Thursday, October 12, 2006


Internet cafes and other public computers

An Internet cafeYou're travelling. You don't have your laptop with you, or you don't own a laptop. But that's OK, because there's an Internet cafe you can use to read and respond to your email.

You're in the airport, the shopping center, or a hotel lobby, and there's an Internet kiosk you can use. For a nominal charge, you can log in to your online bank and do that transaction you need to take care of.

Think twice.

Think twice and then walk away, at least for now.

"What?", you say. "Are you telling me it's not safe? But my webmail service and my bank use SSL, so I have an encrypted connection and my password is encrypted. I thought that protected me."

It does protect you from having your password or data snooped along the way. Once your computer sends your password on its way to your bank, only your bank's web server can read it. Once your webmail service sends your email message to your computer, only your computer can read it. But it's your computer that's the weak point here.

Because you're using someone else's computer.

The computer may be keeping a copy of everything it sees, before it's encrypted and after it's decrypted. The computer may have a keystroke logger, which is capturing everything you type — including your account number and password. You have no idea what programs might be running in that computer. Do you really trust it? You shouldn't.

Public computers and kiosks can be, and often are infiltrated by hackers. Fully functional computers are especially easy: after a day of having the computer record everything that happens on it, the hacker can return and plug in a USB memory stick, and take all that data away, to be analyzed and exploited later. Rebooting the computer before you use it assures you of nothing; the hacker's software can restart after a reboot.

There are services available to scan public computers and warn operators when there are problems. But for that to help, the operator of the cafe has to have set the scanning software up in the first place, has to have kept it updated and current, and has to respond quickly to problems. There are, of course, issues of new techniques about which the scanner has no knowledge, and the time window between the hacker's attack and the next scan. And you're assuming that the operator means well, and isn't part of the attack.

My colleague Ramón Cáceres and his co-workers have developed something called the SoulPad, which is a research project at the moment. (Links also here and here.) Briefly, it's a hard drive you carry with you, and a system that lets you boot that public computer directly from your hard drive, so you know exactly what you have. Of course, there can still be a hacked BIOS on the computer, or a hardware device to record keystrokes. Ramón and others are also working on techniques to deal with these issues.

But you're not going to be carrying a SoulPad around with you for a while, at least. For now, assume that anything, you type or see on a public computer, including account numbers and passwords, will be recorded. Even if you trust the operator of the cafe, you don't (or shouldn't) trust the previous user of the computer you're sitting at. Choose your usage accordingly.

Update, 28 Feb 2007: Have a look at this entry, and note well.

1 comment:

Evan said...

Good post . . .

Hardware keyloggers are indeed a tough issue - some are so small that they almost look like part of the keyboard cord (see

If you are technically inclined you can build your own bootable Linux USB stick today - google search.