Internet Cafe

bern · Joined: Mar 12, 2007 Posts: 1487 Location: ann arbor

I was recently traveling, and had no good source to connect to the internet (hotel, etc.) So I went to an internet cafe. They offered me the choice of using one of their computers, or my own laptop.

Question: what is more secure? On the one hand, their computers might have key stroke loggers installed so someone could find out what passwords I used on the session. On the other hand, connecting my laptop to a secure, but unknown network has other hazards as well.

Suggestions, or advice?

thanks

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

I find that what you say is true. Really can't be trusted either way.

If I were to just want to browse the web or such that I wouldn't be needing any of MY stuff, I'd use there's. Let them take the viruses. BUT, if I know I'm gonna need more I'd use portable apps (portableapps.com) & put them on a USB drive that has the READ ONLY switch on it. (hard to find around here but can be gotten on the internet) That way NOTHING can be written to it.--- & virtually gives you your own PC. --- NOTE: not sure if this would help with a logger as you are still using THERE OS.

An alternative is a USB card reader with the card set to READ ONLY or a CD. - Then this assumes that the cafe will let you use this on THERE computers. Otherwise I'd make a LIVE BOOT disk (most secure that I know of) - (you can make a windows one on a flash drive) but with windows, your drives will probably still be mounted (right off, I don't recall how to get & keep them unmounted in M$ --- a linux live CD would be better for this as it's designed to do this.) Then just do all your work on the web using your own PC. --- this is the same as running from memory & will be dumped at boot, so nothing saved if you get into a virus (of course using linux would help in that aspect as well)

A third alternative is to have your HD imaged & have only on the NB what you need. If a virus DOES hit, just restore the image & go on. - (& "shoot" the cafe's IT person for not doing his / her job on your way out.)

& above all, if you are gonna use M$, make sure you have a good firewall - antivirus & malware program running. (an ounce of prevention...)

bern · Joined: Mar 12, 2007 Posts: 1487 Location: ann arbor

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

Not that I'm aware of. All the ones that I know of have to be on the computer in question. & since you are virtually installing the OS each time you boot, there can't be anything but what YOU put there.

Now there MAY be some sort of packet sniffing stuff that MAY get at it, but if you run a secure connection, it would be encrypted.

The "PUPPY" linux seems to be the best one for "out of the box" usage that I've tried & should work just fine for this kind of stuff. (but you can try any one that you favor) You MAY have to run auto configs, if I recall right, but they are easy enough...

BTW: the mount & unmount stuff is as follows. I haven't checked this out so use at your own risk... (I assume no responsibilities if this doesn't work as expected)

In Windows it's called 'disable/enable', go to system -> hardware -> device manager, disk drives - enable/disable (this is assuming that the Windows LIVE OS will let you "disable" the "C" drive or whatever one holds your main OS - & without screwing things up - it SHOULD disable all other drives accordingly)

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

Something else, unless you HAVE to use a certain email address, you could always create a "throw away" one & kill it (or change the password) the first chance you can get to a known safe connection. (OR better yet, give someone you can trust with the logon the info ahead of time & have them do this for you if you suspect foul play) You just have to let everyone that you expect to send you something know to use that one for that duration.

Of course this isn't 100% secure by any means (really, nothing is) & stuff in it CAN be had, but better than nothing at all.

bern · Joined: Mar 12, 2007 Posts: 1487 Location: ann arbor

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

Well, what I gave here MAY be a bit extreme as I (before I switched to linux for my main OS) used to just use the stuff I had in M$ to it's fullest. As an example, I used ZONEALARM to tell me if anyone was trying to hit my computer. A good A/V & SPYBOT S&D as it alerts me to any attempts at registry changes.

But if you feel comfortable using LINUX, in my opinion, that is the way to go as it will be very hard for any "nasties" to get on your computer. From the outside anyway. A reminder though, if someone is hellbent enough, they WILL find a way to get at you. NOTHING is 100% secure!!!

These are just my suggested thoughts, & may or may not work for you or others, but it SHOULD give people an idea of what CAN be done. & maybe I triggered there OWN ideas as to how to approach this.

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

You may be interested to read this - it is about key logging - portable apps forums

http://portableapps.com/node/16343

Well I think I've done all the "damage" I can for one day.... Laughing

zlim · Joined: Mar 11, 2005 Posts: 2747

I've used computers in internet cafes and on cruise ships since 1999. I've never had a problem but I prepare ahead of time. I always use different passwords for every forum, my homepage and my email accounts. I change all my passwords right before I travel and if I take my netbook, all cookies and passwords will be erased before the computer leaves the house. I also change all passwords again when I return home.
I keep my passwords on a 3 x 5 index card in my wallet with the site it belongs to coded so it isn't obvious if someone found the card what it meant. Obviously with all those strange passwords, I could not begin to memorize them all.

I never do anything sensitive on a "borrowed" computer like online banking. I even go the extra step and forums where I have admin privileges, I've set up normal user accounts. While I travel, I do not log in with any account with elevated privileges, I stick to all normal user accounts.

On my first cruise, I took a jump drive with my FF browser which I wanted to use to surf. The ship does not allow you to use the USB ports on computers. I chose not to use any computers on that ship and waited until we docked to check email if there happened to be an internet cafe in the area.

bern · Joined: Mar 12, 2007 Posts: 1487 Location: ann arbor

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

Speaking of FIREFOX, using this along with it's NOSCRIPT & ADBLOCKER ad-ons can stop a world of hurt as well. (as long as you don't "allow" the junk in)

drwho07 · Joined: Nov 29, 2007 Posts: 2238 Location: Central FL, USA

With my new Acer Aspire ONE, Netbook, I've been doing a lot of WiFi hot spot surfing around the area.

Many local Restaurants, even Bob Evans, have FREE WiFi service.
I run the same set of Anti-malware software on my Netbook as I do on my home computer and I really don't feel compromised by using public WiFi services.

I do use Firefox 3.5.2 and the AdBlock+ and NOScript addons.

I keep NO financial info or other 'sensitive' information on any of my PC's so I always feel safe while surfing.

My Anti-Malware package includes:
AVG 8.5 Professional
Spybot Search & Destroy
Spyware Blaster
HOSTS Manager

The Windows Firewall is always ON.

I make sure that all programs are up to date before I ever go surfing.

I'm really not paranoid..........I KNOW they're out to get me!

Doc Cool

bern · Joined: Mar 12, 2007 Posts: 1487 Location: ann arbor

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

If you HAVE to do "SENSITIVE" work out & about, the only way I can see around this is to get one of those WIRELESS accounts. (Like a "cell phone" you plug into your computer. - not cheap, I know) - then you will know how safe the connection status is.

But taking the necessary precautions, I'd say that places like McD's & such SHOULD be OK. If I didn't feel comfortable where I was, I'd find a place I did.

FishyMike · Joined: Dec 14, 2005 Posts: 312

I want to bring this topic back for a few questions.

I just purchased a laptop with the sole intent for wifi hotspots. but I want to apply all my layers of security before I put it out there. I tried to use a number of linux live disk but for some reason my laptop doesn't like them, either freezes or gives me numerous errors. If I can't use boot disk then I need to bullet proof system as much as i can. I have Drwho07's package suggestions, plus ZoneAlarm. Those programs are automatic with me, used them for years. But I'm looking for anything more that might protect my laptop.

Thanks for Any and All suggestions....

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

I'd say if you are using DOC's suggestion PLUS zonealarm (set to warn you of any attacks) then you SHOULD be good to go.

The only thing I can add is to use common sense as to where you surf & as to what you do online - such as, watch for rouge sites & be aware of using "logins" - Also be aware of any hackers that may be lurking in the immediate area (your security setup will help with this) or in general, be aware of your surroundings. As I already said, Doesn't feel right? Then it probably isn't & I'd find another place...

Once again I will mention that carrying an image of the HD will be valuable out "in the field" if "trouble" DOES strike.

As for the live distros, I tried many over the years & it all depends on your HW & the distro as to how "well" it works - some leave a lot to be desired. Not knowing which ones you tried, I can't give any more comment than that.

FishyMike · Joined: Dec 14, 2005 Posts: 312

I still want to tighten everything i can. I like the idea of a boot cd, but for some reason it just wont boot up. it will boot into a normal boot cd, but it wont boot into a linux cd. Don't figure.

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

When you burned the ISO, did you burn it as an IMAGE FILE? Most people will try to just burn the CD as regular & wonder why it doesn't work, so thought I'd ask.

FishyMike · Joined: Dec 14, 2005 Posts: 312

The same disk will work in my towers, and worked with older laptop. It just wont work with this laptop. Sounds like hardware to me, that stinks.

Baby_Tux · Joined: Mar 06, 2007 Posts: 1242

Yeah, some of the latest ones I've tried will load to the GUI (graphical user interface) & crap out. It just doesn't like the video card. I COULD load it without the GUI & then mess with it to find a driver (or GUI) that works. But I don't have the time (or maybe even the patents?)

You can always keep trying different live distros, I'm sure there is at least ONE that will work. Try different versions of the same, sometimes they change things within them.

But I wouldn't let this stop me from using the notebook - what you are doing with M$ is what I'd be doing, so it is about as secure as it's gonna get without taking some classes on how to harden it down even more. (if it CAN be hardened down more) - CRACKERS (criminal hackers) are "about" one step ahead & probably will always be or at least on an even keel. So if they want in bad enough, they will find a way. Our job is to see that they don't get the chance & they can't if the computer isn't online to the outside world in any way. So suspect fowl play? just disconnect!...

EDITED to add "...& do a thorough
scan for any "boogiemen" that may be on the machine!"