[Tomte]

Germany's best-selling PC magazine c't periodically distributes "Bankix" on their CD.

It's a Linux live system (with permanent storage on a USB stick) geared specifically towards online banking.

I believe that quite a few people actually use it.

Of course the hardware is the same, but you get a clean single purpose software system.

[telephonetemp]

> Germany's best-selling PC magazine c't periodically distributes "Bankix" on their CD.

>I believe that quite a few people actually use it.

That sounds like a great attack vector. How secure are factories where discs are pressed? Even without access to the factory you could buy a bunch of magazines and repackage them with compromised CDs.

[Tomte]

Someone would probably notice, checking the DVD against a checksum.

Repackaging it seems to be tricky, since the paper inlay is bound in the magazine, it's not just stuck on the cover or whatever. You tear it out at a perforation, leaving part of the DVD cover inside.

There are much more exposed attack vectors on online banking users, I would think.

And you can always just download the ISO and check it against the hash (and the PGP key).