuming you're already doing two factor authentication. Not sure necessary but....

I love Chromebooks - have them all over house - cheap, boot quickly, no administration, long battery life, fast browsing.
Delawaredave5 is offline   Reply With Quote
Old 06-30-2020, 08:27 PM   #46
Confused about dryer sheets
 
Join Date: Apr 2019
Location: Denver
Posts: 8
Wow, this is #1 topic of concern for me. I don't reply back on this website since I'm a relative dweeb on retirement compared to so many experts that I don't feel I have much to offer. But I don't mind sharing my viewpoint on the issue of financial account security.
First, keyloggers are a real threat if they make it on your computer. I used to program apps to do just this (for legitimate business purposes) and knowing how easy it is to do so makes me very wary. Two-factor authentication using a text message is an absolute must for me. As long as I have my phone, I feel pretty secure. Also, I never go to my financial sites via a link in an email. Rather, I always log out of my email and enter the address directly in a web browser to see if anything important has been sent me. I also never type passwords, rather, I copy/paste them into the entry boxes. More than anything, I deliberately change my passwords regularly. I figure when a password finally shows up on the dark web and it's linked to my email address, I will have updated my passwords several times. And yes, make the password complicated. Otherwise, I've put my faith into the MacOS and only access financials when on my Mac. PCs are way too each to hack I think (?). Otherwise, the only other thing I want to look into is getting a VPN. Don't know much about it, but I understand it makes my presence on the internet more innocuous. Looking forward to the day when they introduce something even better than two-factor authentication. Yikes, I think it's time I change my passwords again.
Davidoff is offline   Reply With Quote
Old 06-30-2020, 09:02 PM   #47
Thinks s/he gets paid by the post
 
Join Date: Dec 2017
Posts: 1,565
This key logger concern if just for windows PCs, right? I don;t think it would be an issue with a Chromebook. There can be malicious extensions or apps but couldn't you just not add any?
RetMD21 is online now   Reply With Quote
Old 06-30-2020, 09:26 PM   #48
Recycles dryer sheets
 
Join Date: Dec 2018
Posts: 173
For reasons of boot time, and update time, I started using a Chromebook a couple of years ago. The older I get, the less time I have to wait for Windows.

I recently treated myself to an iPad.

Either works well for me, for anything I do. The Windows desktop I have has slowed dramatically with each update. I use it only for a very few apps like TurboTax and offloading pictures from my iPhone. Itís painful when I do use it.

I keep most of my data in the cloud, because Iím absolutely lousy at paper filing and finding things. Again, too little time left to waste looking for stuff.

LastPass has worked very well for me, 2FA is Google Authenticator.

Money is spread across several institutions, all of which require 2FA. That wasnít necessarily a security strategy, but if one goes down, Iíll have other options.

Nothing is risk free. If I lose internet access, Iím hosed. T-Mobile is my backup ISP.

In my opinion, a single device can be low risk IF you are aware of the phishing techniques.
a60dan is offline   Reply With Quote
Old 06-30-2020, 10:11 PM   #49
Confused about dryer sheets
 
Join Date: Apr 2019
Location: Denver
Posts: 8
Hello MD21, as far as keyloggers (or any "malicious code") I believe they only work if they are local on your computer, that is, you either installed it yourself (how I've done it in the past) or they get in through some other vector. The obvious way is that you click on an attachment to an email and it installs itself. All OS's have at their core, a framework of code through which the OS does all the things it does. On windows, that framework is .NET. In .NET there are so-called event handlers that you can program to do something when they're triggered. Keyloggers target events associated with a keystroke. Click a key, and you can program the code to send that key through the web to an outside computer. I only know about Windows, not sure of others but I imagine they all have these kinds of event handlers. Of course, the intent of OS's is to limit outbound information flow. But with how complex OSs have gotten, not to mention how many apps they need to manage, I'm not optimistic that all leaks can be found. The best you can do is NEVER click on attachments, NEVER visit anything other than legitimate websites, NEVER do anything risky while connected to the internet. If you limit your web browsing, delete or ignore and unsolicited requests "for you to follow a link", limit "social" apps, change your password frequently with STRONG passwords, and always opt-in for 2-factor authentication, then I think you're doing the best you can. Crooks always go after the easier target, at least I hope they do. Wish someone would write a good book on the subject for those of us who aren't programmers.
Davidoff is offline   Reply With Quote
Expensive paperweight
Old 07-01-2020, 06:10 AM   #50
Recycles dryer sheets
 
Join Date: Nov 2011
Location: West Plains
Posts: 150
Expensive paperweight

Even though the DH retired from Google, I am not a fan of Chromebooks in general. If you don't have an internet connection (which happens to us frequently when we travel) it becomes just an expensive paperweight.
Maidensong is offline   Reply With Quote
Old 07-01-2020, 07:00 AM   #51
gone traveling
 
Join Date: May 2020
Posts: 147
Quote:
Originally Posted by Maidensong View Post
Even though the DH retired from Google, I am not a fan of Chromebooks in general. If you don't have an internet connection (which happens to us frequently when we travel) it becomes just an expensive paperweight.
Not internet dependent anymore. ChromeOS runs offline Android and Linux apps now, including Linux LibreOffice and some very good content creation tools. There are also PWA apps that while installed via browser, can run offline.

Some security experts also consider ChromeOS the most secure of major OSs, though browser extensions can still be a problem as with any browser/OS. Be careful with extensions that can read your browsing history or convert your data like PDF converters. The details of extensions explain permissions. Might avoid any extensions if you have a dedicated financial laptop (of any OS).

I personally prefer full Linux but also use ChromeOS/Mac/Windows and ChromeOS is my second choice. Windows used only virtually if needed. I also use relatively more private Brave browser (based on Chrome with Googly things stripped out) or even more secure but slower Tor Browser (based on Firefox). The Linux versions can be used on Chromebooks.
JustVisitingThisPlanet is offline   Reply With Quote
Old 07-01-2020, 01:07 PM   #52
Thinks s/he gets paid by the post
 
Join Date: Mar 2010
Location: Kerrville,Tx
Posts: 3,361
Quote:
Originally Posted by target2019 View Post
Jim,
If OP were to dual boot new computer (Windows 10 / Linux) how difficult to set up a shared folder on that computer where Linux could save data accessible by Windows (if he needs to add in older financial PDFs, etc.? Last evening I was thinking that would be a simpler solution. It would also be more secure than Chromebook (with gmail profile) + Windows 10.

I agree with you that Linux is more secure. Which browser would you use with Linux to maximize security when on financial site(s)?

Interesting challenge for OP.

Linux can now read nfts disks and you can mount them. However an easier way to accomplish this without going to dual boot, would be to load virtualox on your machine and run linux on it. Files can be shared a couple of ways between the virtual machine and its host
meierlde is offline   Reply With Quote
Old 07-01-2020, 02:23 PM   #53
Thinks s/he gets paid by the post
 
Join Date: Dec 2017
Posts: 1,565
Quote:
Originally Posted by Davidoff View Post
Hello MD21, as far as keyloggers (or any "malicious code") I believe they only work if they are local on your computer, that is, you either installed it yourself (how I've done it in the past) or they get in through some other vector. The obvious way is that you click on an attachment to an email and it installs itself. All OS's have at their core, a framework of code through which the OS does all the things it does. On windows, that framework is .NET. In .NET there are so-called event handlers that you can program to do something when they're triggered. Keyloggers target events associated with a keystroke. Click a key, and you can program the code to send that key through the web to an outside computer. I only know about Windows, not sure of others but I imagine they all have these kinds of event handlers. Of course, the intent of OS's is to limit outbound information flow. But with how complex OSs have gotten, not to mention how many apps they need to manage, I'm not optimistic that all leaks can be found. The best you can do is NEVER click on attachments, NEVER visit anything other than legitimate websites, NEVER do anything risky while connected to the internet. If you limit your web browsing, delete or ignore and unsolicited requests "for you to follow a link", limit "social" apps, change your password frequently with STRONG passwords, and always opt-in for 2-factor authentication, then I think you're doing the best you can. Crooks always go after the easier target, at least I hope they do. Wish someone would write a good book on the subject for those of us who aren't programmers.
My Chromebook won't even open things I want. I doubt that it would run programs. I don't necessarily trust apps and extensions.
RetMD21 is online now   Reply With Quote
Old 07-10-2020, 09:09 AM   #54
Recycles dryer sheets
 
Join Date: Oct 2014
Posts: 117
Iím less concerned now as I have two-factor authentication (text message one time codes). Also, as others have pointed out, use strong passwords, scan for viruses regularly, and be weary when clicking on attachments & downloads (always scan).
2cheap2eat is offline   Reply With Quote
Old 07-10-2020, 09:31 AM   #55
Thinks s/he gets paid by the post
 
Join Date: Nov 2016
Location: Washington State
Posts: 2,330
I don't see the point of having a second computer (Chromebook or otherwise) to access financial accounts. It's just another machine to maintain, another computer that can be infected, another computer that can be stolen, and another point of vulnerability. Unless you're just "looking", at some point you'll have to move files from your second computer to your main computer, which is another chance for viruses and/or hacking.

In my opinion, it's better to have one system you lock down as much as possible, and scan for viruses and malware regularly. Use a password manager and use a different long password for every site you visit. Create an encrypted drive on your hard drive and save your financial records in the encrypted drive. Then unmount the encrypted drive when you're done accessing it.

NEVER click on an email link, even if it looks legit and trustworthy. If you get an email from your bank, log on to the bank site directly in your browser. DO NOT click on the email link. As long as you follow this simple rule, I don't see the point in having a dedicated email address. Emails are not secure anyway.

Remember the financial institution is a bigger target than you are. Even if you have the most secure computer and login on the planet, your financial institution can still be hacked.

Backup, Backup, Backup!!! Multiple copies, on multiple media.
mountainsoft is offline   Reply With Quote
Old 07-10-2020, 09:44 AM   #56
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,075
Quote:
Originally Posted by mountainsoft
In my opinion, it's better to have one system you lock down as much as possible, and scan for viruses and malware regularly.
I think the point of the Chromebook is that you can do the above very easily and at little additional cost. I had a old Chromebook I used for financial transactions. Every few weeks I would 'Power Wash' it with one command. After that the entire machine was like new, never used.

One thing about Chromebooks is to remember that, like Windows and Apple machines, they reach a point where they are no longer are updated. I believe that Google has said they will update Chromebook's OS for 5 years. After that no security or other updates will be done. Keep that in mind, especially if you buy a used Chromebook. You could find that in a year or two the OS is no longer updated and security holes are not being patched.

My understanding is that an iPad running the apps created by the financial institutions is also very secure. Everything is encrypted and the opportunities for bad guys to infect an iPad are minimal. The apps have their own security built into them. So I am told. I don't know if this applies to the various Android or Windows based tablets.
__________________
Comparison is the thief of joy

The worst decisions are usually made in times of anger and impatience.
Chuckanut is offline   Reply With Quote
Old 07-10-2020, 09:45 AM   #57
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 26,801
Quote:
Originally Posted by 2cheap2eat View Post
I’m less concerned now as I have two-factor authentication (text message one time codes). Also, as others have pointed out, use strong passwords, scan for viruses regularly, and be weary when clicking on attachments & downloads (always scan).
Quote:
Originally Posted by mountainsoft View Post
...
NEVER click on an email link, even if it looks legit and trustworthy. If you get an email from your bank, log on to the bank site directly in your browser. DO NOT click on the email link. As long as you follow this simple rule, I don't see the point in having a dedicated email address. Emails are not secure anyway.

Remember the financial institution is a bigger target than you are. Even if you have the most secure computer and login on the planet, your financial institution can still be hacked.

Backup, Backup, Backup!!! Multiple copies, on multiple media.
I'm with mountainsoft, I will say "NEVER" in this case. There's just no reason to take this risk.

-ERD50
ERD50 is offline   Reply With Quote
Old 07-11-2020, 03:41 PM   #58
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Katsmeow's Avatar
 
Join Date: Jul 2009
Posts: 5,301
Quote:
Originally Posted by Chuckanut View Post

My understanding is that an iPad running the apps created by the financial institutions is also very secure. Everything is encrypted and the opportunities for bad guys to infect an iPad are minimal. The apps have their own security built into them. So I am told.
That is an interesting idea. I do have an iPad. Of course, I use it for a variety of things. I could use it to access the financial institutions though.

So far, I haven't gotten a Chromebook. I do a lot of stuff already to keep stuff safe and am going to add a few more. No, I don't click on links willy nilly. I am careful where I go. My system is scanned on a daily basis. I use 2FA. I am thinking about getting a yubikey (or similar device). I have long random passwords on financial sites generated using my password manager.
I have a separate financial email address. I think if I do all that I am pretty safe just using my regular computer and am taking way more safety precautions than most people.
Katsmeow is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chromebook? BOBOT Technology, Media & e-Gadgets 58 09-19-2022 08:32 AM
Chromebook in Europe? Anna J Travel Information 24 09-18-2018 09:00 PM
Chromebook for college student Chuckanut Other topics 21 08-30-2017 09:59 AM
Bloatware Pushing Me to Chromebook TromboneAl Other topics 66 01-13-2017 03:35 PM
Anyone using a Chromebook? sailfish Other topics 68 07-20-2015 01:00 PM

» Quick Links

 
All times are GMT -6. The time now is 03:49 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2024, vBulletin Solutions, Inc.