"Shoulder surfing" is also pretty common, to say nothing of a keylogger. Of course, I'm not trying to make all you IT folks more worried about what your users are doing at the airport ;) BTW, I thought this site was pretty cute. http://lasecpc13.epfl.ch/ntcrack/submit.php Web-based NT Password cracker. It has got a little more popular in the past week or so, the queues used to be ~5 minutes. > -----Original Message----- > From: InfraGard [mailto:infragard@private] > Sent: Wednesday, July 23, 2003 7:39 AM > To: Information Technology > Subject: [Information_technology] Daily News 7/23/03 > > July 22, Associated Press > Risks of public Internet terminals demonstrated. The risks and dangers > of > using public Internet terminals at cybercafes, libraries, airports and > other > establishments have been demonstrated by recent high-profile cases where > software that logs individual keystrokes has been installed on public > computers and used to record user names and password. Neel Mehta of > Internet > Security Systems Inc. said that while millions of individuals use public > terminals without trouble, they should be cautious. "When you sit down > at an > Internet cafe, ask the owner or operator about the security measures in > place," he said. Encrypting e-mail and Web sessions does nothing to > combat > keystroke loggers, which capture data before the scrambling occurs. Data > cookies, files that help Web sites remember who you are, also contribute > to > the risk of identity theft. Unless you remember to log out, these files > could let the next person using the public terminal to surf the Web as > you. > Browsers typically record recent Web sites visited so users won't have > to > retype addresses. But such addresses often have usernames and other > sensitive information embedded. Secure public terminals should by > default > have provisions for automatically flushing cookies and Web addresses > when a > customer leaves, Internet security experts say. Source: > http://www.washingtonpost.com/wp-dyn/articles/A29083-2003Jul22.html
This archive was generated by hypermail 2b30 : Thu Jul 24 2003 - 15:19:44 PDT