Internet Cafes
The fact that you access the Internet in a public space does not make it anonymous or safe for you. It is quite often the very opposite. Some of the main threats are:
- The owner of the computer, or even a person who used the computer before you, could easily program the computer to spy on everything you do, including recording all of your passwords. The computer can also be programmed to circumvent or nullify the protections of any privacy and security software you use on it.
- In some countries, such as Burma, Cuba and Italy, Internet cafe clients are required to show their ID or passport before using the service. This ID information can be stored and filed together with the clients' Web browsing history.
- Any data you leave on the computer you have used may be logged (browsing history, cookies, downloaded files, etc).
- Software or hardware keyloggers installed in the client's computer may record every keystroke during your session, including your passwords, even before this information is sent over the Internet. In Vietnam, an apparently innocuous virtual keyboard for typing Vietnamese characters was being used by the government to monitor user activity at Internet cafes and other public access spots.
- Your screen activity may be recorded by special software that takes screenshots at frequent intervals, monitored through CCTV cameras, or simply observed by a person (e.g. the Internet cafe manager) looking over your shoulder.
- In some countries, such as Burma, Internet cafe owners have to display posters about banned Web content and are responsible for the enforcement censorship law inside their business.
- Computers are often configured so that users are prevented from installing any software, including circumvention tools, or connecting any kind of devices to the USB port (such as USB flash drives). In Cuba, authorities have begun deploying a controlling software for Internet cafes named AvilaLink that prevents users from installing or executing specific software or running applications from a USB flash drive.
- Users may be prevented from using any other browser but Internet Explorer, to prevent the use of privacy or security Add-ons or settings for browsers such as Mozilla Firefox or Google Chrome.
Best practices
Depending on the environment in which you use your shared computer, you can try the following:
- Identify the surveillance measures implemented based on the list mentioned above (CCTV, human surveillance, keyloggers, etc.) and behave accordingly.
- Run portable software from a USB flash drive if possible.
- Keep your data on your own USB flash drive and do not copy it to the shared computer.
- Encrypt any data you are sending.
- Use an operating system on which you have control through the use of a Live CD.
- Change Internet cafes often if you fear recurring surveillance, or stick to one where you trust it is safe to connect.
- Take your own laptop to the Internet cafe and use it instead of the public computers.