Can Internet Cafes be Trusted?

Discussion in 'privacy general' started by toploader, Sep 9, 2005.

Thread Status:
Not open for further replies.
  1. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    i've used quite a few in my time and have on occasion logged onto my bank and bought stuff on credit card.

    now i wuz thinking what if the owner of the cafe was to install a keylogger - he would have all the juicy personal details.

    even if the owner is honest what's to stop a customer downloading a keylogger and running it in stealth mode? then coming back to collect the details?

    i have been to a number of cybercafes and downloaded a variety of software to play with - some block all downloads many do not.
     
    Last edited: Sep 10, 2005
  2. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    good point.

    Although I would think any 'sensible' internet cafe owner would use DeepFreeze or similar.
     
  3. anonymous549

    anonymous549 Guest

    I wouldn't use an I-Cafe that didn't use Deep Freeze! I always ask. A couple use similar programs. Deep Freeze is really good an I feel comfortable if I can reboot and see that it's rebooting in a frozen state.
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    The real danger for Internet Cafés are hardware keyloggers - these are not detectable (or preventable) by any software and can be installed in a couple of minutes - though most are physically detectable (see Finding and Removing Hardware Keyloggers) it is possible to get keyboards with keyloggers built-in which are not so visible.

    The best option is to only use passwords on computers you physically control. However most keyloggers can be bypassed by using Windows' On-Screen Keyboard utility or by entering your password in a random order (e.g. typing the last 3 letters, using the mouse to move the cursor back to the beginning and typing the previous 3, etc).
     
  5. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    No, Internet cafes can NOT be trusted. End of the story. Unless you know personally the owner and you KNOW he's honest and knows a lot about Internet security, never, EVER use a credit card in a public Internet access.
     
  6. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    I would not feel safe by relying on something as simple as that, really. There are keyloggers able to take screen snaphots, I've seen keyloggers EASILY defeat virtual keyboards, and it takes pretty much nothing for a program to rearrange say, a 7/8 characters long password in all possible combinations.
     
  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Hence my qualification "most keyloggers". It should be noted that hardware keyloggers are (currently) restricted to reading the keyboard only so running a system from a boot-CD or memory-stick (bypassing any installed spyware) plus using a virtual keyboard should counter any keylogging.

    While it is right to say that Internet Cafés pose a greater risk for credit card use, this should be looked at in context. Most people take a greater risk when they pass their card onto a restaurant waiter for paying a bill (while out of sight, they could make a copy of the card, run it through the reader multiple times, etc). Also, professional thieves are more likely to target destination websites rather than individual PCs since these will possibly have every customer's credit card details - unfortunately it is not possible for an end-user to judge how secure a website is against such attacks.
     
  8. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Internet Cafes here in our city? :eek: o_O My answer is no!!! I could not trust using computers in the internet cafes. For one big reason... most of them didn't know how to configure and secure their server, and their pc's are loaded with lots of spywares, pop-ups etc. :p :oops:

    But still they're good when use for some other things, when you're not very concerned w security or your identity then it's ok. They are very accessible, many internet cafe's or internet rental sprouts like wild mushrooms here in our country... and in our city they're everywhere. :cool:
     
  9. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    Most of Internet Cafes need to use IRC/MSN and so on for the satisfaction of their consumers.
    And many PCs in these places are realyy "junk PCs" (recently, i've mad a scan online with Panda Active Scan in one of them: 692 virus/trojans/spywares/dialers !).
    It's therefore not serious to bank or shop online in Intenet Cafes.

    For virtual keyboards, it's not a solution: the cityBank's Virtual keyboard for instance has been defeated: http://xforce.iss.net/xforce/xfdb/21727
    I have a virtual keyboard keylogger and i've verified (with Windows one or free ones) that virtual keyboards solutions are not secure (Biometric authentication is more secure but costs also much more).
    More info about the subject: https://www.wilderssecurity.com/showthread.php?t=91851

    Regards
     
  10. Beefcarver

    Beefcarver Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    263
    Location:
    michigan
    You would think that the FTC federal trade commision would do yearly or better inspections of these facilities to protect the public. I wonder if these places are inspected by internet Experts??
     
  11. Down_Under

    Down_Under Registered Member

    Joined:
    Jan 18, 2005
    Posts:
    56
    Location:
    Brisbane,Qld,Australia
  12. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Unless you actually booted the PC from your USB key, how could Privacy Keeper provide any protection from software keyloggers? (let alone hardware ones).
     
  13. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    The computers in public internet cafes are very dangerous since many people use them daily, and if the computers dont have proper security measures/software in place, anybody using the computers is putting his/her own personal info at grave risk. Anyone can just install or place many varieties of malware on the computers in internet cafes. 1 thing is for sure: The owner of the internet cafe will never bother to secure the computers properly. Never ever trust comps in public internet cafes. Have you ever seen computers in internet cafes with no antivirus program at all? even basic security ain't there.
     
  14. erikguy

    erikguy Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    236
    Location:
    Salem, OR
    If you want to be safer in an Internet Cafe, one thing I would check with the owner is if their wireless router has an AP Isolation setting and if it does, is it turned on. Another suggestion would be to use a firewall or an IP Blocker such as Protowall and make sure the network ranges are being blocked.

    Example:
    10.0.0.0-10.255.255.255 or
    192.168.0.0-192.168.255.255

    Screen capture taken from my wireless router....
     

    Attached Files:

Loading...
Thread Status:
Not open for further replies.