Security on Public Machines? 70
ThePopeLayton wonders: "I am currently a university student and unfortunately don't have my own computer yet. With all the key loggers and mal-ware out there, what can I do to keep my information secure. I probably log onto 20 different machines a week and changing my password, every two weeks, on all of my online accounts seems a little too much. What can I and other public computer users do to keep our personal information secret and safe?"
public machines and security: non sequitur (Score:5, Interesting)
I don't know what your budget is, but computers have become a commodity, laptops included (though a tad more expensive). You can get a good functional laptop with 80 - 100GB drive, 512 - 1G memory, lots of processing power for under $1000. If your budget can't sustain that, sell something! It's well worth your while.
Logging on to up to 20 different computers and conducting personal business is like finding condoms and using them, trusting previous users to have been upstanding (ha-ha) citizens. The risk is high, especially in the Windows world, which if you're accessing the public computers, you're doing Windows.
The misery potentially save by getting your own machine is way more offset by the peace of mind and safety of your data. There is no excuse for most today to not make the investment. If you're a university student, look around for financial assistance to get a machine.
In the meantime, I'd minimize any activity where personal data in any way could be exposed and/or compromised. As to the bottom line and answer to your question: "What can I and other public computer users do to keep our personal information secret and safe?", not much really.
NOTE: getting your own machine does not assure safety, but it's a heck of a lot better than the alternative.
Re:public machines and security: non sequitur (Score:5, Informative)
Typically, you can get additional money added to your aid eligibility (for subsidized loans, etc.) one time for a computer purchase. Check with your financial aid department if that interests you.
Re:public machines and security: non sequitur (Score:1)
Re:public machines and security: non sequitur (Score:5, Informative)
Re:public machines and security: non sequitur (Score:1)
Find the 'boneyard' (Score:2)
If you act friendly and approach someone in charge when they're in a good mood, maybe you could get a "permanent loaner" to use until you can afford your own.
Computers are getting harder and harder to get rid of, and particularly desktops are not something that people exactly enjoy carting around. If you offered to pick one up from
Re:public machines and security: non sequitur (Score:1)
One could do a fairly decent job. (Score:3, Interesting)
Second, you need a friendly server. Serve yourself some kind of terminal program. You could do server-side VT100 emulation, then transmit MPEG video back to the PC. If bandwidth is a concern, VNC could be used.
As for the keylogger: it's damn hard for an attacker to make use of this if they can't automatically determine context. A human would need to be observing you, and th
Re:public machines and security: non sequitur (Score:2)
Re:public machines and security: non sequitur (Score:3, Insightful)
It is a pretty popular response here to tell him to get his own computer. Keep in mind, getting a computer also means he needs space to keep the computer (and it has to be reasonably secure so it doesn't get ripped off), electricity to keep it going, and an interweb connection thingy so he can get at his pr0n^Wemail. The connection can get a little pricey, and it is an on-going expense. Now, maybe he is in a dorm room where the space,
Re:public machines and security: non sequitur (Score:4, Funny)
And that doesn't begin to consider the TCO.
Re:public machines and security: non sequitur (Score:2)
At this current point in time we are experiencing a tilt towards laptops becoming cheaper than desktops. With nearly all compaonents being made in China one of the larger remaining overhead costs that cannot be reduced is shipping. Desktops takeup more space than laptops, therefore they cost more to transport. The commoditisation of computers will finally see the laptop become cheaper
Re:public machines and security: non sequitur (Score:1)
Password Management (Score:5, Informative)
Debt is Hell. Get out now. [debtishell.com]
livecd? (Score:5, Informative)
Re:livecd? (Score:5, Insightful)
Re:livecd? (Score:1)
Windows Live CD (Score:5, Informative)
If you poke around the various torrent sites or mIRC, you should be able to find pre-made ISOs.
Anyhow, this way you won't get any strange looks from non-techies who become suspicious of anything other than the normal Windows GUI. And you can even run as Administrator.
a live cd + USB thumbdrive and you'll have all your files & settings to go.
Re:Windows Live CD (Score:2)
Buy a system (Score:1)
What you can do is work hard, earn some money, buy a 400 bucks computer at Walmart,
load a free OS in it, and hopefully be allowed to hook it to the college's network.
Re:Apple Education Discounts (Score:1)
Re:Apple Education Discounts (Score:1)
Nothing (Score:1)
it depends (Score:2)
Re:it depends (Score:1)
Re:it depends (Score:1)
I just have my own machine, loaded up my way, and if it's running Windows, I run as limited user.
*ahem* rootkits (Score:1)
=+P
Okay, so the sony one won't obfuscate processes, but wandering around the darker corners of the 'net will find you plenty of free or cheap commodity rootkit kits.
Students should have their own computers. I remember having to work my ass off one summer to afford my first computer in college, and I couldn't afford a print
Re:it depends (Score:2)
Re:it depends (Score:1)
trust your school (Score:1)
Its very easy (Score:5, Funny)
What !?!?!
Let me introduce you to my good friend, Mr. TCP Port 80 and his cousin, Mr. TCP Port 443.
Re:Its very easy (Score:1)
DNS (Score:2)
53 is easier to handle. Where I work, it is limited to local DNS servers doing lookups via a specific set of upstream DNS servers. Everything else on 53 is blocked.
DHCP points all workstations to the local DNS servers.
443 is your best bet.
Re:trust your school (Score:2)
Obviously, you've never met my friend.
Cheep used computer (Score:1)
I've seen new Linux PCs for under $100 on special sale and under $200s routinely.
Add $100 for Windows.
Re:Cheep used computer (Score:2)
Heck, I see PCs in dumpsters all the time, and an ad on craigslist would find free equipment easily.
Most people aren't buying their first computer these days. You can get free gear and save it from the landfill. All most people need is websurfing, word processing anyway.
Public Computers (Score:5, Informative)
As a tech for a local library here, we set our workstations to be usable for just about any means, and all user cookies, cache files, or anything installed erase instantly upon log off or reboot. We're not as concerned about security on the computer as we are about insuring YOUR security as a user.
Don't be afraid to ask the Library about it's privacy policies, and what it does to protect your privacy. A written policy should (in most cases) be available.
On the other hand... DON'T try using a Live CD on a public computer in a library: you're liable to have an angry tech in your face ejecting you from the premises or calling the police. Live CD's on a public terminal can be interpreted as breaking and entering under most Public Access terminal usage agreements. That's another argument in itself, but it's how we'd treat live cd usage in my library.
Re:Public Computers (Score:2)
WHY is it considered "breaking and entering"?
Re:Public Computers (Score:2)
You could install keyloggers, munge security settings, reset admin passwords, make goatse wallpaper, etc.
I'm certain these have all happened (even goatse) and are the reason for the policy.
Re:Public Computers (Score:1)
I've not seen it in MY library [knock on wood] but I've seen folks replace desktop backgrounds with obscene images, change boot.ini to load nifty files that are suppposed to delete the hard drive (but it was just a dumb script kiddie who didn't realize c:\windows didn't exist on a Windows NT install), etc.
Live CD's would also circumvent most library filtering mechanisms, wh
Re:Public Computers (Score:2)
You could install keyloggers, munge security settings, reset admin passwords, make goatse wallpaper, etc.
I'm certain these have all happened (even goatse) and are the reason for the policy.
Very reasonable. But then, I'm an Evil Fascist Republican who cares nothing for "rights".
Seriously, though, if that's your worry, why even have hard and CD-ROM drives and USB slots?
Re:Public Computers (Score:2)
Re:Public Computers (Score:2)
because some people (probablly less than there used to be though) have thier own computers but don't have thier own internet links (either because of cost or because they aren't staying long and don't want to pay the cost of getting a connection for only a few months or because the landlord won't allow it or whatever). For somewhere that requires payment for computer use (cyber cafe) this would be a good way to drive
An actual solution (Score:5, Informative)
-Daniel
Ownyourphone.com. Custom ringtones, cheap and easy [ownyourphone.com].
Re:An actual solution (Score:1)
Re:An actual solution (Score:1)
Actually, what I do ('cause I'm lazy, and copy-paste gets to be too much work) is I type about half of the password, and copy-paste the rest. So at this point someone would need a keystroke logger and a VNC client running at the same time to sniff my passwords. An unlikely scenario, unless someone
Re:An actual solution (Score:2)
It's a good idea to do this the same way every time, so a determined person with lots of logs of your attempts won't be able to figure it out by comparing all the different ways you've typed it.
buy a machine (Score:3, Informative)
A few weeks ago I ordered a refurbished HP Athlon64 3500+ machine from ecost.com. [ecost.com] Total cost was $401 after shipping. It had a few mobo screws rattling around in the case when I got it, but after putting those back in place, I haven't been able to find a thing wrong with it. You'll need to supply your own monitor, but that shouldn't be hard to come by. Even a broke college kid can manage to scrounge up 400 bucks after a little while.
Used computers -- shameless plug. (Score:2)
I picked up a HP P4-based xw5000 "Workstation" (certified to run RHEL) with a dual-head NVidia Quadro4 NVS graphics card about six months ago for $280. Works great; use it every day. Sure, in the winter it also serves as a space heater, but it does what it's supposed to do.
Right
Purell and Lysol (Score:3, Funny)
Use your own programs (Score:3, Informative)
Another thing to do might be to find a SSL proxy server and use that for all your browsing, that should prevent packet sniffing, but someone *could* still be monitoring the RAM for passwords and such.
You'll never get it entirely secure, so if there's anything really important just borrow one of your friends computers for a few minutes.
KeePass? (Score:4, Informative)
It is able to enter your username and password in such a way that key loggers can't pick it up.
Have a look and tell me what you think.
http://keepass.sourceforge.net/ [sourceforge.net]
Get a Computer (Score:1, Informative)
Portable Firefox (Score:2, Informative)
Of course, you could also just try using a Mac whenever possible. That would at least trim down the number of possible dangers.
clear history / logout (Score:3, Informative)
(yeah, yeah, shameless plug for firecast.
Of course, there is no way to protect from a boot and root and someone running their own software without well secured hardware, but at least being sure to logout protects you from the more likely problem of someone else using the machine right after you.
My, um, friend, used to gain extra cpu time for MUDing by walking in to the university lab and being greeted by a prompt.
meat puppet security (Score:1)
blackdog linux portable server/dongle (Score:2)
Carry it with you wherever you go.
Plug it in via USB.
Athenticate using your fingerprint.
Use it on the most comprimised public terminal.
I've never used one.
Re:blackdog linux portable server/dongle (Score:2, Informative)
Re:blackdog linux portable server/dongle (Score:3, Informative)
No, it does not need to reboot the terminal. The gadget shows up as a USB drive. You then start up an app (or it is automatically started on connection if that is enabled on the Windows terminal) which runs a virtual server on the host terminal that acts like a virtual DHCP VPN X-server router box. The blackdog then uses the host's virtual router for all of its network traffic.
Since the host is now
Ebay is your friend (Score:2, Insightful)
Barebones ... Linux (Score:2)
Run VNC through a Port-a-PuTTY tunnel (Score:2)
Then use Port-a-PuTTY to connect and tunnel VNC to your box using passphrase authentication.
This way, the keyloggers only get the passphrase used to protect your Port-a-PuTTY's private key that (hopefully) stays on your thumbdrive / CDR. Perhaps there's someway to configure PuTTY to use a separate gold card that generates a rotating password.
Of course, you'd have to have
Computers are commodity items (Score:3, Insightful)
Get yourself a used 1GHz, 512MB RAM, 60-80GByte HDD desktop and a cheap used CRT. This shouldn't total more than probably $100 or so, if that. This rig will get you through any classes a university will throw at you, barring possibly some engineering or graphics-design applications (e.g. Matlab, AutoCAD for the former, Photoshop for the latter).
Certainly it will suffice if you are a Computer Science major or a major in any of the non-technical fields...