5 security tips for shared and public computers

For many of us, the most important part of security is making our personal data safe. The best security will withstand any abuse, theoretically. However, in the real world, you can’t cover all possible situations of abuse. Therefore, the best strategy is to use multiple techniques for increasing security. Most normal people don’t need complicated schemes and cryptography to be safe. But it’s good to make it hard for intruders to get access to your data.

It may sound silly, but the computer in a library, a classroom, or a lab — or your friend’s phone for that matter — aren’t yours. Even cloud or cloud services in general are usually just someone else’s computer. In general, treat any devices you don’t own as if they’re owned by a villain — in other words, someone who wants your data for evil purposes.

Here are some simple ways you can increase your data security against miscreants or intruders.

Close open sessions

When you’re finished with the device, log out of services such as Facebook or other sites. This helps keep an evildoer from reopening the windows and having access to your account.

Clean browser and other cache

Clear all your history, passwords, and cookies from the browser you used. Don’t assume this is the default behavior on logout. Depending on the platform, check caches as well. You can delete the ~/.cache folder if you’re on a modern Linux system.

Empty the trash

Remove any items left behind on the desktop, if applicable, and empty the account’s Trash or Recycle Bin.

Use service security options

Enable login notifications or approvals for your services and accounts. Some services have an option that notifies you when someone logs into your account from a new device or location. You’ll also get a notice when you login legitimately. But it’s helpful to know if someone tries to use your login unexpectedly from another computer or location.

Other services may allow you to approve any login activity via an email notice. Access is only granted if you approve via a link in the email you receive. Check your services to see if they offer either of these security options.

Limit sensitive data

The easiest way to keep data safe on a computer you don’t own is not to process it to begin with. Try to avoid or limit work that needs sensitive information. For example, you might not want to access bank or credit card accounts, or secure systems for your workplace.

You may want to consider using a Live USB-based operating system for these purposes. Live USB limits or even completely avoids any data storage on the host computer system where you run it. You can download a Live Fedora Workstation operating system for use on a USB stick, for example.

Fedora Project community

7 Comments

  1. First two steps could be avoided if one uses Incognito mode on the browser, afaik.
    Well rounded, simple post for those who are a bit more distracted. ^_^

    have a great 2017, Sylvia!

    • Joao Rodrigues

      You have to make sure that all incognito mode windows are closed (or just use ctrl+q to close all the browser windows) because if you have two incognito mode windows open and close just one of them, your data is still available on the other window.

      Safari addresses this (it’s an incognito mode session per tab)

      • I didn’t know that feature in Safari. Although most of shared computers aren’t Apple it’s common enough. Thank you Joao!

  2. Joao Rodrigues

    Actually, I think that even with LiveUSB-based operating systems you aren’t completely safe.

    The computer may be monitored by the Active Management Technology of those Intel vPro-enabled chips.

    If you’re not using a LiveUSB-based OS, be careful even when using HTTPS.
    The owner of the computer could install his own CA certificate and then use a man-in-the-middle attack to monitor all the sites that you visit (even if you use Private Browsing). Microsoft Windows does this on Child Accounts. That’s how you can monitor your kids’ Internet usage.

    What about the network?
    There’s no guarantee that the data you’re sending through the network isn’t monitored or captured.

    You could (unknowingly) be using a misbehaved DNS resolver that hijacks your DNS requests. Even if you explicitly want to use Google DNS service or OpenDNS, you can’t be sure if your gateway captures those DNS requests and redirects them to another resolver.

    You should also be careful when using free wifi spots like the ones in stores, shopping centres or cafes: you should set you computer to NOT connect automatically to these networks.

    I’m not saying that every open wifi hotspot or internet cafe does this; I’m just saying that it’s technically possible.

    So it all comes down to trust.
    Do you trust the computer you’re on?
    Do you trust the network you’re on?
    Do you know and trust every computer that’s on the same network as you?
    If not, then you shouldn’t do anything that involves sending your personal data.

    • Yes, but this has a limit. We all agree that if you’re in a shared computer is a bad idea to do online banking, but what about if you have to log in as student in x service? Aren’t you sending personal data? And if you need to check your email or a job offer? Isn’t that showing personal data? How much personal data you can disclosure before it gets dangerous? Where is the top bar?

  3. tux

    The best option is not to share computers.

    • Many people work on shared computers every day for different reasons. University and high school labs have shared computers where students work together. Libraries have computers for people to use. Many educational institutes offer studying rooms with computers. Many workspaces and workshops have shared computers.
      I can keep citing cases but I think I already clear the point. It’s not realistic to say “don’t use shared computers” or “don’t share computers” because often is not a situation you can choose.
      So let’s try to make it harder for intruders to steal data while teaching people to protect themselves.

Comments are Closed

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions