Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kinko's Spy Case Illustrates Public Terminal Risk

Posted by CowboyNeal on from the virtual-identity-theft dept.

tealwarrior writes "CNN reports in this story that a hacker by the name of Jiang was charged with installing keystroke loggers to record passwords in 14 differnet kinkos in New York. These were then used to open bank accounts online. The article mentions Jiang signing people up for accounts with GoToMyPC then then using their own machine to open bank accounts. Also mentioned are similar schemes perpetrated at Boston College." Be careful out there, folks. Sometimes there's even sneakier things than just stealing one's cookies.

5 of 383 comments (clear)

  1. Stupid users, Stupid Kinkos by jsailor · · Score: 5, Interesting

    You might be amazed at what people save on the hard disks. I've found all sorts of stuff including insurance letters complete with SSNs, addresses, etc. (of course, I've found similar stuff left on the copy machines - lower tech stupidity)

    Easy Everything, now with a site in NY as well, essentially netboots all the PCs after each user so even if the previous performed some evil, the next user gets a new system free of any malware. This doesn't seem like it would be too hard for Kinkos to do as well. If you've been to a Kinkos in NY, you would know that the copy specialists in the stores are not maintaining the machines.

  2. Am I the only one not surprised? by xThinkx · · Score: 5, Interesting

    I mean, come on, there have to be tons of computer geeks like me out there that look at public libraries, kinkos, office max, internet cafes, etc; and think that a keystroke logger could be infinitely damaging.

    Considering any schmuck could pick up a completely software undetectable and almost completely visually/physically undetectable hardware keystroke logger for under $100, this doesn't surprise me. Does anyone think the employee at kinkos getting paid $6/hr cares enough to learn about keystroke logging or check it out?

    Again this brings me back to the opinion that allowing any idiot to do whatever they please on a computer is a rediculous idea. I know this is beating a dead horse, but, do we let people drive a car or fly a plane without a license? Before you jump on my case I'm not saying people should need licenses to use computers, or that computers can physically kill a boatload of people like a car or plane could. What I am saying is that banks might require some for education or training, or even just provide literature, something, ANYTHING to let people know that it's probably not the best idea to do your internet banking from KINKOS!.

    I'd also like to point out that gotomypc.com sucks, if I see one more ad for them, I'm going to gototheirpc and smash the living crap out of it

    --
    Let's get one thing perfectly clear, I did not vote for George W Bush, and I do not endorse what he does or says.
    "
  3. Passwords are an obsolete form of authentication by Dratman · · Score: 5, Interesting

    Even before the Kinko's case, the recent proliferation of fraudulent emails, supposedly from ebay and similar sites, which ask for passwords to be re-entered on a web site, illustrate that passwords are no longer an adequate form of security.

    The most practical alternative at the present time appears to be use of a magnetic stripe card in addition to the password, similar to the authentication process for an ATM. Magnetic stripe readers are now quite common and could be installed on public terminals at minimal expense. Probably the most significant barrier to their widespread adoption is the lack of standard protocols and software packages.

    --
    Sigmund
  4. easy everything solution by straybullets · · Score: 5, Interesting

    last time i went to an easyeverything cybercafe i noticed that on logout the pc would reboot and re-install a fresh image of the whole os on the disk. I think it got the image from the network but i can't recall what soft they used to do it (it had a strange name)...

    Of course it takes some more time on rush hour (like 10-20mn) but they have lots of pc so ...

    and also, too bad for installing key loggers then ..

    --
    With that aggravating beauty, Lulu Walls.
  5. From a Kinko's employee by catfishmonkey · · Score: 5, Interesting

    I'm a manager at Kinko's.
    You really would be shocked to see the kind of stuff people leave behind on the hard disks and in the copy machines. At least a dozen I.D. cards, birth certificates, credit cards, confidential company files, etc.. are left every day.
    Just yesterday a customer came in and asked if we'd found her credit card. She said she'd left it in the copy machine a week ago and just noticed it gone. We couldn't find it and told her she'd probably wanna go ahead and cancel the damn thing. She replied, "nahh... too much trouble.. it'll turn up someplace".

    What a world.

    --
    The horse is dead. Either fuck it or walk away, but please stop beating it.