Helping people with computers... one answer at a time.

I do need to point out that there's never going to be an absolute "safe" when using a public computer. You'll see why in a moment.

In your last newsletter, someone had a question about accessing email via LastPass from a public computer. I've heard that the safest way to access online password protected websites is by using a Linux Live CD. Would this be a safe of way doing this on public computers?

In this excerpt from "Answercast #55, I look at the problems involved in using a Live CD on a public computer and how safe it actually is.

Safety on public computers

Well, I do need to point out that there's never going to be an absolute "safe." You'll see why in a moment.

It would be "safer," absolutely - if in fact the computer allowed you to boot it from CD. Many public computers are configured in such a way that prevents exactly that; to prevent people from running "who knows what" on those computers.

Live CD runs independently

So, yes. It is in fact safer to run from a Linux Live CD. And the reason would be simply that any malware that was installed on that PC would not be running while you are running from your Linux Live CD.

You provide all the software that's running on that machine using your Live CD. Therefore, anything that might be on that hard disk is basically ignored.

Hardware loggers

Here's the problem. It is possible to have what's called a "hardware keylogger" or a "hardware activity logger."

What those are is as it sounds. They are pieces of hardware that get installed on computers (often surreptitiously) and that record all of the keystrokes that go into the machine. Or maybe all of the network traffic that happens on the machine. Or who knows what else.

The point being though that they are there in the hardware regardless of what you run. So those things would still be recording your keystrokes, even though you are running from a Linux Live CD.

Safer but not "Safe"

That's why I say, "Yes, you're safer running from a Linux Live CD," because ultimately, what I've described as hardware keyloggers aren't as common as software keyloggers. But they definitely exist and that means that you may still be at risk when you run from a Linux Live CD.

Unfortunately, there really is no absolute solution here. What I strongly suggest to most people who are concerned about this particular issue is that you avoid using public computers. Avoid using computers that you don't control to login with your sensitive account information. You simply don't know whether or not that information is being recorded by someone... even if you replace all of the software on the machine, there is still the potential for hardware intervention.

Next from Answercast 55 - Why does printing take so long to start?

Article C5838 - September 22, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

3 Comments
Douglas Brace
September 22, 2012 11:48 AM

It's also possible that the network activity could be monitored from the router/access point/switch level.

This would mean all activity from the computer, regardless of the devices operating system, would be monitored.

Good point. Theoretically that's the same level of risk as an open WiFi hotspot, and using https sites would protect you - except that even https can be compromised with fake certificates if the both the public computer and network are suspect.
Leo
23-Sep-2012

Ken B
September 22, 2012 3:04 PM

Yes, the router can monitor all activity. That's why it's recommended that you use HTTPS and/or a VPN in public places, even if using your own computer on a public WiFi. These encrypt the data before it even leaves your computer, so while the router could "see" that your computer is talking to computer X, it would have no way of knowing *what* data was going back and forth.

See my response above - even https can be compromised with fake certificates if the both the public computer and network are suspect.
Leo
23-Sep-2012
johnpro2
September 27, 2012 3:01 PM

It is all about minimizing risk ..not eliminating it entirely.
The bootable CD eg Ultimate Boot CD is still the safest option notwithstanding physical key loggers which are not nearly as common as software key loggers.
Jp

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.