Surfing security, travelling and keyloggers

Do you travel, do you travel with your laptop? How seriously do you think about surfing security? Well I want to give you some thoughts to try and ensure your security when you travel. I would be completely lost without my laptop, I travel a lot and it's my work, my entertainment and a way to organise my life while I'm on the road.

I belong to the generation, perhaps the first that has grown up with computers all our lives. I've been actively using computers for 3 decades now, over 30 years - eeek.

I and my generation have little fear about computers, we actively use them in all parts of our lives. I'm quite lucky in that I work with them, in Computer security specifically so I know the risks, and am kept aware of some of the problems. Here's a couple of tips that won't change the way you work, won't modify your lifestyle but may hopefully might just stop yourself becoming a victim of computer crime.

Surfing Security - Tip

You probably use webmail, online banking and lots of other mundane services which help you run your life. If you travel a lot, stay in hotels and away from home - you'll appreciate it's incredibly useful to be able to pay bills, set up standing orders etc online. Now here's a danger, never, ever (and I mean ever) access these services from a public computer.

When I say public computer, I'm talking about those handy pcs in hotel foyers, cyber cafes, libraries and any PCs which you have no control over who uses it. Sure check them for non-secure stuff but don't log in to anything you want to keep secure.

Why - well I'm talking about keyloggers, little programs that sit on a pc and log every keystroke on that computer. They are commonly found on public computers all over the planet, I've found them in expensive hotel lobbies in Copenhagen, to small Cyber Cafes in Glasgow, libraries, airports, coffee shops with a handy pc in the corner for you to check your email on.


Who controls them ? Who makes sure they are secure ? DO you have any idea who has access to these computers ?

Can you imagine how many passwords and account details could be harvested from a computer in a five star hotel lobby. How much money could be made emptying those accounts ? Yes , well so can the cyber criminals. If you want surfing security it is very important that you never log in to secure sites like this on public computers. Use your laptop, or wait until you get home - you'll find your paypal and online bank accounts are much more useful when they haven't been plundered by cyber thieves.


kontos said...

Very good points made in this post. However, sometimes we *must* use public computers due to lack of alternatives. What to do in this case? There is a comparison of approaches at http://kyps.net/home/comparison - what do you think about this?

Welshgadgets said...

Thanks for that - an awesome resource and free :) I will try this out when I get chance.

Left a small donation - keep up the good work !

Welshgadgets said...

I should probably add - what Kyps does is offer an alternative into typing your password into an unsecured computer, it would protect against the vast majority of key logging attacks and attempts to log traffic out of the PC.

It is a well needed resource, unfortunately they face the usual problem of 'trust'. Although people will happily type their password in endlessly on unsecure wifi networks or hacked proxies - they may not be happy supplying their password to a third party.

Why I admire kyps.net approach is that they are well aware of the security concerns, and limitations of their product. But instead of ignoring or glossing over they actively face these problems.

The internet needs people like the guys behind kyps - I will do a proper test of their system very soon and post to this blog - please check them out though.