And the user itself is one of the most risky element in the system.
Yes and no.
Yes, in terms of 'safer-unsafer' it is the user. A user unaware of the 1,000 different security risks may be 99% unsafe wheras a skilled user may be 1% unsafe only.
But in terms of 'how to eleminate 99% of these 1,000 different risks alltogether' it's not the user, it's always the system. And succeeding in this category would create security for the unskilled user too.
So let's talk about this
system security and about the main problem, insecurty coming through the web.
How about putting the web into a sandbox, just by using a virtual machine.
Deleting all network connections of the host machine - browsing etc only from within the virtual machine.
And using two virtual machines - one for crazy browsing, one strictly for banking only.
For instance, ... entering of passwords via the keyboard.
I think, even a keylogger - working in the 'crazy browsing virtual machine - wouldn't be able to log keyboard input into the banking virtual machine.
As long as there is no bug chain (bug for highjacking the machine and bug for breaking out of the virtual machine) that seems
technically safe.
Or do I oversee anything?---------- edited
... let us say fresh reboot TC, start browser and start online banking.
Think, you are right. Never mind which browser using, this
seems technically safe too.
And TC is ideal for that purpose.
Either by usb or as a super small system working within a virtual machine.