Re: Securing a Public Computer Session

Giganews Newsgroups
Subject: Re: Securing a Public Computer Session
Posted by:  Alun Jones (alun@texis.invalid)
Date: Thu, 21 Dec 2006

<chox…@yahoo.com> wrote in message
news:1166309808.581781.2417…@16g2000cwy.googlegroups.com...
> Does anyone know of a way to get around these public computer security
> issues?

You cannot securely access any resources using untrusted hardware.

Consider the possibility that the provider of that hardware is recording a
live video feed of everything displayed on the screen - how much of a
security breach is that?

To get around this problem, you need to use your own keyboard, screen and
computer, and the connection must be encrypted and authenticated in both
directions using out-of-band keying material. (e.g. using an application
that will compare the remote server's certificate with a copy that you have
installed on your machine before you left the office).

Alun.
~~~~

Replies

None

In response to

Securing a Public Computer Session posted by chox…@yahoo.com on 16 Dec 2006