How to Use Public Computers Safely

On your own personal computer, you're free to install whatever security software you feel necessary. You'll surely want a firewall to block hack attacks and an antivirus app to keep out malware. You may add a spam filter to protect your Inbox, or a security suite that wraps comprehensive protection in handy package. Your computer isn't accessible to random passers-by, so you may not be so worried about activity traces like browsing history.

Using a public computer at an Internet café, library, school, or even a friend's house is quite a different situation. First, you have no guaranteed that the computer is protected; it might be riddled with viruses or afflicted with a keylogger. Second, unless you're careful the next user might learn a lot more than you'd like about your online session.

Built-in Safe Browsing
For your convenience, the browser keeps a history of sites you've visited, stores cookies that retain personal settings for sites, and caches files for faster loading of sites you visited before. That's fine at home, but when you're using a public computer you don't want the browser storing all that information.

Fortunately most modern browsers can run in a mode that suppresses information-gathering and protects your privacy. You can right-click the Internet Explorer icon and choose "Start InPrivate Browsing," or right-click on the Firefox icon and choose "Enter private browsing." For either Firefox or IE, pressing Ctrl+Shift+P during a normal browsing session switches to private browsing. In Chrome, the private browsing mode is called "Incognito mode," and pressing Ctrl+Shift+N opens an Incognito mode window.

One more thing; be sure to shut down the browser when you're done. Even private browsing doesn't disable the Back button. You don't want the next user backing into your Facebook session or Web-based email account.

I Forgot! Now What?
Of course, there's every possibility you'll sit down to a public computer, check your bank balance, send a few emails… and only later remember that you should have opted for privacy. Fear not; erasing your activity is simple. In Chrome, Firefox, or Internet Explorer you simply press Ctrl+Shift+Del to call up the dialog for deleting your history. The details vary, but you'll want to make sure you've selected all of the options for deletion. Chrome and Firefox let you specify how far back the cleansing should go. Do other users a favor and have it clear all history, not just the last hour.

Cloak and Dagger
It's conceivable that the computer you're using might be seriously compromised security-wise. For example, a stealthed keylogger application could capture all passwords typed on the system. A hardware keylogger could do the same, with no possibility of detection by security software.

Your best bet is to simply refrain from sensitive transactions on a public computer. If you absolutely must log in to an important secure site on a suspect computer, here's one way to make password theft difficult: bring up a page with lots of text in the browser and copy/paste characters from that page into the password dialog. This "ransom note" style is decidedly tedious, but even a spy program that captures periodic screenshots probably won't snap all parts of your password.

Secure Your Connection
A shady Internet café operator could possibly make some money on the side by siphoning passwords out of data packets passing through the wireless network. The guy at the next table might be intercepting your connection using Firesheep or a similar tool. If you really must engage in sensitive communication, you need to secure the connection.

One way to do that is through a VPN (Virtual Private Network), which routes your surfing through a secure connection. PCMag has rounded up a number of free VPN clients. The problem here is that you probably don't have permission to install them on the public computer. However, VPN protection is definitely worthwhile if you've connected your own laptop to an iffy hotspot.

Go Naked
When government representatives and business executives visit China or Russia, they go "electronically naked." They leave all personal or company phones and laptops behind, using a new, blank loaner phone or laptop if necessary. It's an extreme step, but if you're not carrying any sensitive information there's nothing for a hacker to steal.

As you can see, there's a whole range of precautions you might take to keep an Internet café session from turning into an identity theft nightmare. If you're forced to use public computers for sensitive communication, consider using ransom-note passwords and possibly a VPN. Don't engage in any sensitive communication that you could just as well do from your home or office.

But even if you're doing nothing more than checking Facebook and emailing your dear auntie, do take the minimal precautions. Invoke the browser's privacy mode, or clear browsing data if you forgot. Doing so just takes a second and can save hours of aggravation.

About Our Expert

Neil J. Rubenking

Principal Writer, Security

My Experience

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.

Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.

In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.

The Technology I Use

Much of the testing I do, particularly testing with real-world ransomware, is just plain dangerous. To perform such tests safely, I sequester them inside virtual machines managed by VMWare Workstation. For cross-platform testing, I use a MacBook Air, a Google Pixel 4, and a 6th-generation iPad.

I rely on my Delphi coding skills to create and maintain small applications. These include programs to check whether an antivirus correctly handled the malware it detected, launch dangerous URLs and record the security program’s reaction, and analyze the malware that I collect for use in testing. I also wrote a tiny browser and text editor for use in testing security apps that have predefined reactions for known products.

I do my writing and research on a Dell OptiPlex desktop, relying on Microsoft Word (my fingers know all the shortcuts). Many of my articles include charts and analysis; Excel is my go-to for those. When work hours end, though, I escape the bounds of Microsoft and Windows. There’s an iPhone in my pocket, I relax with my oversized iPad, and my Kindle Oasis is always loaded with the best science fiction and fantasy.

Read the latest from Neil J. Rubenking

Read full bio