Internet Cafe Computer and Passwords, etc.

Argh!!!! email above is wrong. It's secuser54 at yahoo dot com

 

Im interested in this question too. I do a lot of travelling and being able to do some of my banking while abroad is essential. It seems to me, however, there is no solution to doing it safely in an internet cafe or are some people just being too paranoid ?

Is there really no safe way to do it?

 

Okay, so I subscribe to Anonymizer's Total Net Shield secure tunnel service. However, when I start up the SSH session to reach anonymizer in the first place, doesn't that broadcast my anonymizer password in the clear? If so, there there is just literally, never any way to truly surf in utter security. I mean, everything after the port forwarding is set up is secure, but every time I risk giving away the login and password to Anonymizer itself. I don't use any Anonymizer software, just SecureCRT 5.0 and SSH2 with port forwarding.

By the way, this solution has always worked fantastic from everywhere I've used it with rare exception of very occasional glitches connecting to the Anonymizer network itself. That's my only criticism of the service. Maybe one or two days out of a three month period, I won't be able to connect to Anonymizer and have to surf in the clear. Granted, most of that is in the middle of the night and they do have to do maintenance at some point.

 

No. When the SSH tunnel is set up, encryption keys are exchanged using RSA (a public-private key encryption algorithm where both sides exchange public keys allowing them to encrypt data which then requires private keys, which are not broadcast, to decrypt). These keys also serve to authenticate client and host (preventing various forms of spoofing).

While the public keys are sent in the clear, they are of no use to an attacker without the corresponding private keys.

Once this key exchange is complete, all subsequent data is encrypted using a symmetric algorithm (where the key to decrypt data is the same as that used to encrypt it) like IDEA or 3DES (since encryption/decryption with these is faster than with RSA). Only at this point, would your Anonymizer password be sent.

Please see SSH (Secure Shell) Frequently Asked Questions for more details on SSH.

 

Thought I'd report back on my experiences with traveling this past winter, after researching and posting here re security concerns.

I *did* lug along the heavy slow laptop, and checked with the Admin at the internet cafes I used. I wasn't very reassured about the security on their own machines, although it seems they at least were using anti-spyware --- I don't remember which now.

However, I was connected via wireless and was fairly assured of no one lurking in the neighborhood to eavesdrop on the wireless.

I have Zone Alarm and Spywareblaster on my laptop, as well as AdAware and NAV. I didn't surf to any unknown sites --- just my ISP for email and my secure banking sites.

I was using Firefox and have the security settings pretty high, blocking images and popups, as well as clearing the cache every time.

It's surely not perfect, but hopefully is good enough for where I go.