5 Simple Safety Tips to follow when using Public Computers
ADVERTISEMENTSI know a lot of people who don’t have computers at home, but still go to the nearest cyber cafe to get things done online. However, these public computers, very so often, are highly infected with malicious programs. You’re actually putting your data and online accounts at high risk when you’re accessing them via a cyber cafe.
Keep the following tips in mind so that the next time you’re accessing the internet via a public centre, you can be more safe.
Avoid Keyloggers
Besides being a host to viruses and trojans, public computers are also homes to keyloggers - programs that monitor every keystroke you press, and probably even take screenshots and transmit them to hackers. Remember: every key that you press is being logged, so how do you prevent this from happening?
Thanks to Technospot.net, there’s a simple trick that can be used to efficiently fool keyloggers. What you have to do is this: enter a few characters in the passwords box, select them with your cursor, type the first letter of your real password. You repeat the first two steps, and then press the second letter.
Or there’s another better method: Get Nero SafeKeys. Put the .exe file in your USB Drive. Or download it when you’re in the public computer, and then do your job.
With Nero SafeKeys, you can efficiently avoid keyloggers in public computers - it’s an onscreen keyboard. You use your cursor to select the right characters, and then all of them appear in the Nero SafeKeys window (hidden in asterisks). You drag and drop them in the right field. This way, you didn’t enter a key, and nothing got logged.
Use an alternative Browser
Photo by sgrah
Avoid using Internet Explorer. Use an alternative browser. IE is more prone to malicious attacks than Firefox or Opera. If the computer you’re using has a browser other than IE installed, don’t forget to use it.
You can also get a portable version of Firefox (only a few computers have USB ports, so this might be useless sometimes) that runs from your portable disk. You can carry the customized version wherever you go.
Don’t store login information
When the browser asks you whether you want the passwords to be saved, immediately ignore. You don’t want your account to be accessible by others, do you?
Clear Cookies & History, Log Off
Make sure you log off from all your online accounts before you leave the system. If you don’t sign out, any body else could misuse your account. Never forget to sign out.
Also, if you downloaded any important documents while browsing make sure you delete them as well.
Use a Live CD
Photo by djspinnet
I’ve spoken about this before, but I want to stress this once again. Grab a Linux Distro ISO from here, burn it onto a CD. Pop it into the computer you’re on, and you have a whole new OS. So safe that you don’t have to care about the other methods I’ve mentioned above.
Everything is read only, so you don’t leave a trace. And moreover, viruses don’t attack Linux the way they’re widespread in Windows, so it’s guaranteed that you’re very much safe.
But not all cyber cafes these days give access to CD Drives though. Some of them even have stripped down PCs that have very less RAM so this is something that you can’t rely on.
March 26th, 2008 at 12:31 am
Hey nice tips and very simple to follow. Thanks for this!!
March 26th, 2008 at 2:40 am
Another tip.Get a usb dirver,and put the portable edition of our favorite softwares into it.
March 26th, 2008 at 2:53 am
better yet u can use a portable OS
I like Ubuntu and here is a link to a tutorial that u can use Ubuntu from ur flashdrive inside windows without rebooting or installing, keeping all ur settings with you
http://www.pendrivelinux.com/2008/01/11/run-ubuntu-710-from-windows/
March 26th, 2008 at 3:56 am
@Vikram: You’re welcome.
@BullDozer, DiggLife: Yep, guys portable apps are indeed quite handy. I’ve mentioned Portable Firefox in point #2.
March 26th, 2008 at 4:08 am
carrying portable apps in USB is a good option. Nice post shankar
March 26th, 2008 at 4:43 am
@Ram: Yep, indeed. However, I should also mention that there are many chances for your USB Flash Drive to get infected. In that case, Live CDs are a better option.
March 26th, 2008 at 10:27 am
Very nice and helpful tips.
March 26th, 2008 at 10:37 am
It’s not NeroKeys, it’s Neo’s SafeKeys. You can even see so in the pic that you yourself put up.
March 26th, 2008 at 11:30 am
try http://kyps.net - lets you log into some password-based sites using one-time passwords. especially good for internet cafes!
March 26th, 2008 at 1:25 pm
“only a few computers have USB ports, so this might be useless sometimes”
virtually all, if not all computers have USB - the question is if all the ports are in use (a usb hub will handle this) or if they have been phsycially blocked from you (this may be the case with some public computers)
“Grab a Linux Distro ISO from here, burn it onto a CD. Pop it into the computer you’re on, and you have a whole new OS… so it’s guaranteed that you’re very much safe.
But not all cyber cafes these days give access to CD Drives though.”
In addition to portable apps mentioned earlier, you can make portable USB bootable OS’s. These have the advantage (IMO) of being r/w. Means you don’t have to make a new CD anytime you want to change anything in the OS, but does open you up a tad more to attack. You’re still on your own OS, and linux at that, and probably more up to date due to the ease of updating in a r/w environment, so this risk should be mitigated. Speaking of mitigating risk, I assume that’s what you meant in “it’s guaranteed that you’re very much safe.” I also assume english is your 2nd language. The r/o nature of the medium helps mitigate risk, but exploits can be run on your system & affect active memory, you won’t carry the exploit with you, but you will be exposed at the time of exploit. It’s no guarantee. (of course, should you realize you’ve been compromised, you could just reboot)
This all gets me to my final point on the bootable OS subject, which is both the CD and USB bootable OS’s rely on the BIOS. Some older systems BIOS simply won’t allow USB to boot. Both need to have to BIOS look to CD or USB respectively before they look at their HD’s to boot. This may be something you can change without too much effort, or they may have password protected BIOS. Depending on your level of physicall access & people who might be concerned with you opening up the box, you can open the box & reset the BIOS with a jumper on the motherboard. A google search on ‘reset bios password’ will give useful tips on getting thru BIOS.
Once you’ve got control of BIOS it varies a bit from BIOS to BIOS but you’re looking for something like “Advanced Setup”, “Boot options”, or “Feature Setup”. Make note of the HDD they are booting off for the normal OS, then make USB or CD as desired the primary boot device, and the HDD their alternate.
The reason to go to your own OS is largely software which may be installed on a public computer which may expose you to risk. But one other risk to be aware of in a public environment is traffic sniffing from another computer. If you are on a hub network, this is trivially easy, if you are on a switched network, an ARP attack would be needed. Encryption will help against unsophistocated attacks. On a hub environment there are methods to try to determine if there’s a sniffer, but once again a degree of sophistocation can defeat these. On a switched network ARPwatch or something similar can watch your ARP tables & detect if a sniffing/man in the middle attack may be occuring, and if this is not the case, your connection can only be compromised via control of devices between you and whatever you’re connecting to online. Given how routes are chosen, this would pracitcally need to be your gateway to the net in most situations(sometimes there’s another internal router or in a kludged or malicious environment, another computer on the way to the gateway), so the question is how much do you trust the security of the gateway device/the establishment you’re in.
This all being said, the biggest risk is from the most common attacks, using your own OS will nullify the most common, using linux as that OS will nullify more, so you should be alright. There are no guarantees though, it’s about a tradeoff between security and usability.
March 26th, 2008 at 6:28 pm
@Davinder: Thanks for stopping by.
@Locke: Oops, I’ve corrected that. Thanks for the heads up.
@Someguy: That is really useful. Thanks for sharing
@Anon: Thanks for leaving that very informative comment, and for educating us on things like traffic sniffing
March 27th, 2008 at 1:17 pm
Good tips, Shankar. I’ve been doing the pwd obscuring all along, as a habit, though I didn’t read anywhere. It was just something that got into my head. I used backspace first, but then realized it would be logged too. So, select it is !
Using USB drive is more dangerous - you carry any malware from the center to your home/work.
Also, one more reason to not use IE - they leave traces of browsing within the OS even after selecting the clear cookies/pages buttons. So much for anonymous browsing
March 27th, 2008 at 8:36 pm
Great tips Shankar, just one point, not all public computers have CD drive. Few browsing centers still use old Windows 98 OS without CD drives.
March 27th, 2008 at 9:19 pm
@Sumesh: Hehe we need to try tough things to defeat keyloggers
@Nirmal: Yep, that’s true, I mentioned it in the post as well
March 28th, 2008 at 12:49 am
Gr8 tips !!!!
Very much worthy post .
March 28th, 2008 at 8:38 am
gr8 post. but you missed out “Browzar”…thatz the best for mobility & security…
March 28th, 2008 at 11:24 am
Great Post man. I really like the option of using a Live CD . That way you are completely protected.
March 28th, 2008 at 11:15 pm
@ArpitNext: Thank you.
@Aravind: I never knew about Browzar. Thanks for sharing.
@Madhur: Thanks buddy. Yup using Live CDs is the best thing you can do.
April 2nd, 2008 at 4:56 am
Use Firefox and clear all things when you log-off with Ctrl+Shift+Del. Much faster that way.
April 4th, 2008 at 8:54 am
I’ve found a pretty good way to surf the Cafe’s safely. I use my Cosmopod (online Linux desktop) to surf. The portable NX client on my thumb drive already has my password to log in. Once logged in I”m in a secured private connection.
See screenshots and details about how I set my account up here:
http://clif-notes.blogspot.com/2008/03/can-i-access-cosmopod-from-public-pc.html
Happy surfing!
April 4th, 2008 at 2:00 pm
@Syahid: Yeah I do the same thing in Firefox when I’m on a public computer.
@ClifNotes: Thanks for dropping by, it’s great to see you here. I’ve never heard of Cosmopod, thanks for enlightening us
April 6th, 2008 at 3:40 am
kuttay kay bachay tere se block karne ka pocha tha
TERE MAA KI
April 7th, 2008 at 10:22 am
Pillar post Shankar. I love it when Firefox introduced the feature where it can clear all the infos automatically when it close.
April 13th, 2008 at 1:31 pm
[...] | Killer Tech Tips | Web Worker Daily | Raymond.CC [...]
May 27th, 2008 at 11:40 am
[...] Apart from that, they are important from the point of view of security as well. Working on a friend’s or cafe’s computer can be unsafe as the computer might be spying on you. Portable softwares ensure that you need not use programs installed on that machine. Here are some security tips for public computers. [...]