Hi all.

With the undeniable proliferation of internet cafes/wireless access points in addition to public terminals routinely found in libraries, etc. I cannot help but ruminate on the potential security implications. With PM user information (login and password) being passed to the server in plaintext (unencrypted form), there is essentially nothing to prevent an interloper from utilizing a sniffer and/or keyboard logger so that he/she could gain unauthorized access to an account. Clearly, this could result in an incident that is more than merely annoying:

Possible solutions:

I'm eager to hear what suggestions or criticisms (yes, even those) you collectively have.
If you've read this far, thanks. <grin>.

  • Comment on Public Access Terminals and Account Integrity.

Replies are listed 'Best First'.
Re: Public Access Terminals and Account Integrity.
by jonadab (Parson) on Apr 14, 2006 at 11:55 UTC

    Speaking as someone who works at a public library, I can tell you with a fair degree of confidence that if somebody installs a keylogger on a public access station, he's going to be able to collect much more compromising (to the victim) and valuable (to the miscreant) things than Perlmonks accounts. Of course, what he'll *mostly* get is a bazillion free Yahoo and Hotmail accounts, which in general are going to be worth precisely what the original owner paid for them. However, I'm confident that any Perlmonks accounts collected would be cleanly outnumbered by credit card numbers. Which do you suppose the attacker will be cheifly interested in using?

    The one-time-pad idea is a good one, for situations that warrant that kind of security. I wish banks would use such a mechanism, for instance. I have doubts about the need for such a thing on Perlmonks, though, and carrying around the pad would be sufficiently inconvenient that I personally would, for something like Perlmonks, just take the risk and use my regular password. (Of course, my account doesn't have any privileges that would be really dangerous to the site, so all I'd be losing in the worst case scenario would be my own account; an account with more interesting priveleges might warrant greater care.)

    Sanity? Oh, yeah, I've got all kinds of sanity. In fact, I've developed whole new kinds of sanity. Why, I've got so much sanity it's driving me crazy.
Re: Public Access Terminals and Account Integrity.
by ptum (Priest) on Apr 14, 2006 at 14:11 UTC

    Heh. It is hard to imagine that anyone would care enough to steal account information and impersonate another monk. Heck, most of the people I know start rolling their eyes whenever I start talking about PerlMonks. Of course, many of them roll their eyes whenever I talk about anything, but that is another story. :)

    Not to diminish the critical nature of PerlMonks or the way that civilization hangs in the balance on our every post, but surely those running keyloggers and sniffing network traffic have better fish to fry than this? Or perhaps it has been too long since I was in school, and I've forgotten how much time one has for pranks and mischief ... ?

    No good deed goes unpunished. -- (attributed to) Oscar Wilde
Re: Public Access Terminals and Account Integrity.
by parv (Vicar) on Apr 13, 2006 at 23:32 UTC
    I propose use of IPSEC or ssh tunnel on part of user, or use of encryption only for login on part of PM.

      hmmm what if I stick a keylogger on the terminal you use in the library?

        A keyboard logger installed on a machine in the library would still be defeated by the disposable password concept.

Re: Public Access Terminals and Account Integrity.
by QM (Parson) on Apr 14, 2006 at 14:36 UTC
    Just to pick on this idea a bit...
    Provide the option for all monks to generate a relatively small list of disposable passwords (similar to a one-time pad). The monk in question would retain this list and use each password in sequential order only when logging in from a machine in a public setting. Once he/she logs out, the password that was used is invalidated thereby rendering a sniffer/keyboard logger completely ineffective.
    As often as not, I don't know ahead of time that I'll be logging in from a PAT or hotspot. So I'd first have to login "unsecurely" in order to login "securely".

    This is not to diminish the fact that this is a hole.

    Now, being nearly completely security-naive, does TLS get us anywhere?

    Quantum Mechanics: The dreams stuff is made of

Re: Public Access Terminals and Account Integrity.
by eric256 (Parson) on Apr 17, 2006 at 15:34 UTC

    We could always add a seperate part to the login where you pick an item (previously chosen via your preferences) from a group of items. The items would be shuffled every page load so your item would always be in different positions rendering a keylogger and sniffer ineffective. Seems pretty high security that no other websites includes banks even bother with ;) It could still be a fun side project though.

    For those who can't picture it. Say we pick 10 words. Each word is displayed on the login page as a radio button. The radio buttons values are randomly picked and the correct one (associated with the correct word) is stored on the server in the user session. When the user picks one it compares there password and word with the session to see if they match. Sniffing would do no good because the values sent back and forth each time would change and have no meaning. A slightly more complex twist would be for each user to have a rule like I pick the word starting with an a, you pick the one with two ee's etc. Anyway it all seems a bit of overkill but that doesn't mean it wouldn't be a fun project! ;)

    Eric Hodges

      Actually, Bank of America does this as an anti-phishing measure. They have you associate some text with one of several dozen images, and then they display your text with the image before they ask for your login password. While not foolproof (for some values of 'fool') this seems to be a reasonable security measure, and it might be a fun feature to implement, even if it isn't really necessary. :)

      No good deed goes unpunished. -- (attributed to) Oscar Wilde
Re: Public Access Terminals and Account Integrity.
by Marza (Vicar) on Apr 14, 2006 at 00:53 UTC

    Doesn't pudge have an option for logins on public terminals on