And to think ... all this time I've been using public access Internet terminals to check my bank accounts, log on to my web mail, administrate my servers via webmin plus check my Facebook and LinkedIn accounts. Oh, nearly forgot updating my blog and adding articles to my website via its CMS.

If I had only known how insecure these terminals could be. I mean they're all over the place, and can be accessed by anybody!

I am truly shocked and will never use a PUBLIC (doh!) internet access terminal for any secure stuff again.

Why is this Reg news - it's stating the bleeding obvious! Last year all the public terminals at Infosec (of all places) were found to be riddled with spyware. Possibly an article for the silver surfer section of the Beeb - but not the Reg.

So a PC in an internet cafe wasn't secure.

Tell me you'd have run the story if it wasn't Heathrow..

but seriously whoever installed this machine is an idiot. Cudos to the "white hacker" for exposing the flaws...although i wonder, could another, perhaps "greyish" hacker have compromised the machine and kept quiet about it? perhaps stealing CC info for his trouble? If you're wondering how he hacked the box, it's quite simple...open Gmail compose mail,then press attach file/browse...goto windows/system32 right click on command.com and then open.....hey presto, you've got a nice useful interface for doing all sorts of crap.....oh and to access the file system, all you have to do is type file:///c:/ into a browsers address bar.

I wonder how they're gonna fix these flaws? without uninstalling windows xp that is....

Bears found to defecate in forested areas!

Also, it turns out that the Pope is not a Protestant!

They were fine 'till that bloody Italian came along! White hat my a**e, they're all connected with organised crime, people trafficking and drugs... not to mention terrorism!

"it would be the first such breach we have suffered in seven years"

Right. We haven't heard of a single security breach, therefore there haven't been any. Where have I heard this logic before? (And why do you have that banana in your ear?)

Rip the HDD out, and put a custom knoppix CD in and problem solved.

Oh, lock the CD Drive inside the machine so the disk can't be removed unless the case is opened.

If the machines are like the ones I have seen you would look rather suspisious taking it apart in the middle of an airport.

It's not too hard to avoid suspicion. Just dress a bit preppy, collared shirt with some company name on it, and bring a toolkit. Most people won't look at you twice. If anyone does ask, hold up a stick of ram and say you're upgrading the machine.

Social Engineering: The Universal Exploit™

14 hour layover in Gatwick led me to discover the same thing around 6 months ago.. so I called the 24 hour IT helpdesk from a payphone and described the flaw and possible fixes in detail to the guy on the other end. He was pretty convincing that he would do something about it, but obviously it didn't get through. I said I'd give em till my next time in gatwick to fix, however as it's already exposed...

For all you spectrum interative using airport go-ers here's a nifty little trick:

Ctrl-Shift-Esc brings up the task manager.

Kshield.exe gets killed.. MSconfig turns it off , reboot et voila.

Now you have free net access for the next 13 hours. or you can root it to yer hearts content.

God bless layovers :)

Someone found a security issue on a computer running Windows. For me the PC never has been more than a glorified ZX81 for the first 20 years of it's existence, so it's not really all that surprising that the people that brought us a clone of that operating system have had a problem or two making one with pictures in it.

Of course, Firefox makes it even easier to add keyloggers. Just edit them into the code, recompile, and you're done. Hard to detect unless you compare MD5 sigs. Which you wouldn't.

"If you're wondering how he hacked the box, it's quite simple...open Gmail compose mail,then press attach file/browse...goto windows/system32 right click on command.com and then open.....hey presto, you've got a nice useful interface for doing all sorts of crap.....oh and to access the file system, all you have to do is type file:///c:/ into a browsers address bar. I wonder how they're gonna fix these flaws? without uninstalling windows xp that is...." - theotherone

Crikey. And Indeed.

[Sure, some of you will laugh, but it's news to me.]

... That's why I don't touch public terminals with a barge pole (and thank God for my own T-Mobile logon.

Spectrum Interactive bought a really good company with a really good system, and screwed it up. *sigh*

I can think of two options:

Virtualization.

Forced reboot when time runs out which does a network (PXE) reformat and reinstall between sessions (wired directly from a separate hardware timer to motherboard reset switch).

Both of these would cut the chances of picking up something nasty and allow for a much less locked down user experience.

It never surprises me anymore that companies like this do not have these public terminal services checked from a security perspective.

Any decent ethical security firm will supply desktop build reviews and pick up on issues like this and document them fully.

Might cost a couple of grand but will highlight any issues like the above!

Next time PWDUMP, LSACache and cachedump!

It's surprising how many domain admin credentials can be picked up from these public terminals which would be still valid on the suppliers domain/external network/OWA.

Matt@MRS Sec

Yep, that'll work.

From memory (it's been a while since I was last there) the Easy Internet Cafes in London (you know, the bright orange ones) do this every time a user finished their session.

Of course, you may still be able to get free internet access (see above), but no permanent exploits would be possible.

So pay 50p , download malware, log off, and then the keylogger works on all new customers, whats so new about that?

lol next you'll be telling me it's possible to get free internet from all the major hotel chains in london by just changing the ip range to the same as the gateway and pulling your onto a trusted domain also allowing you to browse much restricted fileshares including all the decompileable java applets and such used by the tv/movies on demand

whoops i've said to much....kthxbye

all the malware, keyloggers, trojans anything there is can be found on them use them for business god no, but if your looking to test something they are a great testbed they really have everything you couldn't make a better research platform than one of those things. I was thinking it might be nice to image one and sell it as subscription software to security firms you get a new dvd every week or so.