SoylentNews is people
SoylentNews
Ars Technica reports:
The US Secret Service is warning hotel operators to be on the lookout for malware that steals passwords and other sensitive data from guests using PCs in business centers, according to a published report.
The non-public advisory was issued on last Thursday, KrebsOnSecurity reporter Brian Krebs reported Monday. Krebs said the notice warned that authorities recently arrested suspects who infected computers at several major hotel business centers around Dallas. In that case, crooks using stolen credit card data to register as hotel guests used business center computers to access Gmail accounts. From there, they downloaded and installed keylogging software. The malware then surreptitiously captured login credentials for banking and other online services accessed by guests who later used the compromised PCs.
The report is a poignant reminder why it's rarely a good idea to use public PCs for anything more than casual browsing of websites. Even when PCs are within eyesight of a business center employee, librarian, or other supervisor, and even when it is locked down with limited "guest" privileges, there are usually a host of ways attackers can compromise machines running either Windows or Mac OS X.
(Score: 4, Insightful) by Grishnakh on Tuesday July 15 2014, @09:30PM
Maybe if these chains used a locked-down Linux distro with Firefox's privacy mode forced on and a guest account which doesn't store any data, they wouldn't have these problems.
(Score: 3, Informative) by Nerdfest on Tuesday July 15 2014, @09:33PM
No, even this won't necessarily help. There are also hardware keyloggers that you can just plug into a port on the back of the machine. Using a live Linux boot is certainly better than using a "business centre" computer though. Your best bet is using your own laptop or tablet (although tablets likely won't be able to do all tasks).
(Score: 2) by Tramii on Tuesday July 15 2014, @10:24PM
Simple solution: Seal up all the USB / Serial ports with a hot glue gun!
(Score: 1) by Buck Feta on Tuesday July 15 2014, @11:56PM
> Your best bet is using your own laptop
That has always been my strategy, although I'm unconvinced that it's terribly safe either. What say you, my fellow Soylents? Safe, safe enough, or not so safe?
- fractious political commentary goes here -
(Score: 2, Informative) by dr_barnowl on Wednesday July 16 2014, @10:10AM
I tend to tunnel all my traffic in hotels through a VPN of one kind or another. I don't trust their network infrastructure not to be evil. And I'd never use their hardware for anything demanding security.
(Score: 2) by PinkyGigglebrain on Tuesday July 15 2014, @09:38PM
Or at least a VM that would be reloaded from a read only image when a new user logged in. Simplify patching too.
Now a VM running a locked down Linux distro, that would be even better.
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 1) by cyrano on Tuesday July 15 2014, @09:46PM
I'd think that was obvious. Lots of software around to do that. But, apparently, being sloppy is still standard. Wonder if they'll allow you to run wireshark or nessus from their "business" PC's. Ah, well, their wireless probably isn't private either?
The quieter you become, the more you are able to hear. - Kali [kali.org]
(Score: 2) by Kilo110 on Tuesday July 15 2014, @09:47PM
I remember my old library had computers back in the day that would revert to a fresh state every time they were restarted. This would prevent the computers from getting too cluttered up and would also prevent any nasty bits of code. I don't see why all public terminals don't use this approach.
(Score: 3, Insightful) by frojack on Tuesday July 15 2014, @10:03PM
Probably because it didn't work that well, and still didn't prevent key-loggers.
No, you are mistaken. I've always had this sig.
(Score: 2) by Kilo110 on Tuesday July 15 2014, @10:11PM
Well I'm picturing a hypervisor that loads a windows vm that discards changes to the hdd image. I know vmware has that ability, I'm sure others do as well.
(Score: 2) by frojack on Wednesday July 16 2014, @06:27AM
Yes, I understand the principal.
But that shady character working at the front desk plugged a little shim device into the keyboard slot, and then plugged the keyboard into that, and its recording everything you type. Logins, passwords, account numbers, etc.
No, you are mistaken. I've always had this sig.
(Score: 2) by maxwell demon on Wednesday July 16 2014, @06:38AM
Are there still computers where the keyboard is an integrated part (like those old home computers)? That would at least make it impossible to put anything in between keyboard and computer without opening the computer (which would probably not be as easy to perform without being noticed).
On the other hand, even the most secure computer setup would not prevent a hidden camera pointed at the keyboard. Indeed, if there's a dedicated place to put your laptop on (that is a fixed table with chair and connectors which would be the place where you'd most likely put your laptop), even using your own laptop would not help against that type of attack.
(And BTW, it's "principle", not "principal".)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by aristarchus on Wednesday July 16 2014, @08:39AM
Yes, I understand the Principal as well. But was it not the Principle that was in question? Merci beaucoups if not.
(Score: 2) by Alfred on Tuesday July 15 2014, @10:11PM
Saw that in college. They had some bit of hardware effectively doing a man in the middle with the HD. Because of this the computers were really unlocked and loose on the software side. I could walk up to a machine download and install something like kazaa (this is way back) and let it get stuff for me on the fast university connection since at home I only had dial up. And of course the reboot erased all local evidence.
(Score: 2) by Tramii on Tuesday July 15 2014, @10:33PM
I used to work in one of the computer labs (many, many years ago) while I was attending college, and they had a similar setup. Every time you rebooted a computer, it would completely restore the local HD image. However, they were all connected to various network drives which did NOT get wiped. So we would keep the install files for games like Warcraft and Doom II in a hidden directory. So we would just install whatever game we wanted to play at the time, and then rebooted when we were done. Was able to play networked games for years and no one else every caught on.
(Score: 2) by c0lo on Tuesday July 15 2014, @09:55PM
https://www.youtube.com/watch?v=aoFiw2jMy-0
(Score: 2) by frojack on Tuesday July 15 2014, @10:08PM
Apparently you haven read the warnings page: https://tails.boum.org/doc/about/warning/index.en.html [boum.org]
And its no protection against physical keyloggers.
No, you are mistaken. I've always had this sig.
(Score: 2) by DECbot on Tuesday July 15 2014, @11:29PM
Used condoms may still not be safe. Perhaps the headline should be, "Secret Service Just Figures Out Hotel PCs Aren't Safe." (No we weren't downloading porn from untrusted sites, that malware was there before we got here, just like those hookers in our hotel rooms.) Was there ever a time when hotel PCs could be trusted?
cats~$ sudo chown -R us /home/base
(Score: 1) by anubi on Wednesday July 16 2014, @12:59AM
As far as I am concerned, just use it to obtain status. I have no business accessing secure stuff from insecure terminals. And - heavens no - do not engage in anything that requires a logon or a payment of any sort. Maps? fine. Obtain inventory/pricing info? fine. Pirating a music? fine. Even paying a "micropayment" for a read of a news article... NOT! You cannot leave anything identifiable to you or use any codes which authenticate you. This is the one thing to me that hampers internet marketing the most... lack of trust. And our TLA's aren't helping that image one bit. ( Neither is LifeLock, who runs ads showing how a little info in the wrong hands will wreck your life instead of how the person who didn't do due vigilance and make sure the transaction was valid had to eat it.)
You might as well assume any time you are using public internet, its gonna be worse than eating a sandwich you found in the bathroom, with absolutely no accountability for who or what prepared it, or if it has been tampered with, and worse yet, make the assumption while you are at it that it is far more likely to have been tampered with than that hypothetical sandwich you found.
What you do have going for you is that you most likely will not get sick if you stick to the sealed items in the package, but stuff like honoring scripts can really ruin your day.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by prospectacle on Wednesday July 16 2014, @05:55AM
It seems like a good general guideline to follow.
Where do you draw the line though? On the one hand, using a hotel computer, with windows on it, to do internet banking, seems fairly incautious.
On the other hand using an ATM at a service station is still essentially putting your password into a stranger's computer.
Sometime in the next century or so we should really stop and consider how to make a secure and trustworthy internet.
If a plan isn't flexible it isn't realistic