Public Computers Made Safe – Security Tools and Tips

Ads by Google

spy computer   Public Computers Made Safe   Security Tools and Tips No matter how good a PC you have at home, there are often times that there is no other way but to use a public computer to get the work done.

When I say public computers I refer to computers at airports, cyber cafes, libraries or even a friend’s computer. Beware the computer may be spying on you!

This guide applies to those situations where you have to use anything but your own PC. So I invite you to Make Use Of these:

Tip 1: Use portable software or LiveCD wherever possible

Here are some of the tools you might want to consider:

    MojoPac – Sits on your USB drive and gives you your very own operating environment. We have already profiled it along with other similar programs here.

    Portable Firefox – The Web Browser is your door to the Internet, so first and foremost secure it. Use the portable version of Firefox from you USB drive as opposed to the browser on the public computer.

    Portable IM solution – Use portable Miranda or Pidgin (I know not very handy and fun to use, but we are talking security here!)

    Web Messengers – Or you can use Yahoo Messenger for the Web, Meebo, Google Talk.

    Use LiveCDs – Ubuntu, Knoppix are some good options.

    Ads by Google

Tip 2: Choose a computer where there is less interruption

Something like a computer in the corner will be just fine. This not only helps you to concentrate but more importantly from a security point of view it keeps shoulder surfers away from you. Needless to say don’t enter passwords when some one is standing next to you, how uninterested he or she may pretend.

Tools for this – Something that sits between your ears!

Tip 3: Don’t leave any downloaded or newly created file on the hard disk

Tools for this – Although a simple Shift + Delete (please don’t just delete) will do the trick but if you want to be totally sure that no one can access it then use: UltraShredder (It’s Portable too) – or maybe you know of a better program that you can recommend?

Tip 4: Entering Login Information and Passwords

logon   Public Computers Made Safe   Security Tools and TipsThe computer you use may have a keylogger software on it that may record the passwords as you type, but some tools and steps can be taken to minimize the damage.

Tools for this – Use Windows On-Screen Keyboard (press Win + U and select On-Screen Keyboard) to enter the passwords or you can use KeePass Password Safe to store your passwords and then you can directly insert the password or copy/paste from KeePass so that you fool the keylogger.

Or you can type the password randomly in a text file and then copy paste from there in random order. e.g to type MyPassword you could write rdPasswoMy and then copy paste in correct order(requires some work, I know).

Tip 5: Clear theTraces

Delete the History, Temporary Internet files, and stored passwords and cookies from within the browser.

    Internet Explorer 7 – Click Tools and then Delete Browsing History > Delete All

    Internet Explorer (Older versions) – Click Tools and then Internet Options. On the General tab, under Temporary Internet files, click Delete Files, and then click Delete Cookies. Under History, click Clear History. Delete all the files in the temporary folder of your user account which you can find by browsing to C:\Documents and Settings\username\Local Settings\Temp.

    Firefox – Click Tools then click Clear Private Data.

Clear the Pagefile

You will need to access the Local Security Policy, To access Local Security Policy, open Control Panel, double-click on Administrative Tools, and double-click on Local Security Policy. Then, click Security Options in the right-hand pane and scroll down to Shutdown: Clear Virtual Memory Pagefile. Double-click that item and make sure it’s enabled.

Tip 6: Always Logout

As elementary as it may seem, many people for one reason or another can leave one or another account logged in. This is easy to do if you are using IMs, Browser, FTP, etc.

Tip 7: Don’t buy or give personal information

No matter how much of a geek you are, lets face it some information must NEVER EVER be given when on public computers. This includes credit card numbers, paypal accounts or any other personal information.

Tip 8: When you are done – Do a reboot

Reboot the computer when you are done using the computer and have taken care of all the above steps, this will not only clear the RAM, it will also clear the pagefile.

Have I forgotten anything? Let me know in the comments!

(By) Varun Kashyap – A Tech Enthusiast and a blogger. Check out “Varun Kashyap’s Tech Crazy Blog” here

Ads by Google

16 Comments - Write a Comment

Reply

USBman

Nice article – good work. I do want to make a suggestion, however.

You were right to suggest securely deleting any files stored on the hard drive, by using something like UltraShredder (along with many other available options). I’d like to suggest something along that same line, this time with an eye towards SECURELY deleting your browser’s history – simply choosing “Clear Private Data” still leaves your data vulnerable.

Instead, check out CCleaner. This program cleans up shop, so to say, and has the option to SECURELY delete (i.e., overwrite) your data – once running, go to “Options -> Settings -> Secure Deletion” to set it to securely delete files. It has the option to pick and choose which program’s traces you want it to clean up – CCleaner supports many programs, including popular browsers like Firefox, Opera, and IE.

It’s also available as a portable version.

Varun Kashyap

Yes CCleaner is another very good option.

Reply

Monica

Written against todays line of action of viruses.. Well written.. a nice list of tips which if i follow then can save myself from getting my account hacked.. Some of these which were always there in front of me and i never noticed.. like that of virtual keyboard.. Thanks!!

Keep up the good work to help safe us from security threats..!!

Varun Kashyap

Thanks for the wonderful words Monica. Glad you found it useful

Reply

Shankar Ganesh

Good post, Varun.

I’ve written a similar post before, here – killertechtips.com/2008/03/25/public-computer-cyber-cafes-safety-tips – and I suggested using Neo’s SafeKeys for beating keyloggers. You can download the app from this page:
aplin.com.au/?page_id=246

Reply

dan

It doesn’t seem like it, but the Windows on screen keyboard sends key events to the operating system. This means it’s no different than typing on your keyboard to a keylogger. The obfuscation method is the better way to go (even though it’s more of a hassle).

Varun Kashyap

Yes indeed it obfuscation is the way to go, it is a hassle but works in most cases. You can still use the Javascript online keyboards that sites offer for password entry, those are reasonably safe too.

Reply

Varun Kashyap

Thanks Tina, Thanks Shankar for the kind words

Reply

Robb

Good stuff! Someday maybe this knowledge will be as commonplace as e-mail etiquette…. nah, probably not. A few more thoughts:

Also be mindful of the internet connection you are using is another area of concern. I wouldn’t put it past a hotel clerk to rig their network with say, a password sniffer. These days, it isn’t hard to find step-by-step instructions for doing this type of thing (gee, thanks a lot, Google ;-)

And on a related note (public network, private computer), I am typing this on a motel’s open wlan. Sites that do not employ secure connections (i.e. https) should never be used to transmit passwords or other sensitive data. Any web sites that do not use https that remember you may allow eavesdroppers to reuse your session until it expires…

Reply

Varun Kashyap

Ya we all wait for such a day but then e-mail etiquettes are not common place either :) are they?

Reply

Manjinder Singh

Great Post Mr. Kashyap.
Gud Work. Keep it up!!!!!!!!!!!!!!!!!!!!

Reply

Manjinder Singh

Hello Mr. Kashyap
How r u!!!!!!

i have one query. there is proxy server in my office so i can’t access many sites.will u plz help me(as u always did) to find out a way or website to access all those sites without being known by administrator.

hope to get reply soon.

Manjinder Singh from Jalandhar

Reply

jw

Don’t most keyloggers also log the clipboard and paste events (negating the value of KeePass)? And unless your obfuscation interspersed several copy/paste events in other parts of the screen, making it *really* a pain for you, assembling that data from the keylog would be reasonably easy for the cracker, no?

Reply

Data Protection

There are many reasons to use the tricks discussed in this article to protect your online identity. I always remembered to log out from my sessions and to delete my downloaded material from the desktop. These are also common courtesy to the business allowing you to use their computer. From now on, I will also bring the browser on my USB drive to make sure my login information for myspace, youtube, and blogging websites is safe and secure.

Reply

Stefan

Great post Varun!

Reply

Computer User

These are good ideas.

However… Most if not all public computers do not
allow you to run or download exe files.
Or even reboot the computer.

USB ports are disabled. CD drives are removed.

Asking the computer Admin will result in a “No. It is
against policy to run external files”. Only files/programs
that are already present on the computer are permitted.

It “was” a good idea at one time.

Your comment