Internet cafes can be dangerous places. Here’s how to keep your information safe.
Photo by Mark Shandro
Whether sending email, uploading photos, booking flights and hotels, paying the bills back home, and checking the status of a bank account, travelers use the internet for a huge variety of tasks.
The ubiquity of internet cafes around the world has made this convenience possible.
Sitting down at an internet cafe has become so common in the life of travelers that few stop to consider the security of these very public computers.
But if we do stop to think about it, internet cafe computers (and any information you send or access from them) are clearly vulnerable. Fortunately, protecting yourself is not very difficult.
Here are some things you can do to keep your data safe:
1. Get Portable Firefox
The first step to securing your internet connection, is securing your browser. The best way to do this is to install Portable Firefox on a USB thumb drive.
When you sit down at the computer, plug in the thumb drive and start your own version of Firefox from there. As you will see, this small piece of gear is really a necessity for any traveler planning to use public computers.
2. Connect Securely
To ensure your online safety, it is imperative that you use a secure connection when accessing sensitive sites.
Once you have your own version of Firefox up and running on the cafe’s computer, it is time to connect to the internet. To ensure your online safety, it is imperative that you use a secure connection when accessing sensitive sites.
In most cases, when Firefox makes a secure connection a closed padlock appears in the right hand side of the address bar.
If you don’t see this icon, try retyping the address using “https” instead of “http.” In this case “s” means that you are using a special, secure, encrypted connection to the site.
If you always forget to include the “s” try bookmarking the secure site and using that link instead of typing in an address. If you are using a USB drive with your own Firefox browser, these bookmarks will be available anywhere you go.
Alternately, try using this special script with Firefox, which automatically inserts the “s” into preselected site addresses.
3. Confuse the Keyloggers
Once you have established a secure connection, it is time to log in. Thanks to the use of “https” it is significantly more difficult, if not impossible, for people ‘looking in’ on the connection from other computers to steal your data.
Photo by KingJeng.net
That said, the secure connection does not prevent a program on the computer you are using from recording everything you type. These programs, called “keyloggers” are especially dangerous when typing things like login names, passwords, and passport and credit card numbers.
Fortunately, there are a few things you can do.
First, by using bookmarks saved in your portable Firefox browser to connect to sensitive sites, instead of manually typing in the addresses, you eliminate the common method keyloggers use to index data. This makes it much more difficult to assign, for example, a password with a specific email site.
A simple trick that will fool most keyloggers is to disguise your password in a sea of “dummy characters.”
To do this click the password box and type the first character of your password. Next click anywhere else on the page to deselect the password box, and type some random characters before reselecting the password box and entering the second character.
Repeat this process for each character of your password.
This works because most keylogging programs cannot distinguish random typing from typing in a specific field on a web page. For a more complete explanation of this technique, read the short PDF report of a study testing it conducted by Microsoft, and this discussion that followed.
If you frequent some really questionable internet cafes and you want the best defense against keyloggers, than PasswordMaker is the answer. This program produces passwords that are very difficult to crack and is available as a add-on for your Firefox browser.
4. Use Encryption
No matter how well you have planned your trip, sometimes there is business that cannot be done remotely. When this happens, travelers are often forced to send sensitive private information to a trusted friend or family member.
No matter how well you have planned your trip, sometimes there is business that cannot be done remotely.
If you are in a situation where you must email credit card, pin, social security, or passport numbers, using encrypted email is a very good idea.
Email encryption codes your message so that it is indecipherable. A special key is created that can be used to unlock the coded message. The easiest way to send encrypted email is via Gmail Encryption a script that is, obviously, specific to Google’s free email service.
If you don’t like Gmail, the Encrypt This! add-on for Firefox will easily encrypt any text in your browser.
5. Don’t Get Caught by a Phisher
Phishing scams involve decoy websites or emails that mimic an official one. When you enter your information into the fraudulent site, it is sent to a third party. Carefully checking the address of websites you visit is the best defense against these scams.
Firefox also comes with some built in protection. To enable it, go to the Tools menu and select Options. Under the Security tab, check the box next to “Tell me if the site I’m visiting is a suspected forgery” and select the option to “ask Google.”
For a little extra protection, there are several add-ons for Firefox that will make you even safer against phishers.
The Internet, especially when accessed from a public computer or internet cafe, is a dangerous place for your private data.
Fortunately, with a little preparation and care we can surf along without a problem. With precautions in place, you can worry less about your time online, and focus on enjoying your travels.
What tips do you have for traveler’s internet security? Share your own tips in the comments!
About the Author
More By This Author
- The Traveler's Guide To Bypassing Internet Censorship (8 comments)
- 6 Essential Items To Pack If You Want To Meet The Locals (26 comments)
- 8 Free Online Resources For Learning A New Language (60 comments)
Related Posts
9 Comments... join the discussion!
-
-
These are really useful tips – but when I was out in Thailand I noticed that huge numbers of people aren’t even using basic security measures; In half the places I went online I found people had left websites, Instant Messengers or skype logged in. Remembering to logout, and if in Firefox use the “Tools -> Clear Private Data” option when finished is something easy enough for anyone to manage and should be done as a matter of habit.
↵ -
another good tip is to always delete the cookies or history when using another Pc,
or why not eliminate the Internet Cafe all together and invest in a very light laptop like the Asus Eee which is around $300 which is very affordable and may work out the total value of visiting Internet cafes at the end of the trip, 900g you cant go wrong
↵ -
You can also carry around a LiveCD of a Linux distro, which will eliminate the threat of keyloggers while giving all of the benefits of Firefox mentioned in the article. If you’re a little more technically inclined and have a spare USB thumb drive, you can make a LiveUSB thumb drive that will give you your own portable operating system that it faster than a LiveCD and easily modifiable.
↵ -
Actually, while the LiveCD is a great idea for security in a lot of ways, it does not eliminate the threat of hardware keyloggers.
↵ -
There is a detailed comparison of technologies / approaches at http://kyps.net/home/comparison
↵ -
great stuff! thank you
↵ -
These are good tips and present a good balance for someone with only a limited computer knowledge.
I would personally probably carry around a thumbdrive with two partitions on in. One would have a live Linux distribution on it (e.g. Ubuntu), the other would have a bunch of portable apps on it for Windows. Using a Linux live distribution is preferable since you have complete control over the operating system (i.e. you don’t need to worry about what crap the internet cafe has installed on their computer). You’d have the portable Windows apps in case there was a problem, e.g. that there’s no working network driver for the specific machine you’re trying to boot Linux onto.
You absolutely must do what you can to confuse keyloggers, and you must use encryption whereever possible. That said it can be a little tricky sending unencrypted email (a) to people without the techological knowhow of how to read your message and (b) people you weren’t expecting to have to email and who don’t have your encryption key.
Dave’s comments on the Asus eee are good, but that potentially opens up a whole other can of worms: wireless internet security. It’s pretty much impossible to truly secure a network that you are entirely in control of, you have no hope of doing so on someone else’s network. Things like encryption become utterly essential here. And unless you’re 100% certain, don’t plug your password in for anything. All wireless can be hacked pretty easily, even WPA2.
Another very useful tip, if you find yourself having to use a pre-booted Windows machine is to hit ctrl+alt+del before you plug in any passwords. Look closely at what processes are running there. If you see anything that’s dodgy, you might want to look it up online. If you’re not sure if it’s legitimate or not, just type in the name of the process into google and see what it comes back with.
A final point is to make sure that you seriously diversify your usernames and passwords. So that if someone logs into e.g. your gmail account they can’t use the same login info to get into your bank account. You really need to use an encrypted password manager (which you can install on your thumbdrive next to Firefox)
Oh and one absolutely final tip–you know when you have those questions for when you’ve forgotten your password? You know “What’s your mother’s maiden name?” Don’t put the real answer in there. Just make something up. Treat it as another password. Save that, too, in your password manager. If someone’s been keylogging your IM chat with your mum, that person may have your email address, password and mother’s name. Then s/he is only one step away from your bank account.
↵ -
Great extra tips Richard – thanks for sharing!
↵
