What is a Kiosk and what do you need it for?
At the beginning let’s explain what is a Kiosk application. Nowadays the need for application protection is critical, but unfortunately it is usually an afterthought. Kiosk system software ensures that your application is secured and always running, preventing misuse and allowing kiosks to remain unattended. These devices, while using kiosk software, tend to run on very stripped down or limited version of the Operating System (OS), only allowing a single application to run. Thanks to that, kiosk system software protects the application by blocking access to OS functionality or desktop and limiting browser use. This prohibits users from changing system settings, surfing the Internet, overwriting files stored locally on the kiosk or accessing sensitive company, employee and user information.
It is also important to note that computers with Kiosk software are often in public places such as libraries, public transport or vending machine where users have easy access to it. The most common devices that have a kiosk operating system are touchscreen devices. Kiosk software is used to manage touchscreen, allowing users to touch the monitor screen to make selections. A virtual keyboard eliminates the need for a computer keyboard.
Two types of kiosk software
The Kiosk operating system has two types of software. These include application software and system software. The first of them is responsible for interacting with users and providing kiosk functionality, while the system software protects the application. The kiosk system software wraps the application, rendering everything in a way that is inaccessible to
users, while providing kiosk managers access to the entire system with a passcode, mouse sequence or key combination.
Security and security features
The most important thing about the Kiosk system is security. Kiosk needs to be kept safe from users making malicious attacks or trying to break into it. Software must be able to prevent misuse of the provided features. Also, it is important that software preserves the ability to restrict normal users to certain predetermined actions so that the device can be used for testing, communication, operation, or function. One way to do so it to prevent the user from reaching the desktop or file system. Depending on the kiosk system, there are different security features that will be presented below:
Keyboard Filtering – for applications that have a keyboard available to the user, it is critical to disable certain specialty keys and key combinations. In the kiosk the keyboard keys shouldn’t open a new window, dialog box, menu or allow users to exit the application. The absence of key locking and key combinations prevents access to the operating system where users can easily go to anywhere in the kiosk.
Virtual Keyboard – the virtual keyboard, which is on the touch screen, prevents entering key combinations and excludes keys that allow for unauthorized operation.
Furthermore, the virtual keyboard reduces the susceptibility to hardware damage by eliminating the need for a physical keyboard and mouse.
Attract Screens / Session End Features – attract screens essentially replace the Windows screen saver, which would allow access to the OS, by rotating through images, ads or URLs instead. This feature can also be used to end a user’s session, by logging a user off after a certain period of idle time and beginning to attract screen loop.
File Download Blocking – kiosk system software should block dialog boxes from being shown and files from downloading.
External Device Support – kiosk system software also supports the integration of external devices for added security. The system should block unauthorized devices that have been connected to the computer. The system should also properly manage devices that are integrated with the system, depending on the logged-in user, so that the user’s data processed by external devices is safe after logging out or leaving the standalone application by the user.
Remote monitoring – a computer with kiosk software should be able to be remotely updated and monitored by central unit. From the central unit level, it should be possible to remotely control multiple computers working in kiosk mode. Remote monitoring supervises the kiosk’s health by sending regular heartbeats to ensure that kiosk is up and running, as well as alerts for anomalies. Kiosk software should also produce usage statistics and survey data for analysis.
Compatibility with Operating System and Browsers
Kiosk software is available for most operating systems: Windows, Chrome OS, Android, iOS, Linux, etc. It can also support various browsers, most commonly Internet Explorer, Safari, Firefox and Google Chrome.
How to set up kiosk mode in Linux operating system?
There are several steps that need to be done to make kiosk application on the Linux operating system. The first step is installing Ubuntu Minimal without window manager as a main operating system of the computer. Detailed instructions for installing Ubuntu Minimal along with the installation file can be found here:
In the beginning, it’s a good idea to install ssh server on your system to allow the machine to be accessed from outside via an external device. To do this, you need to enter the following command in the terminal:
sudo apt update
sudo apt upgrade
sudo apt install openssh-server
After installing Ubuntu Minimal and opening ssh server, you should install xorg manually. To do this, you need to enter the following command in the terminal:
sudo apt install xorg
Next, in the user’s directory, create an .xinitrc file with the following content:
Where we replace the standaloneApp with the call of our executable file.
In the next part, in the user’s directory, create/edit the .bash_profile file with the following content:
if [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty1 ]]; then
This allows X to automatically turn on with your application as soon as you log in into the system.
The last step is to change the getty @ .service file, which can be found under following path /lib/systemd/system/getty@.service. Find the following line in the specified file:
and replace it with:
ExecStart=-/sbin/agetty –noclear -a kjosk-user %I $TERM
Changes presented in the last step allow for automatic login after starting the system. After performing all the steps mentioned above, restart the system. After restarting the system, your application should start in kiosk mode. The above guide shows how to run applications in very basic version of kiosk mode. You may increase security level of your application by using additional mechanisms, some of them are described in Security and security features section of this post.
This article discusses kiosk software and the applications that run on this software. We indicate main benefits from using this software and the situations in which you should use consider using it. Last paragraph contains several steps that show how to prepare such software on Linux Ubuntu Minimal. There are many ready-made systems of this type offered by different companies. However, this comes at a cost that must be paid for them. Remember that if you consider purchasing such software (instead of preparing it oneself), you should read system documentation to adjust the choice to your needs.