pancakes

MicrostockGroup Sponsors


Author Topic: While travelling, using internet - safe??  (Read 5845 times)

0 Members and 1 Guest are viewing this topic.

« on: May 17, 2007, 20:19 »
0
I never bothered about using internet places anywhere when I travel, until recently, when a friend said that cybercafes were a good place for spybots to thrive and therefore our confidential data would be at risk.  He said we should never check anything passworded. 

Ok, I don't check my bank account, but I don't check my email accounts and on occasions my stock sites. 

One of the email especially is the one used for Paypal and Moneybookers too.  Should I avoid using it? Any easy way to be protected?

Regards,
Adelaide


« Reply #1 on: May 18, 2007, 11:26 »
0
You're safe as long as the site you are logging on to is encrypted.

Paypal is encrypted, but none of the microstock sites are. I'd be very surprised if your online banking site wasn't encrypted.

« Reply #2 on: May 18, 2007, 12:22 »
0
I would avoid using any computer that you do not have total confidence in.

It is highly possible that programs could be running on internet cafe computers that would capture your login and password for any site that you log onto.  They could then use that information for their own purposes.

HTTPS encryption only protects the transfer of data.  If the computer that you are logged into is hacked or unsafe, then it doesn't do squat for that.

« Reply #3 on: May 18, 2007, 12:59 »
0
last year in Buenos Aires i cheked my gmail in a cyber and they stole my username and password. there was nothing important there, so not big deal, but it could be... so i learned.

Luca

« Reply #4 on: May 18, 2007, 13:50 »
0
how did you find out they stole your username and password?

« Reply #5 on: May 18, 2007, 15:05 »
0
I was assuming that she was using her own computer, and merely borrowing the internet connection.

Never do password-related or confidential stuff on a computer that you cannot control access to - hacking and snooping is altogether too easy.

« Reply #6 on: May 18, 2007, 15:27 »
0
 ;D sorry, i wasn't very clear, my english is not so good and sometimes it's difficult to me put in english words, what i want to say.

it was a very funny story... my husband was working and saw me connected on gtalk, so he talked to me, i told him very nasty things (not me), he realized it wasn't me since i knew he was at work and everyone could read that. in fact, everyone red that and had a big laugh.
he asked the person nicely to logout, but she (or he) wouldn't so he waited paciently till she (or he) find a better thing to do, then he logged in and change the password.

it was nothing, but it could have been something.

« Reply #7 on: May 18, 2007, 18:40 »
0
I log on to everything on unknown computers, but I advise people I care about not to do so. I've worked with computers all my career and I keep up with the scams and security technology. The best defence you have is understanding. So here's some simple background so you know a little more about what to watch out for.

Keyboard loggers. There are tools readily available that record the keys pressed on the keyboard and put them in a file. These can be later retrieved and used to see what you typed. "www.mybank.com"...."myuseraccount"...."mypassword".  You cannot tell if these loggers are running on the computer.

Screen captures. These tools capture the screen, just like sitting a video camera up in front of the monitor. They're usually used in combination with keyboard loggers in case your bank has the half-way-measure of requiring you to click moving buttons with the mouse instead of typing your pin number on the keyboard.

Traffic sniffers. These log the traffic going back and forth between your computer and the Internet. These tools don't even have to be running on your computer - they can be between your computer and the Internet if you're using an Internet cafe's connection on your own laptop. These can be used to see your logon credentials in plain text if you're not using a secure connection.

One of my online banking facilities requests a random combination of characters from my pin number AND password each time I log on. For example, "Please enter the sixth, fourth and tenth characters from your password".  This ensures that even if someone is logging your keyboard strokes, capturing your screen and sniffing your traffic, they don't get your full password. This bank has had this technology in place for three years now and it's the only foolproof way to securely access private information on a public computer. I can't understand why it hasn't caught on yet.

And sharply_done is right. This stuff is all too easy. All of these tools are available from download.com !  But you're not right about the microstock websites having secure login. iStockphoto, Shutterstock and 123rf have stealth encryptioni. If you look at the code of the pages with a login form you'll see the credentials are sent to a page with the https prefix. It's not foolproof, but it helps. LuckyOliver actually has a fully secure and dedicated login page. Not so glamorous, but better.

So what to do?
- You can manually put the 's' after the 'http' on most sites to switch to encrypted traffic, assuming they have an SSL certificate. All the microstock websites do.
- Switch to a bank that uses partial passwords like the process described above
- Change your passwords regularly. If you know you're going to be using a public computer, change to a temporary password first and then change it back once you're on your own computer. If you beat them to it this will be effective.
- Educate yourself and those around you. The more people understand the scams and protect each other the less money there will be in it for the perpetrators.

Be safe out there! ;)
-

« Reply #8 on: May 20, 2007, 02:58 »
0
OK cyber cafes are not safe unless you set up a temporay travelling e-mail acount to say hey I am still alive

How safe is using your own laptop in wireless cafe/zone?

« Reply #9 on: May 20, 2007, 13:17 »
0
OK cyber cafes are not safe unless you set up a temporay travelling e-mail acount to say hey I am still alive

How safe is using your own laptop in wireless cafe/zone?
The same as using their computers, infact less safe because multiple people can read what you send wirelessly versus only one person that has control of the wired computer.

« Reply #10 on: May 21, 2007, 01:31 »
0
Based on the marketing of the U3 USB Drives, they should solve all the problems. 

Basically if you can use a USB Drive at the cafe, then the software on it will run an automatic virus checker (etc) and all your data on the drive is encrypted.  It also removes all info on the computer when you leave (ie. cookies and temp files).

Any techies that can comment on this?

NOte: I have one but I have had issues with the encrypter.  If It does what it says, it should be great but I dont think it is quite as good as it should be to make it a commercial success.

« Reply #11 on: May 22, 2007, 02:14 »
0
OK cyber cafes are not safe unless you set up a temporay travelling e-mail acount to say hey I am still alive

How safe is using your own laptop in wireless cafe/zone?
The same as using their computers, infact less safe because multiple people can read what you send wirelessly versus only one person that has control of the wired computer.

If  you use your own laptop and use only sites with SSL connection (or if possible use highly crypted VPN connection) it should be safe (since the all traffic from the your laptop browser to end point (e.g. your web mail server) is crypted.) )

But if you use non-ssl connection then you are not safe. But remember that you have good firewall on your laptop, because they can hack your computer and install some nasty spyware on it :)


« Reply #12 on: May 22, 2007, 17:42 »
0
If  you use your own laptop and use only sites with SSL connection (or if possible use highly crypted VPN connection) it should be safe (since the all traffic from the your laptop browser to end point (e.g. your web mail server) is crypted.) )

But if you use non-ssl connection then you are not safe. But remember that you have good firewall on your laptop, because they can hack your computer and install some nasty spyware on it :)
That's correct, but I was assuming he was a normal user (POP3 email server) that used Outlook to get his mail.

@CJPhoto - I have a SanDisk Cruzer U3 1GB drive. To be honest only 2 days after I got it I reformatted the drive so that the software wasn't on it only. It's horrible, irritating software and it will only protect what is on the disk, not what you transmit. For one, you have to install it on every computer you try to use it on which is a big pain (and the internet cafes probably don't allow that anyway). Second, it doesn't really protect you. Real hackers or undesirables are going to use things other than cookies and temp files to get your information. They're going to use a keylogger and  screen capture software that the U3 software can't/doesn't stop.

« Reply #13 on: May 23, 2007, 01:25 »
0
@CJPhoto - Second, it doesn't really protect you. Real hackers or undesirables are going to use things other than cookies and temp files to get your information. They're going to use a keylogger and  screen capture software that the U3 software can't/doesn't stop.
does the virus cheaker on it not cheak for keyloggers aswell??

I dont use mine much but will probably remove the U3 stuff soon.

« Reply #14 on: May 23, 2007, 11:54 »
0
@CJPhoto - Second, it doesn't really protect you. Real hackers or undesirables are going to use things other than cookies and temp files to get your information. They're going to use a keylogger and  screen capture software that the U3 software can't/doesn't stop.
does the virus cheaker on it not cheak for keyloggers aswell??

I dont use mine much but will probably remove the U3 stuff soon.
No, the anti-virus software doesn't check for keyloggers. You should also note that most of the "protective" software doesn't come with the U3 and you have to purchase that separately.


 

Related Topics

  Subject / Started by Replies Last post
12 Replies
4726 Views
Last post May 09, 2007, 17:24
by madelaide
2 Replies
3941 Views
Last post June 19, 2007, 23:33
by yingyang0
Is Veer safe?

Started by Anyka Veer

14 Replies
7292 Views
Last post February 05, 2013, 23:05
by 33ft
1 Replies
3315 Views
Last post July 25, 2013, 12:25
by johnmessingham
8 Replies
6138 Views
Last post October 27, 2014, 05:18
by Justanotherphotographer

Sponsors

Mega Bundle of 5,900+ Professional Lightroom Presets

Microstock Poll Results

Sponsors