Avatar of davidgareau
davidgareau
 asked on

Protection against keyloggers / internet cafe logs-reading.

I am traveling and only have access to the internet (email and financial data) while in Internet cafes/clubs.  Is there any way to protect myself from having everything I do and type in logged, read and stolen by the network administrators in these places?
OS SecurityEncryption

Avatar of undefined
Last Comment
Tim Holman

8/22/2022 - Mon
SOLUTION
JBlond

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
herbus

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
davidgareau

ASKER
The closest thing to a wireless hotspot in most places I´m traveling is an overheated 50 year-old car.
I have the laptop with wireless, but it's useless in most countries.
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
okay, but what about the sys admin simply logging everything I do, is there any avoiding this?
herbus

Really good solid advice gidds, although I'd still recommend caution as it'd be hard to put 100% trust in the webscans, and a rebuild from an image could still contain all the nasties that the owner/admin wants it to...
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
herbus

"is there any avoiding this?"... without doubt? Absolutely not :/
JBlond

I agree. No way...
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
Ask I said in my post, there is NO wireless anywhere in the places I'm traveling (read 3rd world).  the main concern I have is sysadmins grabbing my passwords for bank websites. Changing my password will make no difference if they are getting the change I made. How would I encrypt over a tunnel like vpn or ssh?  For instance if I go to www.banksomewhere.com how would I do the vpn/ssh thing?

is there anything like  RSA SecurID if you have systems of your own that you want to protect that is available for email systems, like imap that I could use for a monthly (or free) fee.  I don't have my own server.

thanks

Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
what is the pros/cons of hushmail vs safe-mail?

I dont' have a home pc available, it's in storage. If the cafe uses the screen capture thing mentioned, even if I was doing all the stuff via the home computer, they could still capture that, right?  And they could still keylog, right? so, what does that add, securitywise, to my issue? Plus, are there services available were I could use someone else's VPN/SSH service to access this, while at a cafe?  

https: is also only secure (encrypted) after it's left the computer I'm on right, so it does nothing for the keystroke logger/screen capture/network admin problem, right?
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
hello - I just wrote that with osk.exe, that's cool, never new about that before, if only I could get it to do, russian, I'll reboot into the russian MUI and see.

those constantly changing password RSA devices, are there any servers that provide them, then I could use that for email at least.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
1. I will try and run online scans. - for spyware/software keyloggers.
2. I will check the running processes/services. - to see obvious software keyloggers - spyware.
3. I will use the osk.exe (is there a localized version for MUIs?) to fool hard-ware keyloggers.
4. setup a temp email and forward to it
5. clear cookies/url history after use

In my particular case, non-Wireless, no running computer anywhere else, don't know or trust the owners of cafes, usually no ethernet hookup.  Would you suggest any other things I could do? Besides pray & hope?
Your help has saved me hundreds of hours of internet surfing.
fblack61
Rich Rumble

Save up for a laptop ;) Use the connection in your hotel ... I dunno much else...
-rich
McKnife

Hi richrumble,
I quickly scanned the text for osk before launching that little clue, sorry, I did not read your comments.
Asides: very interesting, that osk uses the keyboard api, too. That was the information I once searched for. So my tip was leading in the wrong direction.
CU
davidgareau

ASKER
got the laptop... I can tell the tech type don't go to 3rd world countries too much ;->
hotel!? Try a hostel/hut, connection... I don't remember last time I had a phone outlet while on the road.. now i'm at my apartment, in Belarus, so it's good, but.... well that's another thread... thanks for the info and help though.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
r-k

Good luck. The last couple of times I used an Internet cafe, they had some captive software running that only allowed you to run IE, no way to run scanners or even Task Manager.
davidgareau

ASKER
yeah, that's what I figured (about not being able to run task manager or online scans), maybe I can boot from a linux cd or something, though I doubt the network would be available than, we'll see.

SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
Thanks guys, very helpful and quick response, this is the best forum for IT, have a good one.
david
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
nedrub

Get a copy of the Ubuntu Live CD (free) ... go into a cafe, put the disk in the CD drive and reboot.

You're not using the cafe's OS, so no software such as keystroke loggers will get you - nothing from the hard disk is being loaded at all.

Connect to a trusted terminal services server somewhere and network sniffing is not an issue.

Most low-tech cafes just charge you for the time you're sitting at the computer, but if they have some kind of voucher system you may be hooped (or you may actually get around the pay-for-service system and get free access).

The main prerequisite is that the computer you need must have a dynamic IP address (or you know how to find what address to use and how to set Ubuntu up to use said address).

BTW, Knoppix is good too.
davidgareau

ASKER
I will look into the Ubuntu disc... thanks... I don't mind paying for the cafe, as it's a good service, and most I use are like 1-2 dollars an hour...
A lot of cafes though don't have CD drives, as they are onto people like us.....

But there's still the fact that my info must go out to the internet via their server... thus they could just grab it on the way out couldn't they...?

that's probably unavoidable, right? Could I encrypt it via the Ubuntu disc, and then even if they catch it at the server on the way out or in they couldn't decrypt it in time before I change my passwords...??
thanks
david
r-k

"thus they could just grab it on the way out couldn't they...?"

Yes, they could install a network sniffer in principle to capture all traffic (though unlikely in practise).

Whether you could encrypt all traffic would depend on who you are corresponding with. Little point encrypting your emails if the person receiving them can't decrypt them. But if you are corresponding with people who can decrypt,  then you could use something like PGP to encrypt.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
davidgareau

ASKER
I was more interested in encrypting my account numbers & passwords that I enter on bank & investing sites... I've seen so many programs for cracking passwords that I'm worried that will happening
r-k

In that case the answer is yes, they would be secure from network snooping. I am assuming that all banks and investment sites use secure connections (look for the small yellow lock in the IE status bar, and look for addresses that begin with https://).

Of course, this assumes you have booted to a clean system from CD (and there is no hardware keulogger installed). That yellow lock offers no protection from software or hardware keyloggers.
davidgareau

ASKER
cool, thanks
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Tim Holman

Check Point claim to be doing something with Connectra that solves just this problem.  There's still the issue of hardware keyloggers - they are 100% indetectable by the OS, so not even Connectra would work.