The way I understand certificate handling, it's done by the operating system, if that is not true, please tell me. But if it is, and I use portable firefox to log onto my bank's site, can't malware on the host machine make the valid certificate look invalid? Also, about the host's hosts file, the file stating what URL is attributed to what IP address, can't a malformed hosts file point your bank.com to a bad guy's IP address and then make the invalid certificate look valid based on the beginning of the question?
I am worried about the safety of using this to log onto to any site, a bank or just an e-mail address; I'd love to trust my friends to take care of their machines but if they fail to do that I do not want to be hurt by it. I realize I can install an anti-virus onto the same thumb-drive but the definitions would be less-than-new and I would hate to get a false positive and break my friend's machine, not to mention the time it might take.
Please help, I'd love to have this functionality but do not want to get burned by a virus I never fell for. Am I being too paranoid? Please advise.
Thanks,
Andrew
..but for "anti cross scripting" use the no script add on for firefox http://noscript.net/ or on the mozilla site.
For secure log in on bank sites use an app as gnucash or non os like starmoney etc or simply a bookmark for the site. Clamwin can do the antivirus job but it doesn´t help against USBdumper. And speaking of secure apping: when a friend´s PC can´t be trusted simply don´t use it.Use the search button for more information.
"Lorem ipsum dolor sit amet, consectetur adipisici elit, sed eiusmod tempor incidunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis .." Friday Next -
"May The Schwartz be with You!" Yogurt the Yoda
I haven't studied it extensively, but I believe Firefox uses its own root certificate store. I think also that they have worked to make it hard to add root certificate authorities to those included with a default installation; if you password protect the "security device", if I'm not mistaken, you have to be present and supply the password before any new certificate is accepted. So it would be difficult for a random virus or other malware to change the root certificate authorities enough to make a bad site look good, unless you were being a willing accomplice.
I agree that some people might allow their computer to become infested with malware, and the malware might just sneak a different certificate authority into the certificate store used by Windows (which would affect IE, Outlook, Outlook Express, and a few others). If you use your own Firefox or Thunderbird Portable, you have at least some chance against that.
If their hosts file is messed up, that too could cause problems.
You could, if you wanted, look at the hosts file to make sure it doesn't have odd entries. There should be other clues if the hosts file is messed up.
You could also make a record of the "fingerprint" of your bank's certificate, and the certificate authority (CA), while at home, and check it against the web site certificate that is presented each time you log in. It would be very difficult for another entity to create a certificate signed by one of your root authorities that has the same characteristics as your bank's certificate. Even if a bogus CA has been loaded, there should be enough differences between the certificate you have seen before and one that is presented in a bogus environment. It would also be fairly unusual for your bank to retire one certificate and start using a different one before the old one has expired (give or take a few weeks). So if you are paying attention and use the tools provided by your browser, you have at least a fighting chance.
It might be worse than that, though. A compromised machine can have other risks, including (but not limited to) keylogging functions that grab passwords, or rootkit programs running in the background out of sight that interfere with the proper functioning and privacy of your programs.
Paranoia is good. Nothing is without risks. If you are careful, and use ClamWin Portable and other tools (don't rely on just one), check certificates, and so forth, you might be able to reduce the risks to a reasonable level ... for you, and for particular tasks. I don't think you ever get the risks to 0, even at home, but you can frequently come "close enough".
Anyway, in the current environment (that is, any public Windows machine) there is not a good way to "prove" that a machine has not been compromised, or if it has been compromised, that it has been completely "cleaned up", short of formatting and reinstalling from secure media while not connected to the Internet. So if you are looking to take your risk to zero, this isn't the place to look. But most of us are willing to accept a bit more risk than that. It's up to you how much.
MC