Computer security in hotel business centers

[Zero]

I went into a hotel computer center (Apple computers) to print an email in Gmail. Someone had left their account logged on, so I logged them off. But the printer queue was halted and had dozens of emails, boarding pass, etc., jobs waiting.

I cleared it and tried my print job, nope jammed. So I deleted mine in the que, and was leaving but thought; "hmmmm, wonder if it was in 'Documents'?" so I looked, and sure enough it was, along with dozens more and so I deleted "only" mine.

I told the front desk and they just shrugged.

So FYI, make sure you look in all the little hiding places.

 

[braumeister]

Thanks, that's good to know.

Whenever I use a public wifi hotspot of any kind, I always login through a VPN.

I have used a publicvpn.com account for several years ($69.95 a year) and have never had a problem with it. Probably not perfect, but it gives me some peace of mind.

 

[Zero]

Braumeister, I have to get a little bit better at security, so gonna give is some learning curve.

BTW, the email to me was titled something like "RE: Mr. Brad Pitt, your order has been processed", so when I looked under "History" in the browser, there was my name staring back at me.

Thanks for the tip on VPN.

 

[Alan]

Braumeister, I have to get a little bit better at security, so gonna give is some learning curve.

BTW, the email to me was titled something like "RE: Mr. Brad Pitt, your order has been processed", so when I looked under "History" in the browser, there was my name staring back at me.

Thanks for the tip on VPN.

I think you were talking about a public PC while Braumeister was talking about a public wifi hotspot, which I assume he uses with his own private laptop.

Depending on how a public PC is set up you may not be able to use VPN on a public PC, plus there is still a possibility you leave some document on the public PC you didn't intend if you try and print it on a printer that the public PC is connected to.

 

[donheff]

I think you were talking about a public PC while Braumeister was talking about a public wifi hotspot, which I assume he uses with his own private laptop.

Depending on how a public PC is set up you may not be able to use VPN on a public PC, plus there is still a possibility you leave some document on the public PC you didn't intend if you try and print it on a printer that the public PC is connected to.

Big difference between using a hotel pc and logging onto their wifi network with your own. The former is very risky, the later is slightly risky. The fear I have of using public pcs is the some ner-do-well will have planted a key logger. I have used them to print boarding passes but I don't log into any of my accounts. On wifi you can securely connect to your accounts and snoopers wont be able to read the traffic. A sophisticated hacker on a wifi network could potentially hijack a browsing session but the odds are tiny.

 

[Alan]

Big difference between using a hotel pc and logging onto their wifi network with your own. The former is very risky, the later is slightly risky. The fear I have of using public pcs is the some ner-do-well will have planted a key logger. I have used them to print boarding passes but I don't log into any of my accounts. On wifi you can securely connect to your accounts and snoopers wont be able to read the traffic. A sophisticated hacker on a wifi network could potentially hijack a browsing session but the odds are tiny.

Good summary.

 

[ChiliPepr]

The fear I have of using public pcs is the some ner-do-well will have planted a key logger.

This is a good fear to have and one of the reason I stay away from public computers...

But if you have to use one, here is a little trick to foil most loggers...
Go to your page you want to log into; between every letter in your username and your password, use your mouse to move to the "web search" box on the top of the screen and type a few random letter (don't hit return!).

What will happen is the key logger will record random characters between every letter in your username and your password.

 

[easysurfer]

This is a good fear to have and one of the reason I stay away from public computers...

But if you have to use one, here is a little trick to foil most loggers...
Go to your page you want to log into; between every letter in your username and your password, use your mouse to move to the "web search" box on the top of the screen and type a few random letter (don't hit return!).

What will happen is the key logger will record random characters between every letter in your username and your password.

Great tip. I'll have to remember that.

 

[mh]

Great tip. I'll have to remember that.

Don't be too confident on the safety of this trick. It's pretty easy to also track which window the input is getting sent to for each keystroke.

 

[ChiliPepr]

Don't be too confident on the safety of this trick. It's pretty easy to also track which window the input is getting sent to for each keystroke.

That is why I said to use the "search window" inside the browser... the logger has them both in the same window.

 

[Alan]

Great tip. I'll have to remember that.

That is why I said to use the "search window" inside the browser... the logger has them both in the same window.

I agree - great tip.

 

[Lsbcal]

Big difference between using a hotel pc and logging onto their wifi network with your own. The former is very risky, the later is slightly risky. The fear I have of using public pcs is the some ner-do-well will have planted a key logger. I have used them to print boarding passes but I don't log into any of my accounts. On wifi you can securely connect to your accounts and snoopers wont be able to read the traffic. A sophisticated hacker on a wifi network could potentially hijack a browsing session but the odds are tiny.

What if you need to use the hotel printer and it is not wireless? I was trying to get tickets to save $60 in admissions to Seaworld and so opted for the hotel computer wired to the printer. I did not trust that the Seaworld application would work if I first did the transaction on my computer and then tried to print out with the public computer. Was worried about the security but it's the only time I've used a VISA card on a public computer.

Anything I should have done instead? Maybe I should have used the idea Chilipeper advanced, entering the VISA data using a combo of the data screen and the search box. I guess screen shot malware would not fall for this trick though -- or am I missing something?

 

[Alan]

What if you need to use the hotel printer and it is not wireless? I was trying to get tickets to save $60 in admissions to Seaworld and so opted for the hotel computer wired to the printer. I did not trust that the Seaworld application would work if I first did the transaction on my computer and then tried to print out with the public computer. Was worried about the security but it's the only time I've used a VISA card on a public computer.

Anything I should have done instead? Maybe I should have used the idea Chilipeper advanced, entering the VISA data using a combo of the data screen and the search box. I guess screen shot malware would not fall for this trick though -- or am I missing something?

What I have done is to do my transaction on my laptop and then e-mailed the e-ticket to myself using by "backup" e-mail account that I never use for anything important.

I then log onto the hotel computer to open my e-mail and print the ticket on their printer.

I am currently on a long vacation and have today made another couple of reservations at hotels for a several weeks in advance. I have done a print to pdf of the confirmations and saved the files on my laptop and a memory stick for backup.

Should we turn up at the hotels and they do not have a record of the reservation, I reckon I can fire up my laptop and show it to them (no internet connection required). I've never needed to do this but feel better having it available.

 

[Lsbcal]

Alan, your solution plus carrying a memory stick sounds like a good strategy for things like hotel reservations. My problem with Sea World probably was a one time issue. That was because you had to log into their application and then at the end you got to print out your tickets once and I don't think (or did not know if) you could print to a file. We were going the next morning so if there was a glitch I didn't want to show up at Sea World and try to explain it.

It will be interesting when we go to Europe as I'm only going to bring my Kindle Fire which uses it's Silk OS to do somewhat limited web access. May have to use the hotel computer if a boarding pass printout is required. Love those French keyboards ... not. Maybe I could use your email + hotel printout for this sort of thing.

 

[Lsbcal]

This is a good fear to have and one of the reason I stay away from public computers...

But if you have to use one, here is a little trick to foil most loggers...
Go to your page you want to log into; between every letter in your username and your password, use your mouse to move to the "web search" box on the top of the screen and type a few random letter (don't hit return!).

What will happen is the key logger will record random characters between every letter in your username and your password.

Is this technique superior to just "defocusing" between typing into a box? What I've done in financial logins even on my computer (assume it's hacked if you are truly paranoid) is type part of the password, defocus by moving the mouse out of the box and typing dummy characters, replace cursor in box and finish password.

So the question is: is "defocusing" to a point in the window the same as moving to the search box to type your dummy characters?

 

[Alan]

Alan, your solution plus carrying a memory stick sounds like a good strategy for things like hotel reservations. My problem with Sea World probably was a one time issue. That was because you had to log into their application and then at the end you got to print out your tickets once and I don't think (or did not know if) you could print to a file. We were going the next morning so if there was a glitch I didn't want to show up at Sea World and try to explain it.

It will be interesting when we go to Europe as I'm only going to bring my Kindle Fire which uses it's Silk OS to do somewhat limited web access. May have to use the hotel computer if a boarding pass printout is required. Love those French keyboards ... not. Maybe I could use your email + hotel printout for this sort of thing.

For many years I have used the free pdf writer called cutepdf. Once installed it appears as a printer whenever you print. Select "CutePDF Writer" and in a few seconds (or longer) it will prompt you for a file name. The pdf file can then be printed on a public PC.

 

[Goonie]

For many years I have used the free pdf writer called cutepdf. Once installed it appears as a printer whenever you print. Select "CutePDF Writer" and in a few seconds (or longer) it will prompt you for a file name. The pdf file can then be printed on a public PC.

+1

I use CutePDF all the time and love it! IF I need a hardcopy of something I've "printed" to CutePDF, I just open the file I saved and click 'print'. Before I retired I use to send PDF files that I had created using CutePDF, by email to myself and then print it out in the color laser printer at work. I did it that way for tickets a few times too.

 

[TromboneAl]

For anything involving a cc number, I use Shopsafe. The virtual cc number can only be used for the original merchant. It's a bother, but discovering, while on a trip, that our number was stolen was a bigger bother.

 

[eridanus]

I use ShopSafe too. Great service for BoA cards.

Re:typing somewhere else

Whether a defocus or the same window works for obfuscation depends on the quality of the key/screen logger.