Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security on Public Machines?

Posted by ryuzaki0 on from the tough-question dept.

ThePopeLayton wonders: "I am currently a university student and unfortunately don't have my own computer yet. With all the key loggers and mal-ware out there, what can I do to keep my information secure. I probably log onto 20 different machines a week and changing my password, every two weeks, on all of my online accounts seems a little too much. What can I and other public computer users do to keep our personal information secret and safe?"

2 of 70 comments (clear)

  1. public machines and security: non sequitur by yagu · · Score: 4, Interesting

    I don't know what your budget is, but computers have become a commodity, laptops included (though a tad more expensive). You can get a good functional laptop with 80 - 100GB drive, 512 - 1G memory, lots of processing power for under $1000. If your budget can't sustain that, sell something! It's well worth your while.

    Logging on to up to 20 different computers and conducting personal business is like finding condoms and using them, trusting previous users to have been upstanding (ha-ha) citizens. The risk is high, especially in the Windows world, which if you're accessing the public computers, you're doing Windows.

    The misery potentially save by getting your own machine is way more offset by the peace of mind and safety of your data. There is no excuse for most today to not make the investment. If you're a university student, look around for financial assistance to get a machine.

    In the meantime, I'd minimize any activity where personal data in any way could be exposed and/or compromised. As to the bottom line and answer to your question: "What can I and other public computer users do to keep our personal information secret and safe?", not much really.

    NOTE: getting your own machine does not assure safety, but it's a heck of a lot better than the alternative.

  2. One could do a fairly decent job. by r00t · · Score: 2, Interesting

    First, you need one-time passwords. Got a decent programmable calculator? Program in a cryptographically secure random number generator.

    Second, you need a friendly server. Serve yourself some kind of terminal program. You could do server-side VT100 emulation, then transmit MPEG video back to the PC. If bandwidth is a concern, VNC could be used.

    As for the keylogger: it's damn hard for an attacker to make use of this if they can't automatically determine context. A human would need to be observing you, and that requires dedication directed toward you personally. You can throw a minor monkey wrench into things if you type dvorak on the querty keyboard, then do a server-side conversion. Unless you've really pissed off the CIA/MI6/Mossad/KGB, you'll be fine.