Key Logging

NotAGolf · 13 Jan 2009 at 16:34

I'm off traveling in a few days and I just had a thought.

I will be using internet cafes to keep in touch with friends and family, book hostes tours etc, and online banking. I'm having second thoughts as to the security of the systems in such cafes.

I could handle odd person finding out my email address or the password for this forum for exampe but if my bank account details where found out I could be very royally screwed as I'd be in the middle of nowhere with no money.

Is there anything I can do to increase the security while on these computers? I was thinking of carrying a little program on my usb stick that I could run which would block any key loggers or nasty viruses etc (if such a thing exists?!!)

Thanks for any help.

eXor · 13 Jan 2009 at 16:45

I doubt your little program will thwart a keylogger that is already resident in memory on the machine you are using. They could also have a hardware keylogger in place which would capture your keystrokes before they got to the OS.

I wonder if this would work : Type loads of gibberish in Notepad, switch focus to your password field, type in the first character, switching focus back to notepad...

Maybe you could get one of those click-to-type programs, then you wouldn't have to use the keyboard. Screen capture software could be running, though.

Take a properly secured laptop with you?

The Mad Rapper · 13 Jan 2009 at 16:55

Go to portableapps.com

D/L the suite and install to your USB key

Attach said key to dodgy internet cafe PC

Browse in complete safety regardless of what loggers are installed using Firefox Portable. They'll still be able to log what you've typed, but without the corresponding internet history they won't have any idea what the passwords etc relate to.

The end

P.S. There is a free AV called ClamWin I think as an 'extra' for the Portable Apps suite, so you could run that if you like.

There's also a portable MSN (Pidgin) which you can use so you don't leave any chat history behind either.

theheyes · 13 Jan 2009 at 17:16

In my experience (Australian hostels) the computers were pretty locked down and didnt accept USB inputs. Internet cafes might be better, but I'm not sure. I wouldn't trust a public computer like I wouldn't eat my dinner off a public toilet.

I basically set up a temporary email address, which I didn't really care if it got hijacked. Also LOOK for hardware keyloggers if you can see around the back of the machine. A way to make it difficult for keyloggers is to type your password in a different order and use your mouse to move the cursor into the right position.

I also tried to minimize the exposure to my bank account BEFORE I went. I applied for a new credit card specifically for my trip and made sure I wouldn't have to do anything in the way of "online banking" while I was away. Also, make sure you have your bank's phone numbers on you in case something happens.

I also kept some cash on my person at all times as a backup, because in my case I really was on my own in the middle of nowhere at times. Cold hard cash might have been my only ticket out of there!

eXor · 13 Jan 2009 at 17:41

The Mad Rapper said:
Browse in complete safety regardless of what loggers are installed using Firefox Portable. They'll still be able to log what you've typed, but without the corresponding internet history they won't have any idea what the passwords etc relate to.

That won't stop a competent criminal. If they have timestamped internet traffic logs, timestamped keylogger logs, a captured video of your session.....

theheyes said:
Also LOOK for hardware keyloggers if you can see around the back of the machine.

[Tinfoil hat]

It could be mounted on the inside with only a legitmate interface protruding through.

[/Tinfoil hat]

NotAGolf · 13 Jan 2009 at 17:45

Hmm mixed news.

That app sounds good mad rapper, will give that a bash.

That's bad news about the usb being locked though theheyes. I will be going to Oz but I'm more concerned about the cafes in SE Asia. I suppose that makes it more secure, but it's a pain if I want to connect my camera to it or save some photos onto the stick or whatever.

I could always get my parents to control my online banking and send any dodgy looking stuff to me via email, but they're pretty clueless so their computer probably has more viruses on it that the ones in the cafe.

That technique about using notepad to confuse it sounds pretty simple exor, surely most keyloggers/viruses would be able to get round this?

theheyes · 13 Jan 2009 at 19:37

That's bad news about the usb being locked though theheyes. I will be going to Oz but I'm more concerned about the cafes in SE Asia. I suppose that makes it more secure, but it's a pain if I want to connect my camera to it or save some photos onto the stick or whatever.

Yeah, it really is a minefield. I strongly considered taking my iBook to get around these issues but it was just too heavy to justify. Its only 5lb or so but it makes a big difference. A lot of them also run kiosk software which make things more annoying. Your milage may vary though I can only speak from my experience.

I could always get my parents to control my online banking and send any dodgy looking stuff to me via email, but they're pretty clueless so their computer probably has more viruses on it that the ones in the cafe.

I was going to suggest a trusted third party. Like I said I tried to keep online banking as close to zero as possible. Check your balances at atm machines etc.

Good luck with it anyway you'll enjoy it, even the bad bits!

thevet · 13 Jan 2009 at 19:47

re

get a cheap laptop,or dont do any online banking while your abroad

LiE · 13 Jan 2009 at 19:49

Do banking via phone.

jas72 · 13 Jan 2009 at 19:49

there were 4 old PCs at my hotel in Lanzarote.

I didn't actualy think about hackers etc

Have to say though most days there was just a BSOD on them

Fothsn · 13 Jan 2009 at 20:37

When I was in Turkey last year I used an internet cafe and checked my online bank and emails etc, I didnt think of any key loggers at the time! :eek:

Nothing got hacked or happened mind.

NotAGolf · 13 Jan 2009 at 21:01

Yea I dont have a laptop and I'm definately not going to buy one just for the trip.

It would be easy just to dump all my money in 1 account then check on my balance at atm's like you say. Thing is I don't want to keep it all in one account because If I lose that card or it gets cloned/blocked then I'm screwed, so I wanted to spread it over a couple of accounts and transfer it around using online banking as and when required.

I guess I could do it by phone but that would cost a small fortune each time. Don't you have to sign up for that as well though? (I'm leaving in 8 days so time's not on my side if they need to post me something)

Meatball · 13 Jan 2009 at 21:18

You can use an on screen keyboard if you're worried about passowords

. I'm sure XP and Vista both have one

.

eXor · 13 Jan 2009 at 22:51

mpledge52 said:
That technique about using notepad to confuse it sounds pretty simple exor, surely most keyloggers/viruses would be able to get round this?

I have no idea. You can be the guinea pig, if you wish.

If you can't take a laptop, it would be very risky to access your bank account directly. You can't plan for all possible attack vectors on a hostile network.

How about this:

Take a card that is linked to an account with a negligible balance. When you need more cash, call a trusted third party back home and get them to top it up. Take some cash as well and / or Traveller's cheques.

platypus · 14 Jan 2009 at 10:04

Open a new cash card account with a set amount of money in, and keep track of what you spend?