Keyloggers in the Library

If you found my recent post on Public Access PCs Booby-Trapped of any use, you may also find a follow-up article by SC Magazine's Dan Raywood of interest.

The article on Keyloggers found plugged into library computers quotes some further thoughts I sent him in a subsequent exchange of email, and also quotes Wilmslow police inspector Matt Welsted and F-Secure's Sean Sullivan.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

Author David Harley, ESET

  • Adam Wilder

    Well,  David   I'm not that  surprised  as  most  library  systems   have  few  security  measures  in  place  whether  it's again   keyloggers  or other  intrusive  elements  of the net sujch as  malware,adware,spyware..
    Actually,  I  no  longer  use  the  library  for  internet  acess  since  the  time   I  had  been  using  the  internet  resources  of  my  local library ,  every  week  I'd  noticed  several  workstations with a  out of  order  notice  on them..
    Thanks  for the article..
     
    Adam

  • Dan Raywood

    Thanks for flagging this David, and good response by Adam. Regarding ' library  systems   have  few  security  measures  in  place', I would be interested to know: who is responsible for the upkeep and patching etc on public computers such as these; and secondly how straightforward is it to a LAN such as a library? Assuming that libraries do not have IT teams, are they the responsibility of the local council IT team I wonder?

    • David Harley

      @Dan, good question. Though I make a great deal of use of my local public library, I don’t have much insight into the structure behind them, though I believe that branch libraries fan out from “main” libraries that are in turn responsible to councils. I’d expect any main library to have at least one person responsible for IT services these days, as libraries in the education, charity and private sectors do, presumably with technical backup from council IT teams. Branch libraries are, I suspect, generally centrally administered with someone at the branch responsible for routine maintenance, but that’s unlikely to be a support specialist. However, it’s a long time since I provided support to a library myself (and then it was as part of the IT team in a research organization): I’m no expert on council libraries. :)

  • David Harley

     
    Actually, the fact that one of the devices disappeared between being noticed and being removed poses an interesting question. While I don’t have full details of the incident, I have to wonder whether it points to a particular problem in small organizations and sub-branches of larger organizations, where there is often no on-site tech support. One of the devices disappeared after it was noticed, but before the library itself removed it. Was it just lost? Or did the criminal come in and remove it while someone working in the branch was asking someone else what they should do about it?
     

  • Haleigh

    I've read the one about Keyloggers found plugged into library computers, and I felt that no place is safe in this world.If a simple task as checking some articles on the library computer could become dangerous, think about how unsafe wireless public networks are….

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
24 Feb 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.