back to article Heathrow PC security probe launched

Public access internet terminals at Heathrow airport may be vulnerable to hacking attacks. An Italian hacker stumbled on flaws that create a possible means for miscreants to load key logging software or other malware on a PC that allowed members of the public to access the internet. The same flaws create a means for the …

COMMENTS

This topic is closed for new posts.
  1. Dr Who
    Flame

    Shocking ...

    And to think ... all this time I've been using public access Internet terminals to check my bank accounts, log on to my web mail, administrate my servers via webmin plus check my Facebook and LinkedIn accounts. Oh, nearly forgot updating my blog and adding articles to my website via its CMS.

    If I had only known how insecure these terminals could be. I mean they're all over the place, and can be accessed by anybody!

    I am truly shocked and will never use a PUBLIC (doh!) internet access terminal for any secure stuff again.

    Why is this Reg news - it's stating the bleeding obvious! Last year all the public terminals at Infosec (of all places) were found to be riddled with spyware. Possibly an article for the silver surfer section of the Beeb - but not the Reg.

  2. oxo
    Thumb Down

    sensationalist headlines?

    So a PC in an internet cafe wasn't secure.

    Tell me you'd have run the story if it wasn't Heathrow..

  3. theotherone
    IT Angle

    windoz, what do u expect?

    but seriously whoever installed this machine is an idiot. Cudos to the "white hacker" for exposing the flaws...although i wonder, could another, perhaps "greyish" hacker have compromised the machine and kept quiet about it? perhaps stealing CC info for his trouble? If you're wondering how he hacked the box, it's quite simple...open Gmail compose mail,then press attach file/browse...goto windows/system32 right click on command.com and then open.....hey presto, you've got a nice useful interface for doing all sorts of crap.....oh and to access the file system, all you have to do is type file:///c:/ into a browsers address bar.

    I wonder how they're gonna fix these flaws? without uninstalling windows xp that is....

  4. Nev
    Alert

    +++This also just in +++

    Bears found to defecate in forested areas!

    Also, it turns out that the Pope is not a Protestant!

  5. Geoff Mackenzie
    Joke

    Hang him!

    They were fine 'till that bloody Italian came along! White hat my a**e, they're all connected with organised crime, people trafficking and drugs... not to mention terrorism!

  6. tom

    Our First Breach

    "it would be the first such breach we have suffered in seven years"

    Right. We haven't heard of a single security breach, therefore there haven't been any. Where have I heard this logic before? (And why do you have that banana in your ear?)

  7. Robert Moore
    Linux

    knoppix cd

    Rip the HDD out, and put a custom knoppix CD in and problem solved.

    Oh, lock the CD Drive inside the machine so the disk can't be removed unless the case is opened.

    If the machines are like the ones I have seen you would look rather suspisious taking it apart in the middle of an airport.

  8. Kanhef
    Pirate

    re: knoppix

    It's not too hard to avoid suspicion. Just dress a bit preppy, collared shirt with some company name on it, and bring a toolkit. Most people won't look at you twice. If anyone does ask, hold up a stick of ram and say you're upgrading the machine.

    Social Engineering: The Universal Exploit™

  9. Anonymous Coward
    Alert

    Ahh.. Spectrum Interactive

    14 hour layover in Gatwick led me to discover the same thing around 6 months ago.. so I called the 24 hour IT helpdesk from a payphone and described the flaw and possible fixes in detail to the guy on the other end. He was pretty convincing that he would do something about it, but obviously it didn't get through. I said I'd give em till my next time in gatwick to fix, however as it's already exposed...

    For all you spectrum interative using airport go-ers here's a nifty little trick:

    Ctrl-Shift-Esc brings up the task manager.

    Kshield.exe gets killed.. MSconfig turns it off , reboot et voila.

    Now you have free net access for the next 13 hours. or you can root it to yer hearts content.

    God bless layovers :)

  10. Andy Bright
    Alien

    Well there's a surprise..

    Someone found a security issue on a computer running Windows. For me the PC never has been more than a glorified ZX81 for the first 20 years of it's existence, so it's not really all that surprising that the people that brought us a clone of that operating system have had a problem or two making one with pictures in it.

  11. Rich

    Public access terminals

    Of course, Firefox makes it even easier to add keyloggers. Just edit them into the code, recompile, and you're done. Hard to detect unless you compare MD5 sigs. Which you wouldn't.

  12. W

    Crikey.

    "If you're wondering how he hacked the box, it's quite simple...open Gmail compose mail,then press attach file/browse...goto windows/system32 right click on command.com and then open.....hey presto, you've got a nice useful interface for doing all sorts of crap.....oh and to access the file system, all you have to do is type file:///c:/ into a browsers address bar. I wonder how they're gonna fix these flaws? without uninstalling windows xp that is...." - theotherone

    Crikey. And Indeed.

    [Sure, some of you will laugh, but it's news to me.]

  13. Anonymous Coward
    Flame

    Thank God for your own laptop...

    ... That's why I don't touch public terminals with a barge pole (and thank God for my own T-Mobile logon.

    Spectrum Interactive bought a really good company with a really good system, and screwed it up. *sigh*

  14. Nick

    Two options: Virtual Machine, Reinstall on reboot

    I can think of two options:

    Virtualization.

    Forced reboot when time runs out which does a network (PXE) reformat and reinstall between sessions (wired directly from a separate hardware timer to motherboard reset switch).

    Both of these would cut the chances of picking up something nasty and allow for a much less locked down user experience.

  15. matt
    Coat

    Why they are never security checked?

    It never surprises me anymore that companies like this do not have these public terminal services checked from a security perspective.

    Any decent ethical security firm will supply desktop build reviews and pick up on issues like this and document them fully.

    Might cost a couple of grand but will highlight any issues like the above!

    Next time PWDUMP, LSACache and cachedump!

    It's surprising how many domain admin credentials can be picked up from these public terminals which would be still valid on the suppliers domain/external network/OWA.

    Matt@MRS Sec

  16. Sean M

    Reboot on exit

    Yep, that'll work.

    From memory (it's been a while since I was last there) the Easy Internet Cafes in London (you know, the bright orange ones) do this every time a user finished their session.

    Of course, you may still be able to get free internet access (see above), but no permanent exploits would be possible.

  17. hans
    Linux

    Teh Windoz?

    So pay 50p , download malware, log off, and then the keylogger works on all new customers, whats so new about that?

  18. Anonymous Coward
    Anonymous Coward

    lol

    lol next you'll be telling me it's possible to get free internet from all the major hotel chains in london by just changing the ip range to the same as the gateway and pulling your onto a trusted domain also allowing you to browse much restricted fileshares including all the decompileable java applets and such used by the tv/movies on demand

    whoops i've said to much....kthxbye

  19. Anonymous Coward
    Anonymous Coward

    Public PC's are great

    all the malware, keyloggers, trojans anything there is can be found on them use them for business god no, but if your looking to test something they are a great testbed they really have everything you couldn't make a better research platform than one of those things. I was thinking it might be nice to image one and sell it as subscription software to security firms you get a new dvd every week or so.

This topic is closed for new posts.