From eugen@leitl.org Thu Oct 13 07:26:24 2011 From: Eugen Leitl To: cypherpunks-legacy@lists.cpunks.org Subject: [tor-talk] German police keylogger analysis (and the effects on Tor are....?) Date: Thu, 13 Oct 2011 07:26:24 +0000 Message-ID: <20111013112007.GD25711@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3595559011135055790==" --===============3595559011135055790== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Has been covered extensively on Fefe's blog as well. ----- Forwarded message from William Wrightman = ----- --===============3595559011135055790==-- From lodewijkadlp@gmail.com Thu Oct 13 08:01:24 2011 From: lodewijk =?utf-8?q?andr=C3=A9?= de la porte To: cypherpunks-legacy@lists.cpunks.org Subject: Re: [tor-talk] German police keylogger analysis (and the effects on Tor are....?) Date: Thu, 13 Oct 2011 08:01:24 +0000 Message-ID: In-Reply-To: <20111013112007.GD25711@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1384627323322606914==" --===============1384627323322606914== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable All non-windows OS's are less likely targets due to a lower market share. Linux has complete rights management, although using it properly is the user's (or his/her root's) responsibility. Mac has a good reputation but I'm not an expert on it. What's even better is chrome/chromium OS. Don't install anything, browser only. No place to install spyware. Lewis 2011/10/13 Eugen Leitl > Has been covered extensively on Fefe's blog as well. > > ----- Forwarded message from William Wrightman > ----- > > From: William Wrightman > Date: Wed, 12 Oct 2011 23:39:12 -0700 (PDT) > To: tor-talk(a)lists.torproject.org > Subject: [tor-talk] German police keylogger analysis (and the effects on > Tor > are....?) > X-Mailer: YahooMailClassic/14.0.7 YahooMailWebService/0.8.114.317681 > Reply-To: tor-talk(a)lists.torproject.org > > Here is an article which details the German federal police's use of > keyloggers. > > http://www.wired.com/threatlevel/2011/10/german-gov-spyware/ > > There are also links to Wired's coverage of the FBIs keylogger which are > well worth a read. > > Keyloggers would, I assume, defeat the whole purpose of Tor since the URL > would be recorded and sent to the fedz. > > How to overcome? My impression is that no-one is sending .exe attachments > these days but rather exploiting unpatched browsers by tricking people to > visiting a site (although of course they can always install it manually). > > I suppose that up-to-date anti-virus and anti-malware might help if you are > on Windows. And, of course, using NoScript and blocking Flash and suchlike. > > What would be the situation if you are using Linux (such as Ubuntu for > example). I realise that keyloggers must exist for Linux but would they be > more difficult to install? > > Is moving to Linux one solution? > > > > > > _______________________________________________ > tor-talk mailing list > tor-talk(a)lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > ----- End forwarded message ----- > -- > Eugen* Leitl leitl http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============1384627323322606914==--