/* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */
Contact us
Let us put you in the driving seat of your new Web Site

Putting technology in ITs place:
Business and People first!

Click on link to rightWhy Business before Technology
Call us now
Maintain your own site
Click on link to rightSelf Maintenance Sites
[Home]   [Site Map]   [Privacy]   [Toggle Print]   [Contact]   [Bottom of Page]

Using public PCs in Libraries, Internet Cafés, Airports, Hotels etc.

Summary, including brief conclusions

Public access PCs are generally NOT suitable for anything more than surfing! i.e. no keyboard input whatsoever and ideally no use of sites that would in any way recognise you or let you identify yourself even if not by keyboard.

Scope and justification of the summary

This page solely covers the use of any PC which is used by multiple users of which you have no control of knowledge of what they might do or have done with the PC before you use it. If you have a Laptop and are concerned about using it outside of your work and/or home then see Keep safe in Wireless HotSpots.

Can you trust the management and all of their staff in terms of competence, integrity etc.

The first concern for any such usage is the competence (management and technical - both local and centralised aspects of both!) and integrity of the provider of the service. If ANY of those are in doubt then you should not be taking any risks whatsoever when using their PC.

Does the facility attract users who would provide good material for identity theft etc.?

Even if the establishment is solid in all the above respects bear in mind that all sort of deviant people will be trying to exploit those PCs as devices to gather information from or about the people that use them. The only slight saving-grace is that whereas the users of hotspots (see Keep safe in Wireless HotSpots) are typically business laptop users and therefore very, very attractive targets.

With apologies to them for generalisations, the users of public PCs are not likely to be as attractive when used as an alternative to having a PC and Broadband access at home. But we all travel and often we:

  • need a 'fix' - check e-mail or other correspondence or access some 'special' site for information
  • can use web-based facilities such as Web-mail but they need to identify themselves to the relevant web site(s) - obviously this is a significant new service(/technology) where problems often start!
  • don't want the risk and hassle of taking our own (PC or?) device(s) with us when travelling - especially on vacation
  • think that the chances of 'getting caught' are low with little regard for the potential pain and cost of the consequences

so whether in the UK or Abroad you MIGHT be tempted to use a public PC! to check your bank balance, flight itineray etc.. Please read the rest of this page before considering doing-so...

The most likely issues EVEN if the facility provider is known, trusted, competent etc.

If it isn't obvious - the first of these is an order of magnitude or more serious than even the second which in turn is an order of magnitude more dangerous than the rest.

  1. Key loggers may be installed - they could be hardware or software - the choice would depend on the weakest aspect of the public facility's security and the opportunities available to the hacker. Every keystroke you make may be recorded - comprising all information keyed, including login information - even for 'secure'! VPN connections.
  2. If another user of the network you are using is able to install software on the PC that THEY are using then they can do all of the packet-sniffing tactics used on Wireless hotspots - rather than repeat those issues - see Keep safe in Wireless HotSpots, also see Note¹.
  3. Information entered on web forms - INCLUDING LOGIN information can easily be cached as it is by default in Windows. Any saved login information - such as from clicking the 'Remember Me' option when logging into a site just may allow others to access your account(s). The next user of your PC could be a low-level hacker who might find that information of interest/value... just as in the next two items...
  4. Your browsing history may be cached. People can see what Web sites you've visited, and they may be able to view these cached sites, which may invade your privacy, especially if you...
  5. Cookies from your web sessions may not be discarded and they could contain almost any type or amount of personally identifiable information including usernames, passwords and the sites at which they were used.
  6. As (web) developers find different ways to use technology to make their sites more interactive, visual, exciting etc. you can be sure that there will be a constant flow of additions that could be made to this list but it is simpler to assume their prescence as a generic threat to which the response should be a disciplined regard to the use of these (public PC) facilities.

In addition to the above there are all the risks that one associates with public networks anyway - even if the hacker might need to be (or HAVE BEEN!) connected to the network of the (public PC) facility - please read Keep safe in Wireless HotSpots for a summary.

Appendix and Notes to the information above

  1. In a well managed public hotspot the state of a PC would be reset to 'safe' after every change of user - if that is the case then you would only have to worry about current users... This is fairly common (50%?) in good pay-as-you-go facilities but rare in almost all low-cost, small-scale and non-commercial organisations.

    HOWEVER - if the PCs are not reset back into a safe condition after each user then their whole network and the PCs on it could be compromised and possibly remotely managed for several days or even weeks after the hacker has left! The situation is even worse on the PCs that the hacker uses because a software key logger (see above) may be installed and can do so much more than a network sniffer.

    Managers of public PC facilities should always be wary of visitors who often use their facility just after a reset of their PCs if that is done daily, weekly or even ad-hoc - especially if they appear to spend a very similar amount of time each visit and appear to be doing 'repetitive' tasks.

This page © Business before Technology 2006 - see the respective sites of the owners for their copyright as well as terms and conditions

General information about this page and request for feedback

Links and other information last validated on 8th June 2008. Please use the Contact us page to suggest any additions or revisions.

Like the site?

Site Construction by usiness
before Technology
Click on link to rightClick here
[Top of Page]   [Home]   [Site Map]   [Toggle Print]   [Privacy]   [Contact]

© Business before Technology - All Rights Reserved 2003

Business before Technology Limited, Company number: 4969011.
151 Chester Road, Norbury Moor, Hazel Grove, Cheshire SK7 6HD
*¹¹ Note that calls to 0844 884 2244*¹¹ will cost 7p per a minute, your telephone provider (including mobile providers) may add an additional access charge.
23May15: Suppress Msg2U when cannot analyse/react to them 0 or 0 or SoLL /home/sa4ssu/public_html/cgi-bin/LLsHere.

News and Information

Your access to this site:

We will attempt to give you perfect access to this site but this may be impaired by the fact that as far as we can tell you are either:
  • Accessing the Internet from behind a FireWall (Personal or Company) which is disabling cookies OR
  • You have made a technical change to your browser in that you have disabled cookies - perhaps only for this site.

If this was unintentional and you can enable temporary (session) cookies there is a brief description at the bottom of the page. If you don't understand a word of this gobble-D-guk or you don't want to!: leave everything as-is and report any problems via the `LinkTSNo_Cookie_pagenoc1'>Technical feedback facility.

For the technical user

We attempt to set 2 temporary cookies at each interaction you have with this site. The names and typical values are:

NaviSessID=12345 and NaviLastID=erTh1J68SnkK0

The fact they are temporary means that when you close down your browser they will simply disappear. For the paranoic - they are not even written to the cookie folder.

The purpose of these two cookies is to allow you to navigate our site across what is a "connectionless" Internet with security and privacy appropriate to the content and usage of the site.

This notice will disappear from the end of the site Web pages when you have interacted with the site 3-4 times - more than once just in case you miss it at the end of the Home Page.

The only downside that we cannot avoid is caused by us putting the same information in the "Location" or "Address" area towards the top of your browser. You will notice that even though you visit pages more than once that your browser will not recognise them as "visited" because this address changes with each interaction.

Changing browser settings
  • NetScape: Edit->Preferences & select the Advanced Tab (not one of the sub-options). You only need to set cookies that are sent back to their own site but we would recommend that you do not select the 'prompt' option as this will cause an irritating pop-up at each interaction.

  • MicroSoft IE: click on Tools->Internet Options & select Security Tab.

    You could select Local Internet, then Advanced and then add our site address. This assumes that you have got cookies enabled for that zone.

    Another option would be change the "Custom level" for the zone that we are currently in - the Setting to be changed is called "Allow per-session cookies (not stored)" - select Enable then OK)

News and Information