[Am-info] [IP] password-stealing on public PCs
Gene Gaines
gene.gaines@gainesgroup.com
Wed, 23 Jul 2003 06:25:51 -0400
This seems really important, and have not seen it elsewhere,
so am passing it on.
>Date: Tue, 22 Jul 2003 18:45:56 -0400
>From: Steve Bellovin <smb@research.att.com>
>Subject: password-stealing on public PCs
>To: dave@farber.net
>
>Kinko's case highlights Internet risks
>
>
>By ANICK JESDANUN, AP INTERNET WRITER
>
>NEW YORK (AP) - For more than a year, unbeknownst to people who
>used Internet terminals at Kinko's stores in New York, Juju Jiang
>was recording what they typed, paying particular attention to their
>passwords.
>
>Jiang had secretly installed, in at least 14 Kinko's stores, software
>that logs individual keystrokes. He captured more than 450 user
>names and passwords, using them to access and even open bank accounts
>online.
>
>
>....
>
>http://www.newsobserver.com/24hour/technology/story/949464p-6639783c.html
>
> --Steve Bellovin, http://www.research.att.com/~smb
Gene Gaines
gene.gaines@gainesgroup.com
Sterling, Virginia