I am amending and reposting an item that I added to a thread a few minutes ago. This information should be of interest to the community at large.

Warning, be careful what you send/receive from the computer in an Internet Cafe or onboard your cruise ship. Remember that the data that you send/receive will remain on the hard drive after you leave. :eek: Anyone with the requsite computer skills can follow you on the computer and get all of your information. So don't send/receive credit card numbers or anything else that you don't want someone else to have.

Ruffin

S.S. Bahama Star (long time ago!)
S.S. France (Transatlantic -1965)
S.S. Atlantic (Transatlantic, Mediterranean - American Export Lines - 1966)
Europa (Caribbean - 1969 - North German Lloyd)
Statendam (Caribbean - 1975)
Sunward (Bahamas - c. 1980)
Song of America (Caribbean - 1988)
Crown Princess (Alaska - 1999)
Crown Princess (Baltic - 2001)
Royal Princess (B2B to South America - 2001)
Royal Princess (B2B2B; Transatlantic, France, Belgium, Holland; Gt.Britain-2002)
Galaxy (Caribbean - 2003)


Prinsendam (B2B; Transatlantic NYC to Athens – May 2005)

It depends on how the system is set up. Some will automatically clear the cookies when you sign off so that the info is gone. When you log on from a computer that's not yours, be watching for the little check box that often appears saying "remember me" or something like that. Make sure it's not checked. Some will also have a "this is a public computer" option. Make sure that box is selected.

I'm not overly concerned on board ship. I think they are sensitive to this issue and have safeguards in place. It's the Internet cafes (as you mentioned) that you use in port that pose the greatest risk, IMO.

Good food for thought.

I would never, in a thousand years, trust a shoreside internet cafe with any sort of private information. I have a gut feeling that the ship would be safe. But, as stated, Ruffin's advice is good.

It depends on how the system is set up. Some will automatically clear the cookies when you sign off so that the info is gone. When you log on from a computer that's not yours, be watching for the little check box that often appears saying "remember me" or something like that. Make sure it's not checked. Some will also have a "this is a public computer" option. Make sure that box is selected.

I'm not overly concerned on board ship. I think they are sensitive to this issue and have safeguards in place. It's the Internet cafes (as you mentioned) that you use in port that pose the greatest risk, IMO.

Good food for thought.You cannot depend on how the computer may have been setup, or how effectively the software was executed. This applies to shipboard also. Besides, a hacker can disable these protective devices or leave "Trojan Horses" behind. In addition, cookies are not the only problem. You should not depend on the warnings posted and shown during login. Your key strokes are recorded on the hard drive as well as the content of incoming messages. I don't want to use this forum for a lecture on computer security. However, FYI I was the senior computer security accreditor for a large agency of the Intelligence community for many years before retiring and I know whereof I speak. Beware :eek:

Woops, I don't know what happened. I meant to start a new thread, however, it seems that it contains the posting from the original thread. Sorry folks.

Ruffin

Your key strokes are recorded on the hard drive as well as the content of incoming messages. I don't want to use this forum for a lecture on computer security. However, FYI I was the senior computer security accreditor for a large agency of the Intelligence community for many years before retiring and I know whereof I speak. Beware :eek:
No, you don't. Keystrokes are not "recorded on the hard drive" unless a keytracker application has been installed. This is only done in high security environments, or through so-called "malware" (viruses/trojans/etc.).

The on-board internet cafes are better protected from malware than most home computers. On-shore establishments are something else, but using their terminals for email shouldn't present a problem provided simple precautions are taken (such as not sending credit card data!).

Dave Kearns
Network World (http://www.nwfusion.com/newsletters/dir/)

All the more reason for bringing one's own laptop and accessing via the ship's wireless network. :)

Of course, one should have proper protective software and firewalls and such on one's own computer. That ... or use a Macintosh! :D

Thanks for the warning. I'm very technophobic so I've never (yet) used an internet cafe. I did once set up an internet account, but after I saw the costs, I learned my lesson. Don't own wireless so guess I'll always be out of touch.

But, Rev Neal, why the Mac? I'm using a Mac too because Mac gives good discounts to teachers. This is the first time in a long time that I've heard anyone besides a teacher recommend MacIntosh.

But, Rev Neal, why the Mac? I'm using a Mac too because Mac gives good discounts to teachers. This is the first time in a long time that I've heard anyone besides a teacher recommend MacIntosh.

In terms of internet security, Macintosh computers (those running OS X) make up such a small percentage of the computer market that nearly no one makes viruses, trojan horses, or malware for Macs -- there are only a handfull of known viruses, mostly for classic (OS 9 and prior). I've been active on the internet since 1993, and in all this time I've only gotten 1 internet virus ... and that was when I was on OS 8, and Norton caught it before it could do anything (that was a long time ago). I've run OS X since the original release version -- I'm currently running X.3.7, and have always installed every security update the instant they are released -- and have received no viruses, trojans, malware. Oh, true, thousands of Windows based viruses have been sent to me, but they don't do anything to a Mac.

I understand the risks of a public computer, so I take my laptop along on a cruise so I can email family back home and send photos as we go.

I'm not sure how far away from the Internet Cafe our wireless connection will work, but I hope it's good in our stateroom on the Prinsendam.

Slinkie

Thanks Ruff and everyone, we take our own notebook pc but I never thought about these dangers before, of course I never send important info in my emails :)

No, you don't. Keystrokes are not "recorded on the hard drive" unless a keytracker application has been installed. This is only done in high security environments, or through so-called malware" (viruses/trojans/etc.). Okay, so what you are saying is that computer users only have to worry about the "bad guys". I'll buy that.

The on-board internet cafes are better protected from malware than most home computers. Maybe, but better is a relative term, in any case they are open to public use. Anyhow, I don't recommend that anyone enter any sensitive information into an on-board internet cafe computer. Too risky.

On-shore establishments are something else, but using their terminals for email shouldn't present a problem provided simple precautions are taken (such as not sending credit card data!). Essentially that is what I said in the first place, although I expanded the threat environment to include on-board internet cafes. I didn't write my posting for the computer savy readers, I hoped that they would understand the threats anyway.

In any case, the data that you enter into a computer to send over the internet is staged on the hard drive before it is transmitted and remains there after you sign off. That is also a vulnerability.

Use of these public use computers for email is perfectly sound.

I didn't intend to go into the use of unencrypted wireless communications, which have their own set of vulnerabilities.

This is the end of this thread as far as I am concerned. I just wanted to give people a "heads up".

Ruffin

"The on-board internet cafes are better protected from malware than most home computers."

DAKREWSER Now how could that statement be true? ANY computer connected to the internet is wide open to malware. They are even saying to purposely not let your computer access the internet when you buy a new one until the virus protection is up and running.

Unless the OS of those computers has the latest updates AND someone "techically savy" among the crew also periodically runs other programs such as Spybot, Ad-aware and other protection programs, those public computers are more contaminated than a kids wading pool. My malware and virus software sometimes updates itself three or four times a day; I doubt the on-board ship computers are set up to do so.

I continue to hear about people that have hundereds of malware programs in their computers because they don't have these other protection programs. Malware can download itself from webpages as well as through e mail. I cleaned up a co-worker's computer that had over 200 malware and trojans just from web surfing without protection.

Keyloggers are easily installed. I would not do anything sensitive on a public computer. I certainly would not use passwords to access my bank accounts or send credit card info from a public computer anywhere.

We don't use the internet cafe's on the ship or in any port.

Just had got a call from VISA yesterday - had to cancel DH's credit card as someone made a $1 charge onto his account. Won't go into the specific's but VISA caught it right away as the charge was made on Dec 27 and we were notified on the 30th by their alert team. They know our spending methods.

DH got his new credit card today via FED-EX.

Krazy Kruizers raises a good point that is security related. I always (almost) notify my credit card companies when I will be travelling and give them my itinerary. Recently I forgot with one card which I used in Canada when we were visiting our daughter. They jumped right on it.

In fact, I have a whole list of things that I take care of before a trip, like taking color copies of our passports. It would be good for everyone to take a little time and prepare a list of things to do. I have one on my computer and check it off before each trip.

Ruffin

"The on-board internet cafes are better protected from malware than most home computers."

DAKREWSER Now how could that statement be true?
Because I know the company that runs the internet cafes on HAL ships. It's contracted out by HAL to Digital Seas who train their people very well. The computers are well protected from malware both locally and on the server-side (in Florida). As your own message pointed out, many home computers have no protection at all. The computers in the on-board cafes are better protected than many corporate enterprises.

-dave

It's contracted out by HAL to Digital Seas who train their people very well. The computers are well protected from malware both locally and on the server-side (in Florida).

An Internet Manger gave me a similar run-down on the online security measures taken to ensure protection of the ship's terminals and server connection to the internet. According to him the ship's server connection was safer than most personal connections to the internet, as well as being at least as secure (if not more so) than many corporate connections. I thanked him by letting him play around with my G4 Powerbook. He'd been wanting to get one, he said, because of their reputation for speed, elegance, and virus safety.

ANY computer connected to the internet is wide open to malware.

Only if the malware is written to function on the OS of the target computer. My Macs have firewalls, the latest MacOSX security updates, and Virus protection software which scans for torjan horses, etc. Thus far, not a SINGLE problem in 3 years on OSX. NONE. There simply are not many viruses written for the Mac.

- had to cancel DH's credit card as someone made a $1 charge onto his account.That's a common clue that something is going on. If someone finds a credit card or number, they use it for a dollar (or two) to see if it's valid. If so, then they really go shopping!

ok.. It all boils down to common sense and reducing one's risk. First of all, nothing is 100% secure. Even the ones bringing their laptops with them and connecting through a server. So.. Just use common sense. Set up a temporary free e-mail like Yahoo or Msn before you leave home if you want to talk to your love ones back home. Check the news.. stocks.. the normal stuff. Don't use your regular e-mail or look up your credit card info. Just keep the risk down by avoiding activites that could get yourself in trouble.


Most of what people are saying as far as logging is true. It's very easy to set it up (if you know how) and Malware is a ongoing problem. But.. for what it's worth - common sense is the best remedy.

Maureen - MBA with 25 years MIS experience (including network and security);)

I'm not overly concerned on board ship. I think they are sensitive to this issue and have safeguards in place. It's the Internet cafes (as you mentioned) that you use in port that pose the greatest risk, IMO.

Good food for thought.
I don't know how valid the information is ... but the woman in the internet center told me that EVERYTHING is wiped out for every user at the end of the cruise. I was asking her about this last summer on the Zuiderdam because I was doing a b2b and thought I would have some minutes left at the technical end of the first cruise that I wanted carried into the second. She told me to check my minutes the last evening and after she performed the "system sweep" the next morning, I could sign up for more minutes for the second cruise, and then she would manually add my left-over minutes to that amount.

She told me that they keep nothing related to passenger internet use after the end of each cruise.

Blue skies ...

--rita

I don't know how valid the information is ... but the woman in the internet center told me that EVERYTHING is wiped out for every user at the end of the cruise....
She told me to check my minutes the last evening and after she performed the "system sweep" the next morning,...
She told me that they keep nothing related to passenger internet use after the end of each cruise.

Blue skies ...--ritaWell here I go again. The fact of the matter is that they probably just deleted the file containing the set of users and their privileges. However, when you do that you are only deleting the logical connection to the physical data located on the hard drive. In order to actually delete the data you would need software that would go to the address of the physical file and overwrite it. As a matter of perspective; it would be difficult for anyone onboard the ship to be able to "steal" your data. However, a "hacker" could do it if they wanted to do so. The bottom line remains, don't enter anything into a "public" computer that you aren't willing to lose. Send/receive email, photos and the like. But, don't send "sensitive information" like your credit card number and especially don't access your brokerage account!

Ruffin

P.S. I am about to post on the subject of wireless communications.

Bahama Star (long time ago!)
S.S. France (Transatlantic -1965)
S.S Atlantic (Transatlantic, Mediterranean - American Export Lines - 1966)
Europa (Caribbean - 1969 - North German Lloyd)
Statendam (Caribbean - 1975)
Sunward (Bahamas - c. 1980)
Song of America (Caribbean - 1988)
Crown Princess (Alaska - 1999)
Crown Princess (Baltic - 2001)
Royal Princess (B2B to South America - 2001)
Royal Princess (B2B2B; Transatlantic, France, Belgium, Holland; Gt.Britain-2002)
Galaxy (Caribbean - 2003)

Prinsendam (B2B; Transatlantic NYC to Athens – May 2005)

I am not paranoid, but ...

... I use Evidence Eliminator Professional, Easy Cleaner, PurgeIE, and Spider all to clean my systems every day along with Norton Antivirus, The Cleaner (anti-trojan), Pest Patrol, ZoneAlarm Professional, and several other registry tools to eliminate personal data, persistent data (Index.Dat files that Microsoft does not want you to eliminate), and any track record of my personal transactions.:eek:

Although I use both a fiber-optics always on connection in the house and satellite MotoSAT mobile dish on the RV, with WiFi throughout the house and camper, when my computers are not being used they are turned off.

I am so stealth wrapped that I do not see my self on the internet.

George

Wireless communications used by computers are similar in concept to 2-way radios. The same applies to wireless phones in your home and by cell phones, which are both also radio frequency transeivers.

In your home and onboard a ship there is a device which allows the transmission and reception of information over a range of frequencies. Example is a 2.4 Ghz wireless phone in your home which will transmit/receive information with a base station that is connected by a hard wire to your telephone company. In all of these cases, you are using the public airways and risk intercept. At home you should use the security features of your computer wireless system, such as encryption, to ensure your privacy.

I don't know how a given ship configures it's user terminals in their onboard internet cafes. They might be by hardwire to their mainframe, which is safe. However, for people who use their own laptops (or rented ones) in public spaces (e.g. lounges) or in their cabin, they are likely using wireless communications. Unless the ship provides encrypted communications a vulnerability exists. These wireless systems have a range of access which creates what is known as a "hot spot". I understand that the Prinsendam provides such a capability for certain lounges and on decks 6,7 and 8 for wireless users. Anyone with the skills and information necessary to make a connection can use (or hitchhike) that signal. So, keep in mind that, unless encrypted, your wireless transmissions are capable of being intercepted by someone else onboard. The threat here is certainly less and requires a different level of sophistication, but it is still plausible. Understand the threat, don't become paranoid, but be careful.

Ruffin

Speaking of credit card companies jumping when they spot unusual transactions...

The first time I charged a HAL cruise (never having cruised before, or traveled more than a few hours' distance from my home), my VISA company never said a word. They had charges from all over Alaska and never said a word. I never charged anything, or had a monthly balance, over three figures since owning the card.

Most of what people are saying as far as logging is true. It's very easy to set it up (if you know how) and Malware is a ongoing problem. But.. for what it's worth - common sense is the best remedy.
Easy to st up only on an unprotected system or with the conivence of the system operator. It's also very easy to protect against.

Easy to st up only on an unprotected system or with the conivence of the system operator. It's also very easy to protect against.
Before challenging my comments, understand that I am a professional in this industry. It is not a very easy thing to protect against logging. There are internet firewalls for protection coming in from the web, but when you are tying into a network, there are dll's that are resident on the server and possibly the workstation. This is where much of the logging occurs. It could be as simple as a access database collecting transaction records. So we are talking about different levels of security which require different plans of attack for protection. There is no one solution as a easy fix for all. I'm sure no one on this board could trace what is being logged from a cruiseship workstation (which is tied to a network and a host via satelite) unless they know where the dll's are stored. I do believe there is logging/tracking going on. They would have to have something set up to control the time usage. They could possibly be tracking website activities too. Those using their laptops, if you are going through the ship's network - they are watching you too. Bottom line.. back to my original comment - use common sense.

ok.. enough said now that I've probably put a few readers asleep.

Hi guys

I am just a poor shrink and I haven't a clue as to what most of what you are saying means. Back in the 80's when I was attempting to run simulated experiments on the library computer, some computer students were trying to figure out what ##%$@!! gave me an access number.

So here is my little bit of information based on personal experience. If you use the computer station onboard and don't log off your AOL account before logging off the computer, the next person to log on will still be logged on to your AOL account with full access to all of your stuff.
So, if you use AOL, be sure you sign off.

Before you feel sorry for me, or chastise me, I discovered this by finding myself logged on to someone elses AOL account. Yes, I immediatly signed off.

Linda

Hi Linda,

Good advice. Actually that goes for any session on a public access computer. Always log off when you are about to leave the computer, and this applies to any service not just AOL.

Ruffin

P.S. I hope that this "wraps" up things for you. :D


Bahama Star (long time ago!)
S.S. France (Transatlantic -1965)
S.S Atlantic (Transatlantic, Mediterranean - American Export Lines - 1966)
Europa (Caribbean - 1969 - North German Lloyd)
Statendam (Caribbean - 1975)
Sunward (Bahamas - c. 1980)
Song of America (Caribbean - 1988)
Crown Princess (Alaska - 1999)
Crown Princess (Baltic - 2001)
Royal Princess (B2B to South America - 2001)
Royal Princess (B2B2B; Transatlantic, France, Belgium, Holland; Gt.Britain-2002)
Galaxy (Caribbean - 2003)

Prinsendam (B2B; Transatlantic NYC to Athens – May 2005)
http://escati.linkopp.net/cgi-bin/countdown.cgi?trgb=000000&srgb=00ff00&prgb=4169e1&cdt=2005;05;09;17;00;00&timezone=EST-0500


http://www.escati.com/escati_logo.jpg

Before challenging my comments, understand that I am a professional in this industry.
Maureen -

We were talking about keyboard loggers, those applications which collect keystrokes and can replay them on demand. Not log files which collect action items, and which (in a well designed system) can only be read by someone with admin priveleges.

You may well be a professional in the industry - but did you check my credentials?

-dave

Dave, please post your resume. I appreciate your expert opinion on a wide variety of topics on this board.

Hi Linda,

Good advice. Actually that goes for any session on a public access computer. Always log off when you are about to leave the computer, and this applies to any service not just AOL.

Ruffin

P.S. I hope that this "wraps" up things for you. :D


Bahama Star (long time ago!)
S.S. France (Transatlantic -1965)
S.S Atlantic (Transatlantic, Mediterranean - American Export Lines - 1966)
Europa (Caribbean - 1969 - North German Lloyd)
Statendam (Caribbean - 1975)
Sunward (Bahamas - c. 1980)
Song of America (Caribbean - 1988)
Crown Princess (Alaska - 1999)
Crown Princess (Baltic - 2001)
Royal Princess (B2B to South America - 2001)
Royal Princess (B2B2B; Transatlantic, France, Belgium, Holland; Gt.Britain-2002)
Galaxy (Caribbean - 2003)

Prinsendam (B2B; Transatlantic NYC to Athens – May 2005)
http://escati.linkopp.net/cgi-bin/countdown.cgi?trgb=000000&srgb=00ff00&prgb=4169e1&cdt=2005;05;09;17;00;00&timezone=EST-0500


http://www.escati.com/escati_logo.jpg


Hi Ruffin,

Actually, I did use that program until 1990 when I joined a group practice and linked into their professional billing service. I was impressed. It was one of the few programs that was available to Mac users only. :D

Linda

This is all great advice for the less than experienced internet customer on cruise ships. Many pax use this form of communication while travelling but aren't too savy about using safeguards to protect themselves. Happy sailing!

Dave, please post your resume. I appreciate your expert opinion on a wide variety of topics on this board.
This isn't quite the right place for a full CV, but you could check here (http://vquill.com/DK-CV.htm).

Well Dave, we have something in common. I have a BSEE and MSIE from Pitt.

Well Dave, we have something in common. I have a BSEE and MSIE from Pitt.
Yeah, and neither of us stayed Pittsburgh! :)

Hello,

Out in the "real world" I do wireless security. I cannot tell you how many times I have sat outside one of our buildings doing a security scan and picked up traffic from banks, accountants, etc., (people who should really know better). Use a firewall every time you access the net, and delete your cookies yourself, don't depend on someone else to do it. They may scrub the computers at the end of the cruise, or even every night, but the person waiting to use the computer behind you could be a hacker.

First cruise is Westerdaam, April 10th. I'll be the person grilling the sysadmin in the internet cafe *grin*