Dedicated Financial Computer Master Thread

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Dedicated Financial Computer Master Thread

Post by TheTimeLord »

This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
Oddball
Posts: 433
Joined: Thu May 03, 2018 9:35 am

Re: Dedicated Financial Computer Master Thread

Post by Oddball »

I don't understand, are you saying some people own a computer that is only used to access their bank, investment, etc. accounts, and not used for anything else? They have a separate computer to track their March Madness brackets, look up stuff to cook, shop online?
afan
Posts: 8657
Joined: Sun Jul 25, 2010 4:01 pm

Re: Dedicated Financial Computer Master Thread

Post by afan »

I assume this approach is intended to provide more security. Perhaps by avoiding general internet browsing, one seeks to avoid malware. Not clear how this would make one more secure as opposed to general precautions, up to date antivirus software, not clicking on inappropriate links...
Or is there some other reason to limit financial access to one computer?
We don't know how to beat the market on a risk-adjusted basis, and we don't know anyone that does know either | --Swedroe | We assume that markets are efficient, that prices are right | --Fama
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Re: Dedicated Financial Computer Master Thread

Post by TheTimeLord »

Oddball wrote: Fri Mar 22, 2024 12:34 pm I don't understand, are you saying some people own a computer that is only used to access their bank, investment, etc. accounts, and not used for anything else? They have a separate computer to track their March Madness brackets, look up stuff to cook, shop online?
Yes.
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
User avatar
cowdogman
Posts: 2199
Joined: Sat Dec 16, 2017 6:44 pm
Location: Washington State

Re: Dedicated Financial Computer Master Thread

Post by cowdogman »

I can see the arguments for using a separate dedicated computer, but think it would be overkill if you do the following.

Use unique, long passwords
Use 2FA with a security key, authenticator or Google Voice number
Use a different username for each financial account
Use a dedicated email address for financial accounts
Check your accounts daily
Get email AND text alerts of any trading activity or large transactions
Have your brokerage/bank accounts customer services on speed dial
Lock your brokerage accounts to the extent possible/practical
Install anti-malware (e.g., Malwarebytes) on your computer
Otherwise practice good computer hygiene--don't click on email links, visit dodgy sites, etc.

I'm sure others will have additions to the above list.
finfire
Posts: 345
Joined: Tue Aug 14, 2018 1:52 pm

Re: Dedicated Financial Computer Master Thread

Post by finfire »

TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
User avatar
cheese_breath
Posts: 12300
Joined: Wed Sep 14, 2011 7:08 pm

Re: Dedicated Financial Computer Master Thread

Post by cheese_breath »

finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
OP is right. It has come up before.

But in answer to the question, I don't have a separate computer for such things,
The surest way to know the future is when it becomes the past.
finfire
Posts: 345
Joined: Tue Aug 14, 2018 1:52 pm

Re: Dedicated Financial Computer Master Thread

Post by finfire »

cheese_breath wrote: Fri Mar 22, 2024 12:55 pm
finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
OP is right. It has come up before.

But in answer to the question, I don't have a separate computer for such things,

I did not think OP made it up. I just Never heard of such a thing.
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Re: Dedicated Financial Computer Master Thread

Post by TheTimeLord »

finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
Here is one of the past threads.

viewtopic.php?t=389336
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
one_speed
Posts: 272
Joined: Tue May 25, 2021 2:01 pm

Re: Dedicated Financial Computer Master Thread

Post by one_speed »

If it goes thru your same home router, does that negate the safety? Also, Mobile apps for banking are handy. Do you avoid those?
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Re: Dedicated Financial Computer Master Thread

Post by TheTimeLord »

Another link for context.

viewtopic.php?p=6843435#p6843435
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
billaster
Posts: 3182
Joined: Wed Apr 27, 2022 2:21 pm

Re: Dedicated Financial Computer Master Thread

Post by billaster »

Next up, how many people use a dedicated phone to access your financial accounts?
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Re: Dedicated Financial Computer Master Thread

Post by TheTimeLord »

billaster wrote: Fri Mar 22, 2024 1:19 pm Next up, how many people use a dedicated phone to access your financial accounts?
There might be a some folks with dedicated Google Voice numbers.
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
bob60014
Posts: 3857
Joined: Mon Jul 31, 2017 8:59 pm
Location: The Land Beyond ORD

Re: Dedicated Financial Computer Master Thread

Post by bob60014 »

billaster wrote: Fri Mar 22, 2024 1:19 pm Next up, how many people use a dedicated phone to access your financial accounts?
Similar to the dedicated phone for only international travel use thread.

viewtopic.php?p=7779537#p7779537

To OP, No, I don't use separate computers or phones.
exodusNH
Posts: 11664
Joined: Wed Jan 06, 2021 7:21 pm

Re: Dedicated Financial Computer Master Thread

Post by exodusNH »

TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
I wouldn't bother with it as long as you are staying fairly mainstream with your visits and habits.

I personally use Firefox with NoScript to limit what sites can do. It's a huge pain to get everything working. But once you do, you'll be amazed how fast your computer actually is when it's not trying to load 97 individual advertising and tracking scripts.

I stick with Microsoft Defender. Most third-party antivirus is more trouble than it's worth. It's usually the new stuff that gets you. By the time antivirus vendors update their signatures, a new one is out.

I'm not suggesting that you hook up your computer to free WiFi and transact, but if it's at home, behind a NAT device, you'll be fine.

In general, people tend to exaggerate risks. Email with attachments is probably your biggest risk.

I've had an internet company since 1996. We currently have about 100 employees, but have probably had 500 different employees over the years. We used to offer dial up service. We've hosted websites for financial firms and state governments.

In that time, we had one issue with Code Red at the turn of the century. The most recent problem was a couple of years ago, when our in-house council, who's probably close to 70 now, fell for a phishing email with a malicious attachment.

The only virus that I've ever personally dealt with was sometime from 1989-1990, when a classmate gave me a disk that had the Jerusalem virus. (https://en.m.wikipedia.org/wiki/Jerusal ... ter_virus))

I have basically used a computer daily for 35 years and use one 8-10 hours a day for my work. (And I wasn't always just on mainstream stuff.) I have no concerns.
runner3081
Posts: 6450
Joined: Mon Aug 22, 2016 3:22 pm

Re: Dedicated Financial Computer Master Thread

Post by runner3081 »

Perhaps I should buy a car dedicated for driving only to the bank.
finfire
Posts: 345
Joined: Tue Aug 14, 2018 1:52 pm

Re: Dedicated Financial Computer Master Thread

Post by finfire »

Now I'm wondering if there is a modern cloud equivalent?

say you spin up a OS (windows, linux etc) instance for the few minutes that you need to browse a financial site, then you down the instance and kill it....
User avatar
aj76er
Posts: 1291
Joined: Tue Dec 01, 2015 10:34 pm
Location: Austin, TX

Re: Dedicated Financial Computer Master Thread

Post by aj76er »

We do this, more or less. My personal computer is only used for financial sites and yearly taxes. I do sometimes visit a site that is known and/or trusted (e.g. Amazon, insurance company, Bogleheads, etc), and will always log out afterwards.

But never for general “browsing” and I don’t install any 3rd part apps, except for google’s Chrome browser.

All personal reading and browsing happens on an iPad.

I do not use apps for any financial sites (e.g. brokerages). However, I do use phone apps for credit cards and a checking account that we use to pay some bills that only contains a small amount of cash, on average.

Furthermore all brokerages have Symantec VIP enabled with money lockdown and strong passwords (that are “not” kept in an online password manager).
"Buy-and-hold, long-term, all-market-index strategies, implemented at rock-bottom cost, are the surest of all routes to the accumulation of wealth" - John C. Bogle
DetroitRed
Posts: 184
Joined: Tue May 17, 2011 4:16 pm

Re: Dedicated Financial Computer Master Thread

Post by DetroitRed »

I use an inexpensive Chromebook (though Chromebooks are now getting more expensive) that still gets Android security updates (they end after a while).

I only login as a guest, not under my Gmail profile. Guest mode is a temporary user account on Chromebooks, so browsing history, website data, and downloaded files from the guest user will be deleted once I exit guest mode.

It means I have to re-enter passwords, but I don't mind. I find it's better not to have instantaneous access to all my financial accounts because it raises the chance I'll over react to market moves instead of staying the course. I do have text alerts activated for my most important accounts.
whomever
Posts: 1244
Joined: Sat Apr 21, 2012 5:21 pm

Re: Dedicated Financial Computer Master Thread

Post by whomever »

We use one.

It's a raspberry pi 400 running ubuntu, so if you have an old monitor the cost is $100. For an added bonus, the only storage, user or OS, is one microSD card. If you wanted to use it for something else most of the time you could pull the SD card and put the card in your safe. Whatever got hacked on the general use SD card would stay with it when you swapped cards (modulo a few exotic attacks).

This is specifically only for financial stuff, or more specifically transactions with treasury direct/brokerages/banks. I don't use it for email, looking at bogleheads, doing our general financial planning, or whatever. The only traffic is using a browser to go to vanguard.com or whatever. or click t

The benefit is that if I (or my better half) go to some sketchy site or open the wrong PDF on our general purpose computers there isn't exposure to the bulk of our assets.

I agree it is a very cautious approach, but OTOH is is cheap and easy to do.
User avatar
Svensk Anga
Posts: 1898
Joined: Sun Dec 23, 2012 4:16 pm

Re: Dedicated Financial Computer Master Thread

Post by Svensk Anga »

I do have a dedicated financial computer. It is a very basic Chromebook. If you shop around, you can get these for $100 or a bit more, so it is not a great extravagance. Oh, and I bought a mouse, so add maybe $15. When Google provides updates, I understand that it rewrites the whole operating system, so I think that would clear out any junk that got in. One does have to replace the hardware when it has reached the end of it's update availability if you want to be assured of security.

I guess email is the most likely vector for malware. I try not to open email on the financial machine, but sometimes there are things that cannot be done otherwise.

$100 or so every five years is worthwhile to me for some peace of mind regarding safety of our stash.

The only time I use a phone app for financial stuff is to deposit a check to my credit union.
exodusNH
Posts: 11664
Joined: Wed Jan 06, 2021 7:21 pm

Re: Dedicated Financial Computer Master Thread

Post by exodusNH »

finfire wrote: Fri Mar 22, 2024 1:29 pm Now I'm wondering if there is a modern cloud equivalent?

say you spin up a OS (windows, linux etc) instance for the few minutes that you need to browse a financial site, then you down the instance and kill it....
With a prior gig, where I had to use a company-issued laptop, that's what I did. You can script it pretty easily.

Again, though, I think the risk is exaggerated.
funyun
Posts: 349
Joined: Tue Oct 31, 2023 11:07 am

Re: Dedicated Financial Computer Master Thread

Post by funyun »

I do, it's a chromebook. It has its own google account too.
jacksprat
Posts: 82
Joined: Sun May 09, 2010 3:33 pm

Re: Dedicated Financial Computer Master Thread

Post by jacksprat »

I did this at one point, many years ago. Finally decided the risk mitigation was not worth the effort.

These days all my financial data is in a Bitlocker encrypted share which only gets unlocked for updates or viewing the data.

Edit: I've read windows 12 ( ?) will have sandboxing for individual apps.. Another reason a separate PC is not needed.
..
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
SnowBog
Posts: 5447
Joined: Fri Dec 21, 2018 10:21 pm

Re: Dedicated Financial Computer Master Thread

Post by SnowBog »

I do not... And have no plans to ever do so... And I would not recommend others to do so... (I'm not sure the effort/cost is worth a potentially negligible "benefit".)

But if someone was going to, I would make the same recommendations for this device as I would any/all others:
  • Ensure it remains updated on a supported OS
  • Which means you'll likely need to replace the hardware every few years as Apple, Microsoft, and Google won't make OS updates available for really old hardware (timeline varies by company)
  • Ensure it remains updated with recent/supported versions of any/all applications used on it - including antivirus.
mikejuss
Posts: 3300
Joined: Tue Jun 23, 2020 1:36 pm

Re: Dedicated Financial Computer Master Thread

Post by mikejuss »

TheTimeLord wrote: Fri Mar 22, 2024 12:48 pm
Oddball wrote: Fri Mar 22, 2024 12:34 pm I don't understand, are you saying some people own a computer that is only used to access their bank, investment, etc. accounts, and not used for anything else? They have a separate computer to track their March Madness brackets, look up stuff to cook, shop online?
Yes.
Who does this? I've never heard of it.
50% VTSAX | 25% VTIAX | 25% VBTLX (retirement), 25% VTEAX (taxable)
TN_Boy
Posts: 4640
Joined: Sat Jan 17, 2009 11:51 am

Re: Dedicated Financial Computer Master Thread

Post by TN_Boy »

cheese_breath wrote: Fri Mar 22, 2024 12:55 pm
finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
OP is right. It has come up before.

But in answer to the question, I don't have a separate computer for such things,
I wouldn't bother, but if I wanted to do this, I'd have a VM dedicated to this, versus actual hardware. You could spin up a linux VM easily, since all you really need is a browser (well, you need software to run a VM machine).
finfire
Posts: 345
Joined: Tue Aug 14, 2018 1:52 pm

Re: Dedicated Financial Computer Master Thread

Post by finfire »

TN_Boy wrote: Fri Mar 22, 2024 2:05 pm
cheese_breath wrote: Fri Mar 22, 2024 12:55 pm
finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
OP is right. It has come up before.

But in answer to the question, I don't have a separate computer for such things,
I wouldn't bother, but if I wanted to do this, I'd have a VM dedicated to this, versus actual hardware. You could spin up a linux VM easily, since all you really need is a browser (well, you need software to run a VM machine).
It would probably be more secure also. The VM could be minimalist, just enough of a kernel to support networking and browser.

However, this may be complex for many people.
User avatar
Topic Author
TheTimeLord
Posts: 12554
Joined: Fri Jul 26, 2013 2:05 pm

Re: Dedicated Financial Computer Master Thread

Post by TheTimeLord »

finfire wrote: Fri Mar 22, 2024 1:29 pm Now I'm wondering if there is a modern cloud equivalent?

say you spin up a OS (windows, linux etc) instance for the few minutes that you need to browse a financial site, then you down the instance and kill it....
I think there are people who probably have implemented virtual machines.
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
jebmke
Posts: 30075
Joined: Thu Apr 05, 2007 2:44 pm
Location: Delmarva Peninsula

Re: Dedicated Financial Computer Master Thread

Post by jebmke »

finfire wrote: Fri Mar 22, 2024 2:08 pm
TN_Boy wrote: Fri Mar 22, 2024 2:05 pm
cheese_breath wrote: Fri Mar 22, 2024 12:55 pm
finfire wrote: Fri Mar 22, 2024 12:52 pm
TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
Never heard of such a thing. Where is it that it "occasionally comes up"?

If it is a thing, I wonder what kind of net worth these individuals have....
OP is right. It has come up before.

But in answer to the question, I don't have a separate computer for such things,
I wouldn't bother, but if I wanted to do this, I'd have a VM dedicated to this, versus actual hardware. You could spin up a linux VM easily, since all you really need is a browser (well, you need software to run a VM machine).
It would probably be more secure also. The VM could be minimalist, just enough of a kernel to support networking and browser.

However, this may be complex for many people.
Agree on the above. Probably too complex for many. I have several VMs with Linux and most are non-persistent so even if something crept in it won't survive turning off the VM. I don't use them for financial stuff - mainly what little search I do a and a bit of browsing .
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
tibbitts
Posts: 26558
Joined: Tue Feb 27, 2007 5:50 pm

Re: Dedicated Financial Computer Master Thread

Post by tibbitts »

I don't use a separate device, vm or otherwise. I do understand the risk but am not convinced it would be substantially reduced by using a separate device. Also I log onto financial sites often so it would be a significant inconvenience.
MGBMartin
Posts: 1375
Joined: Thu Nov 04, 2021 11:09 am

Re: Dedicated Financial Computer Master Thread

Post by MGBMartin »

I have a laptop that is dedicated for financial type stuff as well as one used only for photo/video editing and another I use for general day to day stuff like email etc and yet another as a Linux machine running my DNS server.
I do this not necessarily because I’m paranoid or like keeping everything separate but somehow I ended up with 6 laptops when I retired so I don’t want any of them to feel neglected.
Bad spellers of the world untie | Autocorrect is my worst enema
TN_Boy
Posts: 4640
Joined: Sat Jan 17, 2009 11:51 am

Re: Dedicated Financial Computer Master Thread

Post by TN_Boy »

TheTimeLord wrote: Fri Mar 22, 2024 2:37 pm
finfire wrote: Fri Mar 22, 2024 1:29 pm Now I'm wondering if there is a modern cloud equivalent?

say you spin up a OS (windows, linux etc) instance for the few minutes that you need to browse a financial site, then you down the instance and kill it....
I think there are people who probably have implemented virtual machines.
I agree, though there are many people who would not want to mess with this. You have to buy/download the VM software (the better stuff costs more), get the OS (Linux maybe a bit more pain) downloaded and running, make a few configuration decisions etc. It's not rocket science, but it's not completely trivial if you are not a bit of a techie.
User avatar
user9532
Posts: 277
Joined: Sun Dec 18, 2016 9:08 pm
Contact:

Re: Dedicated Financial Computer Master Thread

Post by user9532 »

I have been using a separate, dedicated laptop for finance for a long time. This is my setup:

- I bought a new laptop running windows professional
-Unistalled all unwanted programs. I only have Microsoft Office, Moneydance to track expenses, Chrome browser, Adobe pdf reader, Keepass password manager, tax software, and some windows utilities.
- I set up a separate email account on this laptop. I use that exclsively for accessing my accounts and for nothing else. I never share that email account with anyone.
- I created a simple html document containing links to all my accounts, saved it on the harddrive, and made that my home page. So when I launch the browser, that page loads up and I go to my account by clicking on the link on that page.

I have a couple of other computers for other purposes, one for processing photographs using Adobe Lightroom and another for everything else.
ccieemeritus
Posts: 856
Joined: Thu Mar 06, 2014 9:43 pm

Re: Dedicated Financial Computer Master Thread

Post by ccieemeritus »

I don’t have a separate computer for financial stuff, but on my Mac I have a separate account for some video games/services that I’m not sure I trust (mostly about the game publisher). That account doesn’t get admin access.

I use that separate account for my Steam games (games from assorted publishers), and (years ago) world of warships (published by a company originally HQ’d in Minsk)

But some games I’ll play on my primary account (SimCity from EA).
User avatar
9Iron
Posts: 388
Joined: Fri Feb 23, 2007 5:41 pm
Location: South Florida

Re: Dedicated Financial Computer Master Thread

Post by 9Iron »

I have a new ipad that I only use for my Banking/Brokerage/Insurance sites. I don’t have email set up on it, and I limit applications and data shared via icloud ( no photos, safari bookmarks, etc.).

I bought it to replace my ipad 6, since it was on sale. However, I ended up just using the new one for financial purposes only.

I do use my phone to log into one of my bank accounts, but I don’t keep much cash there.

Years ago, I ran Ubuntu from an external drive.

Not sure if all this actually adds anything, but it works for me!
User avatar
beyou
Posts: 7838
Joined: Sat Feb 27, 2010 2:57 pm
Location: If you can make it there

Re: Dedicated Financial Computer Master Thread

Post by beyou »

cowdogman wrote: Fri Mar 22, 2024 12:48 pm I can see the arguments for using a separate dedicated computer, but think it would be overkill if you do the following.

Use unique, long passwords
Use 2FA with a security key, authenticator or Google Voice number
Use a different username for each financial account
Use a dedicated email address for financial accounts
Check your accounts daily
Get email AND text alerts of any trading activity or large transactions
Have your brokerage/bank accounts customer services on speed dial
Lock your brokerage accounts to the extent possible/practical
Install anti-malware (e.g., Malwarebytes) on your computer
Otherwise practice good computer hygiene--don't click on email links, visit dodgy sites, etc.

I'm sure others will have additions to the above list.
I concur, many of these are the steps one should take, but no reason to have a separate computer.
That said, I use my iphone and iPad for many personal things and tend to use my laptop for business/financial tasks.
But If I want to watch a YouTube video on my laptop, no big deal. The above steps should be followed on any/all devices you own.
I don't want ANY of my devices hacked, and some hacks are not device specific anyway.
gips
Posts: 2015
Joined: Mon May 13, 2013 5:42 pm

Re: Dedicated Financial Computer Master Thread

Post by gips »

I use virtualbox:
https://www.virtualbox.org/

And spin up Ubuntu
oldlongbeard
Posts: 315
Joined: Tue Oct 23, 2018 11:07 am

Re: Dedicated Financial Computer Master Thread

Post by oldlongbeard »

No need. Run this from a write protected drive. Easy, fast, not possible for the drive to have any info about your accounts saved on it:

https://tails.net/
User avatar
nisiprius
Advisory Board
Posts: 54718
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: Dedicated Financial Computer Master Thread

Post by nisiprius »

I know that security is technically complicated, and that I am not an expert. I therefore think that my intuitions about what practices add security are not reliable.

It is very easy to get talked into some basically-superstitious practice under the guise of advice. At one point I was working for two scientists, each of whom had their own PDP-11 minicomputer. One of them absolutely insisted that his computer be powered down every night--not for energy reasons, but because he believed that risks and required maintenance were a direct function of the number of hours of operation. (The expensive air filters for the disk drives absolutely did have a replacement schedule based on hours of operation, for example). The other absolutely insisted that his computer be kept powered up continuously, 24/7, because he believed each power up stressed the devices and wore them out incrementally.

If there were a solid general consensus among real security experts that everyone should have a dedicated financial computer, I think computer sellers would be marketing the heck out of this, with deals for buying a pair of computers at a discounted price.

I have no idea what to do about the flood of data breaches that now seem to occur every few months. I've been notified of exposure to, let me think, three of them within the last year. But those data breaches are occurring at their end, not mine. My account would have been breached whatever computer I was using.

Routers are computers and can and have been hacked. We moved a couple of years ago and our Internet service "gave" us an Internet modem with built-in WiFI router. Since they came with a preset password that appeared to have been randomly generated for each customer, I haven't changed any settings. (One reason is that the manual for the router--online only--is quite sketchy in terms of what things you can actually set and how). Presumably my provider knows my router password, though! It seems to me that if I were doing random things to add security, I'd throw out their router, and buy my own.

This sounds like an older idea of having two computers, one connected to the Internet and one not. ("Air-gapped" is the jargon term). I did know a couple that said they were going do this, but think they actually did. Nowadays I don't even know how you would use such a thing, since very little software is delivered on physical media these days! You'd pretty much be restricted to what's bundled, and you'd need to connect to the Internet just to pay for and activate the full version!
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.
User avatar
nedsaid
Posts: 20126
Joined: Fri Nov 23, 2012 11:33 am

Re: Dedicated Financial Computer Master Thread

Post by nedsaid »

TheTimeLord wrote: Fri Mar 22, 2024 12:13 pm This topic occasionally comes up but is fairly hard to search on the form. So how many people are using a dedicated financial computer as their only means of online access to their accounts? Any tips or tricks you think are worth sharing?
I have a sibling who does precisely this.
A fool and his money are good for business.
jbinbi
Posts: 9
Joined: Wed May 11, 2011 3:01 pm

Re: Dedicated Financial Computer Master Thread

Post by jbinbi »

For those who are not really computer literate, but want more security when browsing on their fin sites, just download the 'brave' browser. Essentially Firefox with all the security settings set for you and can't be changed. If you know what you are doing, you can set Firefox to delete history, or not save anything etc etc.

For those who have a bit more computer knowledge, as mentioned above, booting tails and running a browser from that would keep nothing on the computer.

For the rest of us, as said early on, probably THE most important issue is 2FA. Having a long unique passphrase is hand in hand with that, but most people re use pwds, which might be out there associated to your email address, but if you have 2FA, you are safe(r).
Northern Flicker
Posts: 17372
Joined: Fri Apr 10, 2015 12:29 am

Re: Dedicated Financial Computer Master Thread

Post by Northern Flicker »

cowdogman wrote: Fri Mar 22, 2024 12:48 pm I can see the arguments for using a separate dedicated computer, but think it would be overkill if you do the following.

(partial list for comments below)
Use unique, long passwords
Use a different username for each financial account
Use a dedicated email address for financial accounts
Install anti-malware (e.g., Malwarebytes) on your computer
Long unique passwords are a great idea, but that does not mitigate the risk of a machine being compromised, which is what having a dedicated machine attempts to address.

Using different and/or random usernames for each account does not provide much. Having as much of the entropy for the combined username and password as possible in the password is more secure as it should be stored securely at the service provider.

Properly locking down email accounts matters. Having a dedicated one for financial accounts does not add much. Segregating accounts used for 2FA and accounts used for email alerts is beneficial. If say a google account used for google voice were compromised, getting email alerts at a different email address than associated with the google voice account would mean that the alerts would not also be compromised. This is segregating the preventive control (google voice 2FA) from the detective control (email alerts).

If using Windows, the built-in Windows Defender is a good anti-malware solution. Installing a 3rd party one has pluses and minuses. It theoretically could catch something that gets through Windows Defender, but it is an application running with admin rights and with connections to the outside world, which becomes an additional point of attack. I prefer not to add to the attack surface for minimal extra security on top of Windows Defender.

I turn this around. The machine I use for financial accounts is not dedicated for that purpose, but all access to financial accounts is done with a single machine. I manage that machine in a more secure manner than other machines. It is segregated on its own virtual network with an Ethernet cable connecting it to the router. I ensure virus signatures are up to date and reboot the machine before accessing a financial account. I minimize the number of software packages installed on the machine, and don't use it for general web surfing.
User avatar
dual
Posts: 1455
Joined: Mon Feb 26, 2007 6:02 pm

Re: Dedicated Financial Computer Master Thread

Post by dual »

I think a primary requirement for a financial computer is to satisfy the fraud protection policies of your financial companies. Many of the policies require an audit of your computer in the event of a major theft. To me, the use of a virtual machine, or even Linux is questionable for a representative from the financial company to understand so I use a plain vanilla windows PC always updated.


Here are some recent links to the fraud protection policies at some brokers

Schwab
https://international.schwab.com/security-guarantee

Fidelity
https://www.fidelity.com/security/custo ... guarantee
Merrill Edge
https://www.ml.com/privacy-and-security ... ction.html
Vanguard
https://investor.vanguard.com/trust-sec ... ity-center

A thread from 2021 on bogleheads on broker fraud guarantees. I found some of the links dated.

viewtopic.php?t=355944
will86
Posts: 105
Joined: Tue Apr 18, 2023 8:47 pm

Re: Dedicated Financial Computer Master Thread

Post by will86 »

dual wrote: Sat Mar 23, 2024 1:45 pm To me, the use of a virtual machine, or even Linux is questionable for a representative from the financial company to understand



Can you clarify what you mean as questionable.. to understand?

many linux distros can be run as a (read only) ISO from a thumbdrive or cd.
easy to do and much cheaper than a second machine
roamingzebra
Posts: 1723
Joined: Thu Apr 22, 2021 3:29 pm

Re: Dedicated Financial Computer Master Thread

Post by roamingzebra »

nisiprius wrote: Sat Mar 23, 2024 7:07 am I have no idea what to do about the flood of data breaches that now seem to occur every few months. I've been notified of exposure to, let me think, three of them within the last year. But those data breaches are occurring at their end, not mine. My account would have been breached whatever computer I was using.
I suppose it's possible that someone could surf the web without an ad-blocker, click on a malicious ad and have their computer taken over by ransomware.

Would the victim still be able to access their financial accounts on the second computer? One would think so, but there's the question of the router. Does ransomware affect only a computer or the router as well?
User avatar
dual
Posts: 1455
Joined: Mon Feb 26, 2007 6:02 pm

Re: Dedicated Financial Computer Master Thread

Post by dual »

will86 wrote: Sat Mar 23, 2024 1:55 pm
dual wrote: Sat Mar 23, 2024 1:45 pm To me, the use of a virtual machine, or even Linux is questionable for a representative from the financial company to understand

Can you clarify what you mean as questionable.. to understand?

many linux distros can be run as a (read only) ISO from a thumbdrive or cd.
easy to do and much cheaper than a second machine
I imagine someone from a financial company looking over my shoulder to decide whether I took reasonable care to secure my computer. I doubt they would understand whether I implemented a virtual machine so it is secure. I am an engineer, retired, but I still keep up on software, and I do not understand the implications of whether instances of virtual machines retain history.

As for Linux, there are so many distro and versions of software, like browsers, to download and install that I think it’s hard for a financial company to say this is a good implementation. The fraction of people who run Linux is tiny compared to windows or a Mac so again, I think it will be hard to find someone from a financial company who is up on the latest Linux systems.
tibbitts
Posts: 26558
Joined: Tue Feb 27, 2007 5:50 pm

Re: Dedicated Financial Computer Master Thread

Post by tibbitts »

I do have several computers and VMs, but it's not for security reasons. As a practical matter unless the machines are running all the time (which somewhat defeats the "destroy the instance" practices that some people are following), it's annoying to have to apply updates virtually every time I use a computer or image. It doesn't take forever, but takes time for downloading, applying updates, then ((often) rebooting. Unless you research the updates, you won't necessarily know which might be security-related or not, and of course that would take longer than just applying the updates. So I'm just seeing this as a substantial inconvenience for a two-minute login session.
Wrench
Posts: 1225
Joined: Sun Apr 28, 2019 10:21 am

Re: Dedicated Financial Computer Master Thread

Post by Wrench »

I am aware of a non-profit that had a dedicated computer for accessing financial accounts. It was configured so it "reset" to a clean, default configuration on reboot. Anything saved or installed to the internal hard drive during each use was thus removed on reboot. (This type of configuration is often used in universities for computer labs and or common area computers). The thinking was that this approach reduced risk of malware being permanently installed, so reduced risk of financial fraud.

Wrench
will86
Posts: 105
Joined: Tue Apr 18, 2023 8:47 pm

Re: Dedicated Financial Computer Master Thread

Post by will86 »

dual wrote: Sat Mar 23, 2024 2:25 pm I think it will be hard to find someone from a financial company who is up on the latest Linux systems.
Thanks


I would like to think the financial company has qualified IT people on their payroll. Whether they use them to determine who is liable in case of a breach is a different question
Post Reply