Using Internet on public computers

This is a discussion on Using Internet on public computers within the A Brief History of Cprogramming.com forums, part of the Community Boards category; Yes, I imagine they are generated passwords, but many (if not most) use typical pass-phrases for stuff, so it could ...

  1. #16
    C++まいる!Cをこわせ! Elysia's Avatar
    Join Date
    Oct 2007
    Posts
    22,543
    Yes, I imagine they are generated passwords, but many (if not most) use typical pass-phrases for stuff, so it could be either way - garbage or a real password.
    But the safest bet would be to use a fake password. Perhaps a fake generated password.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  2. #17
    Ethernal Noob
    Join Date
    Nov 2001
    Posts
    1,901
    I was wondering, do they have "mouse loggers" I mean you could type some gibberish with bits of your password laced in it and selectively delete them from a text field to provide the password, aside from the mind-f*** and the time I think that would be difficult to parse, if you use the mouse to place the cursor that is.

  3. #18
    Reverse Engineer maxorator's Avatar
    Join Date
    Aug 2005
    Location
    Estonia
    Posts
    2,318
    They can simply log the contents of the input box at the moment it is submitted. That's not very difficult to do and beats all your "mouse" tricks.

  4. #19
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Location
    Canada
    Posts
    8,046
    That would beat it, of course. But I don't see how you could do it (admittedly, I don't know much about this sort of thing). If the connection is unsecured, then sure, it could be done -- especially if the site was stupid enough to use GET. But what if it was secured, as sites requiring passwords you care about usually are?
    dwk

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell


    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ: cpwiki.sf.net

    My website: http://dwks.theprogrammingsite.com/
    Projects: codeform, xuni, atlantis, nort, etc.

  5. #20
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,438
    GET or POST wouldn't make much difference, since both can be sniffed. GET imbues the name/value pairs on the URL, whereas POST puts them in the HTTP request body. There are a few other minor differences but not significant for this discussion, having more to do with how broswer makers implement both methods. What is relevant however is that POST is actually as easy to get as GET (no pun intended). Many web developer tools include the ability to read POST data on their browsers (Firefox has a few addons that allow just this, for instance, as does the IE Developer Toolbar, IIRC).

    In any case, I suspect any keylogger smart enough to just log the contents of an input during submission (as opposed to logging keystrokes) can only do so by sniffing the HTTP request header an body just prior to be sent. This is its weakness, because...

    ... if the transmission is encrypted, any name/value pairs are encrypted before being added to the HTTP request. Consequently sniffing the message header or body on the user machine with such type of keylogger, or do it with a packet sniffer while on transit will have the exact same result; both will meet encrypted, and consequently useless, data.

    Considering the really interesting data travels encrypted... I would wager a keylogger and mouseloger are still more powerful tools in this case.
    Last edited by Mario F.; 07-02-2008 at 11:36 AM.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  6. #21
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,893
    Of course, the browser itself could simply be modified to log all data sent and received.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  7. #22
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Location
    Canada
    Posts
    8,046
    Or a security hole in the browser could be exploited, which might be more likely. (Or not, given the rather paranoid and modified systems a lot of public internet computers seem to run.)

    Something I forgot to mention earlier: if you do my dubious "trick" multiple times, you should probably type the same garbage characters each time. Given "pass3434word", "pass111word", and "passmkhword", it wouldn't be too hard to figure it out.
    dwk

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell


    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ: cpwiki.sf.net

    My website: http://dwks.theprogrammingsite.com/
    Projects: codeform, xuni, atlantis, nort, etc.

  8. #23
    Registered User
    Join Date
    Nov 2004
    Location
    India
    Posts
    515
    they don't allow & have a BIOS password.
    BIOS passwords can be disabled Why do you need a pen drive? Carry a live CD and use that. I use a separate email id which i use to chat or send mails from public computers.
    Code:
    >+++++++++[<++++++++>-]<.>+++++++[<++++>-]<+.+++++++..+++.[-]>++++++++[<++++>-] <.>+++++++++++[<++++++++>-]<-.--------.+++.------.--------.[-]>++++++++[<++++>- ]<+.[-]++++++++++.

Page 2 of 2 FirstFirst 12
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 9
    Last Post: 06-18-2009, 04:58 AM
  2. Reading Process Memory
    By polydegmon in forum C# Programming
    Replies: 0
    Last Post: 05-26-2009, 07:18 AM
  3. Stuck with Structs...
    By DanFraser in forum C# Programming
    Replies: 8
    Last Post: 05-03-2007, 09:55 AM
  4. Collision detection algorithm
    By Hannwaas in forum Game Programming
    Replies: 5
    Last Post: 11-30-2001, 12:27 PM
  5. Exporting Object Hierarchies from a DLL
    By andy668 in forum C++ Programming
    Replies: 0
    Last Post: 10-20-2001, 01:26 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21