Going overseas for while and using internet cafes, which precautions to take against keyloggers etc?

6

1

Ok lets say I'm taking an extended overseas trip and won't have a laptop with me. Reasons being it'll be too heavy to carry and also the country I'm in isn't very safe for carrying expensive items around with you in case you get mugged. This leaves me having to use internet cafes and I may have to work on/maintain a few of my business websites while I'm away.

If I'm at an internet cafe I was thinking of taking an 8GB USB drive with me that has all my stuff on it. I've scanned the portable software list and perhaps loaded on there I could have:

  • TrueCrypt portable
  • TrueCrypt encrypted container with my important files in it
  • Firefox portable edition with addons I need
  • MyEnTunnel - So I can create a local SOCKS proxy for my Firefox browser and tunnel all my web traffic with SSH through one of my international VPSs
  • PuTTY - For managing my VPSs/websites with SSH remotely
  • WinSCP Portable Edition - Copying files to remote server
  • NetBeans or Notepad++ portable - For web development coding at the cafe if I really need to
  • Z-WAMP Server Pack - Portable Apache/MySQL/PHP web server for coding at the cafe
  • KeyPass Portable and my password database
  • LibreOffice Portable
  • 7-Zip / file archiver/extractor

Now one thing I'm concerned about is keystroke loggers being on the internet cafe. Is there any way to defeat those? Perhaps some portable tool I can run from the USB drive to detect and remove them or mitigate that risk somewhat? I'm guessing removing might be difficult as an internet cafe is likely to only have Guest level user access.

One way of defeating keystroke logger for the important stuff like usernames/passwords would be using KeyPass. If I need to enter a password for a website then I open keypass with my key file and master password, then copy paste the username and password from KeyPass into the website login. Would this avoid a keylogger capturing the username and password?

For internet banking a few of my banks have two-factor authentication so I'm not too concerned about key stroke loggers there, but I also have the official bank apps on my iPhone which I could just connect and do my banking stuff over WiFi.

Is there any possibility of the internet cafe staff using remote desktop/screen viewer software to watch what you're doing? Or would that be that pretty unethical? Any way to detect and disable that software while I'm using the PC?

Is there any other software that you would recommend I add onto the USB that would be helpful?

zoszsoz

Posted 2012-12-07T01:27:42.470

Reputation: 162

2A keylogger could easily read the Clipboard (copy and paste events) so using KeePass would not necessarily defeat keyloggers. – BenjiWiebe – 2012-12-07T01:33:49.730

1You mention using your iPhone over wifi, what protection do you have there? The best would probably a VPN, or at least the easiest. – nerdwaller – 2012-12-07T01:38:43.250

@nerdwaller I would potentially only use encrypted WiFi e.g. they require a password to connect. The banking apps and GMail etc use SSL I think. VPN would be good if I can get that going on my iPhone. – zoszsoz – 2012-12-07T02:51:02.967

1@zoszsoz I may be wrong, but having a password doesn't mean people on the network couldn't packet sniff. It's scary how easy that is. VPN on iOS is pretty easy, though I rid my life of iOS devices so I can't give you the direct path. I think it's under the General Settings. – nerdwaller – 2012-12-07T04:03:06.237

@nerdwaller That's a very good point, I'll set up the VPN on one of my VPSs and my phone can use it. – zoszsoz – 2012-12-07T08:45:17.183

Answers

3

A Typical method to thwart keyloggers would be to use an onscreen keyboard.

Karthik T

Posted 2012-12-07T01:27:42.470

Reputation: 2 654