Best Way To Avoid Keyloggers On Public Terminals?

Best Way To Avoid Keyloggers On Public Terminals? 701

Posted by Soulskill on Wednesday April 23, 2008 @10:09PM from the it's-not-paranoia-if-they're-actually-out-to-get-you dept.

goombah99 writes "While on vacation, I occasionally need to check my e-mail on a public terminal. What are some good techniques for avoiding keyloggers? Most of my ideas seem to have major drawbacks. Linux LiveCD can probably avoid software keyloggers, but it requires an invasive takeover of the public terminal, and is generally not possible. Kyps.net offers a free reverse proxy that will decode your password from a one-time pad you carry around, then enter it remotely. But, of course, you are giving them your passwords when you do this. You can run Firefox off a USB stick with various plugins (e.g. RoboForm) that will automatically fill the page in some manner they claim to be invulnerable to keyloggers. If that's true, (and I can't evaluate its security) it's getting close to a solution. Unfortunately, keeping the password file up-to-date is a mild nuisance. Moreover, since it will need to be a Windows executable, it's not possible for people without a Windows machine available to fill in their passwords ahead of time. For my business, I have SecureID, which makes one-time passwords. It's a good solution for businesses, but not for personal accounts on things like Gmail, etc. So, what solutions do you use, or how do you mitigate the defects of the above processes? In particular, how do people with Mac or Linux home computers deal with this?"

Best Way To Avoid Keyloggers On Public Terminals?

This discussion has been archived. No new comments can be posted.

Search 701 Comments Log In/Create an Account

Comments Filter:

Re:I don't type (Score:5, Funny)

by Anonymous Coward writes: on Wednesday April 23, 2008 @10:27PM (#23178440)

I store my password at mydomain.com/password.txt so I can just copy/paste when I'm remote.

Re:someone mod parent up please (Score:5, Funny)

by Strange Ranger ( 454494 ) writes: on Wednesday April 23, 2008 @10:54PM (#23178650)

I thought the best answer would be using a powerful electromagnet or maybe a defibrillator on the offending machine.

"In particular, how do people with Mac..." (Score:5, Funny)

by Ralph Spoilsport ( 673134 ) * writes: on Wednesday April 23, 2008 @11:00PM (#23178698) Journal

"In particular, how do people with Mac or Linux home computers deal with this?"
I bring it with me - I have a macbookPro and I don't use public terminals. You can get cooties that way.
RS

Re:I don't type (Score:4, Funny)

by JayAEU ( 33022 ) writes: on Wednesday April 23, 2008 @11:02PM (#23178712)

I store my password at mydomain.com/password.txt so I can just copy/paste when I'm remote.

That's still too complicated! Passwords have to be stored in mydomain.com/index.html for easy access!

Re:someone mod parent up please (Score:5, Funny)

by Cruciform ( 42896 ) writes: on Wednesday April 23, 2008 @11:02PM (#23178722) Homepage

When it comes to security, the best answer usually becomes the most unpopular and hard to swallow.
Hard to swallow? Then you don't want to know where I hide the thumb drive with my SSH keys.

Re:Phone? (Score:4, Funny)

by Hal_Porter ( 817932 ) writes: on Wednesday April 23, 2008 @11:23PM (#23178838)

Identity Theft International bans phones but offers free internet access in most cities. Don't worry about that funny message about site certificates not matching, it's just our https proxy. Click OK! Click OK!

Re:I don't type (Score:3, Funny)

by beav007 ( 746004 ) writes: on Wednesday April 23, 2008 @11:54PM (#23179016) Journal

...Until you realise it doesn't actually work...

Re:Phone? (Score:5, Funny)

by fishbowl ( 7759 ) writes: on Wednesday April 23, 2008 @11:56PM (#23179024)

>Is that truly necessary?

The LAST thing I want is contact with anybody from my High School.
So ... no.

Re:I don't type (Score:5, Funny)

by electrosoccertux ( 874415 ) writes: on Thursday April 24, 2008 @12:25AM (#23179188)

Start > Programs > Accessories > System Tools > Character Map. But a software clipboard hook will still get you.
Score: -1, Microsoft User

Re:I don't type (Score:5, Funny)

by mikesd81 ( 518581 ) writes: <(mikesd1) (at) (verizon.net)> on Thursday April 24, 2008 @12:28AM (#23179208) Homepage

That's still too complicated! Passwords have to be stored in mydomain.com/index.html for easy access!

Complicated how? And why index.html? Browsers show txt files too.. I don't think it's a great solution if someone is looking over your shoulder or knows your domain name (like a shady acquaintance).

Re:someone mod parent up please (Score:5, Funny)

by eison ( 56778 ) writes: <pkteison@NoSPAM.hotmail.com> on Thursday April 24, 2008 @12:51AM (#23179324) Homepage

No, nuke it from orbit, it's the only way to be sure.

Re:I don't type (Score:5, Funny)

by yo303 ( 558777 ) writes: on Thursday April 24, 2008 @12:57AM (#23179350)

http://mydomain.com/woooosh.html [mydomain.com]

Re:I don't type (Score:2, Funny)

by Anonymous Coward writes: on Thursday April 24, 2008 @01:29AM (#23179516)

Jeez. That should be http://mydomain.com/woooosh/index.html [mydomain.com]
Try to keep up.

Re:Texting 1 time password (Score:3, Funny)

by Adambomb ( 118938 ) writes: on Thursday April 24, 2008 @03:03AM (#23179864) Journal

Now that is an awesome idea. You could even have it set up such that you could sms back to a system tied cell line if you suddenly received your own password without requesting. the sms could trigger a change in the configs so that it uses a next-domain-in-the-rotation or failing that, change the current url for the frontend. If the users of the system knew the list of possible domains/urls that'd make it even tighter heh.

damnit, why didn't i think of that one you bastard =)

Re:someone mod parent up please (Score:3, Funny)

by saskboy ( 600063 ) writes: on Thursday April 24, 2008 @03:08AM (#23179886) Homepage Journal

I guess Sandisk's next innovation will be lubed USB drives?

Re:I don't type (Score:3, Funny)

by phexitol ( 1254836 ) writes: on Thursday April 24, 2008 @03:38AM (#23179992)

Well duh. What If I forget what my domain name is, and have to use Google to find it again?

Re:Phone? (Score:3, Funny)

by technomom ( 444378 ) writes: on Thursday April 24, 2008 @08:49AM (#23181196)

What about the well-hidden pinhole camera aimed over the keyboard? So, after you've mitigated the well hidden hardware keylogger, you still have to cover your hands with a hanky while you type.

Re:I don't type (Score:1, Funny)

by Anonymous Coward writes: on Thursday April 24, 2008 @03:32PM (#23188032)

once again...
http://mydomain.com/woooosh/index.html [mydomain.com]

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Best Way To Avoid Keyloggers On Public Terminals? 701

Best Way To Avoid Keyloggers On Public Terminals? More Login

Best Way To Avoid Keyloggers On Public Terminals?

Re:I don't type (Score:5, Funny)

Re:someone mod parent up please (Score:5, Funny)

"In particular, how do people with Mac..." (Score:5, Funny)

Re:I don't type (Score:4, Funny)

Re:someone mod parent up please (Score:5, Funny)

Re:Phone? (Score:4, Funny)

Re:I don't type (Score:3, Funny)

Re:Phone? (Score:5, Funny)

Re:I don't type (Score:5, Funny)

Re:I don't type (Score:5, Funny)

Re:someone mod parent up please (Score:5, Funny)

Re:I don't type (Score:5, Funny)

Re:I don't type (Score:2, Funny)

Re:Texting 1 time password (Score:3, Funny)

Re:someone mod parent up please (Score:3, Funny)

Re:I don't type (Score:3, Funny)

Re:Phone? (Score:3, Funny)

Re:I don't type (Score:1, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot