Helping people with computers... one answer at a time.
I do need to point out that there's never going to be an absolute "safe" when using a public computer. You'll see why in a moment.
In your last newsletter, someone had a question about accessing email via LastPass from a public computer. I've heard that the safest way to access online password protected websites is by using a Linux Live CD. Would this be a safe of way doing this on public computers?
In this excerpt from "Answercast #55, I look at the problems involved in using a Live CD on a public computer and how safe it actually is.
Well, I do need to point out that there's never going to be an absolute "safe." You'll see why in a moment.
It would be "safer," absolutely - if in fact the computer allowed you to boot it from CD. Many public computers are configured in such a way that prevents exactly that; to prevent people from running "who knows what" on those computers.
So, yes. It is in fact safer to run from a Linux Live CD. And the reason would be simply that any malware that was installed on that PC would not be running while you are running from your Linux Live CD.
You provide all the software that's running on that machine using your Live CD. Therefore, anything that might be on that hard disk is basically ignored.
Here's the problem. It is possible to have what's called a "hardware keylogger" or a "hardware activity logger."
What those are is as it sounds. They are pieces of hardware that get installed on computers (often surreptitiously) and that record all of the keystrokes that go into the machine. Or maybe all of the network traffic that happens on the machine. Or who knows what else.
The point being though that they are there in the hardware regardless of what you run. So those things would still be recording your keystrokes, even though you are running from a Linux Live CD.
That's why I say, "Yes, you're safer running from a Linux Live CD," because ultimately, what I've described as hardware keyloggers aren't as common as software keyloggers. But they definitely exist and that means that you may still be at risk when you run from a Linux Live CD.
Unfortunately, there really is no absolute solution here. What I strongly
suggest to most people who are concerned about this particular issue is that
you avoid using public computers. Avoid using computers that you don't control
to login with your sensitive account information. You simply don't know whether
or not that information is being recorded by someone... even if you replace all
of the software on the machine, there is still the potential for hardware
Next from Answercast 55 - Why does printing take so long to start?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.