Jump to content

Kiosk software

From Wikipedia, the free encyclopedia
(Redirected from Kiosk hacking)

Kiosk software is the system and user interface software designed for an interactive kiosk or Internet kiosk enclosing the system in a way that prevents user interaction and activities on the device outside the scope of execution of the software. This way, the system replaces the look and feel of the system it runs over, allowing for customization and limited offering of ad-hoc services. KioskTotal Kiosk software locks down the application in order to protect the kiosk from users which is specially relevant under, but not only limited to, scenarios where the device is publicly accessed such libraries, vending machines or public transport. Kiosk software may offer remote monitoring to manage multiple kiosks from another location. An Email or text alert may be automatically sent from the kiosk for daily activity reports or generated in response to problems detected by the software. Other features allow for remote updates of the kiosk's content and the ability to upload data such as kiosk usage statistics. Kiosk software is used to manage a touchscreen, allowing users to touch the monitor screen to make selections. A virtual keyboard eliminates the need for a computer keyboard. Kiosk software enables digital signage devices to operate in a dedicated mode, ensuring that the devices run for a specified purpose, thus providing additional security compared to normal mode use.

Security

[edit]

Kiosk system software addresses security by deterring users from maliciously attacking or hacking into the kiosk. Kiosk software must be able to prevent misuse of the provided features. Of equal importance is the ability of the software to limit non malicious users to specific, predetermined activities so the device can be used for a specific task, communication, action or function. Kiosk software is a critical component to protecting public facing devices from hackers, inadvertent misuse, and unauthorized access. Kiosk software has the facility for an administrator to configure the software to suit the users and limit user behavior. Administrators can enable or disable parts of the kiosk software via secure log in.

Security features

[edit]

It is critical that the kiosk software prevent the user from ever reaching the desktop or file system. This type of security can be difficult because standard print dialog allows the content to be printed to a file and enable the user access to the file system. The same is true for many email links that load the default email tool and allows the email to be saved to a file.

  • If the kiosk includes a keyboard, the kiosk software must also disable all problematic specialty keys and keystroke sequences such as Control-Alt-Delete.
  • With browser-based or Internet kiosks, the standard browser menus must be disabled because these provide too much configuration control to the user. It is important to prevent the user from accessing URLs not applicable to the function of the kiosk. This can be accomplished by hiding the address bar and incorporating domain and page blocking into the kiosk system software or browser lockdown software. Custom toolbars and navigation options are often a feature utilized by kiosk software.
  • Oftentimes, a touch screen keyboard is used in place of a physical keyboard. The touch screen "virtual" keyboard is often built into the kiosk software and have custom design options.
  • Additional feature sets of kiosk software include external devices (allowing for barcode readers, credit card readers, proximity mats, or retractable printing)
  • More advanced deployments may also utilize management features such as usage, statistics, health & content management.
  • One critical feature of kiosk software is the ability to clear the cache, user history and data between uses and users. This prevents users from accessing private data and protects both the device & the user from unauthorized data access.
  • Another critical feature of kiosk software is the option to disable USB ports and other external access. This feature prevents hacks such as that of the Brinks Safe Hack,[1] where hackers accessed the operating system of a Brinks Safe, unlocking the safe and providing access to the critical financial information on the PC.

Operating systems

[edit]

Kiosk software is available for most all operating systems: Android, iOS, ChromeOS, Linux, Windows, etc.

Browsers

[edit]

It also can be found to support various browsers, most commonly Internet Explorer, Safari, Firefox and Google Chrome.

Alternatives

[edit]

Kiosk software is also an option for projects that may not even be using kiosk hardware. Windows PCs[2] and Chrome Devices[3] can be configured to run in “kiosk mode” which prevents users from accessing certain system functions.

For Windows, this may not be appropriate for all uses, since running in kiosk mode may not give deployers the amount of control they need for their final end product configuration.[4] Kiosk system software can be used to secure the kiosk or PC instead. For those running a Windows OS, an alternative to kiosk software is Group Policy, which serves to restrict user access to certain areas of the operating system, though not without its own drawbacks and security issues.[5]

See also

[edit]

References

[edit]
  1. ^ The Next Web: "Brinks has a safe that runs Windows XP and hackers say they can crack it in 60 seconds"
  2. ^ greg-lindsay. "Set up a single-app kiosk on Windows 10/11 - Configure Windows". docs.microsoft.com. Retrieved 2021-11-21.
  3. ^ "Use a Chromebook as a kiosk (for developers only) - Chromebook Help". support.google.com. Retrieved 2021-11-21.
  4. ^ Kiosk Software vs. Kiosk Mode: "Windows Kiosk Mode Uses & Limitations"
  5. ^ GPO vs Kiosk Software: "Using Group Policy Object (GPO) for Device Security",